Planeta GNOME Hispano
La actividad Hispana de GNOME 24 x 7

25 de November de 2018

Frogr 1.5 released

It’s almost one year later and, despite the acquisition by SmugMug a few months ago and the predictions from some people that it would mean me stopping from using Flickr & maintaining Frogr, here comes the new release of frogr 1.5.Frogr 1.5 screenshot

Not many changes this time, but some of them hopefully still useful for some people, such as the empty initial state that is now shown when you don’t have any pictures, as requested a while ago already by Nick Richards (thanks Nick!), or the removal of the applications menu from the shell’s top panel (now integrated in the hamburger menu), in line with the “App Menu Retirement” initiative.

Then there were some fixes here and there as usual, and quite so many updates to the translations this time, including a brand new translation to Icelandic! (thanks Sveinn).

So this is it this time, I’m afraid. Sorry there’s not much to report and sorry as well for the long time that took me to do this release, but this past year has been pretty busy between hectic work at Endless the first time of the year, a whole international relocation with my family to move back to Spain during the summer and me getting back to work at Igalia as part of the Chromium team, where I’m currently pretty busy working on the Chromium Servicification project (which is material for a completely different blog post of course).

Anyway, last but not least, feel free to grab frogr from the usual places as outlined in its main website, among which I’d recommend the Flatpak method, either via GNOME Software  or from the command line by just doing this:

flatpak install --from \

For more information just check the main website, which I also updated to this latest release, and don’t hesitate to reach out if you have any questions or comments.

Hope you enjoy it. Thanks!

15 de November de 2018

On the track for 3.32

It happens sneakily, but there’s more things going on in the Tracker front than the occasional fallout. Yesterday 2.2.0-alpha1 was released, containing some notable changes.

On and off during the last year, I’ve been working on a massive rework of the SPARQL parser. The current parser was fairly solid, but hard to extend for some of the syntax in the SPARQL 1.1 spec. After multiple attempts and failures at implementing property paths, I convinced myself this was the way forward.

The main difference is that the previous parser was more of a serializer to SQL, just minimal state was preserved across the operation. The new parser does construct an expression tree so that nodes may be shuffled/reevaluated. This allows some sweet things:

  • Property paths are a nice resource to write more idiomatic SPARQL, most property path operators are within reach now. There’s currently support for sequence paths:

    # Get all files in my homedir
    SELECT ?elem {
      ?elem nfo:belongsToContainer/nie:url 'file:///home/carlos'

    And inverse paths:

    # Get all files in my homedir by inverting
    # the child to container relation
    SELECT ?elem {
      ?homedir nie:url 'file:///home/carlos' ;
               ^nfo:belongsToContainer ?elem

    There’s harder ones like + and * that will require recursive selects, and there’s the negation (!) operator which is not possible to implement yet.

  • We now have prepared statements! A TrackerSparqlStatement object was introduced, capable of holding a query with parameters which can be set/replaced prior to execution.

    conn = tracker_sparql_connection_get (NULL, NULL);
    stmt = tracker_sparql_connection_query_statement (conn,
                                                      "SELECT ?u { ?u fts:match ~term }",
                                                      NULL, NULL);
    tracker_sparql_statement_bind_string (stmt, "term", search_term);
    cursor = tracker_sparql_statement_execute (stmt, NULL, NULL);

    This is a long sought protection for injections. The object is cacheable and can service multiple cursors asynchronously, so it will also be an improvement for frequent queries.

  • More concise SQL is generated at places, which brings slight improvements on SQLite query planning.

This also got the ideas churning towards future plans, the trend being a generic triple store as much sparql1.1 capable as possible. There’s also some ideas about better data isolation for Flatpak and sandboxes in general (seeing the currently supported approach didn’t catch on). Those will eventually happen in this or following cycles, but I’ll reserve that for other blog post.

An eye was kept on memory usage too (mostly unrealized ideas from the performance hackfest earlier this year), tracker-store has been made to automatically shutdown when unneeded (ideally most of the time, since it just takes care of updates and the unruly apps that use the bus connection), and tracker-miner-fs took over the functionality of tracker-miner-apps. That’s 2 processes less in your default session.

In general, we’re on the way to an exciting release, and there’s more to come!

13 de November de 2018

Degree final work about ISO/IEC 29110

Cover of «Creation of artifacts for adoption of ISO/IEC 29110 standards» blueprint{:width="200" .pull-right }

I want a lot to write more in this blog. There are matters I didn't talk enough about SuperSEC or GUADEC conferences, some announce for 2019 and some some activities in Wikipedia (specially in the Wikiproyecto-Almería and my firsts step in the amazing world of SPARQL), less important but I really enjoy.

But now I want to keep record of significant advances in the university degree I'm finishing these months. I decided to finish a pending course with special interest in the required degree final work, to work in things I've been interested since 2003 but never had the oportunity to focus in deep enough to study, learn and write some useful, I hope, tools. And it's being fun :-)

29110 Galore at{:width="250" .pull-right }

So now I can say the project blueprint has been approved by the university. It's named «Creation of artifacts for adoption of ISO/IEC 29110 standards» (document in Spanish, sorry) and the goals are to produce a set of opensource artifacts for the adoption of the 29110 family of standards focused on a light software engineering methodology suitable to be adopted by very small entities (VSEs). At the moment my main target is to work in the «Part 5-4: Agile software development guidelines», currently on development by WG24, using the EPF Composer tool.

As a working tool I'm making a (half backed and maybe temporal) website to keep record of related materials at

Hope to announce related news in the next weeks.

01 de November de 2018

Running EPF Composer in Fedora Linux, v3

Well, finally I succeed with native instalation of the EPF (Eclipse Process Framework) Composer in my Linux system thanks to Bruce MacIsaac and the development team help. I'm happy. This is not trivial since EPFC is a 32 bits application running in a modern 64 bits Linux system.

My working configuration:

  • Fedora F28, x86_64
  • java-1.8.0-oracle-, 32 bits, from the non-free Russian Fedora repository:
    • java-1.8.0-oracle-
    • java-1.8.0-oracle-headless-
  • EPF Composer Linux/GTK 1.5.2
  • GTK+ v.2 integration dependencies (from main Fedora repository):
    • adwaita-gtk2-theme-3.28-1.fc28.i686.rpm
    • libcanberra-gtk2-0.30-16.fc28.i686.rpm
  • xulrunner 32 bits xulrunner-10.0.2.en-US.linux-i686.tar.bz2
  • libXt-1.1.5-7.fc28.i686.rpm (from main Fedora repository).

In my system obviously I can install all rpm packages using DNF. For different distros look for the equivalent packages.

Maybe I'm missing some minor dependency, I didn't checked in a clean instalation.

Download EPFC and xulrunner and extract each one in the path of your choice. I'm using xulrunner-10.0.2.en-US.linux-i686/ as directory name to be more meaninful.

The contents of epf.ini file:


I had to write the full system path for the -Dorg.eclipse.swt.browser.XULRunnerPath property to get Eclipse recognize it.

And to run EPF Composer:

$ epf -vm  /usr/lib/jvm/java-1.8.0-oracle-  

If you want some non trivial work with Composer in Linux you'll need xulrunner since it's used extensively for editing contents.

Native Linux EPF Composer screenshot{:width="350" .center }

I had success running the Windows EPF version using Wine and I can do some work with it, but at some point the program gets inestable and needs to reboot. Other very interesting advantage of running native is I can use the GTK+ filechooser which is really lot better than the simpler native Java one.

I plan to practice a lot modeling with EPF Composer in the coming weeks. Hopefully I'll share some new artifacts authored by me.

PD: added the required libXt dependency.

25 de October de 2018

3 events in a month

As part of my job at Igalia, I have been attending 2-3 events per year. My role mostly as a Chromium stack engineer is not usually much demanding regarding conference trips, but they are quite important as an opportunity to meet collaborators and project mates.

This month has been a bit different, as I ended up visiting Santa Clara LG Silicon Valley Lab in California, Igalia headquarters in A Coruña, and Dresden. It was mostly because I got involved in the discussions for the web runtime implementation being developed by Igalia for AGL.

AGL f2f at LGSVL

It is always great to visit LG Silicon Valley Lab (Santa Clara, US), where my team is located. I have been participating for 6 years in the development of the webOS web stack you can most prominently enjoy in LG webOS smart TV.

One of the goals for next months at AGL is providing an efficient web runtime. In LGSVL we have been developing and maintaining WAM, the webOS web runtime. And as it was released with an open source license in webOS Open Source Edition, it looked like a great match for AGL. So my team did a proof of concept in May and it was succesful. At the same time Igalia has been working on porting Chromium browser to AGL. So, after some discussions AGL approved sponsoring my company, Igalia for porting the LG webOS web runtime to AGL.

As LGSVL was hosting the september 2018 AGL f2f meeting, Igalia sponsored my trip to the event.

AGL f2f Santa Clara 2018, AGL wiki CC BY 4.0

So we took the opportunity to continue discussions and progress in the development of the WAM AGL port. And, as we expected, it was quite beneficial to unblock tasks like AGL app framework security integration, and the support of AGL latest official release, Funky Flounder. Julie Kim from Igalia attended the event too, and presented an update on the progress of the Ozone Wayland port.

The organization and the venue were great. Thanks to LGSVL!

Web Engines Hackfest 2018 at Igalia

Next trip was definitely closer. Just 90 minutes drive to our Igalia headquarters in A Coruña.

Igalia has been organizing this event since 2009. It is a cross-web-engine event, where engineers of Mozilla, Chromium and WebKit have been meeting yearly to do some hacking, and discuss the future of the web.

This time my main interest was participating in the discussions about the effort by Igalia and Google to support Wayland natively in Chromium. I was pleased to know around 90% of the work had already landed in upstream Chromium. Great news as it will smooth integration of Chromium for embedders using Ozone Wayland, like webOS. It was also great to know the work for improving GPU performance reducing the number of copies required for painting web contents.

Web Engines Hackfest 2018 CC BY-SA 2.0

Other topics of my interest:
– We did a follow-up of the discussion in last BlinkOn about the barriers for Chromium embedders, sharing the experiences maintaining a downstream Chromium tree.
– Joined the discussions about the future of WebKitGTK. In particular the graphics pipeline adaptation to the upcoming GTK+ 4.

As usual, the organization was great. We had 70 people in the event, and it was awesome to see all the activity in the office, and so many talented engineers in the same place. Thanks Igalia!

Web Engines Hackfest 2018 CC BY-SA 2.0

AGL All Members Meeting Europe 2018 at Dresden

The last event in barely a month was my first visit to the beautiful town of Dresden (Germany).

The goal was continuing the discussions for the projects Igalia is developing for AGL platform: Chromium upstream native Wayland support, and the WAM web runtime port. We also had a booth showcasing that work, but also our lightweight WebKit port WPE that was, as usual, attracting interest with its 60fps video playback performance in a Raspberry Pi 2.

I co-presented with Steve Lemke a talk about the automotive activities at LGSVL, taking the opportunity to update on the status of the WAM web runtime work for AGL (slides here). The project is progressing and Igalia should be landing soon the first results of the work.

Igalia booth at AGL AMM Europe 2018

It was great to meet all this people, and discuss in person the architecture proposal for the web runtime, unblocking several tasks and offering more detailed planning for next months.

Dresden was great, and I can’t help highlighting the reception and guided tour in the Dresden Transportation Museum. Great choice by the organization. Thanks to Linux Foundation and the AGL project community!

Next: Chrome Dev Summit 2018

So… what’s next? I will be visiting San Francisco in November for Chrome Dev Summit.

I can only thank Igalia for sponsoring my attendance to these events. They are quite important for keeping things moving forward. But also, it is also really nice to meet friends and collaborators. Thanks Igalia!

18 de October de 2018

How to cite bibliography ISO/IEC standards

For my final post-grade work I'm collecting bibliography and as the main work is around ISO/IEC documents I investigated how to to make a correct bibliography entry for these, which I realized is not very well known as you can check in this question in

I finally chose an style I show here as an example:

  • BibTeX: @techreport{iso_central_secretary_systems_2016, address = {Geneva, CH}, type = {Standard}, title = {Systems and software engineering -- {Lifecycle} profiles for {Very} {Small} {Entities} ({VSEs}) -- {Part} 1: {Overview}}, shorttitle = {{ISO}/{IEC} {TR} 29110-1:2016}, url = {}, language = {en}, number = {ISO/IEC TR 29110-1:2016}, institution = {International Organization for Standardization}, author = {{ISO Central Secretary}}, year = {2016} }
  • RIS: TY - RPRT TI - Systems and software engineering -- Lifecycle profiles for Very Small Entities (VSEs) -- Part 1: Overview AU - ISO Central Secretary T2 - ISO/IEC 29110 CY - Geneva, CH PY - 2016 LA - en M3 - Standard PB - International Organization for Standardization SN - ISO/IEC TR 29110-1:2016 ST - ISO/IEC TR 29110-1:2016 UR - ER - I've using this style extensively in a development website You can compare details with the official info.

Both have been generated using Zotero.

07 de October de 2018

Banksy Shredder

PD: After some reports about male nudity this post has been edited to remove the portrait of my back. If you have reservations with male nudity PLEASE DON'T FOLLOW THE LINK.

PPD: If you don't have problems with male nudity for your convenience here you'll find the Wiki Commons category «Nude men» of pictures.

«Software Quality Assurance, First Edition» PDF file

Print ISBN:9781118501825, Online ISBN:9781119312451, DOI:10.1002/9781119312451{:width="250" .pull-right }

For your convenience I've compiled in just one file the book Software Quality Assurance by Claude Y. Laporte and Alain April. The book is provided for free download at the publisher website as separated files. Download the full book.

About the book: «This book introduces Software Quality Assurance (SQA) and provides an overview of standards used to implement SQA. It defines ways to assess the effectiveness of how one approaches software quality across key industry sectors such as telecommunications, transport, defense, and aerospace.»

It is licensed as Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Claude Y. Laporte is the editor of the ISO/IEC 29110 standard of software engineering for very small entities (VSE).

PD: Added licencing details.

04 de October de 2018

GUADEC 2018 by numbers

GUADEC 2018 badge{:width="250" .pull-right }

It took me a while but now I can gave you some stats from GUADEC 2018, following past year Sam's example.

They are very rough but I hope informative.

  • Attendees: 207 (and about 215 registered), two less than 2017.
  • 9 days: 2 days boards meetings, 3 for conferences and 4 for BoFs and workshops.
  • 44 talks and videos.
  • 35 BoFs and workshops.
  • 3 great parties, including the flamenco show by «la Chinelita and group».
  • About economics just to say it was very successful. Thanks a lot to our sponsors and donnors. And special kudos to the sponsoring team for such impresive job.
  • The medium age was 32.7, from the 143 persons who provided their age. Minimum age was 15 and maxium 61.
  • The Spanish attendants were 43, 20.8% of the total. Significative presence from the UK with 20%.
  • The maximum of persons per day hosted at Civitas residence where 75. I would have expected a bigger number but some factors affected: GUADEC dates were in high season with a particular peak because some local events (at some point there were not a single room available in Almería city), other was a coincidence with a university summer course and finally many people tried to book at Civitas very late.

The attendees who filled they country of residence, by country:

| country | number | |----|---| | Argentina|1 | | Australia| 1 | | Austria| 2 | | Belgium| 1 | | Brazil| 2 | | Canada| 3 | | China| 3 | | Czech Republic| 10 | | Denmark| 2 | | Finland| 1 | | France| 9 | | Germany| 11 | | Greece| 1 | | India| 2 | | Israel| 1 | | Italy| 3 | | Japan| 1 | | Latvia| 1 | | Netherlands| 2 | | New Zealand| 1 | | Norway| 2 | | Romania| 3 | | Russian Federation| 2 | | Spain| 43 | | Sri Lanka| 1 | | Sweden| 2 | | Switzerland| 1 | | United Kingdom| 41 | | United States| 25 | | Unspecified| 18 |

The GUADEC occupancy at Civitas were:

| date              | number | |----|---| | 02/07/2018 | 1 | | 03/07/2018 | 7 | | 04/07/2018 | 21 | | 05/07/2018 | 66 | | 06/07/2018 | 70 | | 07/07/2018 | 71 | | 08/07/2018 | 75 | | 09/07/2018 | 70 | | 10/07/2018 | 63 | | 11/07/2018 | 40 | | 12/07/2018 | 5 | | 13/07/2018 | 1 |

Thanks Benjamin Berg for helping to collect the data.

Thank you all for visiting us in Almería. Don't forget to come back :-)

PD: post edited at 2018/11/15 adding details of residence occupancy.

