Category Archives

412 Articles
An Act of Solidarity

An Act of Solidarity

Yes, I don’t talk much about gossip. That’s why I don’t talk about Manohara. But, this is about a fact that a life of an innocent person is on the line and this is all about ethics, netiquette to be precisely.

The problem began with the spreading of a mail from a mother who felt of being deceived by the hospital. The mail itself were sent into a mailing list. For your information, mailing list is a group of people that exchange information via email. It means, you must be subscribed to be emailed by the mailing list system. This means, the membership of the group is totally private. Unfortunately, member of the mailing list then broadcast this message into another internet forum. Which in the end, inform the employee of the accused hospital.

Because of the accuse, the hospital use the new Internet Law (ITE) to brought Mrs. Prita into justice. They felt their name was poisoned by the accusation of hospital doing scam and it would held their reputation down. They do anything necessary to protect their name.

I am not very in depth with the law, but let’s use common sense here. If you, dear reader, have better argument, feel free to comment. The submit button is right there under the comment’s text box.

First of all, the court must consider Mrs. Prita intention of sending her mail. She wasn’t intend to broadcast it but to a group of known people just to get out of her rant. She wasn’t the one that made the letter public. The one that responsible for leaking the information is not her.

Second, her motivation is because of what happen back there. She felt like she was being deceived. How can you protested a hospital if it was doing such practice? It was just like trying to sue PLN when your hardware was broken because of sudden cutoff. This letter should be treated like sending to a media.

Of course, the problem also persist in the hospital side.

First, how can they defend themselves against such letter? The letter would bring disgrace to their name and made their reputation rock bottom. They would need the media to explain themselves which in the end costs a lot.

Secondly, how to defend themselves if the story wasn’t true? Internet is full of hoax, but people tend to trust it as a source of truth.

So, who should take the blame?

Well, why don’t we trace if the story was true. If it was another hoax, Mrs. Prita needs to take full responsible. Also, the person who broadcast the message needs to be captured. If it was true, this hospital really needs to reform themselves and apologize.

Another problem that made me sympathize to her is:

“How on earth can the law prove if all that Mrs. Prita evidence is only payment checks?”

Anyway, this is a good test of how well this nation have the comprehensive ability to understand IT and the Internet. Let’s watch and see.

Nice Relational Software

Nice Relational Software

If you are in Computer Science, or merely just a passer that interested in Relational Algebra, meet Relational. This software is in 0.9.0 as of this time of writing. If you use Debian, just add “unstable” to your repository list. After that:

# apt-get install relational

For other operating system, just go to the site and read it for yourself.

Reference: [RELA] Relational. http://galileo.dmi.unict.it/wiki/relational/doku.php

New System Notification for KDE and Usability In Question

New System Notification for KDE and Usability In Question

According to [AIS], the main dev of KDE, introduce system notification for KDE 4 series. This feature is introduced in KDE 4.3 and will be stable in KDE 4.4. That means, at least at the end of 2009 we will be having another breakthrough in desktop innovation.

What is a notification?

To be sort and humble, notification can be described as informative message spotted to inform the user about something that happen. It is that bubble that popped out informing/alerting the user.

Some of the implementation: a) in Mac, there is a Growl project that unified all application bubble; b) in Windows, Microsoft have their MFC library; c) in Linux, freedesktop notification in libnotification.

All of them have the implementation, but only Macintosh that have consistent look. [GROWL] I don’t care about Windows world because it only copy others. In Linux, however, there is a scattered implementation of notification that needs to be unified.

I believe when you are talking about GNU/Linux operating system, you would see that it talks not only about the library that follows, nor the desktop systems, it also talks about variety of machine. It could be your smartphone, USB video gadget, desktop computer, [ENTER ANY EXOTIC DEVICE HERE], etc. Variety devices comes with many requirement which may applied differ from each other. Thus, each of them may have unique look.

