New Rasperry Pi performance benchmarks...

Lazy follow up to my previous post on the Raspberry Pi.  Here are some more recent benchmarks using a more up-to-date image:  http://openbenchmarking.org/result/1302242-BY-1205272AR49 Take aways:  Performance has improved greatly.   Still get's crushed by a P4, but performance per watt is now clearly in the Pi's favour. Some of the tests failed because I don't have a monitor hooked up to me Pi.  (Like GTK perf).  With the Wayland changes, I guess I might have to review this again with one..

Rolling Release - w/ Upstream Stable Cadence, Upstream Beta Cadence, and Limited Delta Buffer

Upstream Stable Cadence

We track upstreams, what they consider stable, we consider stable, we ship in rolling release under *conditions.

Upstream Beta Cadence

We track upstreams beta/rc repo, what they consider "almost stable", we consider worth getting extremely easy user testing.  We try to ship in Rolling Release archive, but with different package names.  This will not work for everything.   Some upstreams don't really have RC/beta releases, others might be too complicated to keep in repo. For example, meta-packages for:  firefox-beta, linux-rcs, etc. Goal would be to evaluate doing this with packages in main only.  Others, like all of Gnome, might need a different plan.

Data.  Lots of data.

We need data that we can get an idea of how stable a product is. Some combination of reported bugs, automatic bugs, weighted in different ways. The data should be generated from both the beta  and stable releases. We also need to better connect users of the beta releases to upstream, faster, when they have a problem.

"Limited Delta Buffer" (*conditions)

First - Big changes to stable release separated by 3 weeks initially.  New Kernel and new Xorg both want to get in?  Only 1 get's in every 3 weeks.  In this case I would suggest letting the kernel go first, then three weeks later Xorg get's in.   This limits the volatility of the rolling release by limiting updates from all coming at the same time. Second - Data driven modifications to buffering time, who get's in first, and what blocks what.    For a new kernel the data would come from that exact kernel in the beta package,   If we find that the kernel never breaks anything and is super stable, move it to just a one week buffer. Third - refine if we consider upstream to be "wrong".  Maybe Linux kernel rc3 and above is all we ship in beta package, etc. Rationale: We need a new concept of a stable system for a Rolling Release.  It should take advantage of and contribute to upstreams own stabilization procedures (their "beta cadence") while limiting the rate of change (delta) users of the rolling release need to deal with.   As for using 'Months', they are way to arbitrary.  Some months there will be nothing interesting, others we could have a new kernel, Xorg, Unity, and Gnome. Obviously, this isn't perfect and needs a bunch more refinement, I just wanted to get this out there before March 18th (the deadline for proposals).  Thanks for reading and please let me know what you think.

On Upgrading Routers

Below are the speedtests of two different routers using a wired connection. Actiontec (about 2011) - 53.22 MB (down) 8.23 (up) Linksys WRT54G v2 (about 2004) - 23 MB (down) 7.76 (up) Generally I like the older Linksys routers because I can install OpenWRT on them.  With my faster internet connection they can't really stand up to new routers though.  Worth checking if your router is the bottleneck in your Internet experience. Speaking of new routers, I've been researching to buy with IPv6 support and preferably an open firmware out of the box.  I haven't been able to find one yet...Buffalo is a great choice for the open part, but doesn't have IPv6 by default.  In addition, the DD-WRT project appears to have stalled somewhat this last year.  In an ideal world I'd get a router who's manufacturer officially loads OpenWRT and enables IPv6 out of the box.   Am I missing said vendor? Comments  

  • Claes Comly says:
    Coincidentally im needing to upgrade my linksys router. Wish i could buy an ubuntu router. Did read some about asus routers recently. Looks like where im going.
  • DD-WRT on MIPS-based routers has been mostly superseded by numerous clones of Tomato USB. I use this mod at home: http://tomato.groov.pl/ . It has IPv6, can correctly translate IPv4 addresses in SIP packets (unlike DD-WRT), and (unlike OpenWRT) can route 100 Mbit/s on ASUS RT-N16. As for Atheros-based routers, OpenWRT is the remaining alternative.
  • Gregg says:
    Asus n-66u will do ipv6 and you can put tomato (or dd-wrt?) On as firmware

Database Compression Options - Compared

This is the best way I found to visualize this data.  Each compression method (bzip2, gzip, etc) starts at 0 or 1 (least compression on the left) and goes up to 9 (most compression on the right).   Except for xz -e which just does the odd numbers and 0. They are all compressing the same size file (it was a 32 GB database). I think this graph nicely shows why xz (which is the same compression as LZMA2/7-zip) is getting so much traction. Take a look at the raw data. Technical notes: I actually divided filesize (from ls) by 10000000 because it worked out better for the graph. I truncated the seconds.