02 de October de 2018

Wacom's graphic tablet sizes (2)

In a previous entry I put the data I've collected about Wacom digitizer tablets. Collecting the data took to me more time I really wished. But now I'm happy to publish an exhaustive list thanks to Carlos Garnacho:

| model | active area size mm | active area size in | |:--------- |:--------- |:--------- | | Wacom ISDv4 E2 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom Intuos BT M | 254 ✕ 203 mm | 10 ✕ 8 in | | Wacom ISDv4 104 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Intuos BT S | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom Intuos M | 254 ✕ 203 mm | 10 ✕ 8 in | | Wacom Intuos S | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom ISDv4 5110 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Bamboo Pen medium | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo Fun medium (2+FG) | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom DTU-2231 | 483 ✕ 279 mm | 19 ✕ 11 in | | Wacom Bamboo Pen small | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Cintiq 21UX2 | 432 ✕ 330 mm | 17 ✕ 13 in | | Wacom Graphire Wireless | 203 ✕ 152 mm | 8 ✕ 6 in | | ELAN 2537 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom ISDv4 5002 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 5000 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 485e | 254 ✕ 178 mm | 10 ✕ 7 in | | Wacom Bamboo (2+FG) | 127 ✕ 76 mm | 5 ✕ 3 in | | Wacom DTH1152 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Bamboo Fun small (2+FG) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo Pen & Touch (2+FG) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Cintiq 22HD touch | 483 ✕ 279 mm | 19 ✕ 11 in | | Wacom DTI520UB/L | 356 ✕ 305 mm | 14 ✕ 12 in | | Wacom Bamboo Fun medium (2FG) | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Bamboo Fun small (2FG) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo (2FG) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo Touch (2FG) | 127 ✕ 76 mm | 5 ✕ 3 in | | Huion H610 Pro | 254 ✕ 152 mm | 10 ✕ 6 in | | Bamboo One | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom Bamboo Pen | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Intuos BT M | 254 ✕ 203 mm | 10 ✕ 8 in | | Wacom ISDv4 12C | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Intuos BT S | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom Intuos4 WL | 203 ✕ 127 mm | 8 ✕ 5 in | | Wacom Intuos4 12x19 | 483 ✕ 305 mm | 19 ✕ 12 in | | Wacom Intuos4 8x13 | 330 ✕ 203 mm | 13 ✕ 8 in | | Wacom ISDv4 5146 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Cintiq Pro 13 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom MobileStudio Pro 16 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom MobileStudio Pro 13 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 484c | 254 ✕ 178 mm | 10 ✕ 7 in | | Wacom DTU-1931 | 381 ✕ 305 mm | 15 ✕ 12 in | | Wacom Cintiq 12WX | 254 ✕ 178 mm | 10 ✕ 7 in | | Wacom Cintiq 20WSX | 432 ✕ 279 mm | 17 ✕ 11 in | | Wacom Cintiq 21UX | 432 ✕ 330 mm | 17 ✕ 13 in | | Wacom ISDv4 4004 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Cintiq Pro 16 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom DTF-720 | 330 ✕ 279 mm | 13 ✕ 11 in | | Wacom Intuos Pro 2 L | 305 ✕ 203 mm | 12 ✕ 8 in | | Wacom Intuos Pro 2 M | 229 ✕ 152 mm | 9 ✕ 6 in | | Wacom DTH2242 | 483 ✕ 279 mm | 19 ✕ 11 in | | Wacom ISDv4 5099 | 254 ✕ 178 mm | 10 ✕ 7 in | | Wacom DTK2241 | 483 ✕ 279 mm | 19 ✕ 11 in | | Wacom Cintiq Pro 32 | 686 ✕ 381 mm | 27 ✕ 15 in | | Wacom Cintiq Pro 24 PT | 508 ✕ 305 mm | 20 ✕ 12 in | | Wacom Intuos3 12x19 | 483 ✕ 305 mm | 19 ✕ 12 in | | Wacom Intuos4 6x9 | 229 ✕ 152 mm | 9 ✕ 6 in | | Wacom Intuos4 4x6 | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Intuos Pro 2 L WL | 305 ✕ 203 mm | 12 ✕ 8 in | | Wacom Intuos Pro 2 M WL | 229 ✕ 152 mm | 9 ✕ 6 in | | Wacom Intuos3 4x6 | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Intuos3 6x8 | 203 ✕ 152 mm | 8 ✕ 6 in | | Intuos Pen & Touch Medium | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom ISDv4 5013 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 5014 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom Intuos4 WL | 203 ✕ 127 mm | 8 ✕ 5 in | | Intuos Pen Medium | 229 ✕ 127 mm | 9 ✕ 5 in | | Intuos Pen & Touch Small | 152 ✕ 102 mm | 6 ✕ 4 in | | Intuos Pen Small | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom ISDv4 50f8 | 356 ✕ 203 mm | 14 ✕ 8 in | | Huion H610 Pro | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom ISDv4 504a | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Intuos3 6x11 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Intuos3 12x12 | 305 ✕ 305 mm | 12 ✕ 12 in | | Wacom Intuos3 9x12 | 305 ✕ 229 mm | 12 ✕ 9 in | | XP-Pen Star 03 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom ISDv4 50f1 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Intuos3 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom DTK1651 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom ISDv4 10D | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 10F | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 10E | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Intuos2 12x18 | 457 ✕ 305 mm | 18 ✕ 12 in | | Wacom Intuos2 12x12 | 305 ✕ 305 mm | 12 ✕ 12 in | | Wacom Intuos2 9x12 | 305 ✕ 229 mm | 12 ✕ 9 in | | Wacom Intuos2 6x8 | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom Intuos2 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom DTU1031X | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Cintiq 27QHD | 610 ✕ 305 mm | 24 ✕ 12 in | | Wacom ISDv4 503E | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 117 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 116 | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom ISDv4 503F | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 50b8 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Cintiq 27QHD touch | 610 ✕ 305 mm | 24 ✕ 12 in | | Wacom ISDv4 50b6 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 50b4 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Intuos5 M | 229 ✕ 152 mm | 9 ✕ 6 in | | Wacom DTU1141 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom ISDv4 5048 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom Cintiq 13HD touch | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 5044 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom ISDv4 4831 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 5040 | 305 ✕ 178 mm | 12 ✕ 7 in | | Huion H610 Pro | 254 ✕ 152 mm | 10 ✕ 6 in | | Dell Canvas 27 | 584 ✕ 330 mm | 23 ✕ 13 in | | Wacom Cintiq Companion 2 | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Cintiq 22HD | 483 ✕ 279 mm | 19 ✕ 11 in | | Wacom ISDv4 101 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 100 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 481a | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 93 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom DTU1031 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Intuos5 touch L | 330 ✕ 203 mm | 13 ✕ 8 in | | N-Trig Pen | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom ISDv4 509D | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Intuos5 S | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Intuos5 touch S | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Intuos5 touch M | 229 ✕ 152 mm | 9 ✕ 6 in | | Intuos Pen Medium | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom ISDv4 4824 | 102 ✕ 178 mm | 4 ✕ 7 in | | Wacom Intuos 12x18 | 457 ✕ 305 mm | 18 ✕ 12 in | | Wacom ISDv4 4822 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Intuos 12x12 | 305 ✕ 305 mm | 12 ✕ 12 in | | Wacom Intuos 9x12 | 305 ✕ 229 mm | 12 ✕ 9 in | | Wacom Intuos 6x8 | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom Intuos 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom ISDv4 90 | 305 ✕ 203 mm | 12 ✕ 8 in | | Wacom Cintiq 24HD touch | 533 ✕ 330 mm | 21 ✕ 13 in | | Intuos Pen Small | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo Pad | 102 ✕ 76 mm | 4 ✕ 3 in | | Wacom ISDv4 124 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Cintiq Companion | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom Bamboo Pad Wireless | 102 ✕ 76 mm | 4 ✕ 3 in | | Wacom DTH2452 | 508 ✕ 305 mm | 20 ✕ 12 in | | Wacom Cintiq Pro 24 P | 508 ✕ 305 mm | 20 ✕ 12 in | | Wacom ISDv4 93 | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom Graphire | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom ISDv4 90 | 305 ✕ 203 mm | 12 ✕ 8 in | | Wacom Intuos Pro L | 330 ✕ 203 mm | 13 ✕ 8 in | | Wacom Intuos Pro M | 229 ✕ 152 mm | 9 ✕ 6 in | | Wacom Intuos Pro S | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Graphire2 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom ISDv4 4814 | 254 ✕ 178 mm | 10 ✕ 7 in | | Wacom Graphire4 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom Graphire3 6x8 | 203 ✕ 152 mm | 8 ✕ 6 in | | Wacom Graphire3 4x5 | 127 ✕ 102 mm | 5 ✕ 4 in | | Wacom Graphire2 5x7 | 178 ✕ 127 mm | 7 ✕ 5 in | | One by Wacom (medium) | 229 ✕ 127 mm | 9 ✕ 5 in | | One by Wacom (small) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Cintiq 24HD | 533 ✕ 330 mm | 21 ✕ 13 in | | Wacom DTU-1631 | 356 ✕ 203 mm | 14 ✕ 8 in | | Wacom Bamboo Special Edition Pen & Touch medium | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom Bamboo Create | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom ISDv4 114 | 229 ✕ 127 mm | 9 ✕ 5 in | | Wacom DTK2451 | 508 ✕ 305 mm | 20 ✕ 12 in | | Wacom Bamboo Capture | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo Connect | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Bamboo 16FG 4x5 | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom ISDv4 5090 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom Bamboo Special Edition Pen & Touch small | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom Cintiq Companion Hybrid | 305 ✕ 178 mm | 12 ✕ 7 in | | Wacom ISDv4 4809 | 102 ✕ 178 mm | 4 ✕ 7 in | | XP-Pen Star 03 | 254 ✕ 152 mm | 10 ✕ 6 in | | Huion H610 Pro | 254 ✕ 152 mm | 10 ✕ 6 in | | Wacom Cintiq 13HD | 305 ✕ 178 mm | 12 ✕ 7 in | | Intuos Pen & Touch Medium | 229 ✕ 127 mm | 9 ✕ 5 in | | Intuos Pen & Touch Small | 152 ✕ 102 mm | 6 ✕ 4 in | | One by Wacom (medium) | 229 ✕ 127 mm | 9 ✕ 5 in | | One by Wacom (small) | 152 ✕ 102 mm | 6 ✕ 4 in | | Wacom ISDv4 5010 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 E6 | 279 ✕ 152 mm | 11 ✕ 6 in | | Wacom ISDv4 E5 | 279 ✕ 152 mm | 11 ✕ 6 in |

As a reference these are the standards DIN sizes comparable with those models:

| DIN type  | size | |------------------ | -------------------------- | | A4 | 210 x 297 mm | | A5 | 148 x 210 mm | | A6 | 105 x 148 mm |

The source of this data is directly from the Wacom driver and is extracted with this C program Carlos provided: ```c

/* Build with: * gcc -o wacomfoo pkg-config --libs --cflags libwacom wacomfoo.c */

define INTOMM 25.4

include libwacom.h>

int main (int argc, char argv[]) { const WacomDeviceDatabase *db; WacomDevice *devices; int i;

db = libwacomdatabasenew (); devices = libwacomlistdevicesfromdatabase (db, NULL); printf ("| model | active area size mm | active area size in | \n"); printf ("|:--------- |:--------- |:--------- | \n");

for (i = 0; devices[i] != NULL; i++) { if (libwacomgetwidth (devices[i]) == 0) continue; printf ("| %s | %.f ✕ %.f mm | %.f ✕ %.f in | \n", libwacomgetname (devices[i]), (double) libwacomgetwidth (devices[i]) * INTOMM, (double) libwacomgetheight (devices[i]) * INTOMM, (double) libwacomgetwidth (devices[i]), (double) libwacomgetheight (devices[i])); } return 0; } ```

PD: Fixed the correct value for milimeters per inch.

23 de September de 2018

Wacom's graphic tablet sizes

For some reasons I've been looking for second hand Wacom graphic tablets. To me has been annoying to find out which size is for each model. So I'm writing here the list of the models I gathered.

The reason for looking only for Wacoms is because these days seem to be very well supported in Linux, at least the old models you can get second hand.

| model | active area size | |:------------------ |:-------------------------- | | CTL460 | 147,2 x 92,0 mm | | CTL 420 | 127.6 x 92.8 mm | | CTE-430 Graphire 3 | 127 x 101 mm | | CTF-430 | 127.6 x 92.8 mm | | CTL 460 | 147,2 x 92,0 mm | | CTH-460 | 147,2 x 92,0 mm | | CTH-461 | 147,2 x 92,0 mm | | CTH-470 | 147,2 x 92,0 mm | | CTL-470 | 147,2 x 92,0 mm | | CTL-480 Intuos | 152 x 95 mm | | CTE-640 | 208.8 x 150.8 mm | | CTE-650 | 216.5 x 135.3 mm | | CTH-661 | 215.9 x 137.16 mm | | CTH-670 | 217 x 137 mm | | ET-0405A-U | 127 x 106 mm | | Graphire 2 | 127.6 x 92.8 mm | | Intuos 2 | 127.6 x 92.8 mm (probably) | | Volito 2 | 127.6 x 92.8 mm |

As a reference these are the standards DIN sizes comparable with those models:

| DIN type  | size | |------------------ | -------------------------- | | A4 | 210 x 297 mm | | A5 | 148 x 210 mm | | A6 | 105 x 148 mm |

If you find any typo or want to add other models feel free to comment.

PD: This post has been obsoleted by a new entry.

03 de August de 2018

On Moving

Winds of Change. One of my favourite songs ever and one that comes to my mind now that me and my family are going through quite some important changes, once again. But let’s start from the beginning…

A few years ago, back in January 2013, my family and me moved to the UK as the result of my decision to leave Igalia after almost 7 years in the company to embark ourselves in the “adventure” or living abroad. This was an idea we had been thinking about for a while already at that time, and our current situation back then suggested that it could be the right moment to try it out… so we did.

It was kind of a long process though: I first arrived alone in January to make sure I would have time to figure things out and find a permanent place for us to live in, and then my family joined me later in May, once everything was ready. Not great, if you ask me, to be living separated from your loved ones for 4 full months, not to mention the juggling my wife had to do during that time to combine her job with looking after the kids mostly on her own… but we managed to see each other every 2-3 weekends thanks to the London – Coruña direct flights in the meantime, so at least it was bearable from that point of view.

But despite of those not so great (yet expected) beginnings, I have to say that this past 5+ years have been an incredible experience overall, and we don’t have a single regret about making the decision to move, maybe just a few minor and punctual things only if I’m completely honest, but that’s about it. For instance, it’s been just beyond incredible and satisfying to see my kids develop their English skills “from zero to hero”, settle at their school, make new friends and, in one word, evolve during these past years. And that alone would have been a good reason to justify the move already, but it turns out we also have plenty of other reasons as we all have evolved and enjoyed the ride quite a lot as well, made many new friends, knew many new places, worked on different things… a truly enriching experience indeed!

In a way, I confess that this could easily be one of those things we’d probably have never done if we knew in advance of all the things we’d have to do and go through along the way, so I’m very grateful for that naive ignorance, since that’s probably how we found the courage, energy and time to do it. And looking backwards, it seems clear to me that it was the right time to do it.

But now it’s 2018 and, even though we had such a great time here both from personal and work-related perspectives, we have decided that it’s time for us to come back to Galicia (Spain), and try to continue our vital journey right from there, in our homeland.

And before you ask… no, this is not because of Brexit. I recognize that the result of the referendum has been a “contributing factor” (we surely didn’t think as much about returning to Spain before that 23 of June, that’s true), but there were more factors contributing to that decision, which somehow have aligned all together to tell us, very clearly, that Now It’s The Time…

For instance, we always knew that we would eventually move back for my wife to take over the family business, and also that we’d rather make the move in a way that it would be not too bad for our kids when it happened. And having a 6yo and a 9yo already it feels to us like now it’s the perfect time, since they’re already native English speakers (achievement unlocked!) and we believe that staying any longer would only make it harder for them, especially for my 9yo, because it’s never easy to leave your school, friends and place you call home behind when you’re a kid (and I know that very well, as I went through that painful experience precisely when I was 9).

Besides that, I’ve also recently decided to leave Endless after 4 years in the company and so it looks like, once again, moving back home would fit nicely with that work-related change, for several reasons. Now, I don’t want to enter into much detail on why exactly I decided to leave Endless, so I think I’ll summarize it as me needing a change and a rest after these past years working on Endless OS, which has been an equally awesome and intense experience as you can imagine. If anything, I’d just want to be clear on that contributing to such a meaningful project surrounded by such a team of great human beings, was an experience I couldn’t be happier and prouder about, so you can be certain it was not an easy decision to make.

Actually, quite the opposite: a pretty hard one I’d say… but a nice “side effect” of that decision, though, is that leaving at this precise moment would allow me to focus on the relocation in a more organized way as well as to spend some quality time with my family before leaving the UK. Besides, it will hopefully be also useful for us to have enough time, once in Spain, to re-organize our lives there, settle properly and even have some extra weeks of true holidays before the kids start school and we start working again in September.

Now, taking a few weeks off and moving back home is very nice and all that, but we still need to have jobs, and this is where our relocation gets extra interesting as it seems that we’re moving home in multiple ways at once…

For once, my wife will start taking over the family business with the help of her dad in her home town of Lalín (Pontevedra), where we plan to be living for the foreseeable future. This is the place where she grew up and where her family and many friends live in, but also a place she hasn’t lived in for the last 15 years, so the fact that we’ll be relocating there is already quite a thing in the “moving back home” department for her…

Second, for my kids this will mean going back to having their relatives nearby once again as well as friends they only could see and play with during holidays until now, which I think it’s a very good thing for them. Of course, this doesn’t feel as much moving home for them as it does for us, since they obviously consider the UK their home for now, but our hope is that it will be ok in the medium-long term, even though it will likely be a bit challenging for them at the beginning.

Last, I’ll be moving back to work at Igalia after almost 6 years since I left which, as you might imagine, feels to me very much like “moving back home” too: I’ll be going back to working in a place I’ve always loved so much for multiple reasons, surrounded by people I know and who I consider friends already (I even would call some of them “best friends”) and with its foundations set on important principles and values that still matter very much to me, both from technical (e.g. Open Source, Free Software) and not so technical (e.g. flat structure, independence) points of view.