However, for desktop users, there is an urge to have visual notification that optimally used. According to [MARK], the notification should follow these:

  1. They should stay unobstrusive and need no handling from user. They can be queued to stay unobstrusive.
  2. They should be trackable even if the notification is gone.
  3. Any action required must involve the application part, i.e. the application window/dialog box popped or come forth.

Because of this proposal, the Ubuntu product starting 9.04 version have their own notification system that divided into two parts, the notification bubble called notify-osd and notification tracker applet that tracks notification.

However, there is a disagreement between their proposed idea and other developer perspective. One notable disagreement is about the actionless notification. On [MARK] comment, Gregg, also pointed out that there are cases when it is natural for us to click on the notification whenever those particular events occur. For instance, if an email comes in, the application would popping the notification to the user. It will makes the user click the notification bubble, making the application focused and displaying the message. Another example is chat client application that bubbling the message whenever a friend type something.

Because of that, the proposal that [AIS] propose is the good will of KDE people to have notification free from any desktop library is a way to go. That is by using D-BUS. DBUS is a inter-application communication system that being defined by Freedesktop. It was first implemented by GNOME people and later by KDE people. It will have the Ubuntu proposal, yet have the ability to express their ways of user usability. Eventually, it will bring goodness to both desktop world and others.

What can be said about this lengthy post?

The world is on the usability study that much, but our, Indonesian, IT are lacking of it. Well, I can really assure you, at least the application I participated to develop, will have user usabilty goodness in it.

REFERENCE: [AIS] Aseigo. http://aseigo.blogspot.com/2009/05/findlibknotificationitem-1.html [GROWL] Growl. http://growl.info/ [MARK] Shuttleworth, Mark. 2008. http://www.markshuttleworth.com/archives/253

One Must Have Package

One Must Have Package

If you ever been wondered why your GNU/Linux Debian missing the DRI capability, you should know that now Debian ships the Firmware into new package called:

firmware-linux

This is due to legal and political policy of Debian which is not wanting to be tainted by non-free softwares. The package is containing BLOB [non-techie reader reads: no source, binary only) firmwares that needed to activated some of the capability. I guess that is the price of freedom and good quality means.

Debian Moving Their Core C Library

Debian Moving Their Core C Library

Debian is moving from GLIBC (GNU C Library) into EGLIBC (Embedded GNU C Library). [AUR] For you the fainted heart, let me explain what is this means: GNU/Linux Debian distro will make all of their packages compiled against EGLIB. This is big, thus, it may introduce binary incompatibilities. Are they/we ready for the concequences?

What’s behind this? Well, implied from [AUR], the main cause is because the one of the maintainer of GLIBC is an arrogant being. I guess coding in years and become fame do makes people like that — especially technical people that being trained to do reasoning with code not with human. With that unfriendly attitude that brought down talents and good karmas, many projects looses people. This is because FOSS projects is a contribution project and people can bring whatever they wish. BUT, Debian is a BIG project that affects other projects and this also, IMHO, will make social impact too to FOSS community as a whole.

On the light note, as noted by commenter on [AUR], every distros out there already using heavily patched GLIBC version. Noone use the vanilla. Nevertheless, moving from GLIBC to EGLIBC is not like moving X11 from XFree86 to Xorg. We are talking about the basic library to make everything functional here. So, we may see our mission critical code runs correctly against it.

The day of using EGLIBC is yet to come, so don’t worry about it now. Even if the day comes, the non-techie user will not even feels it, hopefully…

Reference:

[AUR] http://blog.aurel32.net/wp-trackback.php?p=47

Another Trial to Indonesia Anti-Corruption Movement

Another Trial to Indonesia Anti-Corruption Movement

Aaa.. Antasari is being held as witness (or already a criminal). Some people wants him down. But, can KPK be as productive as they were?

My sense of nationalism is in the hand of KPK, which is the reason why I still believe in this country. Other have failed me, even DPR (which should be the voice of people) hurts me bad. Hopefully, either Antasari found guilty or released from all of the charge, the reaction of each of this country celebrities (ahem.. I mean politicians), have a positive mental attitude.

