Newer posts are loading.
You are at the newest post.
Click here to check if anything new just came in.

May 26 2017

Paul Schaub: Last week of GSoC Community Bonding

This is my report for the last week of community bonding. On next tuesday the coding phase officially begins \o/.

I spent my week like I did the one before; writing tests, increasing the codecoverage of my Smack OMEMO module. Today the coverage finally reached the same level as the main codebase, meaning my PR wouldn’t decrease the percentage anymore. Apart from that I’ve read some tips on java.nio usage for file transfer and made myself more familiar with its non-blocking IO concepts.

Throughout the week I took the one or other chance to distract myself from work by pariticipating in OMEMO related discussions on the standards mailing list. I’m quite happy, that there’s a vital discussion on the topic which seems to have a solution in prospect which is acceptable for everyone. Specifying the OMEMO XEP in a way that enables implementations using different crypto libraries is definitely a huge step forward which might bring a broader adoption without leaving those who pioneered and developed the standard standing in the rain (all my subjective opinion). I was really surprised to see developers of the Matrix project participating in the discussion. That reminded me of what the spirit of floss software really is :)

I plan to spent the last days before the coding phase sketching out my projects structure and relaxing a little before the hard work begins. One of my goals is to plan ahead and I really hope to fulfill this goal.

Happy Hacking :)

Vanitasvitae

May 24 2017

Tigase Blog: Stateless XMPP: A competitive mobile experience.

With a bevy of new chat platforms available to consumers, it seems more and more that the emphasis of knowing who is online and what they are doing has fallen out of favor.

ProcessOne: Google Summer of Code hosts ejabberd projects

As you may know, our ejabberd XMPP server is written in Erlang. The Erlang VM was originally designed by Ericsson to support distributed, fault-tolerant, soft-real-time, non-stop applications. What you may not know is that ejabberd is part of the BEAM Community – a group of projects that run on the Erlang VM.

Since 2013, BEAM Community hosts relevant Erlang and Elixir projects, making it easier to participate in the Google Summer of Code (GSoC) (and similar initiatives), giving interested students a wide range of projects to choose from.

BEAM Community has been accepted again in 2017 as a GSoC mentoring organisation. This year, nine projects have been accepted:

  • For Lasp:
    • A Biparite Proposal for Lasp’s Lacking Documentation by Matt Wiese
    • Implementing a Real World Application in the Lasp Programming Language by goncalotomas
  • For Erlang:
    • ETS support for Erlang Lab by Kacper Mentel
  • For Elixir:
    • A code formatter for Elixir by alexjiao
    • Language Server Protocol implementation for Elixir by Nishith Kumar Shah
  • For Barrel:
    • Implementation of a RabbitMQ Plugin for BarrelDB by Tah Teche Tende
  • For Zotonic:
    • Port Zotonic Shell Scripts to Erlang EScript by Blaise M.
  • For ejabberd:
    • Ejabberd support for “let’s encrypt” ACME protocol by Konstantinos Kallas
    • Server-to-Server stream management support for ejabberd by Anna Mukharram

You can find more details about these projects here, but first lets look at the ejabberd projects.

Support for “let’s encrypt” ACME protocol

The Automatic Certificate Management Environment (ACME) protocol is a communications protocol for automating interactions between certificate authorities and their users’ web servers, allowing the automated deployment of public key infrastructure at very low cost. Supporting this protocol will reduce the complexity of acquiring certificates for TLS encryption, via the “Let’s encrypt” certificate authority.

The final goal of this project is for ejabberd to fully support the ACME protocol and thus provide an easy and cheap way of acquiring security certificates. This project is executed by Konstantinos Kallas, mentored by Evgeny Khramtsov from ProcessOne.

Server-to-Server stream management support

The goal of this project is to implement XEP-0198 for server-to-server communication in ejabberd. This extension allows to request stanza acknowledgement and quickly resume session. Any messages that were not delivered over previous connection will be retransmitted during session resumption without duplication. This project is executed by Anna Mukharram, mentored by Holger Weiß, an experienced ejabberd & XMPP developer.

Google Summer of Code

ProcessOne is committed to grow the interest of student developers in XMPP, ejabberd and real-time technologies. Through initiatives like the BEAM Community and GSoC involvement, we can have bigger and more positive impact, as well as bring valuable improvements to existing projects.

May 20 2017

Paul Schaub: GSoC: Second, third week of community bonding

Hi all!

This is my report for the second, as well as the first half of the third week of GSoC community bonding, which I spent again working on finalizing my OMEMO code.

I dug deeper into writing test cases, mainly integration tests and I found quite a lot of small, undetectable bugs this way (Yay!). This strengthens my plan to work test driven during my GSoC project. The OMEMO code I currently work on was started as part of my bachelor thesis about 4 to 5 months ago and at this time, I was more concerned about having working code in the end, so I wrote no tests at all. Deploying test cases AFTER the code is already written is not only a tideous task, but its also often very difficult (because the code is not structured properly). So I learned my lesson the hard way :D

During testing I also found another bug in an XMPP server software, which prevents Smack from creating accounts on the server on the fly. Unfortunatelly this bug will not get fixed anymore for the version I use (installed from debian testing repository, which I thought was *reasonable* new), which keeps me from doing proper testing the way its meant to be done. I don’t have the time to compile the server software myselves. Instead, I work around this issue by creating the accounts manually everytime I run the test suite using a small bashscript.