Those who know me better might very well think that I’ve never really moved on as I hinted in the title of the blog post I wrote years ago, and in some way that’s perhaps not entirely wrong, since it’s no secret I always kept in touch throughout these past years at many levels and that I always felt enormously proud of my time as an Igalian. Emmanuele even told me that I sometimes enter what he seems to call an “Igalia mode” when I speak of my past time in there, as if I was still there… Of course, I haven’t seen any formal evidence of such thing happening yet, but it certainly does sound like a possibility as it’s true I easily get carried away when Igalia comes to my mind, maybe as a mix of nostalgia, pride, good memories… those sort of things. I suppose he’s got a point after all…

So, I guess it’s only natural that I finally decided to apply again since, even though both the company and me have evolved quite a bit during these years, the core foundations and principles it’s based upon remain the same, and I still very much align with them. But applying was only one part, so I couldn’t finish this blog post without stating how grateful I am for having been granted this second opportunity to join Igalia once again because, being honest, more often than less I was worried on whether I would be “good enough” for the Igalia of 2018. And the truth is that I won’t know for real until I actually start working and stay in the company for a while, but knowing that both my former colleagues and newer Igalians who joined since I left trust me enough to join is all I need for now, and I couldn’t be more excited nor happier about it.

Anyway, this post is already too long and I think I’ve covered everything I wanted to mention On Moving (pun intended with my post from 2012, thanks Will Thompson for the idea!), so I think I’ll stop right here and re-focus on the latest bits related to the relocation before we effectively leave the UK for good, now that we finally left our rented house and put all our stuff in a removals van. After that, I expect a few days of crazy unpacking and bureaucracy to properly settle in Galicia and then hopefully a few weeks to rest and get our batteries recharged for our new adventure, starting soon in September (yet not too soon!).

As usual, we have no clue of how future will be, but we have a good feeling about this thing of moving back home in multiple ways, so I believe we’ll be fine as long as we stick together as a family as we always did so far.

But in any case, please wish us good luck.That’s always welcome! 🙂

01 de August de 2018

HackIt, SolveIt and SmashCTF (III) – HTML5 DRM – Conflicto ideológico

DRM y HTML5. EME (Encrypted Media Extensions). Hay que empaparse algo sobre estos temas para resolver el nivel. EME ofrece un API que permite a las aplicaciones web interactuar con sistemas de protección de contenido para poder reproducir audio o video cifrado. El famoso DRM en HTML5, algo que muchos consideran una aberración (la web nació para ser abierta, no para ofrecer contenidos cerrados). Pero… ahí está el API. Y es precisamente lo que hay que intentar resolver. Básicamente el cliente tiene una etiqueta video. Al pulsar el play se visualizan 26 segundos. Pero a partir de ahí, todo está negro. Parece que el video webm está protegido. En el código vemos que en un momento dado se hace una petición de licencia a un servidor license, que nos envía la clave para desproteger el webm.

Pero esa petición sólo se puede hacer si rellenamos los bytes que faltan… esos bytes forman parte de la solución al sudoku que nos han puesto debajo del vídeo. ¿Qué hacer cuando tengamos la clave de desprotección del vídeo? Visualizarlo en el navegador 🙂 ¿Y después? Bueno, eso lo veremos enseguida… Vayamos por partes. Lo primero es solucionar el sudoku. Lo siguiente es automatizar el proceso de meter los números en las casillas del sudoku (hacerlo a mano es un infierno).
Solucionar el sudoku es fácil. Entramos en, metemos los datos y pulsamos en check…
Vaya, tiene 9 soluciones posibles. No podía ser tan fácil …

Para no perder tiempo tecleando cada una de ellas, podemos automatizar el proceso. Abrimos la consola JavaScript y tecleamos:

var sudoku = $("#su input")
var s ="852931647473862159961547283318476925549328761726159834637294518194685372285713496"
for (var i = 0; i < sudoku.length; i++){ sudoku[i].value = s.charAt(i); }
$("video")[0].needs_reload = 1;

Por cierto, en ese código ya va la solución correcta 🙂 La última línea informa al navegador que el sudoku ha cambiado y debe leer sus datos. Bien, todo preparado. Pulsamos play y vemos que pasamos del segundo 26. Es un trailer de “Inception”. Hay una serie de fotogramas que muestran pixels distorsionados. Seguramente porque se haya introducido por ahí algún string que no debería estar… Habrá que bajar el webm, descifrarlo y abrirlo más o menos por esa parte, para ver de qué string se trata.

¿Pero cómo obtenemos la clave de descodificación del webm? (el navegador la conoce, pero necesitamos aislarla…) ¿Por cierto, cuántas claves habrá? Vamos allá.

Abrimos main.js y metemos un punto de ruptura en la línea 71

}).then(function(e) {
                var n = (e = new Uint8Array(e)).slice(0, 12);
                return window.crypto.subtle.decrypt({
                    name: "AES-GCM",
                    iv: n,
                    tagLength: 128
                }, r, e.slice(12))
            }).then(function(e) {
breakpoint --->                return

En e tendremos la clave. Ojo, veremos que el breakpoint se ejecuta dos veces, y necesitaremos apuntar ambas claves (una es para cifrar el vídeo y otra para cifrar el audio). Creo recordar que no era “tan sencillo”, sino que había que convertir el formato de las claves obtenidas en “e” con una línea como

atob(String.fromCharCode.apply(null, new Uint8Array(e)))

y a continuación extraer las claves de 16 bytes con un script como el siguiente (una de las claves era w-UHS…):

var b64string = "w-UHS56ogAQacZLNj1TpqA" ;
var buf = Buffer.from(b64string, 'base64');
var fs = require('fs');
fs.writeFile("key.txt", buf,  "binary",function(err) {
    if(err) {
    } else {
        console.log("The file was saved!");

Momento de descargar el vídeo (cifrado) y descifrar. ¿Cómo desciframos? Bien, sabemos la clave y tenemos el vídeo cifrado. Nos falta saber cómo se cifró. Investigando un poco, nos encontramos con la utilidad webm_crypt de las webm-tools. Tiene una dependencia con libwebm, pero siguiendo las instrucciones de compilación del anterior enlace, lo podremos obtener sin problemas (en Linux, en macOS no iba).

Desciframos con :

$ webm_crypt -i input.webm -o decrypted.webm -decrypt -audio_options base_file=clave1 -video_options base_file=clave2

Y por fin, podremos abrir el fichero decrypted.webm (por ejemplo, con vlc…)

o con strings (!)

$ strings -n 10 decrypted.webm

(Nota: -n 10 = dame los strings ASCII de decrypted.webm que puedas visualizar, siempre y cuando esos strings sean de longitud mayor o igual a 10)

Y analizando la salida de strings, veremos la clave para el siguiente nivel 🙂

PD: creo que hay una herramienta que te permite pasar como input un vídeo webm y una marca de tiempo (hh:mm:ss) y te da como salida el contenido del fotograma de esa marca de tiempo. Lo cual te evitaría el uso de strings (o lo facilitaría). Pero eso lo dejo para que la gente de W0pr, navarparty o Barcelona92 nos lo cuenten en los comentarios.

30 de July de 2018

HackIt, SolveIt and SmashCTF (II). カッター注意

Nos pasan una captura .pcap que abrimos con Wireshark. Vemos en los primeros paquetes UDP que el dispositivo se está comunicando con el

Según la MAC, el .78 ha sido fabricado por CASIO (lo que cuadra con la pista del level). Se trata de un tagger (según los strings de los primeros paquetes), y parece que el modelo es un MEP r2 (?). Buscando Casio Tagger MEP en Google, sale una pequeña impresora o etiquetadora. Si buscamos en el Twitter de marcan algo relacionado con las palabras clave:”casio marcan42 twitter”… Bingo!

Es más, el tweet en cuestión apunta a un Gist con un programa en Python que implementa el protocolo de la impresora para poder convertir, enviarle e imprimir imágenes a partir de ficheros.

Leyéndolo mientras tenemos el pcap abierto, vemos que inicialmente se realiza un primer intercambio de mensajes de protocolo (donde se especifica, entre otras cosas la altura y anchura de la imagen)

>>> import struct; struct.unpack("<HHxx", "\x70\x01\x00\x17\x00\x00")
(368, 5888)

Hay 368 filas * 16 columnas de bytes. Por tanto 16×8 = 128 bit en cada fila.

Los datos de la imagen en sí comienzan a enviarse a partir del paquete 43 (todos aquellos con un payload de 512 bytes). Ya tenemos todo preparado para extraer los datos que forman la imagen.

Si ejecutamos el script:

python > payload.bin

Podremos resolver directamente con:

xxd -b -c 16 payload.bin

Pero ya que tenemos el código para hacer el encoding de una imagen a 1’s y 0’s, podemos invertir el proceso fácilmente:

Y resolver 🙂

PD: カッター注意 = Cutter Attention ? (algo así como, “cuidado con la cuchilla” – que corta los trozos de papel de la impresora?)

29 de July de 2018

HackIt, SolveIt and SmashCTF: aprender es un regalo (I)

Como todos los años, desde la Euskal Encounter 7 (antes Euskal Party), acudimos a la cita. La cuestión no es sólo intentar ganar (que también), sino aprender. Y aunque cada vez conocemos más técnicas, herramientas y teoría de nuestra área, en muchas ocasiones, tras pelearme con las pruebas del HackIt y SolveIt, me da la sensación de que mis lagunas de saber son también cada vez mayores. ¿Qué sé de la codificación Manchester? ¿Qué demonios es Toslink S/PDIF? Por no hablar de conocimientos olvidados hace muuucho tiempo (¿cuál es la estructura química de la aspirina?). Pero…

“El éxito es aprender a ir de fracaso en fracaso sin desesperarse (Winston Churchill)”

Así que, cada Euskal, los incombustibles de DiarioLinux (tal vez el año que viene seamos, ahora que está de moda cambiarse de nombre, ¿eh Failrz? :), volvemos a intentarlo.

En el HackIt de 2018 quedamos en tercera posición, pero conseguimos resolver tres pruebas (y la tercera, tras mucho dolor, a eso de las 5am del sábado). En el SolveIt no nos solemos obcecar tanto, y este año, sólo pudimos resolver la primera prueba. Un FAIL doloroso, sí.

“Aprender es un regalo, aunque a veces el maestro sea el dolor” (Anónimo)

Nos gusta comentar las pruebas una vez que termina el deadline. Las locuras (trolleos) de marcan y cómo nos hemos buscado la vida para resolverlas. En esta edición, hubo un debriefing con las tres secciones (HackIt, SolveIt, SmashCTF) a las 00:00 del domingo (justo tras el deadline) y ahí, cuando aún tienes frescas las ideas que has ido probando durante unas 60 horas -y tienes una terrible curiosidad -“jakin-mina”- por conocer la respuesta de ciertos retos que no te han dejado dormir, es cuando realmente prestas atención a las explicaciones. Cuando tienes sed por aprender. Y cuando aplaudes los esfuerzos de otros grupos por superar el dolor – sueño, cabreos y dolores de cabeza 🙂 de intentar avanzar una prueba más, de leer con más detalle una especificación, de entender hasta el más mínimo detalle un binario de una plataforma arcaica… Creo que ese esfuerzo, esa motivación por mejorar, es lo que me contagia y hace que, año tras año, deje todo por estar ahí.

Y sin más preámbulos ( ni citas ! 🙂 , vayamos con la chicha. Prueba 1 del HackIt.

Simple código en JavaScript que opera con los valores introducidos en el input, realizando 10 comparaciones (2 por cada vuelta, 5 vueltas) para confirmar que cumplen los criterios que lo validan como contraseña. La variable c lleva el contador de condiciones que se cumplen. Lo único que despista inicialmente es que suma dos booleanos ( condición booleana + condición booleana). La idea es que false se evalúa como 0 y true como 1.

Aunque inicialmente pensamos en resolver el level de manera ortodoxa (resolver el sistema de ecuaciones), al final consideramos mucho más rápido usar fuerza bruta – pulsa sobre la imagen para ampliar – 🙂

Y con un console.log(solucion), pasamos al siguiente nivel…

26 de July de 2018

Running EPF (Eclipse Process Framework) Composer in Linux, v2

From time to time I pretend to do practical work with EPF Composer and alwys my first handicap is to get it running natively in Linux but for one reason or another I always got stucked with the provided linux build.

This time I chose a different approach using the Windows build which it's known it's working using Wine as a compatibility layer. It worked. These are the installing instructions:

First we'll create a separate Wine folder and, important, set to Win32 architecture, used in the EPF Composer build_:

export WINEPREFIX=~/.wine-epf-1.5.2
export WINEARCH=win32

Now we install Internet Explorer 8 using the nice winetricks tool since EPF Composer uses it for the HTML forms:

winetricks winxp ie8 corefonts

Install a Java runtime. I've only tried with te Oracle one:

wine jre-8u181-windows-i586.exe

In the Wine filesystem unzip the EPF Composer build:

cd $WINEPREFIX/drive_c/Program\ Files/
unzip ~/ 
chmod a+x cd $WINEPREFIX/drive_c/Program\ Files/epf-composer/epf.exe

And now you should be able to run EPF Composer:

$WINEPREFIX/drive_c/Program\ Files/epf-composer/epf.exe 

You can launch it from other terminal without declaring the Wine enviroment variables:

WINEPREFIX=~/.wine-epf-1.5.2 WINEARCH=win32 ~/.wine-epf-1.5.2//drive_c/Program\ Files/epf-composer/epf.exe 

And that's it.

I didn't started to do real work yet but it seems 100% operative.

{:width="350" }{:width="350" }

As I'm using a 14" HD screen My only important concern are the font sizes. For some reasons changing resolution and font sizes with winecfg gaves some weird results.

Hope this helps.

PD: Added winxp and corefonts to the winetricks invocation

25 de June de 2018

Abierto el registro para GUADEC 2018 en Almería

cartel de GUADEC 2018{: .pull-center }

Tenemos el inmenso placer de anunciar que ya está abierto el registro para GUADEC 2018 que tendrá lugar los días 6-11 de julio en nuestra ciudad de Almería. El encuentro incluye tres días de conferencias, 3 días de talleres y encuentros técnicos y varias actividades sociales para los miembros de la comunidad de desarrollo GNOME.

emblema de GUADEC 2018{:width="250" .pull-right }

Acerca de GUADEC

El Congreso de Usuarios y Desarrolladores de GNOME (GUADEC) es una reunión anual de desarrolladores y entusiastas de GNOME, así como de usuarios individuales, empresariales, educacionales y gubernamentales de todo el mundo. Proporciona un foro para miembros del proyecto GNOME para mostrar su trabajo y discutir acerca del futuro desarrollo de GNOME. GUADEC también es el hogar de iluminados del software libre, líderes de IT de alto nivel gubernamentales y empresariales que discuten estrategias, opciones de despliegue y el futuro del software libre. Cada año la GUADEC se aloja en un país europeo distinto.

¿Quién puede venir a GUADEC?

GUADEC es el mayor encuentro anual internacional de la comunidad GNOME, pero también es un punto de encuentro de entusiastas y tecnólogos apasionados por el desarrollo de software en comunidades abiertas, del software para usuarios finales y los interesados en la creación y mantenimiento de infraestructuras de la sociedad de la información ampliando los procomunes digitales.

GUADEC 2017, Manchester{:width="250" .pull-right }

No dejes de venir.

Más información en:

Logo de GNOME{:width="200" .pull-right }

Acerca de GNOME

GNOME es un entorno de escritorio e infraestructura de desarrollo para sistemas operativos GNU/Linux, Unix y derivados Unix como BSD o Solaris; compuesto enteramente de software libre. Con una base de millones de usuarios en todo el mundo y adatpado a 166 idiomas y está disponible en las principales distribuciones GNU/Linux, incluyendo Fedora, Debian, Ubuntu, Red Hat Linux, CentOS, Oracle Linux, Arch Linux y Gentoo.

17 de May de 2018

Performance hackfest

Last evening I came back from the GNOME performance hackfest happening in Cambridge. There was plenty of activity, clear skies, and pub evenings. Here’s some incomplete and unordered items, just the ones I could do/remember/witness/talk/overhear:

  • Xwayland 1.20 seems to be a big battery saver. Christian Kellner noticed that X11 Firefox playing Youtube could take his laptop to >20W consumption, traced to fairly intensive GPU activity. One of the first things we did was trying master, which dropped power draw to 8-9W. We presumed this was due to the implementation of the Present extension.
  • I was looking into dropping the gnome-shell usage of AtspiEventListener for the OSK, It is really taxing on CPU usage (even if the events we want are a minuscule subset, gnome-shell will forever get all that D-Bus traffic, and a11y is massively verbose), plus it slowly but steadily leaks memory.

    For the other remaining path I started looking into at least being able to deinitialize it. The leak deserves investigation, but I thought my time could be better invested on other things than learning yet another codebase.

  • Jonas Ådahl and Christian Hergert worked towards having Mutter dump detailed per-frame information, and Sysprof able to visualize it. This is quite exciting as all classic options just let us know where do we spend time overall, but doesn’t let us know whether we missed the frame mark, nor why precisely would that be. Update: I’ve been pointed out that Eric Anholt also worked on GPU perf events in mesa/vc4, so this info could also be visualized through sysprof
  • Peter Robinson and Marco Trevisan run into some unexpected trouble when booting GNOME in an ARM board with no input devices whatsoever. I helped a bit with debugging and ideas, Marco did some patches to neatly handle this situation.
  • Hans de Goede did some nice progress towards having the GDM session consume as little as possible while switched away from it.
  • Some patch review went on, Jonas/Marco/me spent some time looking at a screen very close and discussing the mipmapping optimizations from Daniel Van Vugt.
  • I worked towards fixing the reported artifact from my patches to aggressively cache paint volumes. These are basically one-off cases where individual ClutterActors break the invariants that would make caching possible.
  • Christian Kellner picked up my idea of performing pointer picking purely on the CPU side when the stage purely consists of 2D actors, instead of using the usual GL approach of “repaint in distinctive colors, read pixel to perform hit detection” which is certainly necessary for 3D, but quite a big roundtrip for 2D.
  • Alberto Ruiz and Richard Hughes talked about how to improve gnome-software memory usage in the background.
  • Alberto and me briefly dabbled with the idea of having specific search provider API that were more tied to Tracker, in order to ease the many context switches triggered by overview search.
  • On the train ride back, I unstashed and continued work on a WIP tracker-miners patch to have tracker-extract able to shutdown on inactivity. One less daemon to have usually running.

