Harald Welte's blog

Victory: Skype withdraws appeals case, judgement from lower court accepted

The court hearing in the "Welte vs. Skype Technologies SA" case went pretty well. Initially the court again suggested that the two parties might reach some form of amicable agreement. We indicated that this has been discussed before and we're not interested in settling for anything less than full GPL compliance.

The various arguments by Skype supporting their claim that the GPL is violating German anti-trust legislation as well as further claims aiming at the GPL being invalid or incompatible with German legislation were not further analyzed by the court. The court stated that there was not enough arguments and material brought forward by Skype to support such a claim. And even if there was some truth to that, then Skype would not be able to still claim usage rights under that very same license.

The lawyer representing Skype still continued to argue for a bit into that direction, which resulted one of the judges making up an interesting analogy of something like: "If a publisher wants to publish a book of an author that wants his book only to be published in a green envelope, then that might seem odd to you, but still you will have to do it as long as you want to publish the book and have no other agreement in place".

In the end, the court hinted twice that if it was to judge about the case, Skype would not have very high chances. After a short break, Skype decided to revoke their appeals case and accept the previous judgement of the lower court (Landgericht Muenchen I, the decision was in my favor) as the final judgement. This means that the previous court decision is legally binding to Skype, and we have successfully won what has probably been the most lengthy and time consuming case so far.

Back from the trip to Taiwan

It's been some time since my last blog post, mainly because I've been quite busy in Taiwan. First there was the conference, then there were a number of meetings with various companies to educate them about GPL licensing and how to interoperate with the FOSS community for better hardware/driver support.

The other part was actual spare time. I spent many months in Taipei during my work for OpenMoko, but I never really had much time to explore the city, or even other parts of the country.

This time I explored quite a bit of the Taipei nightlife, visiting places like Luxy, Lava, Room18, Barcode, ageha, and even the so-called "meat market" of Carnegies and Tavern.

I've also had time to try one of the many hot spa's of Taipei in Beitou, as well as a really great motorbike trip to the national forest in the Wulai mountain region.

Unfortunately the weather wasn't that great, so I had to postpone my plans to visit the northeastern and the eastern coast to some future trip.

And the most interesting part is: I actually made contact to Taiwanese people who are not at all in any way related to work :)

Further Taipei exploration brought me to the Wufenpu fashion wholesale area, as well as Ximending. Most impressive is also the "Taipei underworld", i.e. the various underground shopping malls near Taipei Main Station, such as the Taipei City Mall, Station Front Mall and ZhongShen Mall I and II. You can literally walk for many kilometers underground...

Now I am one day in Frankfurt, and tomorrow one day in Munich, Friday one half day at home, and then there will be four days of music festival at WGT 2008.

Tomorrow: Court hearing in Welte vs. Skype GPL case

Tomorrow at 10:30am at the Oberlandesgericht Muenchen (higher regional court of Munich) there will be an oral hearing in the "Welte vs. Skype Technologies SA" case. The hearing is to be held in room E.06.

This case is about a GPL violation of Skype, related to their sales of Wifi Skype phones based on the Linux operating system kernel.

I'm fighting as part of the gpl-violations.org project in enforcing the GPL against Skype since February 2007. Initially Skype didn't respond, we then applied for a preliminary injunction. That injunction was granted by the court in June 2007, but Skype chose to file an appeals case against it.

The court hearing tomorrow is exactly to debate about this appeal.

Interestingly, Skype is arguing against the validity of the GPL as a whole, asserting that it is violating anti-trust regulation and similarly strange claims.

First ASUS day of OpenTechSummit Taipei

As I might have indicated before, I have the pleasure of being invited to the OpenTechSummit 2008 in Taiwan. Two days ago, I was at the opening dinner. The problem of that dinner was the lack of attendees. There were loads of delicious (free, sponsored) food, but not even remotely enough people to eat it.

Today I had a bit of a problem finding the ASUS venue, since it was said to be at "exit 2" of the MRT station. Unfortunately it had two exits of that name, one on each side of the station :)

One presentation there I found particularly embarrassing was the one about the eePC SDK. First of all, I will ignore my thoughts about why you actually need such an SDK if it really is nothing more than a customized Debian Linux with Eclipse. But even then, why fly in a foreing speaker to do a click-by-click walk-thhrough on how to create a 'hell world' Qt program using eclipse?

My favourite of the day was definitely the presentation on the OpenPattern router board.