I also had to deal with a really strange bug with file writing and reading. smack-omemo has a set of 4 integration tests, which all write data into a temporary directory. After each test, the directory is deleted to prevent tests influencing eachother. The issue was, that only the first test could read/write to the test directory. All subsequent tests failed for some reason. It took me a long time to notice, that there were two folders created (one in the working directory, another one in the subdirectory of the integration test framework). I am still not really sure what happened. The first folder was logged in all debug output, while files were written (by the first test) to the second filder. I guess it was caused by the temp directory being specified using a relative path, which messed up the tests, which were instanciated by the test framework using reflection. But I’m really not sure about this. Specifying the directory using an absolute path fixed the issue in the end.

Last but not least, me and Flow worked out some more details about my GSoC project (Implementing (encrypted) Jingle file transfer for Smack). The module will most likely be based upon java.nio to be scalable in the future. Flow also emphasized that the API should be as easy to use as possible, but at the same time powerful and extensible, which is a nice challenge (and probably a common one within the XMPP community). My initial plan was to create a XEP for OMEMO encrypted Jingle file transfer. We decided, that it would be of more value, to specify the XEP in a way, which allows arbitrary encryption techniques instead of being OMEMO exclusive.

Currently there is a little bit of tension in the community regarding the OMEMO specification. I really hope (and believe) there is a solution which is suitable of making everybody happy and I’m looking forward to participate in an open discussion :)

Happy hacking!

May 12 2017

Daniel Pocock: Thank you to the OSCAL team

The welcome gift deserves its own blog post. If you want to know what is inside, I hope to see you at OSCAL'17.

Daniel Pocock: Kamailio World and FSFE team visit, Tirana arrival

This week I've been thrilled to be in Berlin for Kamailio World 2017, one of the highlights of the SIP, VoIP and telephony enthusiast's calendar. It is an event that reaches far beyond Kamailio and is well attended by leaders of many of the well known free software projects in this space.

HOMER 6 is coming

Alexandr Dubovikov gave me a sneak peek of the new version of the HOMER SIP capture framework for gathering, storing and analyzing messages in a SIP network.

exploring HOMER 6 with Alexandr Dubovikov at Kamailio World 2017

Visiting the FSFE team in Berlin

Having recently joined the FSFE's General Assembly as the fellowship representative, I've been keen to get to know more about the organization. My visit to the FSFE office involved a wide-ranging discussion with Erik Albers about the fellowship program and FSFE in general.

discussing the Fellowship program with Erik Albers

Steak and SDR night

After a hard day of SIP hacking and a long afternoon at Kamailio World's open bar, a developer needs a decent meal and something previously unseen to hack on. A group of us settled at Escados, Alexanderplatz where my SDR kit emerged from my bag and other Debian users found out how easy it is to apt install the packages, attach the dongle and explore the radio spectrum.

playing with SDR after dinner

Next stop OSCAL'17, Tirana

Having left Berlin, I'm now in Tirana, Albania where I'll give an SDR workshop and Free-RTC talk at OSCAL'17. The weather forecast is between 26 - 28 degrees celsius, the food is great and the weekend's schedule is full of interesting talks and workshops. The organizing team have already made me feel very welcome here, meeting me at the airport and leaving a very generous basket of gifts in my hotel room. OSCAL has emerged as a significant annual event in the free software world and if it's too late for you to come this year, don't miss it in 2018.

OSCAL'17 banner

May 10 2017

Paul Schaub: GSoC: First week of community bonding

The first week of community bonding is nearly over and already it’s quite an experience for me. Me and Alameyo were very nicely welcomed by members of the igniterealtime project which really took care of making us able to jump right into the project.

I spent most of the time making myself more familiar with the Smack codebase by working on my OMEMO pull request, which comes closer and closer to a mergeable state. Currently I’m working together with my mentor Flo to make the API of the module as easy to use as possible. I learned the hard way, that singletons and generics are a pain when used together, but in the end it worked out quite well I’d say, although there is still some work left to do.

During the week, I also came across some bugs in XMPP server software, which were a great opportunity to come in contact with other developers outside of the igniterealtime project. Everybody was nice and helpful. Its really pleasant to work with the community.

Lastly, I also got in touch with some other GSoC students, which is super fun. I really enjoy meeting people from other countries and it turns out, that everybody puts their pants on the same way.

I’ll post updates roughly on a weekly basis to document the course of events. Untill then :)

Happy Hacking!

May 08 2017

Daniel Pocock: Visiting Kamailio World (Sold Out) and OSCAL'17

This week I'm visiting Kamailio World (8-10 May, Berlin) and OSCAL'17 (13-14 May, Tirana).

Kamailio World

Kamailio World features a range of talks about developing and using SIP and telephony applications and offers many opportunities for SIP developers, WebRTC developers, network operators and users to interact. Wednesday, at midday, there is a Dangerous Demos session where cutting edge innovations will make their first (and potentially last) appearance.

Daniel Pocock and Daniel-Constantin Mierla at Kamailio World, Berlin, 2017

OSCAL'17, Tirana

OSCAL'17 is an event that has grown dramatically in recent years and is expecting hundreds of free software users and developers, including many international guests, to converge on Tirana, Albania this weekend.

On Saturday I'll be giving a workshop about the Debian Hams project and Software Defined Radio. On Sunday I'll give a talk about Free Real-time Communications (RTC) and the alternatives to systems like Skype, Whatsapp, Viber and Facebook.

May 07 2017

Paul Schaub

Hi!

My name is Paul Schaub (vanitasvitae), I’m a computer science student from Münster, Germany, I’m 23 years old and right now I’m in my 8th semester.

I’m very close to getting my bachelors (undergraduate) degree with only one subject missing (Yay!). That’s why I got some spare time, which I am very happy to be able to spend as a GSoC (Google Summer of Code) student on the Smack project \o/!

 

In my free time, I’m involved in some free software projects mostly around Android apps. I’m currently one maintainer of the unofficial diaspora* app dandelion*. I also wrote the most likely unknown Android app EnigmAndroid which is a simulation of the Enigma machine.