Overall, it was a nice and productive event. IMO having people with good knowledge both deep in the stack and wide in GNOME was determining, I hope we can repeat this feat again soon!

06 de May de 2018

Updating Endless OS to GNOME Shell 3.26 (Video)

It’s been a pretty hectic time during the past months for me here at Endless, busy with updating our desktop to the latest stable version of GNOME Shell (3.26, at the time the process started), among other things. And in all this excitement, it seems like I forgot to blog so I think this time I’ll keep it short for once, and simply link to a video I made a couple of months ago, right when I was about to finish the first phase of the process (which ended up taking a bit longer than expected).

Note that the production of this video is far from high quality (unsurprisingly), but the feedback I got so far is that it has been apparently very useful to explain to less technically inclined people what doing a rebase of this characteristics means, and with that in mind I woke up this morning realizing that it might be good to give it its own entry in my personal blog, so here it is.

(Pro-tip: Enable video subtitles to see contextual info)

Granted, this hasn’t been a task as daunting as The Great Rebase I was working on one year ago, but still pretty challenging for a different set of reasons that I might leave for a future, and more detailed, post.

Hope you enjoy watching the video as much as I did making it.

10 de April de 2018

Entradas a SuperSEC 2018 a la venta

cartel de SuperSEC{: .pull-center }

Seguimos trabajando duro en la organización de SuperSEC;

  • la llamada a la participación concluye el próximo día 15 de abril y tiene resultados prometedores;
  • el panel de invitados está casi listo a falta de dos novedades;
  • descuento para el alojamiento acordado;
  • detalles de las reservas de espacios y comidas listos;
  • el diseño definitivo de la camiseta está en preparación: queremos ser estilosos;
  • y, sobre todo, las entradas ya están a la venta y con descuentos interesantes.

Hay más cositas en preparación. Y pronto os presentaremos algunas promociones y sorteos.

Permanezcan en sintonía.

21 de March de 2018

Updated Chromium Legacy Wayland Support


Future Ozone Wayland backend is still not ready for shipping. So we are announcing the release of an updated Ozone Wayland backend for Chromium, based on the implementation provided by Intel. It is rebased on top of latest stable Chromium release and you can find it in my team Github. Hope you will appreciate it.

Official Chromium on Linux desktop nowadays

Linux desktop is progressively migrating to use Wayland as the display server. It is the default option in Fedora, Ubuntu ~~and, more importantly, the next Ubuntu Long Term Support release will ship Gnome Shell Wayland display server by default~~ (P.S. since this post was originally written, Ubuntu has delayed the Wayland adoption for LTS).

As is, now, Chromium browser for Linux desktop support is based on X11. This means it will natively interact with an X server and with its XDG extensions for displaying the contents and receiving user events. But, as said, next generation of Linux desktop will be using Wayland display servers instead of X11. How is it working? Using XWayland server, a full X11 server built on top of Wayland protocol. Ok, but that has an impact on performance. Chromium needs to communicate and paint to X11 provided buffers, and then, those buffers need to be shared with Wayland display server. And the user events will need to be proxied from the Wayland display server through the XWayland server and X11 protocol. It requires more resources: more memory, CPU, and GPU. And it adds more latency to the communication.


Chromium supports officially several platforms (Windows, Android, Linux desktop, iOS). But it provides abstractions for porting it to other platforms.

The set of abstractions is named Ozone (more info here). It allows to implement one or more platform components with the hooks for properly integrating with a platform that is in the set of officially supported targets. Among other things it provides abstractions for:
* Obtaining accelerated surfaces.
* Creating and obtaining windows to paint the contents.
* Interacting with the desktop cursor.
* Receiving user events.
* Interacting with the window manager.

Chromium and Wayland (2014-2016)

Even if Wayland was not used on Linux desktop, a bunch of embedded devices have been using Wayland for their display server for quite some time. LG has been shipping a full Wayland experience on the webOS TV products.

In the last 4 years, Intel has been providing an implementation of Ozone abstractions for Wayland. It was an amazing work that allowed running Chromium browser on top of a Wayland compositor. This backend has been the de facto standard for running Chromium browser on all these Wayland-enabled embedded devices.

But the development of this implementation has mostly stopped around Chromium 49 (though rebases on top of Chromium 51 and 53 have been provided).

Chromium and Wayland (2018+)

Since the end of 2016, Igalia has been involved on several initiatives to allow Chromium to run natively in Wayland. Even if this work is based on the original Ozone Wayland backend by Intel, it is mostly a rewrite and adaptation to the future graphics architecture in Chromium (Viz and Mus).

This is being developed in the Igalia GitHub, downstream, though it is expected to be landed upstream progressively. Hopefully, at some point in 2018, this new backend will be fully ready for shipping products with it. But we are still not there. ~~Some major missing parts are Wayland TextInput protocol and content shell support~~ (P.S. since this was written, both TextInput and content shell support are working now!).

More information on these posts from the authors:
* June 2016: Understanding Chromium’s runtime ozone platform selection (by Antonio Gomes).
* October 2016: Analysis of Ozone Wayland (by Frédéric Wang).
* November 2016: Chromium, ozone, wayland and beyond (by Antonio Gomes).
* December 2016: Chromium on R-Car M3 & AGL/Wayland (by Frédéric Wang).
* February 2017: Mus Window System (by Frédéric Wang).
* May 2017: Chromium Mus/Ozone update (H1/2017): wayland, x11 (by Antonio Gomes).
* June 2017: Running Chromium m60 on R-Car M3 board & AGL/Wayland (by Maksim Sisov).

Releasing legacy Ozone Wayland backend (2017-2018)

Ok, so new Wayland backend is still not ready in some cases, and the old one is unmaintained. For that reason, LG is announcing the release of an updated legacy Ozone Wayland backend. It is essentially the original Intel backend, but ported to current Chromium stable.

Why? Because we want to provide a migration path to the future Ozone Wayland backend. And because we want to share this effort with other developers, willing to run Chromium in Wayland immediately, or that are still using the old backend and cannot immediately migrate to the new one.

WARNING If you are starting development for a product that is going to happen in 1-2 years… Very likely your best option is already migrating now to the new Ozone Wayland backend (and help with the missing bits). We will stop maintaining it ourselves once new Ozone Wayland backend lands upstream and covers all our needs.

What does this port include?
* Rebased on top of Chromium m60, m61, m62 and m63.
* Ported to GN.
* It already includes some changes to adapt to the new Ozone Wayland refactors.

It is hosted at

Enjoy it!

Originally published at webOS Open Source Edition Blog. and licensed under Creative Commons Attribution 4.0.

19 de March de 2018

IEEE Xplore, India y plagios en artículos académicos

En la lectura diaria de artículos me encuentro últimamente con algunas piezas, disponibles en la web de IEEE Xplore, donde me llevo sorpresas desagradables. El de hoy me ha hecho especial “gracia”. Se trata de “A Novel Approach for Medical Assistance Using Trained Chatbot” de la conferencia
“2017 International Conference on Inventive Communication and Computational Technologies (ICICCT)”, y disponible, como digo, en IEEE Xplore.

Son cinco autores del mismo departamento: Department of Computer Science & Engineering, Muthoot Institute of Technology and Science-Varikoli, una entidad educativa de la India.

Me llamó la atención que ninguno de los autores usara un email de la institución a la que pertenecen. Todos ellos son direcciones Gmail.

Por otro lado, hay al menos un par de errores gramaticales de bulto en el abstract. Son “bad smells”, heurísticos que indican que lo peor está por llegar.

En efecto, el artículo está plagado de más errores de ortografía y gramática, pero sobre todo, de “olvidos” a la hora de citar. Sí, es una forma elegante de decir plagios. Me dí cuenta del mismo al ir leyendo los párrafos. Todos ellos de pésima calidad, salvo un par, con un inglés perfecto, pulcro. Por supuesto, sin citar, ni refrasear, ni entrecomillar, ni gaitas. Copia literal sin citar al autor. Con un par.

Una búsqueda en Google me llevó a la fuente original:

“Content is king, so don’t distract your user with fancy but redundant features. Also, simplicity is what helped the most successful brands win our hearts. These things are the core of a Chatbot concept that’s why they are doomed for success.”

Aunque buscando un poco más, me he llevado una sopresa extra. Por un lado, ese artículo “parece” el original. Pero según Google, fue publicado el 10 de noviembre de 2016. Y otra vez según Google, ese mismo párrafo fue publicado por esta otra web el 12 de junio de 2016:
[Quiz] 9 Reasons to Build a ChatBot Now – Letzgro

Algo me decía que eso no podía ser… La web de huele a web depredadora, con un estilo gráfico bastante malo. Por otro lado, la web de Chatbots Journal, tiene un estilo muy cuidado y en ella escriben en exclusiva artículos relacionados con el tema que nos concierne. ¿Qué está ocurriendo? Pues no sé cómo lo han hecho en Letzgro, pero según Web Archive, esa página no es de junio de 2016 sino que apareció en 2017.

PD: al paper plagiador se le fue de las manos. En la siguiente frase leo: “You may read about these two in more detail in some of our other blog posts”. Yeah… blog posts. Lo peor: IEEE Xplore pide 31$ por leerlo 🙁

04 de February de 2018

How to access the value of an array key in a Javascript Map object?

I wrote this message in StackOverflow and just before clicking the Send button I stumbled upon the solution. I don’t want to lose it, and I don’t have time today to publish the solution, so I decided to do it in two parts. First, publish the question and later (tomorrow?) publish the solution. Here we go!

I can set() a value using an array as a key in a JS Map, but it seems that there isn’t a clean interface to access that same value using the symmetric get() method:

let z = new Map {}
    z.set([1,2], "a"); // Works as expected: Map { [ 1, 2 ] => 'a' }
    z.get([1,2]); // undefined (!)

I suspect that this behaviour has something to do with the fact that in JS:

[1,2] == [1,2] 

I can use [1,2].toString() as a key and then the z.get([1,2].toString()) method works as expected, but I’m wondering if there is in any other “cleaner” way to code that.

Well, Map objects are a new addition of ES6. And it seems that ES6 has a problem with Maps if you are trying to use them with object keys. This has been discussed here and here .

A solution that WorksForMe was proposed in that same StackOverflow thread, using an ad-hoc built HashMap class, that takes a hash function as parameter to properly store and use object keys (specifically, for my problem, array keys)

function HashMap(hash) {
  var map = new Map;
  var _set = map.set;
  var _get = map.get;
  var _has = map.has;
  var _delete = map.delete;
  map.set = function (k,v) {
    return, hash(k), v);
  map.get = function (k) {
    return, hash(k));
  map.has = function (k) {
    return, hash(k));
  map.delete = function (k) {
    return, hash(k));
  return map;

I have used it as follows (note that JSON.stringify is NOT a hash function, but as I said, it works for my example because I certainly know that my array values are not going to have duplicates). I should think about a proper hash function or use something from here, but as I said, I’m lazy today 🙂

let z = new HashMap(JSON.stringify);
  z.set([1,2], "a");
  z.get([1,2]); // "a"

23 de January de 2018

I'm going to FOSDEM 2018

I'm going to FOSDEM{: .pull-right}

Yeah. I finally decided I'm going to FOSDEM this year. 2018 is the year I'm re-taken my life as I like it and a right way to start it is meeting all those friends and colleagues I missed in those years of exile. I plan to attend to the beer event as soon I arrive to Brussels.

If you want to talk to me about GUADEC 2018, Fedora Flock 2018 or whatever please reach me by Twitter (@olea) or Telegram (@IsmaelOlea).

BTW, there are a couple relevant Telegram Groups FOSDEM related:

General English Telegram group:

FOSDEM Telegram Group

Spanish spoken one:

FOSDEM grupo Telegram en español

PS:A funny thing about FOSDEM is... this is the place when the Spaniards (or Madrileños indeed) opensource entusiasts can meet at once a year... in Brussels!

22 de January de 2018

2018 y la decepción

Cosas que pasan. Estás haciendo limpieza en tus carpetas para eliminar morrallas y archivar contenidos y encuentro el borrador de una entrada para mi blog que se quedó olvidada de publicar. Está fechada exactamente el 9 de marzo de 2014:

Un mes de marzo caliente en Almería

HackLab Almería

Menudo mes de marzo en Almería. Empezamos en febrero con las X Jornadas SLCENT del IES Al-Ándalus. Luego las Jornadas de Informática de la Universidad de Almería con más de diez conferencias. Hoy ha sido el torneo provincial de la First Lego League y han competido 14 equipos de la provincia. Y entre los eventos por llegar: el siguiente encuentro del Taller de Hardware Abierto, ElHackatón, el próximo BetaBeers y, tachán, el Día Arduino+Seminario Impresoras 3D. ¡Qué barbaridad!

Es una oportunidad para reflexionar: ¿es una casualidad anómala, aun cuando feliz? Hasta ahora en estas tierras no hemos estado muy acostumbrados a tanto movimiento. El caso es que sólo con una base social de gran preparación y la afortunada existencia de algunas personas con iniciativa se puede hacer visible el esfuerzo de gente con la motivación suficiente de usar su ocio para aprender y crecer en conocimiento y experiencia. Hay base, sólo hay que hacerla valer.

En cambio, hoy no puedo estar más desmoralizado al respecto. No me apetece entrar en las razones. Simplemente me ha apetecido reflejar el choque emocional del descubrimiento.

Opensource gratitude

Some weeks ago I've read somewhere in Twitter about how good will be to adopt and share the practice of thanking the opensource developers of the tools you use and love. Don't remember neither who or where, and probably I'm stealing the method s/he proposed. Personally I'm getting used myself to visiting the project development site, and if not better method is available, to open and issue with a text like this:

Im opening this issue just to thankyou for the tool you wrote. It's nice, useful and saves a lot of my time.


PS: please don't close the issue so other persons could vote it to exprese their gratitude too.

As an example I've just wrote it for the CuteMarkEd editor:

CuteMarkEd gratitude screenshot

Hope this bring a litte bit of endorphines dose to those people who, with their effort, are building the infraestructure of the digital society. Think about it.

15 de January de 2018

Galerías de fotografías del museo almeriense de retroinformática

almacén de nuestra colección de retroinformática{:width="500" .pull-middle}

calculadora{:width="150" .pull-right} En mi recuperación de contenidos y referencias pasadas recopilo estos enlaces relacionados con la asociación Museo almeriense de retroinformática, un proyecto que fundamos tres amigos de toda la vida el 6 de enero de 2004 y que desde entonces ha permanecido en un estado casi catatónico pero que al menos ha seguido sirviendo al propósito de conservar material informático, electrónico y últimamente y por extensión, eléctrico, de cálculo y otras máquinas, que valoramos un poco sentimentalmente pero con afán objetivo por significación, impacto tecnológico, diseño industrial y valor historiográfico. Y sí, los expertos en museografía lo primero que criticarán es el nombre: efectivamente ahora sabemos que lo que mantenemos es sólo una colección y no un museo. El museo sigue siendo una aspiración pero asentar la colección ya es un objetivo serio y suficientemente complicado. Espero que le demos más cariño en el futuro.

osciloscopio{:width="300"} casco de realidad virtual, años 90{:width="220" }

Exposición en las Jornadas SLCENT

Exposición organizada en las XI Jornadas SLCENT de Informática y Electrónica (noviembre de 2014) que anualmente organiza el I.E.S. Al-Ándalus.

Galería de fotografías realizada por Ana Mora:


Galería de fotografías realizada por Paco Cantón:

Galería de fotografías de Paco Cantón

Aparición en Canal Sur Noticias

Brevísima aparición en la edición almeriense de Canal Sur Noticias para explicar el contexto de las amenazas en la ciberseguridad actuales.

Gracias a la redacción de Canal Sur por su confianza.

10 de January de 2018

Normativas relacionadas con software libre en la Junta de Andalucía

Con la excusa de una conversación en el foro del HackLab Almería he refrescado información sobre los acuerdos políticos de implantación de software libre en la comunidad autonómica de Andalucía. Esta entrada es sólo una compilación de lo recogido en aquel hilo.

DECRETO 72/2003, de 18 de marzo, de Medidas de Impulso de la Sociedad del Conocimiento en Andalucía


Artículo 11. Materiales educativos en soporte informático.

  1. Se dotará a los centros docentes públicos de materiales y programas educativos en soporte informático, basados preferentemente en software libre. En todo caso, recibirán en dicho soporte todo el material educativo que elabore la Administración de la Junta de Andalucía.

  2. Asimismo, se incentivará entre el profesorado la producción de programas y materiales curriculares en soporte informático o para su utilización en Internet, especialmente aquellos desarrollos que se realicen mediante software libre.


Artículo 31. Software libre.

En las adquisiciones de equipamiento informático destinado a los centros docentes públicos para su uso en actividades educativas, se exigirá que todo el hardware sea compatible con sistemas operativos basados en software libre. Los ordenadores tendrán preinstalado todo el software libre necesario para el uso específico al que estén destinados.