DuckDuckGo, Now in Ubuntu 12.10!

I'm pleased to say that DuckDuckGo is now included as a search engine option in Firefox in the latest Ubuntu 12.10 release.  DuckDuckGo and Twitter are the only search engines that are secure by default via HTTPS. As a brief comparison I searched for pidgin in the Unity Dash, Google, and DuckDuckGo.  Which results do you like better? Starting with Google and Unity Dash: And Now for DuckDuckGo! DuckDuckGo separates your search term into different uses, letting you further refine your search results or get instant answers from Wikipedia, dictionaries and many more sources. DuckDuckGo doesn't track you or bubble you (customize your search so you rarely will be shown another point of view).  They also are partially open source and made it a goal to give back 10% of gross revenue to open source projects. For a better overview of DuckDuckGo check out their about page, the introductory video is really nice.   This is just the start of a relationship between DuckDuckGo and Canonical, in fact they haven't even signed a contract yet.  Hopefully the relationship grows and enhances both projects. Duck it! Comments  

  • Shawn says:
    I can’t believe I was actually searching without all this zero-click info before, this is so unique and helpful from DuckDuckGo. I’m relatively busy, so it saves time on loading multiple pages.
  • Dandare says:
    I like the concept of endless scrolling similar to tumblr. It’s so confy. I use the Duck since 2012 and also found the !bang command is a easy and powerful function. Go! DuckDuck Go! you’re the one 🙂

Rasberry Pi vs old Dell, P4

A random smattering of Raspberry Pi vs an Old Dell P4 machine. Unfortunately I labeled the Rasberry Pi, Debian (it is running the debian image, at least).  You can view the full results at OpenBenchmarking.org.  Most people are not buying a Raspberry Pi for the performance :), but it is nice to know just how much slower the Pi is. The dell can pull between 70 - 120+ Watts, while the raspberry pi can pull 5.   Unfortunately, in performance per watt, I think the P4 still comes in first most of the time.  (The total test time on the P4 was less than an hour, the Pi I left overnight).  I didn't do much graphics testing, but the Raspberry Pi chip is physically better (not sure if it's being properly leveraged though).

Browsers and how I think they should show Trust and Encyption

A follow up from my previous post;

Firefox 12 Currently

...has something like this to show trust and encryption (the colors are off but hopefully you get the idea, the actual blue and green are much nicer on the eyes): [V] The Vanguard Group Inc, (US)   https://personal.vanguard.com/us/CorporatePortal

[d]duckduckgo.com   https://duckduckgo.com/?q=cheese

[g]google.com   https://encrypted.google.com

[/.] slashdot.org

My proposal:

[V] The Vanguard Group Inc. (US)    personal.vanguard.com   /us/CorporatePortal

[d] duckduckgo.com   /?q=cheese

[g] encrypted.google.com

[/.] slashdot.org

I'm curious if you can figure out what everything means in my proposal without explanation.