 

My bachelors thesis was about implementing the OMEMO encryption protocol for the Smack library. The result is currently available as an open pull request (there’s still some work to do ). I chose this topic, because I believe that strong, easy to use encryption is very important for society. I’m very happy that the project worked out so great so far.

 

Within the GSoC, I’ll implement Jingle file transfer for Smack as well as finish up the OMEMO PR. Also I’ll try to find an elegant solution for OMEMO encrypted file transfer, which I’ll try to formalize into a (Proto-)XEP. Here you can find my GSoC proposal.

 

I’m always interested in making new contacts in the FOSS world, so if you have any questions or want to chat, don’t hesitate to contact me . You can find my contact information on my github page, but I’m also hanging out in the open_chat MUC.

 

Happy hacking!

Vanitasvitae

May 04 2017

Ignite Realtime Blog: Openfire 4.1.4 Release

The Ignite Realtime Community is proud to announce the 4.1.4 release of Openfire. This release signifies our continued effort to have a stable 4.1 release series while work progresses on the next major release.  A changelog exists denoting our 14 resolved issues and you can download the release builds from our website.  The following table contains a reference of release build files, their associated sha1sums and the number of times the previous release for that build type was downloaded.

OS sha1sum Filename Version 4.1.3 Downloads
Linux RPM (32bit JRE) 8846cd55047d9871ef9357568e0c1a9f43c41652 openfire-4.1.4-1.i686.rpm 3,293 Linux RPM (No JRE) 61a89afb66d74d523addbd238bf0c008ffada8aa openfire-4.1.4-1.noarch.rpm 2,249 Linux RPM (64bit JRE) 8f370c7e9dfe530f7d05d93122ca72b9b563c92c openfire-4.1.4-1.x86_64.rpm 12,142 Linux .deb 83bf090c07daeacb59a97ddade1cd76c1dbb3030 openfire_4.1.4_all.deb 15,714 Mac OS 37664eee2235748653ce070e873e5064a8e49bed openfire_4_1_4.dmg 4,095 Windows EXE 1f417e66ec7ec729ff60cada797d112267370826 openfire_4_1_4.exe 43,598 Binary (tar.gz) 6c8c262fbcc00c84bf86aab3787485e619757cc0 openfire_4_1_4.tar.gz 7,377 Binary (zip) 25763a8273a5d7a66e322b3515c38dfa6c52dc6b openfire_4_1_4.zip 17,892 Source (tar.gz) 680aad9967cef70ba609bb82854b9f991c8cd9c5 openfire_src_4_1_4.tar.gz 1,872 Source (zip) 656ca8c2fe4679f340682e33e1042d6ae00f9ed3 openfire_src_4_1_4.zip 6,273

 

As a reminder, our development of Openfire happens on Github and we have an active MUC development chat hosted at  open_chat@conference.igniterealtime.org. We are always looking for more folks interested in helping out, so please consider pitching in!

 

As always, please report any issues in the Community Forums and thanks for using Openfire!

April 27 2017

Peter Saint-Andre: RFC 8141: Uniform Resource Names

Long, long ago on an Internet far, far away, some forward-thinking technologists defined several different types of identifiers called Uniform Resource Locators URLs (for locating things on the Internet - say, an article published online) and Uniform Resource Names or URNs (for permanently naming things without necessarily locating them - say, identifying a book by its ISBN no matter where a physical or electronic copy might be located). Some years later, a grand unified theory of identifiers was formulated, leading to the creation of Uniform Resource Identifiers (URIs) including both URLs and URNs (and URCs, but who's ever heard of those?). Even though most URIs that we use today are URLs, URNs as specified in RFC 2141 have continued to be widely deployed, especially for bibliographic purposes and as XML namespace names. Because the communities that use URNs have felt the need to make some slight adjustments to the syntax and to align URNs with the formal definition of URIs, back in 2010 folks at the IETF decided to start work on a new document to obsolete RFC 2141. It took us 7 years (!), but here we are today with RFC 8141 to bring URNs into the modern age (almost exactly 20 years after the publication of RFC 2141 in 1997). Special thanks to John Klensin for co-editing this specification with me!...

April 22 2017

Tigase Blog: Experiences with Tigase Messenger for iOS

At heart I’m what people call a power user. When I started to use Tigase Messenger for iOS, I was a little reluctant to hand over status to the application, I typically like to have every conceivable feature at my fingertips – even if I don’t use them.

April 13 2017

Erlang Solutions: MongooseIM 2.1.0beta1 what happens when you give your team freedom