El equipamiento informático que la Administración de la Junta de Andalucía ponga a disposición en los centros de acceso público a Internet utilizará para su funcionamiento productos de software libre.

La Administración de la Junta de Andalucía fomentará la difusión y utilización orientadas al uso personal, doméstico y educativo de software libre debidamente garantizado. A tal fin se establecerá un servicio de asesoramiento a través de Internet para la instalación y uso de este tipo de productos.

ORDEN de 21 de febrero de 2005, sobre disponibilidad pública de los programas informáticos de la Administración de la Junta de Andalucía y de sus Organismos Autónomos


En su virtud, de conformidad con lo dispuesto en el artículo 44.4 de la Ley 6/1983, de 21 de julio, del Gobierno y la Administración de la Comunidad Autónoma,


Artículo 1. Objeto.

El objeto de la presente Orden es poner a disposición pública el código fuente de los programas y aplicaciones informáticas y la documentación asociada a los mismos que sean propiedad de la Administración de la Junta de Andalucía y de sus Organismos Autónomos, que tendrán el carácter de software libre, así como establecer las condiciones para su libre uso y distribución.

Artículo 2. Definición de software libre.

1) A los efectos de la presente Orden, se entenderá por software libre aquellos programas, aplicaciones informáticas y documentación asociada a los mismos que reúnan los siguientes requisitos:

a) Posibilidad de ser leídos y/o ejecutados para cualquier finalidad, sin restricciones.

b) Posibilidad de ser copiados y modificados libremente.

c) Posibilidad de libre difusión de sus copias y versiones modificadas.

2) Tendrán la consideración de software libre tanto el producido por el personal al servicio de la Administración de la Junta de Andalucía o de sus Organismos Autónomos en el ejercicio de sus funciones como el elaborado a medida para ellos en virtud de cualquier modalidad de contrato suscrito con terceros.

Artículo 3. Condiciones de uso.

  1. Para el cumplimiento de los requisitos establecidos en el artículo anterior el software estará disponible en forma de código fuente y la documentación en un formato abierto que permita su modificación.

  2. La difusión y uso de copias, modificadas o no, sólo estará autorizada si se mantienen las condiciones de disponibilidad establecidas en los artículos 2 y 3 de la presente Orden.

31 de December de 2017

Recopilación de apariciones en prensa en 2018

A la sazón de la publicación de GNOME 3.30 Almería, en honor por haber acogido en Almería la conferencia anual GUADEC 2018:

Congreso nacional de programación segura SuperSEC 2018:

Otras referencias:

Referencias sin mención personal pero relacionadas con mis responsabilidades en la organización congresos:

30 de December de 2017

Revista de referencias en prensa durante 2017

Participación en el congreso CubaConf 2017, La Habana (Cuba):

Festival Creative Commons Almería ccALM 2017:

GeoCamp ES 2017:

Otras referencias relacionadas con mis responsabilidades en la organización congresos y encuentros:

28 de December de 2017

Frogr 1.4 released

Another year goes by and, again, I feel the call to make one more release just before 2017 over, so here we are: frogr 1.4 is out!

Screenshot of frogr 1.4

Yes, I know what you’re thinking: “Who uses Flickr in 2017 anyway?”. Well, as shocking as this might seem to you, it is apparently not just me who is using this small app, but also another 8,935 users out there issuing an average of 0.22 Queries Per Second every day (19008 queries a day) for the past year, according to the stats provided by Flickr for the API key.

Granted, it may be not a huge number compared to what other online services might be experiencing these days, but for me this is enough motivation to keep the little green frog working and running, thus worth updating it one more time. Also, I’d argue that these numbers for a niche app like this one (aimed at users of the Linux desktop that still use Flickr to upload pictures in 2017) do not even look too bad, although without more specific data backing this comment this is, of course, just my personal and highly-biased opinion.

So, what’s new? Some small changes and fixes, along with other less visible modifications, but still relevant and necessary IMHO:

  • Fixed integration with GNOME Software (fixed a bug regarding appstream data).
  • Fixed errors loading images from certain cameras & phones, such as the OnePlus 5.
  • Cleaned the code by finally migrating to using g_auto, g_autoptr and g_autofree.
  • Migrated to the meson build system, and removed all the autotools files.
  • Big update to translations, now with more than 22 languages 90% – 100% translated.

Also, this is the first release that happens after having a fully operational centralized place for Flatpak applications (aka Flathub), so I’ve updated the manifest and I’m happy to say that frogr 1.4 is already available for i386, arm, aarch64 and x86_64. You can install it either from GNOME Software (details on how to do it at, or from the command line by just doing this:

flatpak install --from

Also worth mentioning that, starting with Frogr 1.4, I will no longer be updating my PPA at Launchpad. I did that in the past to make it possible for Ubuntu users to have access to the latest release ASAP, but now we have Flatpak that’s a much better way to install and run the latest stable release in any supported distro (not just Ubuntu). Thus, I’m dropping the extra work required to deal with the PPA and flat-out recommending users to use Flatpak or wait until their distro of choice packages the latest release.

And I think this is everything. As usual, feel free to check the main website for extra information on how to get frogr and/or how to contribute to it. Feedback and/or help is more than welcome.

Happy new year everyone!

26 de December de 2017

Adding tags to my jekyll website

This iteration of the website uses the Jekyll static website generator. From time to time I add some features to the configuration. This time I wanted to add tags support to my posts. After a fast search I found jekyll-tagging. To put it working has been relatively easy because if you are not into Ruby you can misconfigure the gem dependencies as me. And to add some value to this post I’m just sharing some tips I added not written in the project readme file.

First: added a /tag/ page with the cloud of used tags in the form of a tag/index.html file with this content:

layout: page
permalink: /tag/

<div class="tag-cloud" id="tag-cloud">
  <a href="/tag/29110/" class="set-1">29110</a> <a href="/tag/%40firma/" class="set-1">@firma</a> <a href="/tag/akademy/" class="set-1">Akademy</a> <a href="/tag/alepo/" class="set-1">Alepo</a> <a href="/tag/almeria/" class="set-2">Almería</a> <a href="/tag/andalucia/" class="set-1">Andalucía</a> <a href="/tag/android/" class="set-1">Android</a> <a href="/tag/barcelona/" class="set-1">Barcelona</a> <a href="/tag/bolivia/" class="set-1">Bolivia</a> <a href="/tag/cacert/" class="set-1">CAcert</a> <a href="/tag/cosiris/" class="set-1">COSIRIS</a> <a href="/tag/canarias/" class="set-1">Canarias</a> <a href="/tag/centos/" class="set-1">CentOS</a> <a href="/tag/ceres/" class="set-1">Ceres</a> <a href="/tag/chronojump/" class="set-1">ChronoJump</a> <a href="/tag/cuba/" class="set-1">Cuba</a> <a href="/tag/cubaconf/" class="set-1">CubaConf</a> <a href="/tag/caceres/" class="set-1">Cáceres</a> <a href="/tag/epf/" class="set-1">EPF</a> <a href="/tag/fnmt/" class="set-1">FNMT</a> <a href="/tag/fosdem/" class="set-1">FOSDEM</a> <a href="/tag/fudcon/" class="set-1">FUDCon</a> <a href="/tag/factura-e/" class="set-1">Factura-e</a> <a href="/tag/fedora/" class="set-3">Fedora</a> <a href="/tag/flock/" class="set-1">Flock</a> <a href="/tag/fuerteventura/" class="set-1">Fuerteventura</a> <a href="/tag/gdg/" class="set-1">GDG</a> <a href="/tag/gnome/" class="set-2">GNOME</a> <a href="/tag/gnome-hispano/" class="set-1">GNOME-Hispano</a> <a href="/tag/guadec/" class="set-1">GUADEC</a> <a href="/tag/galicia/" class="set-1">Galicia</a> <a href="/tag/geocamp/" class="set-1">GeoCamp</a> <a href="/tag/google/" class="set-1">Google</a> <a href="/tag/guademy/" class="set-1">Guademy</a> <a href="/tag/hacklab_almeria/" class="set-1">HackLab_Almería</a> <a href="/tag/hispalinux/" class="set-1">Hispalinux</a> <a href="/tag/ia/" class="set-1">IA</a> <a href="/tag/ibm/" class="set-1">IBM</a> <a href="/tag/kde/" class="set-1">KDE</a> <a href="/tag/kompozer/" class="set-1">Kompozer</a> <a href="/tag/l10n/" class="set-1">L10N</a> <a href="/tag/la_coruna/" class="set-1">La_Coruña</a> <a href="/tag/la_paz/" class="set-1">La_Paz</a> <a href="/tag/la_rioja/" class="set-1">La_Rioja</a> <a href="/tag/linuxtag/" class="set-1">LinuxTag</a> <a href="/tag/lucas/" class="set-1">LuCAS</a> <a href="/tag/lugo/" class="set-1">Lugo</a> <a href="/tag/mdd/" class="set-1">MDD</a> <a href="/tag/madrid/" class="set-1">Madrid</a> <a href="/tag/microsoft/" class="set-1">Microsoft</a> <a href="/tag/mono/" class="set-1">Mono</a> <a href="/tag/mexico/" class="set-1">México</a> <a href="/tag/nueva_york/" class="set-1">Nueva_York</a> <a href="/tag/ocsp/" class="set-1">OCSP</a> <a href="/tag/odf/" class="set-1">ODF</a> <a href="/tag/osl_unia/" class="set-1">OSL_UNIA</a> <a href="/tag/" class="set-1"></a> <a href="/tag/oswc/" class="set-1">OSWC</a> <a href="/tag/omegat/" class="set-1">OmegaT</a> <a href="/tag/openid/" class="set-1">OpenID</a> <a href="/tag/openmind/" class="set-1">Openmind</a> <a href="/tag/pycones/" class="set-1">PyConES</a> <a href="/tag/renfe/" class="set-1">Renfe</a> <a href="/tag/scfloss/" class="set-1">SCFLOSS</a> <a href="/tag/soos/" class="set-2">SOOS</a> <a href="/tag/ssl/" class="set-1">SSL</a> <a href="/tag/sonic_pi/" class="set-1">Sonic_Pi</a> <a href="/tag/supersec/" class="set-1">SuperSEC</a> <a href="/tag/superlopez/" class="set-1">Superlópez</a> <a href="/tag/tldp-es/" class="set-1">TLDP-ES</a> <a href="/tag/ue/" class="set-1">UE</a> <a href="/tag/vpn/" class="set-1">VPN</a> <a href="/tag/valencia/" class="set-1">Valencia</a> <a href="/tag/x509/" class="set-1">X509</a> <a href="/tag/yorokobu/" class="set-1">Yorokobu</a> <a href="/tag/zaragoza/" class="set-1">Zaragoza</a> <a href="/tag/admninistracion_publica/" class="set-1">admninistración_pública</a> <a href="/tag/anotaciones/" class="set-1">anotaciones</a> <a href="/tag/bibliography/" class="set-1">bibliography</a> <a href="/tag/calidad/" class="set-1">calidad</a> <a href="/tag/ciencia_abierta/" class="set-1">ciencia_abierta</a> <a href="/tag/conferencia/" class="set-3">conferencia</a> <a href="/tag/congreso/" class="set-3">congreso</a> <a href="/tag/congresos/" class="set-1">congresos</a> <a href="/tag/correo-e/" class="set-1">correo-e</a> <a href="/tag/cultura/" class="set-1">cultura</a> <a href="/tag/docker/" class="set-1">docker</a> <a href="/tag/ensayo/" class="set-1">ensayo</a> <a href="/tag/entrevista/" class="set-1">entrevista</a> <a href="/tag/filosofia/" class="set-1">filosofía</a> <a href="/tag/flatpak/" class="set-1">flatpak</a> <a href="/tag/fpga_wars/" class="set-1">fpga_wars</a> <a href="/tag/git/" class="set-1">git</a> <a href="/tag/gvsig/" class="set-1">gvSIG</a> <a href="/tag/hardware/" class="set-1">hardware</a> <a href="/tag/historia/" class="set-1">historia</a> <a href="/tag/innovacion/" class="set-1">innovación</a> <a href="/tag/interoperabilidad/" class="set-1">interoperabilidad</a> <a href="/tag/jekyll/" class="set-1">jekyll</a> <a href="/tag/laptop/" class="set-1">laptop</a> <a href="/tag/legislacion/" class="set-1">legislación</a> <a href="/tag/lingueisticos/" class="set-1">lingüísticos</a> <a href="/tag/linux/" class="set-2">linux</a> <a href="/tag/micro-educacion/" class="set-1">micro-educación</a> <a href="/tag/migas/" class="set-1">migas</a> <a href="/tag/museo/" class="set-1">museo</a> <a href="/tag/node.js/" class="set-1">node.js</a> <a href="/tag/normativa/" class="set-1">normativa</a> <a href="/tag/opensource/" class="set-5">opensource</a> <a href="/tag/p2p/" class="set-1">p2p</a> <a href="/tag/politica/" class="set-1">política</a> <a href="/tag/prensa/" class="set-1">prensa</a> <a href="/tag/procomunes/" class="set-1">procomunes</a> <a href="/tag/propiedad_intelectual/" class="set-1">propiedad_intelectual</a> <a href="/tag/publicacion/" class="set-2">publicación</a> <a href="/tag/recursos/" class="set-1">recursos</a> <a href="/tag/retroinformatica/" class="set-1">retroinformática</a> <a href="/tag/revolucion_digital/" class="set-1">revolución_digital</a> <a href="/tag/seguridad/" class="set-1">seguridad</a> <a href="/tag/servicios/" class="set-1">servicios</a> <a href="/tag/software/" class="set-3">software</a> <a href="/tag/sofware/" class="set-1">sofware</a> <a href="/tag/sostenibilidad/" class="set-1">sostenibilidad</a> <a href="/tag/standards/" class="set-1">standards</a> <a href="/tag/tablet/" class="set-1">tablet</a> <a href="/tag/tonterias/" class="set-1">tonterías</a> <a href="/tag/video/" class="set-1">vídeo</a> <a href="/tag/wacom/" class="set-1">wacom</a> <a href="/tag/web/" class="set-1">web</a> <a href="/tag/web-semantica/" class="set-1">web-semántica</a> <a href="/tag/wine/" class="set-1">wine</a> <a href="/tag/etica/" class="set-1">ética</a>

Compared to the jekyll-tagging examples I only use the tag cloud in that /tag/ page and not in the tag entries pages because it’s a bit annoying when using too much tag words.

And second, probably more interesting, showing the post tags in the html page:

<p class="post-meta">  tags:  <a href="/tag/jekyll/" rel="tag">jekyll</a> </p>

This is relevant because the tagging readme example uses {{ post | tags }} but to work inside the post page you should use {{ page | tags }}.

Yeah, this is not a great post but maybe it can save some time if your adding jekyll-tagging to your web.

07 de December de 2017

OSK update

There’s been a rumor that I was working on improving gnome-shell on-screen keyboard, what’s been up here? Let me show you!

The design has been based on the mockups at, here’s how it looks in English (mind you, hasn’t gone through theming wizards):

The keymaps get generated from CLDR (see here), which helped boost the number of supported scripts (c.f. caribou), some visual examples:

As you can see there’s still a few ugly ones, the layouts aren’t as uniform as one might expect, these issues will be resolved over time.

The additional supported scripts don’t mean much without a way to send those fancy chars/strings to the client. We traditionally were just able to send forged keyboard events, which means we were restricted to keycodes that had a representation in the current keymap. On X11 we are kind of stuck with that, but we can do better on Wayland, this work relies on a simplified version of the text input protocol that I’m doing the last proofreading before proposing as v3 (the branches currently use a private copy). Using an specific protocol allows for sending UTF8 strings independently of the keymap, very convenient too for text completion.

But there are keymaps where CLDR doesn’t dare going, prominent examples are Chinese or Japanese. For those, I’m looking into properly leveraging IBus so pinyin-like input methods work by feeding the results into the suggestions box:

Ni Hao!

The suggestion box even kind of works with the typing booster ibus IM. But you have to explicitly activate it, there is room for improvement here in the future.

And there is of course still bad stuff and todo items. Some languages like Korean neither have a layout, nor input methods that accept latin input, so they are badly handled (read: not at all). It would also be nice to support shape-based input.

Other missing things from the mockups are the special numeric and emoji keymaps, there’s some unpushed work towards supporting those, but I had to draw the line somewhere!

The work has been pushed in mutter, gtk+ and gnome-shell branches, which I hope will get timely polished and merged this cycle 🙂

28 de November de 2017

So we are working in new conferences for 2018

Well, now we can say here (Almería, Spain) we know something about how to do technical conferences and meetings, specially opensource/freesoftware ones. In 2016 and 2017 we co-organized:

And we are really grateful to those people and communities who trusted us to be their host for some days. The reunited experience aimed us to new challenges. So here I just want to share in which conferences I’m currently involved for 2018:

  • SuperSEC 2018, a national (Spain) conference on secure software development, in the orbit of OWASP, to be held May 12-13th. And we are almost ready to open the CFP!

  • GUADEC 2018, the European conference for the GNOME et al. community, from 6 to 11th of July.

But we want mooar, so we are currently biding to host Flock 2018, the annual meeting for the Fedora Project community

Our goal is to host both sister conferences one just after the other, so a lot of people could attend both saving good money.

So, if you are a contributor of any of those communities or just an opensource enthusiast consider this extraordinaire opportunity to match your summer holidays in a nice place for tourism and the July 2018 opensource world meeting point!

Wish us luck :-)

PD: Just updated the definitive dates for GUADEC 2018. PPD: Just updated the definitive dates for SuperSEC 2018.