Explanation

  • Green is for trust and only for trust.  Notice how the favicon is only colored at all when using Extended Validation.  AFAIK it should never be a domain name.
  • Blue is for encrypted and only for encrypted, and only used for the sub+domain name.  I'm hoping this will provide a non-color cue for those who are colorblind, to differentiate between the two.
  • I got rid of the greying out of text and moved to a bolding of the domain name, this helped due to my bad green/blue colors but might not be necessary in the real version
  • Spacing between the domain name and the rest of the url to help keep them even more separate in a quick glance
  • Oh, and the complete lack of https/http, I would want to see Opera's awesome feature implemented where they hide them unless you click on the URL bar.
My overall goal was to try to communicate both a level of trust and a level of encryption, while making it easy at a glance.  In addition, giving us the option in the future to really separate these two concepts. Looking for suggestions, comments, and feedback before I try to propose it to Mozilla.  Check out my previous blog post for what they are actually planning to do for Firefox 14. Comments  
  • The focusing on the certificate name is nice for the certification authorties but doesn’t increase security that much as long as it’s not clear what proof of identity the certification authority requires. I guess most users will not spot the difference between “The Vanguand Group Inc. (US)” and “The Vanguard Group Inc. (US)”. Marking a connection to “personal.vanguand.com” as “trusted” helps someone who got this domain and certificate to pretent to be Vanguard. In my opinion for most use cases the important information is “that’s the same site I used before”. Therefor it would be nice if the user could assign some visual clue (e.g. an icon) to a certificaten and have the browser to display that clue everytime this certificate is used. So if the user assigns some cute kitten icon with his bank’s web site he’ll easily know “No cute kitten –> NOT MY BANK!”. This would even work for web sites with a certificate that’s not from a certification authority known by the browser.
    1. Bryan says:
      For them to get Vanguand Group they would actually need to be incorporated as the Vanguand group in the US. I’m pretty sure, Vanguard would sue them before they can get that. – That’s the big benefit of EV. I totally agree that we should incorporate the user’s sense of trust into it somehow. User selected site icons is an interesting idea.. I was also thinking of some sort of First Visit notice…
  • foo says:
    The meaning of colours is *highly* culturally determined, red doesn’t always mean bad, green doesn’t always mean good. I strongly suggest not doing that.
  • Oxwivi says:
    I second! Furthermore, with the favicons being featured on tabs as well, it’d be more useful to boot the favicon form the address bar and replace it with an icon with the sole purpose of indicating if the connection is encrypted or not (would complement your idea as it does not show https://), a la Opera. By the way, I’m curious as to how we can propose features, changes and such to Mozilla. Is it the same as other projects (mailing list, IRC, etc)?
    1. Oxwivi says:
      Oh, and the icon should have three states: one of them being mixed content (obtained through both secure and unsecure connections); the last two are the trust and encryption as you describe.
  • It’s interesting that you decided to keep the favicon in the address bar. In your previous post you mentioned that there isn’t a great deal of difference between having favicons in the address bar or on the tab, and that users can and will look in the wrong place (which I agree with). Have you seen the mockups that Alex Faaborg did a while ago for reducing redundancy in the address bar? It is very similar to your design here. Basically, the goal was to move to the site-identity block to be the effective hostname. Here is a link to the mockup in case you are interested: https://bug588270.bugzilla.mozilla.org/attachment.cgi?id=466899 Implementing the design that you have proposed brings with it some technical challenges. Bolded fonts are rendered differently on all the major OSes, and we would need to figure out how to transition from the colored and spaced out URL to a plaintext URL when the user gives focus to the address bar. None of these issues make this a bad idea, but they would need to be figured out before something like this could be shipped. Thanks for writing up the proposal, I think it is very well thought out 🙂
    1. Bryan says:
      On the favicon vs lock icon, I went with favicon, because I don’t want to reinforce that a lock means they are safe. I really like those mockups, and I think from seeing them I understand more of why switch to a lock/web at all. If it’s part of a transition to using that space for the different activation that makes some sense. I didn’t realize bold could have so many problems…
  • JanC says:
    The problem is that if you want to show trust, you need a way to audit what CA to trust. The CA I have seen to be trustworthy only cover a very small share of the market (try removing Symantec/Verisign from you browser as “trusted” CA–because they are not trustworthy–if you want to see the effect of making SSL/TLS really secure to common users).

Browsers and how they show Trust and Encyption

Firefox is moving ahead with a new way to convey the security level of websites...See the differences for yourself.  Also including Chrome and Opera for comparison. Key: HTTP is the plain old web, no guarantee of well anything really security wise HTTPS your communication is encrypted to a specific website HTTPS with EV or Extended Validation ensures your communication is encrypted to a specific website AND that company X (at so and so address, and incorporated in Y) owns said website.

Firefox 12 (current)  HTTP
HTTPS
HTTPS with EV
Firefox 14  (new) HTTP
HTTPS
HTTPS with EV
Opera HTTP
HTTPS
HTTPS with EV
Chrome HTTP
HTTPS
HTTPS with EV
Additional Notes: Opera doesn't warn on Mixed HTTP/HTTPS Content, instead it just displays it as "Web" (no security markers) which certainly puts security first. Opera - when you click the url bar, the full URL get's displayed including http:// or https://, otherwise they are usually hidden except for trusted sites for some reason.   That actually makes me like hiding http/https by default. Which do you think of the above is the worst?   The best?  Why? For me, Opera would win if they didn't have the lock symbol.  Saying outright "Secure" or "Trusted" I think works quite well. Otherwise I still really like Firefox 12.  It is quite easy to teach to people (I teach a Firefox course every other month or so), and works quite well at a glance. The other goal of the Firefox 14 change was to "reduce some visual weight".  Which I read as make what kind of page (secure/etc) stand out less.  In fact, out of the above Firefox 14 is my last choice.