<p><a href="http://www2.erlang-solutions.com/l/23452/2017-04-12/4jzcbj">MongooseIM</a> is a highly technical platform for businesses to build messaging and social apps, or add messaging and social features to an existing app. The fullstack MongooseIM platform offers various components, both for the backend (Erlang, Elixir) and the frontend (iOS, Android, Web) for you to pick up and assemble like pieces of a puzzle. Today, the MongooseIM platform delivers a new beta version of the messaging server, as well as new push notification server.</p> <p>My name is Michał Piotrowski, and I&rsquo;m MongooseIM platform tech lead. With this blog post I&rsquo;d like to announce and describe our latest release. MongooseIM 2.1.0beta1 is one of the strongest releases I have ever worked on. It comes with new features on the XMPP level and it also contains much more internal, technical changes.</p> <p>For this release we created a <a href="http://mongooseim.readthedocs.io/en/2.1.0beta1/Roadmap">roadmap</a> and gave the team the freedom to implement it. The end result is not only implementation of most of the items from the roadmap but also many corresponding changes resulting in improved code quality or performance.</p> <h2>Push Notifications</h2> <h3>For mobile devices</h3> <p>These days most of instant messaging applications are mobile first or mobile only. To deliver great product for mobile devices you have to be able to send push notifications to offline users in one way or another. This was possible so far with the <a href="http://mongooseim.readthedocs.io/en/2.1.0beta1/modules/mod_http_notification/">mod_http_notification</a> module. The problem with this approach is that you need to create your own HTTP service talking to <code>APNS</code> or <code>FCM</code>.</p> <p>In this version we added support for push notifications as described in <a href="https://xmpp.org/extensions/xep-0357.html">XEP-0357: Push Notifications</a>. We also added a new service to our platform <a href="https://github.com/esl/MongoosePush">MongoosePush</a> which can be used to communicate with both APNS and FCM. Configuration of all the required components to enable push notifications is no laughing matter. That&rsquo;s why we create a detailed <a href="http://mongooseim.readthedocs.io/en/latest/user-guide/Push-notifications/">tutorial</a> on this topic.</p> <p>Thanks to this functionality you can enable push notifications in your application based on a standard way. There is no need to create ad-hoc, custom solutions.</p> <h3>For other services</h3> <p>In many cases you may want to get some of the events from MongooseIM in your other services. For example, to apply some business logic or implement a custom archive. Again, this was possible with MongooseIM so far by aforementioned mod_http_notification with the same limitations as described above.</p> <p>MongooseIM 2.1.0beta1 comes with a new and more flexible way to integrate with other services in the whole infrastructure. Thanks to <a href="http://mongooseim.readthedocs.io/en/2.1.0beta1/modules/mod_aws_sns/">mod_aws_sns</a> you can configure MongooseIM to push certain events to your Amazon SNS queues. The sky’s the limit in applying any business logic you may want on all the delivered events.</p> <h2>Full text search for MAM</h2> <p>Most modern instant messaging applications need full text search on the messages from archive. While not officially described in any XEP, it&rsquo;s possible to add custom queries to MAM requests for instant full text search. This is exactly what we did in MongooseIM 2.1.0beta1. With this version you can use custom field full-text-search in your MAM query to get all messages matching provided pattern. Complete example can be found in <a href="https://github.com/esl/MongooseIM/pull/1136">the PR</a> implementing this functionality. Be warned, this has its limitations:</p> <ul> <li>It works only with MySQL, PostgreSQL or Riak KV backends.</li> <li>MySQL and PostgreSQL implementation is not the most efficient as it&rsquo;s based on SQL&rsquo;s full text search.</li> </ul> <p>Please take a look at <a href="http://mongooseim.readthedocs.io/en/2.1.0beta1/modules/mod_mam/">mod_mam</a> documentation to see how to enable this feature.</p> <h2>Continuous load testing</h2> <p>In developing the MongooseIM platform we are always focused on the quality of our product. That&rsquo;s why we integrated MongooseIM with services like <a href="https://travis-ci.org/esl/MongooseIM">travis-ci</a>, <a href="https://coveralls.io/github/esl/MongooseIM">coveralls.io</a> and <a href="http://gadget.inakalabs.com">gadget-ci</a> a long time ago. Thanks to these improvements, every single change is properly tested. Code quality and test coverage are also monitored to ensure we deliver the best possible quality.</p> <p>For the past few months we&rsquo;ve been working on another service which helps us deliver better products. <a href="http://tide.erlang-solutions.com">Tide</a> is our own service integrated with MongooseIM build pipeline. Thanks to this service we are able to continuously load test our pull requests to see the performance impact of proposed changes.</p> <h2>XMPP pipelining</h2> <p>The usual way of connecting to a XMPP server is based on a request response pattern. The client sends a stanza, waits for the reply from the server and then sends another stanza. This is required when the client connects to a server for the first time. Many things about the server capabilities are not known to the client so it needs to wait for the response to proceed. When communicating with familiar server, where the clients know about all the features provided by it, almost all initial requests can be combined in one request.</p> <p>This improves connection or re-connection times significantly. Following diagrams shows re-connection time (with stream resumption) with and without pipelining.</p> <p><img src="https://s3.amazonaws.com/uploads.hipchat.com/15025/1282540/SJcJKBIyYrvSdSo/diagram.png" alt="Reconnection speed with and without pipelining"></p> <p>As you can see the reconnection time with pipelining takes <strong>at most</strong> less than <strong>50ms</strong> while without pipelining it&rsquo;s at least <strong>150ms</strong>.</p> <p>This improvement doesn&rsquo;t come for free though. These changes increase MongooseIM&rsquo;s memory consumption. Tests on our Tide platform before and after the change was merged shows that MongooseIM consumes around 200Mb more memory on a load test with 50K users.</p> <h2>Erlang distribution over TLS</h2> <p>Many of our customers were asking if it’s possible to encrypt the communications between Erlang nodes in the cluster. They need this for various reasons, and improved security is always an important factor when deciding whether to encrypt Erlang traffic or not.</p> <p>Our answer to this problem is yes, it&rsquo;s possible. Magnus Henoch already described how to do this for Erlang in general in his <a href="https://www.erlang-solutions.com/blog/erlang-distribution-over-tls.html">blog post</a>. Starting from there we extended MongooseIM to simplify such encrypted setup and add it to 2.1.0beta1. Detailed documentation on how to encrypt Erlang traffic for your MongooseIM cluster you can read in the <a href="http://mongooseim.readthedocs.io/en/2.1.0beta1/operation-and-maintenance/tls-distribution/">Distribution over TLS</a> guide.</p> <p>You can expect a dedicated blog post with load test results on this topic in the near future. <a href="http://www2.erlang-solutions.com/emailpreference">Sign up to the Erlang Solutions Newsletter</a> to be notified of this blog post when it’s published. </p> <h2>Changelog</h2> <p>Please feel free to read the detailed <a href="https://github.com/esl/MongooseIM/releases/tag/2.0.1">changelog</a>, where you can follow links and find the code changes.</p> <h2>Special thanks to our contributors!</h2> <p>Special thanks to our contributors: <a href="https://github.com/astro">@astro</a>, <a href="https://github.com/aszlig">@aszlig</a>!</p> <h2>Next?</h2> <h3>From beta1 to final release through beta2</h3> <p>This release is a beta which means we are still adding a lot of changes before final release. We work to ensure that our product is as high a quality as possible with every change - I strongly recommend giving this beta a try. This also means that you can influence the final 2.1.0 release by giving us your feedback.</p> <h3>Peer to peer or mediated binary streaming</h3> <p>We will deliver an ICE/STUN/TURN server, coded in Elixir, to allow peer to peer and one to one media streaming, like voice, video, screen sharing, and whiteboarding. The signalling part, named <a href="https://xmpp.org/about/technology-overview.html#jingle">Jingle</a>, is already available.</p> <h2>Test our work on MongooseIM 2.1.0beta1 and share your feedback</h2> <ul> <li>Star our repo: <a href="https://github.com/esl/MongooseIM">github.com/esl/MongooseIM</a></li> <li>Follow us on Twitter: <a href="https://twitter.com/MongooseIM/">twitter.com/MongooseIM</a></li> </ul>