Don’t play around with this country hope!

Creating DKIM on Debian 5.0

Creating DKIM on Debian 5.0

DKIM is a technique based on Yahoo!’s DomainKey. Some may say that it look alike SPF (Sender Policy Framework), but the two is different. DKIM is authenticating the email sent by checking the signature againts the domain’s public key. On the contrary, SPF check the MTA (mail server) that sends the email againsts the domain’s list of MTA. For the simplicity, let’s say that the sending domain is UI and the receiving domain is GMail, so DKIM works like this:

  1. User foo send an email
  2. The UI mailserver signed the email and send it to GMail mailserver
  3. GMail then querying the DNS and search for the public key for the sending domain.
  4. After that, GMail checks signature and the data.
  5. If it is alright, then GMail deliver the message to the recipient’s mailbox.

DKIM uses two encyption algorithms: RSA-1 (or just RSA) or RSA256. Those are public and private key pair authentication. The magic is what get encrypted by the private key can only be decrypted by public key and vice versa. But, you can’t decrypt using the same key that used to encrypt the data.

This mechanism is differ from SPF. For mailserver that implements SPF, it would just ask the DNS about a list of legal mailserver that have the right to send email originating from that particular domain.

Let’s us set Postfix to use DKIM. I assume that the mailserver is already functional and running.

There are two applications in Debian repository that serve the same purpose. The first is DKIM-Proxy which is a stand alone service that get injected and then inject back. It would run two processes which one would handle incoming traffic (verifying the email) and the later would do the signing. Both have their own socket to communicate with the mailserver.

The second is DKIM-Milter (or dkim-filter as Debian named it). It uses Sendmail‘s Milter protocol. So, it would run just like a plugin in Postfix. From my experimentation, I choose this because of the convinience for me. But, who knows you would choose the other.

Now, let’s install DKIM-Milter:

# apt-get install dkim-filter

The installation includes dkim-genkey tool to generate configurations including the DNS setting. Use the tool to generate DNS entry and private key:

# dkim-genkey -d ui.ac.id -s mail

The parameter:

  • -d ui.ac.id means we would like to sign mails from ui.ac.id
  • -s mail sets the selector’s name is “mail“. Selector is an entry in DNS that holds public key that will be used by other mail servers to verify the signature signed by origin mail server. Well, I decide not to define this further to simplify things. You could google it.

The command will generate two files: mail.txt which contains DNS entry and mail.private which is the private key that would be used to sign the letter. Here’s the example of mail.txt:

mail._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCS...AB" ; ----- DKIM mail for ui.ac.id

The public key entry is being cut to save space pertaining aesthetic aspect in this blog post. I would put the private key into /etc/dkim directory. The directory is non-existence, so we have to create it first.


 

# mkdir /etc/dkim
# mv mail.private /etc/dkim

Now, the DNS part. I would refined the entry to add “t=y” and remove the comments. I’m also appending our domain after _domainkey (watch for the dot after “id”). So, it would be just like this:

mail._domainkey.ui.ac.id. IN TXT "v=DKIM1; g=*; t=y; k=rsa; p=MIGfMA0GCS...AB"

And put that in your DNS database and reload it.

Default installation do not run the DKIM-Milter. We need to set the DKIM-Milter in order to run. First, edit /etc/dkim-filter.conf file. Here’s the relevant things that I’ve change to suite my need: (just find the line)

Domain      ui.ac.id 
KeyFile     /etc/dkim/mail.private
Selector    mail
Mode        sv
Amazing thing about Debian is it has a great documentation style, so you can read the comments on the configuration file for further information. To have a functional DKIM-Milter, edit /etc/default/dkim-filter file to set where it should listen/respond to. To simplify things, I choose to have network socket than the UNIX socket. Unix socket slightly better in performance, but it must be set so that the chrooted Postfix and the DKIM-Milter service can both read and write it. I uncomment this:
SOCKET="inet:12345@localhost" # listen on loopback on port 12345
Last piece that should be configured is the Postfix configuration to use the DKIM-Milter. Edit /etc/postfix/main.cf file and add these lines:

 

smtpd_milters = inet:localhost:12345
non_smtpd_milters = inet:localhost:12345
Lastly, restart Postfix and DKIM-Milter service:
# invoke-rc.d dkim-filter restart
# invoke-rc.d postfix restart

We are using the friendly GMail for testing. Here’s what we do in one of our testing subdomain before we set the DKIM: Before DKIM

After we set the DKIM:
After DKIM

Now GMail knows our test subdomain. To check if our verification also works, we send the a mail from GMail to our test domain and would have these on the header:

Authentication-Results: groups.ui.ac.id; dkim=pass (1024-bit key)
header.i=@gmail.com; dkim-asp=none

There are things that I’m not covering, like the multiple selector and using 3rd party like Verisign to accomplish that, handling subdomains, using both DKIM and DomainKey, setup UNIX socket, etc. Don’t worry, for a single domain, the tutorial may run well.

Reference: Coker, Russel. 2008. Installing DKIM and Postfix in Debian. http://etbe.coker.com.au/2008/09/18/installing-dkim-postfix-debian/ Postfix. 2009. Postfix before-queue Milter support. http://www.postfix.org/MILTER_README.html Sendmail Consortium, The. 2009. http://www.sendmail.org/dkim

Update on Staff UI’s Blog

Update on Staff UI’s Blog

by admin 5 Comments

After the Mahasiswa Blog, now it’s time for Staff Blog to have some love also. Again, thanks to our godly developer, the front page getting a face lift. Now you can see all newest posts in front page, kind of like Planet. So, here are some changes:

  • Face lift the front page to use an aggregation page as front page.
  • Fix some typo in Disclaimer.
  • Etc changes that you wouldn’t notice because those are happening in the server site (including security).

TODO:

  • Move all links to domain ui.ac.id instead of ui.edu while still maintaining the old link (using both domain to access the same page) like this post.
  • Upgrade WPMU engine into the newest to have all feature.
  • Provide feed for the aggregation. (RSS, anyone?)
  • WORLD DOMINATION.  🙂

To be honest, I’m suck at PHP so I couldn’t hack properly to have the dream come true. But fear not, we do have PHP developer squad here. So, until those Drupalists are freely available, enjoy current blog system.

Gnome 2.26 Released

Gnome 2.26 Released

Gnome 2.26 released!

Interesting part of its feature is about integrating with telepathy, a library that aims to integrate all sense of communication protocols (Video conference, sound, chat, etc) in an unified API. This means, anywhere in near future, we will have a desktop with integrated communication system. Yet another interesting desktop experience to me. Still a dream here in Indonesia because of the high cost of Internet connection here. Yet, because of its open source nature, this could be implement in corporate intranet. Hmm… let’s see if we could implement this in UI (not a promise… :P).

The second notable is about the integration with fprintd, a daemon to detect fingerprint. This is a subproject of fprint, a project to unifying all of fingerprint in one sensible API. The library is based on libusb. I wish this project have came in 2006 not in 2008. If  it were, I think Universitas Indonesia would implement its core fingerprint technology based on this young project rather than using Technologija’s proprietary fingerprint library, which sadly runs on Windows. Yeah, I know there is a GNU/Linux version, but we don’t have it. 🙁

With the release of  GNOME 2.26, it seems the Free/Open Source Software (FOSS) has its direction into leading desktop experience. Wow, the KDE 4 series and GNOME 2 series would be the excitement I will follow in passion. I believe one day our nation will realize the true value of open source. Until then, we stay as rock solid persistent evangelists.  😎

Reference:

http://library.gnome.org/misc/release-notes/2.26/

KDE – Experience Freedom!

KDE Homepage, KDE.org

http://reactivated.net/fprint/