The Lock Symbol

It provides a false sense of security. If you tell people that a lock symbol means they are secure they are more likely to trust locks that are on the page or part of the favicon. Regardless if it's not displayed in the URL bar, it would still be on the tab.  It's not a big leap for a user to mistake one for the other. The lock symbol does exist in Firefox 12, it will show up if you click on the Green or Blue bar. This keeps it from being something the user expects to see on the page though.

Links

You can read more about the reasoning behind the Firefox 14 change here: https://msujaws.wordpress.com/2012/04/23/an-update-to-site-identity-in-desktop-firefox/ Discussion about the return of the lock:https://groups.google.com/forum/#!topic/mozilla.dev.apps.firefox/ODX1PJutsLM/discussion   Comments MarkC I have no problem with Mozilla’s decision to remove the favicon from the address bar in Firefox 14, but I think losing the coloured backgrounds is a mistake. It’s a lot easier to teach users to differentiate between blue, green and no colour than to explain the more subtle text/icon differences in the Firefox 14 screenshots.

Boot a USB Drive from GRUB.. or what to do when your computer can't boot from USB

I've ran into this situation before.. Had Linux installed on a machine and needed to reinstall/or install another distro. Fine, should be easy right? Load said distro on a USB stick and away we go. Unfortunately some (mostly older) machines can't boot from a USB stick. This annoys me (especially cause I really don't use writable CDs/DVDs at all anymore). It turns out if you already have GRUB1 installed on the machine, you can use that to boot the USB stick and even overwrite what's on the hard drive. This of course doesn't help you if you have no-OS or another OS -> maybe look at PXE booting.   I'm still haven't gotten this to work with GRUB2 unfortunately, they've complicated things a little.  Still it's useful for old machines.

  1. Figure out the kernel command line that your distro of choice uses (that you want to install/boot). I was using Linux Mint Debian created by Unetbootin. They (like many distros) store this in syslinux.cfg, look for the default label, and then note the items in bold. label unetbootindefault menu label Default kernel /ubnkern append initrd=/ubninit boot=live config live-media-path=/casper quiet splash --
  2. Boot target machine with USB stick inserted.  When GRUB appears Press Escape then C to get to the GRUB command line.
  3. If you only have two drives in the machine the internal one will be (hd0,0) and the external one should be (hd1,0), or similar. I typed the following, change with your version of the bolded information above, pressing enter after every command. root (hd1,0) kernel /ubnkern initrd /ubninit boot=live config live-media-path=/casper quiet splash
  4. Ready to go?  Type boot and hit enter.
Tab auto-complete works great with GRUB..  You can do root (hd to get possible target drives, root (hd0, to get possible target partitions and filesystem types, and finally list possible kernel or initrd targets. Comments  
  • muzzol says:
    i recommend to install Smart Boot Manager on MBR (sbm) and GRUB on first sector of partition. sbm can detect on the fly external drives even on very old machines.
  • kb says:
    Way too complicated 🙂 I prefer the following grub.cfg and create the ISO with grub-mkrescue on Debian Squeeze. By the way, leaving off the partition like I do here is not documented as far as I can tell. menuentry ‘First USB device’ { root (hd1) chainloader +1 } menuentry ‘Second USB device’ { #This is the fallback entry, so force the menu open when we fail as well: set timeout=-1 root (hd2) chainloader +1 } #menuentry ‘Rescue partition (TODO)’ { # set root='(hd0,1)’ # chainloader +1 #}
  • Bruneti says:
    Can I boot a recovery mac os X partition from grub prompt? I’ve got hfs+ on my iMac and grub tolds me unkwon filesystems … I need help ASAP!!!! thanks

Duck Duck Go Search Engine in Ubuntu's Firefox?

If you haven't tried searching with Duck Duck Go, give it a try at duckduckgo.com Learn more about how it protects your privacy and doesn't track you.. donttrack.us Learn more about how it gives back to free and open source software. http://www.gabrielweinberg.com/blog/2010/11/help-me-start-a-foss-tithing-movement.html I previously posted about trying to add Duck Duck Go directly to Firefox (that has stalled).   My proposal for Ubuntu is a bit different, I think it makes sense for us to replace Bing with Duck Duck Go.  Every search helps the company behind bug #1, in fact I would argue that including Bing helps them keep up their market-share. If you like the idea of Duck Duco Go being added to Ubuntu's Firefox search box above, please show your support! http://brainstorm.ubuntu.com/idea/28078/ Also, and just as important as the above, Duck Duck Go provides really awesome results!  Try a few... https://duck.co/topic/wow-queries-that-showcase-ddg