April 12 2017

Daniel Pocock: What is the risk of using proprietary software for people who prefer not to?

Jonas Öberg has recently blogged about Using Proprietary Software for Freedom. He argues that it can be acceptable to use proprietary software to further free and open source software ambitions if that is indeed the purpose. Jonas' blog suggests that each time proprietary software is used, the relative risk and reward should be considered and there may be situations where the reward is big enough and the risk low enough that proprietary software can be used.

A question of leadership

Many of the free software users and developers I've spoken to express frustration about how difficult it is to communicate to their family and friends about the risks of proprietary software. A typical example is explaining to family members why you would never install Skype.

Imagine a doctor who gives a talk to school children about the dangers of smoking and is then spotted having a fag at the bus stop. After a month, if you ask the children what they remember about that doctor, is it more likely to be what he said or what he did?

When contemplating Jonas' words, it is important to consider this leadership factor as a significant risk every time proprietary software or services are used. Getting busted with just one piece of proprietary software undermines your own credibility and posture now and well into the future.

Research has shown that when communicating with people, what they see and how you communicate is ninety three percent of the impression you make. What you actually say to them is only seven percent. When giving a talk at a conference or a demo to a client, or communicating with family members in our everyday lives, using a proprietary application or a product or service that is obviously proprietary like an iPhone or Facebook will have far more impact than the words you say.

It is not only a question of what you are seen doing in public: somebody who lives happily and comfortably without using proprietary software sounds a lot more credible than somebody who tries to explain freedom without living it.

The many faces of proprietary software

One of the first things to consider is that even for those developers who have a completely free operating system, there may well be some proprietary code lurking in their BIOS or other parts of their hardware. Their mobile phone, their car, their oven and even their alarm clock are all likely to contain some proprietary code too. The risks associated with these technologies may well be quite minimal, at least until that alarm clock becomes part of the Internet of Things and can be hacked by the bored teenager next door. Accessing most web sites these days inevitably involves some interaction with proprietary software, even if it is not running on your own computer.

There is no need to give up

Some people may consider this state of affairs and simply give up, using whatever appears to be the easiest solution for each problem at hand without thinking too much about whether it is proprietary or not.

I don't think Jonas' blog intended to sanction this level of complacency. Every time you come across a piece of software, it is worth considering whether a free alternative exists and whether the software is really needed at all.

An orderly migration to free software

In our professional context, most software developers come across proprietary software every day in the networks operated by our employers and their clients. Sometimes we have the opportunity to influence the future of these systems. There are many cases where telling the client to go cold-turkey on their proprietary software would simply lead to the client choosing to get advice from somebody else. The free software engineer who looks at the situation strategically may find that it is possible to continue using the proprietary software as part of a staged migration, gradually helping the user to reduce their exposure over a period of months or even a few years. This may be one of the scenarios where Jonas is sanctioning the use of proprietary software.

On a technical level, it may be possible to show the client that we are concerned about the dangers but that we also want to ensure the continuity of their business. We may propose a solution that involves sandboxing the proprietary software in a virtual machine or a DMZ to prevent it from compromising other systems or "calling home" to the vendor.

As well as technical concerns about a sudden migration, promoters of free software frequently encounter political issues as well. For example, the IT manager in a company may be five years from retirement and is not concerned about his employer's long term ability to extricate itself from a web of Microsoft licenses after he or she has the freedom to go fishing every day. The free software professional may need to invest significant time winning the trust of senior management before he is able to work around a belligerant IT manager like this.

No deal is better than a bad deal

People in the UK have probably encountered the expression "No deal is better than a bad deal" many times already in the last few weeks. Please excuse me for borrowing it. If there is no free software alternative to a particular piece of proprietary software, maybe it is better to simply do without it. Facebook is a great example of this principle: life without social media is great and rather than trying to find or create a free alternative, why not just do something in the real world, like riding motorcycles, reading books or getting a cat or dog?

Burning bridges behind you

For those who are keen to be the visionaries and leaders in a world where free software is the dominant paradigm, would you really feel satisfied if you got there on the back of proprietary solutions? Or are you concerned that taking such shortcuts is only going to put that vision further out of reach?