16 de November de 2017

VirtualBox headless en servidor Scaleway

Esta semana he necesitado instalar una máquina virtual de VirtualBox en un servidor Scaleway (de 2.9€/mes) sin entorno gráfico. La primera duda ha sido… ¿se puede? 🙂 Lo primero que necesitamos es instalar VirtualBox. La particularidad es que Scaleway no tiene un kernel vanilla sino que está bastante personalizado para adaptarlo a esta empresa de cloud hosting. Así que hay que descargar el código del kernel, ajustar su configuración a la misma que usa Scaleway, compilar los módulos necesarios y ahora sí, descargar e instalar VirtualBox. Gracias a $DEITY, alguien se ha pegado el curro de preparar un script al efecto. La última parte de ese script instalar una máquina virtual Windows en VirtualBox (yo no lo necesito, he comentado esas líneas).

Bien, ya tenemos el kernel preparado y VirtualBox instalado. Ahora, ¿cómo demonios instalo una máquina virtual a partir de una imagen .iso si no tengo entorno gráfico? Bueno, simulando el entorno gráfico a través de phpVirtualBox (sí, existe tal engendro y funciona de lujo). Además, este tutorial te explica cómo instalarlo paso a paso.

Finalmente, si quieres acceder a la consola que VirtualBox abre por defecto cuando lanzas una máquina virtual Linux, podrás hacerlo vía RDP (Remote Desktop Protocol). Tampoco sabía que una VBoxHeadless abría el puerto 9000 para acceso RDP. Desde tu host remoto puedes ver la consola de VirtualBox vía rdesktop (en Linux) o vía Microsoft Remote Desktop en OSX.

También es posible usar la línea de comandos para lanzar la máquina virtualbox desde una shell en Scaleway (sin necesidad de usar phpVirtualBox, pero es mucho menos intuitivo)

09 de November de 2017

Conferencia en CubaConf 2017 (3)

Tercer y último día en el CubaConf de la Habana. Continúa el gran ambiente y el personal disfrutando a tope:

Y en el cierre de fiesta un extraordinario concierto de versiones clásicas de rock, con enorme poderío, guitarrazos y voces de ángel que nos obsequió la banda de rock habanera Gens. Una experiencia maravillosa:


Y he tenido el honor de hacer llegar y entregar dos placas Icezum Alhambra. Si bien es un acto básicamente testimonial el propósito es divulgar la adopción de una tecnología tan asequible como fascinante y versátil.

A la Unión de informáticos de Cuba, representada por Ailyn Febles:

Y aquí con mi amigo PB entregándole una placa para disposición de la comunidad opensource cubana:

Ojalá sirva de semillero de nuevos hackers y grandes desarrollos #FPGAWars.


Mencionaba en la entrada anterior el potencial de aplicación de Flatpak para la distribución de aplicaciones off-line (por ejemplo a través del sistema de El Paquete y la necesidad de poder empaquetar los runtimes en ficheros independientes aptos para ser compartidos. Me comentan que la compañía Endless está trabajando en algo del estilo. Se hace imperativo estudiar a fondo el tema.

08 de November de 2017

Conferencia en CubaConf 2017 (2)

Seguimos en CubaConf. Es muy muy difícil estar conectado desde Cuba. Los precios son caros para los extranjeros y tremendos para los locales y los lugares de conexión son físicamente puntuales. Por eso tuiteamos tan poco.

Ayer día 8 tuve la oportunidad de hacer dos charlas relámpago que me hicieron mucha ilusión:

  • una presentación de la placa Icezum Alhambra con una brevísima explicación de la utilidad de la tecnología FPGA y de la accesibilidad actual a la misma merced del bajo precio de adquisición de las placas basadas en el chip Lattice ICE40 y, particularmente, la disponibilidad de Yosys, el SDK Verilog 100% opensource que ahora sí tenemos accesible gracias al extraordinario trabajo de ingeniería inversa de Clifford Wolf #FPGAWars;

  • otra brevísima introducción y motivación por la tecnología Flatpak, la tienda de aplicaciones Flathub, su necesario potencial y accesibilidad y, tal vez, por la necesidad cubana de poder distribuir software y contenidos offline obligados por las mencionadas enormes restricciones de acceso a Internet.

Sobre este posible potencial de uso masivo de Flatpak en Linux sería necesario verificar si pueden generarse paquetes de los runtimes de la misma manera que se puede hacer con las aplicaciones. Tal vez sea una funcionalidad disponible pero aún lo ignoro y no he podido verificarlo en Internet. De ser posible podría ser una oportunidad extraordinaria para la difusión de Flatpak aumentando la oferta de aplicaciones disponibles y de favorecer la adopción de soluciones opensource en un país con tantas dificultades que Cuba padece. Veremos a ver.

06 de November de 2017

Conferencia en CubaConf 2017

Hoy he sido honrado abriendo la plenaria inaugural de CubaConf 2017, en La Habana. Y, bueno, creo que ha salido bastante bien. El público dirá. Sobre el tema, pues ha sido el mismo del que he venido hablando en los últimos meses: una perspectiva de la experiencia de estos años en el HackLab Almería. Como explicaba en la conferencia no es que realmente hayamos inventado nada, pero al menos podemos contar detalles y algunas lecciones aprendidas con la práctica. En esta ocasión he titulado la charla «HackLab Almería, un modelo de dinamización tecnológica hiperlocal»; creo que ya he encontrado el título definitivo.

Como acostumbro, las transparencias están disponibles en

captura de pantalla de las transpas

En el futuro esprero poder hablar de nuevos temas pero reconozco que hoy día éste es el que tengo mejor preparado hasta que profundice en nuevas cuestiones. Con todo espero que sea útil.

Más material relacionado en esta web:

Creo que todavía quedan detalles que explicar que he soslayado. Debería encontrar tiempo para profundizar definitivamente, documentar y pasar a otra cosa mariposa. Veremos a ver.

02 de November de 2017

Euskalbar Chromerako


Euskalbar Chromerako eskuragarri daukazu. Ctrl-Shift-U (klik bat, lehen bezala) sakatu eta zuzenean bilatu nahi duzun hitza idatzi. On egin! 🙂

Bertsio luzea

Euskalbar hasiera-hasieratik berridatzi izan behar da (Igor Leturiak egin du -Elhuyar- lan bikain hori, oso denbora laburrean). Zergatik? Firefox-en egindako plugin-ak modu batean programatzen ziren (XUL eta bere API propioa erabiliz) eta Chromen beste era batera (WebExtensions APIa erabiliz). Emaitza: plugin bat garatzerakoan lan bikoitza egin behar zenuen bi nabigatzaileetan erabili nahi izanez gero. Izan ere, MS Edge (lehen Internet Explorer zena) nabigatzaileak ere WebExtensions APIa erabiltzen du orain. Istorio luze bat laburbilduz: Euskalbarreko kodea zakarrontzira bota eta hutsetik, zerotik hasi behar izan da. Eta epe baten barruan: azaroak 1ean WebExtensions APIa erabiltzen ez duten pluginak desgaitu egin dira.

Gauzak horrela, Chrome asko erabiltzen dudanez nire lanerako, Euskalbar-aren kode berria moldatu egin dut Chromen ere erabili ahal izateko. Aldaketa txikiak izan dira. Gero Web Store-ra igo dut. Tartean, kode nagusian ekarpen gutxi batzuk egin ditut… Besteak beste, erabilgarritasunari begira, klik bakar batekin funtzionatu behar du Euskalbar: alegia, Ctrl+Shift+U edo MacOSX-n Cmd+Shit+U sakatuz, automatikoki testua bilatzeko eremua hautatu egin behar da… Firefoxen oraindik ez dugu lortu baina Chromen bai.

Ea horrela erabiltzaile batzuen antsietatea lasaitzen den 🙂


Zergatik aldatu da Euskalbarraren egitura? Lehen toolbar bat genuen eskuragarri aldi oro…

Bai, WebExtensions APIak oraindik ez du hori egiten uzten. Utziko digu? Agian bai, agian ez… Baina APIak aukera hori ematen badu noizbait, ziur Euskalbarran sartzen dela

Chromerako eta Firefoxerako bertsioak berdinak dira?

Bai, oinarrian, iturburu-kode bera erabiltzen dute. Noski, berezitasun txiki batzuk ere aurkituko dituzu, baina xehetasunak izango dira, inoiz ez funtzionalitate berriak.

26 de October de 2017

An improvised list of opensource conference management software

From time to time I check the available options for management conferences opensource licensed. My requirements would be basically:

  • management of the call for papers process:
    • authors registration
    • submiting of proposals and documents
    • review and approval process
  • bonus extra:
    • management and publish the conference program
    • export the program in some standard recognized formats (BARF, calendar, etc)
    • some mobile user application able to show and maanage the program calendar
  • heaven gift:
    • event management features for the conference attendance: registration, mailing, etc (think as an equivalent of Eventbrite).

As far I found:

  • Pentabarf, which seems obsolete these days
  • FRAB, a Pentabarf succesor, used at FrosCon, CCC.
  • COD, based on Drupal and used at DrupalCon’s, I guess.
  • CFP-Devoxx used at several Devoxx conferences and others.
  • OSEM, used at OpenSUSE, Owncloud, PGConf US and others.
  • Canonical Summit, this link points to the DebConf fork used in 2014 an 2015.
  • Wafer, Django based, currently used by DebConf.
  • OCS, made in PHP, in Gunnar words: «a long-running system, aimed at academic conferences, with a large install base».
  • symposion (plus registrasion), used at North Bay Python.
  • OpenConferenceWare, used at Open Source Bridge.

Other «raw» information:

If you know other applications you think should be added please feedback through comments. Same if you are aware of a better list than this or if you have a better list of application requirements.

PS: This post is just a draft so can be subjets of future adds and corrections.

PD: Added the links provided by Gunnar.
PPD: Added links to symposion and OpenConferenceWare.

13 de October de 2017

Instalar soporte yaml-dev en PHP para OSX

Receta rápida para instalar soporte YAML en PHP 5.6 para OSX Sierra.

Añadir tap de php a brew:

$ brew tap homebrew/homebrew-php

Instalar librería dinámica

$ brew install php56-yaml

Comprobar ruta de instalación:

$ ls -l /usr/local/opt/php56-yaml
/usr/local/opt/php56-yaml -> ../Cellar/php56-yaml/1.3.0

Crear php.ini para poder editarlo e indicar que active la carga de

$ sudo cp /etc/php.ini.default /etc/php.ini

Activar extensión en php.ini:

$ sudo vi /etc/php.ini

Comprobar que ha cargado (reiniciar Apache si el soporte YAML se quiere para el servidor web… en mi caso no hacía falta, dado que el soporte se requería para línea de comandos):

$ php -i "(command-line 'phpinfo()')" | grep -i yaml
LibYAML Support => enabled
LibYAML Version => 0.1.7

26 de September de 2017

Video demostración de introducción a git

Unos modestos vídeos que tenía hechos pero sin publicar de introducción al uso de Git. La demo fue preparada para una clase de introducción a Git y a los sistemas de control de versiones distribuidos en la asignatura de «Integración de sistemas software» en la Universidad de Almería en 2015. Se propone trabajar con recetas para que un grupo de estudiantes experimente el clonado, modificación y propuesta de parches de repositorios de terceros y de aceptación de parches para su propio repo. No son gran cosa pero igual les sirven a alguien.

Creación del repositorio personal de recetas:

Creo un repo en Github:

Vinculo un repo local al que hemos creado en Github:

Verifico que los cambios locales han sido añadidos al repo en Github:

Creo un repositorio propio replicando el de una tercera persona:

«Clono» mi nuevo repositorio remoto creando una copia local:

Modifico un repositorio de una tercera persona:

Consulta del histórico de cambios:

Ejemplo de pull-request:

Uso de ramas:

18 de September de 2017

HackIt! 2017 Level 5. Desempolvando el viejo MacOS

Ojo, ¿qué ha pasado con el nivel 4? W0pr lo ha descrito a la perfección usando Radare. La verdad es que es una delicia leer sus posts. En lo que a DiarioLinux respecta, lo solucionamos usando IDA Pro (en casa del herrero cuchara de palo) Bueno, realmente lo solucionó Kotxerra mientras nosotros dormíamos plácidamente a las 4AM. Echadle la culpa a él, por ser tan eficiente 😉 De hecho, nos impartió un mini-taller sobre la solución. Lo tengo documentado en uno de los backups que hice, así que en cuanto tenga un rato, lo desempolvaré para dar otra posible solución.
Lo que me interesa ahora es mostrar cómo abordamos el nivel 5. Poca gente lo solucionó… si no recuerdo mal (y el pantallazo de este post así lo ratifica), sólo W0pr (hats-off again) Por lo que comenté con ellos, hicieron análisis estático del código desensamblado. Nosotros seguimos otra vía, seguramente más tortuosa (y obviamente con peores resultados) pero interesante como ejercicio. Pero vayamos por partes. ¿De qué trata el level 5, Infinite Loop? Nos pasan un archivo infiniteloop.sit que hay que crackear. Los ficheros .sit son archivos comprimidos (Stuffit) que guardaban el ejecutable de los viejos MacOS 9. Ojo al parche, porque lo primero que se nos ocurrió fue encontrar un descompresor para Linux, ejecutar un emulador de MacOS9 sobre el ejecutable y depurar. No íbamos mal encaminados… Salvo que los .sit guardan datos de recursos (conocidos como “resource forks“) y metadatos del ejecutable y, sin ellos, el ejecutable realmente no sirve para nada. Nótese la “gracia” del título del level (A fork in the road…)

Long story short, encontramos la forma de instalar un emulador de MacOS 9 (la versión 9.2, no valía ni la 9.0, ni la 9.1, por experiencia) sobre qemu… sobre MacOSX Sierra :), tras muchas vueltas, usando SheepShaver. Cuando digo muchas vueltas estoy hablando de unas 5-6 horas, con gente muy experimentada. Fallaba por todos los lados: la instalación, el sistema de archivos, cuelgues en medio de la instalación, and the kitchen sink.

Pero finalmente, conseguimos instalarlo, subir el .sit.hqx y ejecutar. ¡Magia!

Cuando lo comentamos con @marcan42 vimos brillo en sus ojos: “¡Por fin alguien que lo ha ejecutado!”. Y no me extraña, la verdad. Sin embargo, las cosas no eran tan fáciles como nos esperábamos…

Lo primero que llama la atención es que, tras teaclear el código de unlock, asumíamos que podríamos cancelar y volver a intentarlo con otro código (básico para poder depurar). Pero no, la ventana de FAIL se quedaba fija en pantalla y NO había forma de quitarla, teniendo que resetear la máquina entera (OMFG!)
Lo siguiente que intentamos fue instalar un debugger en MacOS 9.2. Como puede observarse en la primera pantalla, donde se ve el logo de MacOS y debajo el texto “Debugger installed”, tenemos instalado MacsBug, un debugger un tanto arcaico para Motorola 68000. La gracia es que para activar el debugger, es necesario pulsar la combinación de teclas “Command-Power” (Programmer’s key), lo cual, en qemu, y con un teclado de un MBP moderno, no logré hacerlo ¯\_(ツ)_/¯

09 de September de 2017

WebDriver support in WebKitGTK+ 2.18

WebDriver is an automation API to control a web browser. It allows to create automated tests for web applications independently of the browser and platform. WebKitGTK+ 2.18, that will be released next week, includes an initial implementation of the WebDriver specification.

WebDriver in WebKitGTK+

There’s a new process (WebKitWebDriver) that works as the server, processing the clients requests to spawn and control the web browser. The WebKitGTK+ driver is not tied to any specific browser, it can be used with any WebKitGTK+ based browser, but it uses MiniBrowser as the default. The driver uses the same remote controlling protocol used by the remote inspector to communicate and control the web browser instance. The implementation is not complete yet, but it’s enough for what many users need.

The clients

The web application tests are the clients of the WebDriver server. The Selenium project provides APIs for different languages (Java, Python, Ruby, etc.) to write the tests. Python is the only language supported by WebKitGTK+ for now. It’s not yet upstream, but we hope it will be integrated soon. In the meantime you can use our fork in github. Let’s see an example to understand how it works and what we can do.

from selenium import webdriver

# Create a WebKitGTK driver instance. It spawns WebKitWebDriver 
# process automatically that will launch MiniBrowser.
wkgtk = webdriver.WebKitGTK()

# Let's load the WebKitGTK+ website.

# Find the GNOME link.
gnome = wkgtk.find_element_by_partial_link_text("GNOME")

# Click on the link.

# Find the search form. 
search = wkgtk.find_element_by_id("searchform")

# Find the first input element in the search form.
text_field = search.find_element_by_tag_name("input")

# Type epiphany in the search field and submit.

# Let's count the links in the contents div to check we got results.
contents = wkgtk.find_element_by_class_name("content")
links = contents.find_elements_by_tag_name("a")
assert len(links) > 0

# Quit the driver. The session is closed so MiniBrowser 
# will be closed and then WebKitWebDriver process finishes.

Note that this is just an example to show how to write a test and what kind of things you can do, there are better ways to achieve the same results, and it depends on the current source of public websites, so it might not work in the future.

Web browsers / applications

As I said before, WebKitWebDriver process supports any WebKitGTK+ based browser, but that doesn’t mean all browsers can automatically be controlled by automation (that would be scary). WebKitGTK+ 2.18 also provides new API for applications to support automation.