Each time you solve a problem with free software, whether it is small or large, in your personal life or in your business, the process you went through strengthens you to solve bigger problems the same way. Each time you solve a problem using a proprietary solution, not only do you miss out on that process of discovery but you also risk conditioning yourself to be dependent in future.

For those who hope to build a successful startup company or be part of one, how would you feel if you reach your goal and then the rug is pulled out underneath you when a proprietary software vendor or cloud service you depend on changes the rules?

Personally, in my own life, I prefer to avoid and weed out proprietary solutions wherever I can and force myself to either make free solutions work or do without them. Using proprietary software and services is living your life like a rat in a maze, where the oligarchs in Silicon Valley can move the walls around as they see fit.

April 11 2017

ProcessOne: ejabberd 17.04

Less than a month after previous release, ejabberd 17.04 is out with bug-fixes and new features: Redis and SQL backends can now be used to store some RAM tables, the same way Mnesia is doing.

This release fixes few regressions from previous refactor. If you have troubles using PEP or using external modules with ejabberd 17.03, upgrade to 17.04 should fix everything.

Refactor efforts are still in progress. If you’re a developer, consider ‘jlib’ module as obsolete and do call common helpers (like type convertors) from the new ‘misc’ module instead.

Improvements

Admin

  • Add more examples on config template
  • Generate ejabberd lib dir when not available in code server
  • Set default prefix to /usr/local
  • Start supervisors after ext_mod
  • Don’t log warning on successful ping reply
  • New muc_register_nick command

Core

  • Deprecate jlib.erl in favor of misc.erl
  • Add support for file-based queues
  • ejabberd_sm: Fix routing of headline and groupchat messages
  • Fix c2s connection close on demand
  • Improve overloaded S2S queue processing

Databases

  • Improve Redis related code
  • Add Redis pool support
  • Improve logging of Redis errors
  • Add Redis and SQL as mod_proxy65 RAM backends
  • Add Redis and SQL as mod_carboncopy RAM backends
  • Add Redis and SQL as mod_bosh RAM backends
  • Add Redis and SQL as router RAM backends
  • Add SQL as mod_muc RAM backend
  • Remove obsolete Pubsub mnesia migration calls

Miscellany

  • ejabberd_http: Expand @VERSION@ in custom headers
  • ejabberd_http: Add “custom_headers” option
  • mod_client_state: Queue stanzas of each full JID
  • mod_http_upload: Don’t add “Server” header line
  • Pubsub: Refactor pubsub’s get_last_items
  • Pubsub: Fix PEP issues

Feedback

As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

April 02 2017

Alexander Gnauck: Introducing MatriX vNext

We are thrilled to announce the next generation of the MatriX XMPP libraries.
15 years elapsed already since we started our first .NET/c# XMPP library agsXMPP with .NET 1.0. Our XMPP libraries and the .NET technologies had many major evolutions over the years.

With the switch to .Net Core we also took the opportunity for a major rewrite and redesign of the codebase. The API for clients, servers and components is not backwards compatible, but all XMPP protocol classes remain the same. Updating existing code bases to MatriX vNext should be pretty straightforward.

Some highlights

  • new software design and more modern API
  • target .Net Core
  • high performance sockets using Azure DotNetty
  • Completly Task based using the TAP pattern (async/await)
  • more Linq extensions
  • Rx (Reactive Extensions)
  • will be open source and available under a dual license (Open Source and commercial)

Here is some demo client code using MatriX vNext:

var xmppClient = new XmppClient
{
    Username = "alex",
    Password = "secret",
    XmppDomain = "server.com",
};

xmppClient
	.XmppXElementStream
	.Where(el => el.OfType<Presence>())
	.Subscribe(el =>
	{
		// Handle incoming presence
		Debug.WriteLine(el.Cast<Presence>().From);
	});

xmppClient
	.XmppXElementStream
	.Where(el => el.OfType<Message>())
	.Subscribe(el =>
	{
		// Handle incoming messages	    
		Debug.WriteLine(el.Cast<Message>().Body);
	});

xmppClient
	.XmppXElementStream
		.Where(el => 
		el.OfType<Iq>
		&& el.Cast<T>().Type == IqType.Get
		&& el.Cast<T>().Query.OfType<Ping>()
	.Subscribe(el =>
	{
		// handle and reply to incoming pings
		var iq = xmppXElement.Cast<T>();

		var resIq = Factory.GetElement<T>();
		resIq.Id    = iq.Id;
		resIq.To    = iq.From;
		resIq.Type  = IqType.Result;

		await xmppClient.SendAsync(resIq);
	});

// connect, secure, authenticate and bind
await xmppClient.ConnectAsync();

// request roster (contact list)
var roster = await xmppClient.RequestRosterAsync();

// send own presence to the server
xmppClient.SendPresenceAsync(Show.Chat, "free for Chat");

Releases are available as a Nuget packages here: https://www.nuget.org/packages/Matrix.vNext

April 01 2017

Swift Blog: Swift is Changing

Due to potential confusion between the Swift XMPP Client and Apple’s Swift programming language, we’re adopting a new name for Swift. Read on for more information and a link to our new website!

It’s has now been over 2 years since the Swift XMPP client became part of Isode’s product set and during that time we’ve seen significant changes to the product and the market within which it operates.

One of the biggest non-technical changes was Apple’s decision (in 2014) to name it’s new programming language “Swift” and its simultaneous decision to adopt an icon for this language with a great many similarities to the one used by our XMPP Client.

From a marketing perspective the possible confusion between our XMPP Client and Apple’s programming language is clearly a cause for concern. We’ve been pondering what moves we should make to protect Swift’s identity as an XMPP client for some time.

I am pleased to announce therefore that we’ll be adopting a new name and new look for the Swift XMPP client which, from today, will be known as Jolly Brisk!™ a name we’ve chosen to reflect the speed of the client and its connection to Isode Ltd, a British company.

We’re still in the early days of establishing a new identity for Jolly Brisk! and we need your help.

We’ve started on the new website which shows off our new corporate identity and some screenshots of our client. We’d appreciate your feedback on this new and radical change.

We expect to fully adopt the new identity with Swift 4.0, which will be launched as Jolly Brisk!™ 1.0.

March 29 2017

Christian Schudt: Future - About the New Asynchronous API in Babbler

This is a topic which is long overdue, but still pretty interesting: The new asynchronous, non-blocking API for IQ requests in Babbler (since version 0.7).

The Problem

Until the previous release, all IQ-based API was synchronous and did block until the IQ response has been received.

Lets have a look at what that means and how Last Activity (XEP-0012) of an entity was retrieved to illustrate the problem:

LastActivityManager lastActivityManager = xmppSession.getManager(LastActivityManager.class);
LastActivity lastActivity = lastActivityManager.getLastActivity(Jid.of("juliet@example.com/balcony"));

The method getLastActivity() sends out the IQ request and then waited (blocked) a few milliseconds or even seconds for the response or until a timeout happened.

Having blocking operations is of course resource consuming because you have to dedicate a thread for it, which however is blocking most of the time while waiting on the operation to finish. It's the same issue as with blocking IO and the reason why NIO exists.

Doing multiple blocking IQ queries in parallel means, you have to create a thread for each query.

If you want to do such an IQ query from a JavaFX application you also had to write a lot of boilerplate code like this:

Task<LastActivity> task = new Task<LastActivity>() {
@Override
protected LastActivity call() throws Exception {
LastActivityManager lastActivityManager = xmppSession.getManager(LastActivityManager.class);
return lastActivityManager.getLastActivity(Jid.of("juliet@example.com/balcony"));
}
};
task.stateProperty().addListener((observableValue, state, state1) -> {
switch (state1) {
case SUCCEEDED:
updateUI(task.getValue());
break;
case FAILED:
task.getException().printStacktrace();
break;
default:
break;
}
});
new Thread(task).start();

You don't want to block the UI thread and therefore need to run blocking operations in a background task.

Furthermore the blocking API in Babbler was not interruptible because it didn't throw InterruptedException. Of course we could have solved the interruptible issue easily, but you still would have the drawbacks of a blocking API.

Futures to the Rescue

Instead of waiting for the response and then returning the result, all IQ-based APIs now return a java.util.concurrent.Future:

Future<LastActivity> lastActivityFuture = lastActivityManager.getLastActivity(Jid.of("juliet@example.com/balcony"));

The method call is now asynchronous, it no longer blocks and passes control immediately back to the caller!

As with every Future, you can get the result with its get() method:

LastActivity lastActivity = lastActivityManager.getLastActivity(jid).get();

or with a timeout:

LastActivity lastActivity = lastActivityManager.getLastActivity(jid).get(5, TimeUnit.SECONDS);

You might ask, what we've gained now, because the get() method is blocking again and usually you need the IQ result anyway.

Well, that's true. One part of the answer is that we gain interruptibility and the other part is that the returned result is not only a Future, but also a java.util.concurrent.CompletionStage (Java 8's new toy).

CompletionStage<LastActivity> lastActivityFuture = lastActivityManager.getLastActivity(Jid.of("juliet@example.com/balcony"));

It basically allows you to react asynchronously when the result is present, i.e. when the Future is done. Some frameworks like Guava already have such a concept of a "Listenable Future", now it's part of the JDK.

Taking our JavaFX example from above, updating the UI with the result as in the above example can now become a simple one-liner:

lastActivityManager.getLastActivity(jid).thenAcceptAsync(this::updateUI, Platform::runLater);

It sends the IQ request and later when the response is received it asynchronously executes the updateUI method in the JavaFX thread.

No more blocking, no more extra threads, everything is asynchronous!

Even better:

CompletionStages can be chained together. There are use cases, which require multiple IQ queries like Service Discovery or File Transfer. They can then be composed together into one:

CompletionStage<Boolean> isSupported = xmppClient.isSupported(LastActivity.NAMESPACE, jid);
CompletionStage<LastActivity> lastActivityFuture = isSupported.thenCompose(result -> {
if (result) {
return lastActivityManager.getLastActivity(jid);
} else {
throw new RuntimeException("XEP-0012 not supported by" + jid);
}
});

This code first checks if Last Activity is supported (using Service Discovery) and only if it is, queries the entity.

File Transfer is pretty complicated, with a lot of queries going on. This pseudo-code example illustrates the power of composing asynchronous calls (IBB fallback not shown here):

CompletionStage<ByteStreamSession> future =
initiateStream() // Initiate a file transfer stream with somebody
.thenCompose(streamInitiation -> discoverStreamHosts() // When accepted, discover SOCKS5 stream hosts
.thenCompose(streamHosts -> letReceiverChoseOne() // Query the receiver and let him choose a stream host
.thenCompose(streamHostUsed -> activateStreamHost() // When receiver responds with the chosen stream host, activate it
.thenApply(result -> createByteStreamSession())))); // After activation, create a stream session.

For convenience there's also a class AsyncResult, which implements both interfaces.

I think asynchronous programming is the future :-) and this is a first, but huge step in the right direction.

March 28 2017

Erlang Solutions: How Would the World Embrace Video Collaboration if it Couldn’t Scale?