  • First of all the application has to explicitly enable automation using webkit_web_context_set_automation_allowed(). It’s important to know that the WebKitGTK+ API doesn’t allow to enable automation in several WebKitWebContexts at the same time. The driver will spawn the application when a new session is requested, so the application should enable automation at startup. It’s recommended that applications add a new command line option to enable automation, and only enable it when provided.
  • After launching the application the driver will request the browser to create a new automation session. The signal “automation-started” will be emitted in the context to notify the application that a new session has been created. If automation is not allowed in the context, the session won’t be created and the signal won’t be emitted either.
  • A WebKitAutomationSession object is passed as parameter to the “automation-started” signal. This can be used to provide information about the application (name and version) to the driver that will match them with what the client requires accepting or rejecting the session request.
  • The WebKitAutomationSession will emit the signal “create-web-view” every time the driver needs to create a new web view. The application can then create a new window or tab containing the new web view that should be returned by the signal. This signal will always be emitted even if the browser has already an initial web view open, in that case it’s recommened to return the existing empty web view.
  • Web views are also automation aware, similar to ephemeral web views, web views that allow automation should be created with the constructor property “is-controlled-by-automation” enabled.

This is the new API that applications need to implement to support WebDriver, it’s designed to be as safe as possible, but there are many things that can’t be controlled by WebKitGTK+, so we have several recommendations for applications that want to support automation:

  • Add a way to enable automation in your application at startup, like a command line option, that is disabled by default. Never allow automation in a normal application instance.
  • Enabling automation is not the only thing the application should do, so add an automation mode to your application.
  • Add visual feedback when in automation mode, like changing the theme, the window title or whatever that makes clear that a window or instance of the application is controllable by automation.
  • Add a message to explain that the window is being controlled by automation and the user is not expected to use it.
  • Use ephemeral web views in automation mode.
  • Use a temporal user profile in application mode, do not allow automation to change the history, bookmarks, etc. of an existing user.
  • Do not load any homepage in automation mode, just keep an empty web view (about:blank) that can be used when a new web view is requested by automation.

The WebKitGTK client driver

Applications need to implement the new automation API to support WebDriver, but the WebKitWebDriver process doesn’t know how to launch the browsers. That information should be provided by the client using the WebKitGTKOptions object. The driver constructor can receive an instance of a WebKitGTKOptions object, with the browser information and other options. Let’s see how it works with an example to launch epiphany:

from selenium import webdriver
from selenium.webdriver import WebKitGTKOptions

options = WebKitGTKOptions()
options.browser_executable_path = "/usr/bin/epiphany"
epiphany = webdriver.WebKitGTK(browser_options=options)

Again, this is just an example, Epiphany doesn’t even support WebDriver yet. Browsers or applications could create their own drivers on top of the WebKitGTK one to make it more convenient to use.

from selenium import webdriver
epiphany = webdriver.Epiphany()


During the next release cycle, we plan to do the following tasks:

  • Complete the implementation: add support for all commands in the spec and complete the ones that are partially supported now.
  • Add support for running the WPT WebDriver tests in the WebKit bots.
  • Add a WebKitGTK driver implementation for other languages in Selenium.
  • Add support for automation in Epiphany.
  • Add WebDriver support to WPE/dyz.

23 de August de 2017

Talleres Flatpak en Almería

En el HackLab Almería hemos iniciado una serie de sesiones de hacking para aprender en grupo a manejarse con Flatpak:

Personalmente mi plan es sacar adelante el paquete para OmegaT y finalmente descartar el que tengo abandonado en Fedora.

El grupo confía en publicar unos cuantos nuevos, por ejemplo Banshee. Y personalmente, si le pillo el tranquillo a empaquetar aplicaciones java, creo que buscaré el rato para empaquetar Freeplane y así dar el salto definitivo desde el viejo Freemind.

Veremos a ver cómo se nos da.

22 de August de 2017

Tracker requires SQLite >= 3.20 to be compiled with –enable-fts5

Tracker is one of these pieces of software that get no special praise when things work, but you wake up to personal insults on bugzilla when they don’t, today is one of those days.

Several distros have been eager to push SQLite 3.20.0 still hot from the oven to their users, apparently ignoring the API and ABI incompatibilities that are described in the changelog. These do hit Tracker, and are only made visible at runtime.

Furthermore, there is further undocumented ABI breakage that makes FTS5 modules generated from pre/post 3.20.0 SQLite code backward and forward incompatible with the other versions. Tracker used to ship a copy of the FTS5 module, but this situation is not tenable anymore.

The solution then? Making it mandatory that SQLite >= 3.20.0 must have FTS5 builtin. The just released Tracker 1.12.3 and 1.99.3 will error hard if that is not the case.

I’ve just sent this mail to distributor-list:

Hi all,

Sqlite 3.20.0 broke API/ABI for Tracker purposes. The change described in point 3 at is not only backwards incompatible, but also brings backwards and forwards incompatibilities with standalone FTS5 modules like Tracker ships [1], all of those are only visible at runtime [2].

FTS5 modules generated from SQLite < 3.20.0 won't work with >= 3.20.0, and the other way around. Since it's not tenable to ship multiple FTS5 module copies for pre/post 3.20.0, Tracker shall now make it a hard requirement that SQLite is compiled with builtin FTS5 (--enable-fts5) if SQLite >= 3.20.0 is found. The current Tracker FTS5 module is kept for older SQLite versions.

This change applies to Tracker >=1.12.3 and >=1.99.3. I don't know if any distro pushed SQLite 3.20.0 in combination with a Tracker that is older than that, but it will be just as broken, those would require additional patches from the tracker-1.12 branch besides the described change.

Please handle this promptly, wherever there's sqlite 3.20.0 without builtin FTS5 and/or tracker <= 1.12.2/1.99.2, there's unhappy Tracker users.


[1] Generated as described in

So, if you see errors about “TrackerTokenizer” something, please contact your distro packagers. I’ll close further incoming bugs as NOTGNOME.

16 de August de 2017

Going to retire Fedora's OmegaT package

OmegaT logo

Well, time has come and I must face my responsability on this.

My first important package in Fedora was for OmegaT. AFAIK OmegaT is the best FLOSS computer aid translator tool available. With the time OmegaT has been enjoying a very active development with a significant (to me) handicap: new releases adds new features with new dependencies on java libraries not available in Fedora. As you perfectly know, updating the package requires to add each one of those libraries as new packages. But I can’t find the time for such that effort. That’s the reason the last Fedora version is 2.6.3 and the lasts at upstream are 3.6.0 / 4.1.2.

So, I give up. I want to retire the package from Fedora because I’m sure I will not be able to update it anymore.

I’ll wait some days waiting someone expressing their interest on taking ownership. Otherwise I’ll start the retirement process.

PS: OTOH I plan to publish OmegaT as a flatpak package via Flathub. Seems to me it would be a lot easier to maintain that way. I’m aware Flathub is out of the scope of Fedora :-/

PPS: I send an announcement to the Fedora devel mailing list.

PPPS: detailed announcement and plan.

Recordando el planeta Chitón

Planeta Chitón, tus amigos no te olvidan.

09 de August de 2017

At GUADEC 2017 in Manchester


And not only I have participated in the Akademy 2017 conference but got to GUADEC 2017 all in the same week! And, god, I really loved it too because it’s the first GUADEC I attend since The Hague in 2010 and I loved to meet again with old friends of the Hispanic community. Important to say I missed a lot of you, guys. Hope we’ll fix this next year ;-)

I should acknowledge the travel sponsorship by the GNOME Foundation and the GNOME Hispano association. Without them I couldn’t attend this year.

And the main reason to travel to Manchester has been the announcement of the hosting city for GUADEC 2018: Almería. We competed againts the city of Lyon leaded by the hacker extraordinaire Bastien Nocera but finally the GNOME board honored us with the privilege. We put a lot of work on the Almería candicacy but haven’t been easy to compete with the Lyon bid. And thanks to Bastien and team too for their commitment too.

At Manchester’s GUADEC

Organization team had made a greeeat work of love with everything I’m aware. The venue and the dormitory were really very good. The spaces for workshops ideal too. The number of audience attendees this year has beaten the record of the last editions and the quality of speakers at the best level you could expect.

Hopper Room Brooks Building

To point some defect just say the dormitory mattresses were not as good as the rest of the facilities ;-)

About conference contents, trying to remark something, to me has been:

GNOME 20th birthday

Yeah, 20 years since GNOME was founded:

(and by the way, seems this has been my most popular tweet ever!)

And Jonathan Bladford delighted us with a retrospective of all these years:

And we had not only a 20 years party but the celebration of founder Federico Mena’s birthday, so he made the honours cuting the celebration cake:

And yes, Miguel, we missed you too :-)


To me this has been the Flatpak conference. Most of my Linux experience has been related to software packaging and distro integration but didn’t have the time to deep into Flatpak use and at Manchester had the oportunity to dedicate time to learn about the future of opensource packaging:

And at the workshops session Flatpak leader Alex Larsson among others guided us in our first steps on this technology. To me was the continuation of Aleix Pol flatpak masterclass at Akademy 2017.

About my interest in Flatpak, my main goal is migrating the packaging I “keep” at Fedora of the great OmegaT translation memory tool (see OmegaT) to flatpak and, probably, publishing at the Flathub application store. The main reason to me is I can’t find the time to fullfill all the Fedora package requirements with all the dependencies OmegaT needs. To me it’s a personal experiment I hope to finish before the end of the summer both to get familiar with Flatpak and to retake my modest commitment to OmegaT project.


Yeah: I brought to Almería dozens and dozens of GNOME stickers:

I’ll be sharing all of them in the comming HackLab Almería meetings.


And my personal most emotive moment was the announcement of the city hosting next GUADEC 2018:

We are very grateful to the GNOME board and community for their trust. We are confident we’ll provide a nice Almería experience :-)


It has been a great conference. For many of the attendants have been their best GUADEC in many years. And I don’t doubt about this :-)

GUADEC 2017 group photo

If you want to check pictures:

So GUADEC, «we must say Adios! until we see Almeria once again»:


PD: just added the reference to the GUADEC 2018 announcement.

07 de August de 2017

Yeah, we host Akademy 2017 in Almería

Last weeks have been really busy with full inmersion in opensource activites. Here in Almería we had the honour to host the Akademy 2017, the annual KDE project conference and meeting. I’m not really involved in KDE development but had been an extraordinare pleasure being their host. Very kind people very easy to work with in all aspects. Is meeting new people a great surprise? Not at all when you know how opensource development projects and people usually are. But I love to remark how a delight has been to work with them.

Hope they loved being in Almería as well :-)

About the conference we had collected some resources:


Akademy 2017 has been posible just and thanks an extraordinarie team of kind and hardworking people, specially the core team: Aleix Pol, Albert Astals, Kenny Duffus and Lydia Pintscher. And not to forget the necessary help of local volunteers José María Martínez, Juanjo Salvador, Rafa Aybar and Cristóbal Saraiba.

We should thanks too to Francisco Gil and the University of Almería because their help was decisive for make the event happen.

And special acknowledge to Rubén Gómez who has been crazy enough to propose Almería to host the 2017 edition and the main driving force for the local organization team.

As said, a pleasure and an honour!

04 de August de 2017

Back from GUADEC

After spending a few days in Manchester with other fellow GNOME hackers and colleagues from Endless, I’m finally back at my place in the sunny land of Surrey (England) and I thought it would be nice to write some sort of recap, so here it is:

The Conference

Getting ready for GUADECI arrived in Manchester on Thursday the 27th just on time to go to the pre-registration event where I met the rest of the gang and had some dinner, and that was already a great start. Let’s forget about the fact that I lost my badge even before leaving the place, which has to be some type of record (losing the badge before the conference starts, really?), but all in all it was great to meet old friends, as well as some new faces, that evening already.

Then the 3 core days of GUADEC started. My first impression was that everything (including the accommodation at the university, which was awesome) was very well organized in general, and the venue make it for a perfect place to organize this type of event, so I was already impressed even before things started.

I attended many talks and all of them were great, but if I had to pick my 5 favourite ones I think those would be the following ones, in no particular order:

  • The GNOME Way, by Allan: A very insightful and inspiring talk, made me think of why we do the things we do, and why it matters. It also kicked an interesting pub conversation with Allan later on and I learned a new word in English (“principled“), so believe me it was great.
  • Keynote: The Battle Over Our Technology, by Karen: I have no words to express how much I enjoyed this talk. Karen was very powerful on stage and the way she shared her experiences and connected them to why Free Software is important did leave a mark.
  • Mutter/gnome-shell state of the union, by Florian and Carlos: As a person who is getting increasingly involved with Endless’s fork of GNOME Shell, I found this one particularly interesting. Also, I found it rather funny at points, specially during “the NVIDIA slide”.
  • Continuous: Past, Present, and Future, by Emmanuele: Sometimes I talk to friends and it strikes me how quickly they dismiss things as CI/CD as “boring” or “not interesting”, which I couldn’t disagree more with. This is very important work and Emmanuele is kicking ass as the build sheriff, so his talk was very interesting to me too. Also, he’s got a nice cat.
  • The History of GNOME, by Jonathan: Truth to be told, Jonathan already did a rather similar talk internally in Endless a while ago, so it was not entirely new to me, but I enjoyed it a lot too because it brought so many memories to my head: starting with when I started with Linux (RedHat 5.2 + GNOME pre-release!), when I used GNOME 1.x at the University and then moved to GNOME 2.x later on… not to mention the funny anecdotes he mentioned (never imagined the phone ringing while sleeping could be a good thing). Perfectly timed for the 20th anniversary of GNOME indeed!

As I said, I attended other talks too and all were great too, so I’d encourage you to check the schedule and watch the recordings once they are available online, you won’t regret it.

Closing ceremony

And the next GUADEC will be in… Almería!

One thing that surprised me this time was that I didn’t do as much hacking during the conference as in other occasions. Rather than seeing it as a bad thing, I believe that’s a clear indicator of how interesting and engaging the talks were this year, which made it for a perfect return after missing 3 edition (yes, my last GUADEC was in 2013).

All in all it was a wonderful experience, and I can thank and congratulate the local team and the volunteers who run the conference this year well enough, so here’s is a picture I took where you can see all the people standing up and clapping during the closing ceremony.

Many thanks and congratulations for all the work done. Seriously.

The Unconference

After 3 days of conference, the second part started: “2 days and a bit” (I was leaving on Wednesday morning) of meeting people and hacking in a different venue, where we gathered to work on different topics, plus the occasional high-bandwith meeting in person.

GUADEC unconferenceAs you might expect, my main interest this time was around GNOME Shell, which is my main duty in Endless right now. This means that, besides trying to be present in the relevant BoFs, I’ve spent quite some time participating of discussions that gathered both upstream contributors and people from different companies (e.g. Endless, Red Hat, Canonical).

This was extremely helpful and useful for me since, now we have rebased our fork of GNOME Shell 3.22, we’re in a much better position to converge and contribute back to upstream in a more reasonable fashion, as well as to collaborate implementing new features that we already have in Endless but that didn’t make it to upstream yet.

And talking about those features, I’d like to highlight two things:

First, the discussion we held with both developers and designers to talk about the new improvements that are being considered for both the window picker and the apps view, where one of the ideas is to improve the apps view by (maybe) adding a new grid of favourite applications that the users could customize, change the order… and so forth.

According to the designers this proposal was partially inspired by what we have in Endless, so you can imagine I would be quite happy to see such a plan move forward, as we could help with the coding side of things upstream while reducing our diff for future rebases. Thing is, this is a proposal for now so nothing is set in stone yet, but I will definitely be interested in following and participating of the relevant discussions regarding to this.

Second, as my colleague Georges already vaguely mentioned in his blog post, we had an improvised meeting on Wednesday with one of the designers from Red Hat (Jakub Steiner), where we discussed about a very particular feature upstream has wanted to have for a while and which Endless implemented downstream: management of folders using DnD, right from the apps view.

This is something that Endless has had in its desktop since the beginning of times, but the implementation relied in a downstream-specific version of folders that Endless OS implemented even before folders were available in the upstream GNOME Shell, so contributing that back would have been… “interesting”. But fortunately, we have now dropped that custom implementation of folders and embraced the upstream solution during the last rebase to 3.22, and we’re in a much better position now to contribute our solution upstream. Once this lands, you should be able to create, modify, remove and use folders without having to open GNOME Software at all, just by dragging and dropping apps on top of other apps and folders, pretty much in a similat fashion compared to how you would do it in a mobile OS these days.

We’re still in an early stage for this, though. Our current solution in Endless is based on some assumptions and tools that will simply not be the case upstream, so we will have to work with both the designers and the upstream maintainers to make this happen over the next months. Thus, don’t expect anything to land for the next stable release yet, but simply know we’ll be working on it  and that should hopefully make it not too far in the future.

The Rest

This GUADEC has been a blast for me, and probably the best and my most favourite edition ever among all those I’ve attended since 2008. Reasons for such a strong statement are diverse, but I think I can mention a few that are clear to me:

From a personal point of view, I never felt so engaged and part of the community as this time. I don’t know if that has something to do with my recent duties in Endless (e.g. flatpak, GNOME Shell) or with something less “tangible” but that’s the truth. Can’t state it well enough.

From the perspective of Endless, the fact that 17 of us were there is something to be very excited and happy about, specially considering that I work remotely and only see 4 of my colleagues from the London area on a regular basis (i.e. one day a week). Being able to meet people I don’t regularly see as well as some new faces in person is always great, but having them all together “under the same ceilings” for 6 days was simply outstanding.

GNOME 20th anniversary dinner

GNOME 20th anniversary dinner

Also, as it happened, this year was the celebration of the 20th anniversary of the GNOME project and so the whole thing was quite emotional too. Not to mention that Federico’s birthday happened during GUADEC, which was a more than nice… coincidence? 🙂 Ah! And we also had an incredible dinner on Saturday to celebrate that, couldn’t certainly be a better opportunity for me to attend this conference!