<h3>“How would the world embrace video collaboration if it couldn’t scale?”</h3> <p>This is a big question that Vidyo spotted early on, way back in 2005, as it set out to pioneer the next generation of video conferencing. </p> <p>Video collaboration at that time was primarily used for communicating between one traditional conference room to another. Since then, the world has changed. Today, in a time when “the office” can increasingly mean “pretty much anywhere” for millions of workers, (and consumer-facing apps are turning to video to service millions of customers), building a scalable video platform presents a new set of requirements. </p> <p>We are happy to share what we’ve learned over the years with developers who are interested in the next wave of video communications. At 1 PM EST on 3/29, <a href="http://www2.erlang-solutions.com/l/23452/2017-03-27/4jbrbg">join us</a> for our <strong><a href="http://www2.erlang-solutions.com/l/23452/2017-03-27/4jbrbg">“Building a Global Video Chat Platform for Developers”</a></strong> webinar, as we discuss the challenges faced and solved when building a developer platform that delivers real-time, mobile, multiparty video. </p> <h1>Today’s video collaboration landscape</h1> <p>Today, clear and reliable video collaboration has lept out of the conference room and into our pockets, letting us hop on a video call from our smartphone or tablet while on the train, in the airport or on the road - with more or less the same audio/visual quality as a dedicated room system that enjoys a perfect ethernet connection and high bandwidth. </p> <p>When hundreds of people can reliably connect face-to-face at the same time, from wherever they happen to be, this method of communicating is proving to be transformative for critical fields like healthcare, banking, government and education. This is especially true as we work to make nuisances like dropped calls, lag, grainy or blurry visuals and frozen screens a thing of the past - and stunning levels of clarity and consistency become more of the norm, from basically anywhere. </p> <h1>Behind the scenes</h1> <p>Vidyo has diligently developed patented <a href="https://vidyo.io/platform/sfu-video-router/?utm_source=erlang&amp;utm_campaign=erlang&amp;utm_medium=webinar">adaptive video layering</a> and routing technologies that have ultimately given us a reputation as the go-to enterprise-grade video service, especially among industries with tight regulations and high security demands. </p> <p>For years, global enterprises have video-enabled their applications using our APIs and SDK. Now, however, the video conferencing market is shifting to embedded video - with the vision that developers should be able to easily video-enable any application on virtually any device - effectively “video-enabling the world”. When we decided to make the shift to embedded video and roll out our video API platform, <strong><a href="http://www.vidyo.io/?utm_source=erlang&amp;utm_campaign=erlang&amp;utm_medium=webinar">Vidyo.io</a></strong>, we knew that our customers would continue to demand Vidyo’s specific brand of mobile, multiparty video that is highly scalable, without sacrificing its quality. </p> <h1>Spoiler: it’s not all plain sailing</h1> <p>One of the challenges today of offering high-quality video collaboration at scale, is signaling. Initially, we built our own signaling protocol. We had a very scalable platform that was ideal for our enterprise customers, which could easily scale to tens of thousands of users. </p> <p>But, with Vidyo.io, we were building a global video API platform to be used to video-enable any concept or idea that application developers could think of, whether for enterprise business or consumer-facing applications. We chose MongooseIM because we needed signaling that could scale to millions of users. </p> <h1>Why MongooseIM was the solution for us</h1> <p>We found MongooseIM to be simple, flexible and reliable, and designed for this type of global Internet scale. XMPP is the battle-hardened standard, with the interoperability and classical benefits (like chat, historical chat, etc.) that we, as a uniquely enterprise-grade service, needed for an architecture that could get to 99.999% uptime.</p> <p>This is how video collaboration has lept out of the conference room and into the pockets of millions of people around the world. </p> <p>As we brought <strong><a href="http://vidyo.io/?utm_source=erlang&amp;utm_campaign=erlang&amp;utm_medium=webinar">Vidyo.io</a></strong>, to market, our priorities included geo-scalable distribution, easily working through firewalls and accounting for compiled code along with native code and browser access (as WebRTC is becoming increasingly important to the video space). At the time, we evaluated all XMPP platforms. We found that Erlang was the best solution for us, and it has gone on to help us significantly on our mission to offer embedded video to the world that “just works.”</p> <h1>Ask me anything</h1> <p>I’m proud to say that today, Vidyo.io has been featured on DevOps.com, ProgrammableWeb, App Developer Magazine, Software Development Times and elsewhere. Video is now becoming ingrained in everything people do. </p> <p>I’ll be speaking more in depth on the ups and downs of building a real-time, multiparty video platform with Erlang Solutions. <strong><a href="http://www2.erlang-solutions.com/l/23452/2017-03-27/4jbrbg">Register for the webinar</a></strong> if you are interested in learning more about my experience, the technology, and to take part in the Q&amp;A panel afterwards. You can ask me anything!</p> <p>Learn more about <strong><a href="http://www2.erlang-solutions.com/l/23452/2017-03-27/4jbrdl">MongooseIM</a></strong>, Erlang Solutions’ high volume messaging solution. </p>

March 26 2017

Peter Saint-Andre: Unethical Philosophers

Reports and allegations continue to surface regarding widespread sexual misconduct by male philosophy professors, including "stars" such as John Searle and Thomas Pogge (as well as several professors here in Colorado). The sad irony and arrogant hypocrisy of professors of philosophy engaging in such despicable and deeply unethical behavior cannot be passed by in silence. We witness here in a particularly painful form the truth of Thoreau's observation that "There are nowadays professors of philosophy, but not philosophers." According to Thoreau and the ancients, "to be a philosopher is not merely to have subtle thoughts, nor even to found a school, but so to love wisdom as to live according to its dictates" - which these piddling professors clearly fail to do....
Older posts are this way If this message doesn't go away, click anywhere on the page to continue loading posts.
Could not load more posts
Maybe Soup is currently being updated? I'll try again automatically in a few seconds...
Just a second, loading more posts...
You've reached the end.

Don't be the product, buy the product!

Schweinderl