Last, a nearly impossible thing happened: despite of the demanding schedule that an event like this imposes (and I’m including our daily visit to the pubs here too), I managed to go running every single day between 5km and 10km, which I believe is the first time it happened in my life. I definitely took my running gear with me to other conferences but this time was the only one I took it that seriously, and also the first time that I joined other fellow GNOME runners in the process, which was quite fun as well.

Final words

I couldn’t finish this extremely long post without a brief note to acknowledge and thank all the many people who made this possible this year: the GNOME Foundation and the amazing group of volunteers who helped organize it, the local team who did an outstanding job at all levels (venue, accomodation, events…), my employer Endless for sponsoring my attendance and, of course, all the people who attended the event and made it such an special GUADEC this year.

Thank you all, and see you next year in Almería!

Credit to Georges Stavracas

29 de July de 2017

HackIt! 2017 Level 3

usbmon es una funcionalidad ofrecida por el kernel Linux para recolectar trazas de entrada/salida que usen el bus USB. El level 3 nos plantea unas trazas de texto plano obtenidas a través de usbmon.

Tras mucho analizar, allá donde esperábamos información sobre el dispositivo USB en concreto, vimos que había tres líneas censuradas.

Intentamos también convertir la salida ascii de usbmon a formato .pcap para manejar el dump más cómodamente desde wireshark, pero no lo conseguimos. Así que tocaba parsear el fichero de texto. Antes de ponernos a programar un parser, buscamos alguno ya existente y encontramos varias alternativas, entre ellas este script en python que además generaba su salida en un bonito HTML.

Lo intentamos por todos los medios. Lo primero fue extraer los datos de tipo isochronous e interpretarlos: como raw image, como audio, como señal de unos y ceros… agua.

Hasta muchas horas después de planteado el reto, nadie lo solucionó. Si no recuerdo mal, el lunes 24 pusieron la primera pista: “Audio parece, pero audio no es.” que nos dejó igual que estábamos (bueno, redujo el espacio de búsqueda, eso sí). La madrugada del lunes al martes (a eso de las 4am) se publicó la segunda pista, pero nos pilló exhaustos, y a la mayoría dormidos. La segunda pista restauraba parte de las líneas del dump eliminadas, facilitando información sobre el dispositivo que las generó. Un láser. Seguramente se nos tenía que haber ocurrido antes, conociendo al autor de la prueba y su afición por estos dispositivos

No sé si w0pr solucionó este reto con esta segunda pista o con la primera… pero ¡lo solucionó! Así que espero que publiquen el write-up para actualizar este post con el enlace directo.

UPDATE (30/07/2017): w0pr ha publicado la solución completa a este reto.

28 de July de 2017

HackIt! 2017. Level 2

¡Y vamos a por bingo! El nivel 2 nos pide que encontremos el secreto que esconde una captura de tráfico de red. Realmente esto me sonaba a otra prueba del hackit… de 2007 (!). Abriendo la captura con un wireshark moderno, vemos tramas bluetooth. Probablement de algún dispositivo que envía datos, y en concreto, este SoundCore-Sport-XL-Bluetooth-Speaker.

Seleccionamos Telephony / RTP / RTP Streams…

Y oímos la señal, pero muy distorsionada. Aquí tuvimos un problema: queríamos exportar el audio para poderlo tratar con Audacity. Pero oh, sorpresa, no era posible:

Aquí se nos ocurrió una solución tal vez no muy “ortodoxa”, pero que funcionó perfectamente 🙂 Abrimos Camtasia, lo configuramos para grabar sonido del sistema y le dimos al Play stream en Wireshark. Exportamos luego el resultado de la grabación a formato mp4 (en Camtasia) y lo abrimos con Audacity, aplicándole el efecto de cambio de speed, encontrando la solución (fuaaaa!) 🙂

27 de July de 2017

HackIt! 2017. Soluciones que me quitan de las manos

Gooood morning Vietnam! Siguiendo con la tradición (2014,2013,2012,2010,2009,2008,2007) que lamentablemente dejé de lado en 2015 y 2016, quiero volver a publicar soluciones para el HackIt! de la Euskal Encounter de este año (25 ediciones ya, OMG, cómo pasa el tiempo…) Lo primero, saludos a @marcan42 e @imobilis, por organizar el evento un año más. Lo segundo, pedirle a @marcan42 que suba las pruebas que faltan (have you stopped being lazy yet?) };-)

Vamos con el Level 1. Facilito, pero más complejo que otros años para ser una prueba de calentamiento.

Nos presentan un mapa de reservas de sitios… algo modificado:

Si abrimos el código y miramos las diferencias con el mapa de ocupación original, vemos algo raro (¡en el código de producción!):

Funciones xor, magic numbers y uno de ellos 31337 (eleet!, elite)… huele a que vamos por el buen camino 😉

La idea consistió en poner un breakpoint en la función w() de producción y otro en el de la prueba. En la ventana de la prueba, recogemos el array de datos y lo inyectamos en el de producción, para ver qué pintaba en pantalla esa función. ¡Sorpresa!

UPDATE: los compañeros de w0pr han empezado a publicar un write-up con sus impresiones. ¡Imprescindible lectura!

22 de July de 2017

Running GUI applications with Docker in OSX

A quick guide on how to run docker containers requiring a GUI with Mac and XQuartz. First, you’ll need to download and install XQuartz. Run it.
Now, start socat to expose local xquartz socket on a TCP port:

$ socat TCP-LISTEN:6000,reuseaddr,fork UNIX-CLIENT:\"$DISPLAY\"

Pass the display to container :

docker run -e DISPLAY= pygame xclock

I’m assuming that is your vboxnet IP address and that “pygame” is the name of the docker image that contains your GUI application (in this case, my container’s name is pygame and the GUI is xclock)

For security purposes, you can use socat option range=/32 to filter the IP address (allowing only your primary IP to connect). Check also your XQuartz Preferences / Security tab:


You can also launch a bash shell first and from there, run your GUI apps.


04 de July de 2017

Endless OS 3.2 released!

We just released Endless OS 3.2 to the world after a lot of really hard work from everyone here at Endless, including many important changes and fixes that spread pretty much across the whole OS: from the guts and less visible parts of the core system (e.g. a newer Linux kernel, OSTree and Flatpak improvements, updated libraries…) to other more visible parts including a whole rebase of the GNOME components and applications (e.g. mutter, gnome-settings-daemon, nautilus…), newer and improved “Endless apps” and a completely revamped desktop environment.

By the way, before I dive deeper into the rest of this post, I’d like to remind you thatEndless OS is a Operating System that you can download for free from our website, so please don’t hesitate to check it out if you want to try it by yourself. But now, even though I’d love to talk in detail about ALL the changes in this release, I’d like to talk specifically about what has kept me busy most of the time since around March: the full revamp of our desktop environment, that is, our particular version of GNOME Shell.

Endless OS 3.2 as it looks in my laptop right now

Endless OS 3.2 as it looks in my laptop right now

If you’re already familiar with what Endless OS is and/or with the GNOME project, you might already know that Endless’s desktop is a forked and heavily modified version of GNOME Shell, but what you might not know is that it was specifically based on GNOME Shell 3.8.

Yes, you read that right, no kidding: a now 4 years old version of GNOME Shell was alive and kicking underneath the thousands of downstream changes that we added on top of it during all that time to implement the desired user experience for our target users, as we iterated based on tons of user testing sessions, research, design visions… that this company has been working on right since its inception. That includes porting very visible things such as the “Endless button”, the user menu, the apps grid right on top of the desktop, the ability to drag’n’drop icons around to re-organize that grid and easily manage folders (by just dragging apps into/out-of folders), the integrated desktop search (+ additional search providers), the window picker mode… and many other things that are not visible at all, but that are required to deliver a tight and consistent experience to our users.

Endless button showcasing the new "show desktop" functionality

Endless button showcasing the new “show desktop” functionality

Aggregated system indicators and the user menu

Of course, this situation was not optimal and finally we decided we had found the right moment to tackle this situation in line with the 3.2 release, so I was tasked with leading the mission of “rebasing” our downstream changes on top of a newer shell (more specifically on top of GNOME Shell 3.22), which looked to me like a “hell of a task” when I started, but still I didn’t really hesitate much and gladly picked it up right away because I really did want to make our desktop experience even better, and this looked to me like a pretty good opportunity to do so.

By the way, note that I say “rebasing” between quotes, and the reason is because the usual approach of taking your downstream patches on top of a certain version of an Open Source project and apply them on top of whatever newer version you want to update to didn’t really work here: the vast amount of changes combined with the fact that the code base has changed quite a bit between 3.8 and 3.22 made that strategy fairly complicated, so in the end we had to opt for a combination of rebasing some patches (when they were clean enough and still made sense) and a re-implementation of the desired functionality on top of the newer base.

Integrated desktop search

The integrated desktop search in action

New implementation for folders in Endless OS (based on upstream’s)

As you can imagine, and especially considering my fairly limited previous experience with things like mutter, clutter and the shell’s code, this proved to be a pretty difficult thing for me to take on if I’m truly honest. However, maybe it’s precisely because of all those things that, now that it’s released, I look at the result of all these months of hard work and I can’t help but feel very proud of what we achieved in this, pretty tight, time frame: we have a refreshed Endless OS desktop now with new functionality, better animations, better panels, better notifications, better folders (we ditched our own in favour of upstream’s), better infrastructure… better everything!.

Sure, it’s not perfect yet (no such a thing as “finished software”, right?) and we will keep working hard for the next releases to fix known issues and make it even better, but what we have released today is IMHO a pretty solid 3.2 release that I feel very proud of, and one that is out there now already for everyone to see, use and enjoy, and that is quite an achievement.

Removing and app by dragging and dropping it into the trash bin

Now, you might have noticed I used “we” most of the time in this post when referring to the hard work that we did, and that’s because this was not something I did myself alone, not at all. While it’s still true I started working on this mostly on my own and that I probably took on most of the biggest tasks myself, the truth is that several other people jumped in to help with this monumental task tackling a fair amount of important tasks in parallel, and I’m pretty sure we couldn’t have released this by now if not because of the team effort we managed to pull here.

I’m a bit afraid of forgetting to mention some people, but I’ll try anyway: many thanks to Cosimo Cecchi, Joaquim Rocha, Roddy Shuler, Georges Stavracas, Sam Spilsbury, Will Thomson, Simon Schampijer, Michael Catanzaro and of course the entire design team, who all joined me in this massive quest by taking some time alongside with their other responsibilities to help by tackling several tasks each, resulting on the shell being released on time.

The window picker as activated from the hot corner (bottom – right)

Last, before I finish this post, I’d just like to pre-answer a couple of questions that I guess some of you might have already:

Will you be proposing some of this changes upstream?

Our intention is to reduce the diff with upstream as much as possible, which is the reason we have left many things from upstream untouched in Endless OS 3.2 (e.g. the date/menu panel) and the reason why we already did some fairly big changes for 3.2 to get closer in other places we previously had our very own thing (e.g. folders), so be sure we will upstream everything we can as far as it’s possible and makes sense for upstream.

Actually, we have already pushed many patches to the shell and related projects since Endless moved to GNOME Shell a few years ago, and I don’t see any reason why that would change.

When will Endless OS desktop be rebased again on top of a newer GNOME Shell?

If anything we learned from this “rebasing” experience is that we don’t want to go through it ever again, seriously :-). It made sense to be based on an old shell for some time while we were prototyping and developing our desktop based on our research, user testing sessions and so on, but we now have a fairly mature system and the current plan is to move on from this situation where we had changes on top of a 4 years old codebase, to a point where we’ll keep closer to upstream, with more frequent rebases from now on.

Thus, the short answer to that question is that we plan to rebase the shell more frequently after this release, ideally two times a year so that we are never too far away from the latest GNOME Shell codebase.

And I think that’s all. I’ve already written too much, so if you excuse me I’ll get back to my Emacs (yes, I’m still using Emacs!) and let you enjoy this video of a recent development snapshot of Endless OS 3.2, as created by my colleague Michael Hall a few days ago:

(Feel free to visit our YouTube channel to check out for more videos like this one)

Also, quick shameless plug just to remind you that we have an Endless Community website which you can join and use to provide feedback, ask questions or simply to keep informed about Endless. And if real time communication is your thing, we’re also on IRC (#endless on Freenode) and Slack, so I very much encourage you to join us via any of these channels as well if you want.

Ah! And before I forget, just a quick note to mention that this year I’m going to GUADEC again after a big break (my last one was in Brno, in 2013) thanks to my company, which is sponsoring my attendance in several ways, so feel free to say “hi!” if you want to talk to me about Endless, the shell, life or anything else.

11 de June de 2017

Next Tracker is 2.0.0

There’s a few plans in the boiler for Tracker:

Splitting core from miners

Tracker is usually deemed a “metadata indexer”, although that’s just half the truth. Even though Tracker could be essentially considered that in its very early days, it made a bold move back in 0.7.x to using Sparql as the interface to store and retrieve this metadata, where both the indexers and the applications using this metadata talk the same language.

So in reality, the storage and query language are useful by themselves. As per the plans, you’ll now have to distinguish between:
– Tracker the RDF store, and
– Tracker miners, the infrastructure and binaries to translate a number of entities (be it files or whatever) into Sparql, using the first acceptation for storage

Making standalone Sparql endpoints possible

At the time of moving to Sparql, Tracker was conceived as a global store of deeply interconnected data, Nepomuk seemed the most obvious choice to represent the data for indexing purposes and client isolation was basically left to 3rd parties. However times change, sandboxing is very present, and Tracker’s global store don’t help with it.

Based on initial work from Philip Van Hoof, quite some shuffling has been going on in wip/carlosg/domain-ontologies to make multiple Sparql endpoints (“database connections” in non-fancy speak) possible. This will allow applications to use private sparql endpoints, and possibly using other ontologies (“schemas” in non-fancy speak) than Nepomuk. The benefits are twofold, this will be a lot friendlier to sandboxing, and also increments the versatility of the Tracker core.

Switching to Semantic versioning

This change was suggested some time ago by Philip Van Hoof, and the idea has been growing in me. Tracker has usually had a longstanding backwards compatibility promises, not just in terms of API, but also in terms of data compatibility. However, bumping the version as per the GNOME schedule results in multiple stable versions being used out there, with the patch backporting and bug management overhead that it implies.

In reality, what we want to tell people (and usually do!) is “use latest stable Tracker”, often the stuff is already fixed there, and there’s no reason why you would want to stick to a stable series that will receive limited improvements. I do hope that semantic versioning conveys Tracker’s “later is better” stance, with some optimism I see it standing on 2.y.z for a long time, and maybe even 2.0.z for tracker core.

But versions are like age, just a number :). Tracker 2.x services and client side API will foreseeably be backwards compatible with 1.x from the reader standpoint. The Tracker core could be made parallel installable with 1.0, but I wouldn’t even bother with the high level infrastructure, 2.x will just be a better 1.x.

But this doesn’t mean we jump the GNOME unstable cycle ship. IMHO, it’s still worth following to let newly introduced code bake in, it just won’t result in gratuitous version bumps if API changes/additions are not in sight.

Code and API cleanup

In the more active past, Tracker had a lot code accretion while trying to get the buy-in, this included multiple miners, extensions and tools. But it was never the goal of Tracker to be the alpha and omega of indexing in itself, rather to have applications update and blend the data for their own consumption. Fast forward a few years and the results are mixed, Tracker got an amount of success, although apps almost exclusively rely on data produced by Tracker’s own miners, while most of these extensions are bitrotting since much of the activity and manpower went away.

Sam Thursfield started doing some nice cleanups of maemo/meego specific code (yes, we still had that) and making Tracker use Meson (which indirectly started tiptoeing some of that bitrot code). Several of these these extensions implementing Tracker support shall just go to the attic and should be done proper, it will at least be the case with nautilus thanks to Alexandru Pandelea’s GSOC work :).

But the version bump and code split is too good of an opportunity to miss it :). Some deprecated/old API will also go away, probably none of which you’ve ever used, there will be some porting documentation anyway.

05 de June de 2017

Almería bid for hosting GUADEC in 2018

Well, «Alea iacta est». The deadline for biding to host GUADEC 2018 closed 4th Jun. And we proposed Almería.

GUADEC is the annual developers conference in the European zone, but with common attendants from Asia and North-South America, of the GNOME Project. This is another step to promote Almería as an international technology place and to estimulate new local techies, approaching students and proffesionals to world-class development communities and to the ethos and practice of opensource development. In the age of a «Github portfolio» as a CV resume for developers, the practice in opensource development it’s probably the best to train new programmers, to enhance their employability, and the learning of development practices along veteran programmers and mature communities. And it’s important to show how opensource software is a key component for our digitally connected society.

Again our legal instrument, absolutely key to these activities, is the UNIA CS students association at the University of Almería. The same association I helped fund in 1993 lives a new golden age thanks to a new group of entusiast members. Their support and collaboration made possible to host PyConES 2016, which, as far as we know, has been the biggest software development conference never made in our city. This conference has been a moral milestone for us and now we feel we can, at least, be hosts of other world-class conferences with the appropiate quality. And another key component of these proposals is the current university campus endownment and the support of the present university gobernm team to which we are grateful for their help and support. This is another step to increase the projection of the University of Almería as an international knowledge hub.

Finally I want to express my hope to do a significative contribution to the GNOME project, which I’m related to for more than a decade. Hopefully for 2018 I would have updated my pending GNOME packages in Fedora 🙈

So, here it is, the Almería candidacy to host GUADEC 2018.