Back to Taipei

After a break of almost six months, I'm back to Taipei. Obviously I now see everything from a quite different angle: I no longer work for OpenMoko, Inc., thus I actually have spare time here and can explore both the capital city as well as the country much better than before with that ever-growing OpenMoko workload.

However, the first day wasn't quite as relaxing as it should have been. First, the apartment key that was supposed to be with the guard of the apartment building accidentally was mixed up with some other key and got sent to the landlord.

A couple of hours later I discover that my Yamaha TW225 motorbike doesn't work anymore. First diagnosis: Battery is empty (not surprisingly). I try for like 15minutes to kickstart it, to no avail. Not even a single explosion in the engine. Then I tried to push it, and got it to a couple of explosions after which it died again. Further push-starting was prevented by the way-too-smooth floor of the parking garage, where the wheel just slides as soon as you release the clutch :(

Some disassembly revealed where the battery is (I don't know this bike at all, much opposed to my F650ST in Germany). The battery was severely short of acid/fluid, maybe somebody pushed the bike over and it leaked. Obtaining battery additive and refilling results in only 800mA charge current. I think it's dead. Now I'm in the process of ordering a new battery.

Let's hope the next couple of days are better than the start of this trip...

Review of DORS/CLUC 2008 in Zagreb, Croatia

I've spent the last five days in beautiful Croatia - most of the time in its capital Zagreb. The local conference DORS/CLUC has been around for a couple of years, and in fact I've been at a previous incarnation three years ago.

It's a nice, small but great event. And in fact, for the invited speakers as myself it feels more like an all-inclusive holiday than a conference. The organizers went out of their way to make us feel at home, including a trip to the waterfalls of Plitvice national park (photos will be available shortly at my public photo album.

It was also great to spend some time with Alan Cox again, who to my surprise was also attending the event with two lectures. Hope his luggage didn't get lost again on his way home...

Further studying of Abis protocols, moving towards implementation

The first quarter of 2008 is already gone, and I still haven't found all the time that I wanted to find to play with my BS11 base station[s].

However, I've spent quite a bit of time over the last couple of days further studying the GSM/3GPP 08.5x documents, as well as a thorough read through the mISDN source code.

GSM/3GPP 08.5x describe the layer1, 2 and 3 protocols of the Abis link between BSC (Base Station Controller) and BTS (Base Transceiver Station) in a GSM network. It's modelled on top of a E1 link in PCM30C configuration, i.e. TS0 is for CRC4 and synchronization, TS16 is used for the layer2+layer3 protocols, whereas the other time slots are used for transfer of the actual voice call data.

After looking at the various different driver options on Linux, I have determined that mISDN is the most promising and flexible architecture available. mISDN also has a layer0 + layer1 driver for the NT mode of the HFC-E1 card that I'm using. mISDN is great in a way that every layer is strictly separated from the other layer, and that at any layer parts of the stack can be implemented in userspace using library API.

Thus, I've started to write some mISDNuser based code to attach to the kernel-side hardware and lower-layer drivers. I'm not yet sure if the Q.921 (ISDN Layer2, also called LAPD) of the mISDN kernel side can be reused for Abis or not. The differences between standard Q.921 used on European ISDN and the Abis Layer2 are fairly small, so I hope to get it working with the existing LAPD code.

Unfortunately, I have paid work to take care of, so I will once again be distracted from this most interesting of my toy projects.

Report from FSFE FTF Licensing and Legal workshop

I'm on seven-hour train ride back from Amsterdam, where I've been attending the first Licensing and Legal workshop of the Freedom Task Force (FTF) of the Free Software Foundation Europe (FSFE).

While having a somewhat lengthy name, the FTF has been doing great work on bringing together a large group of legal and technical experts in the field of Free Software licensing. So far this was all 'virtual', happening on mailing lists.` The meeting in Amsterdam was the first of its kind, and was a huge success.

By the nature of the FSFE, most of the people were from Europe, though there were attendees from the US and even Australia, too.

There were many interesting and surprisingly interactive workshops. It was also a good opportunity to meet Armijn (the second half of gpl-violations.org) and Shane (full-time manager of the FSFE FTF), as well as many lawyers, both corporate legal counsel and from law firms.

The interest in Armijns presentation about gpl-violations.org and Till Jaeger's overview about the legal cases we've handled over the years in Germany were very well received and there was more interest and questions than the short time permitted.

What was really good for me to see is that large consumer electronics companies in Europe and the US are now implementing internal business processes to ensure GPL and other FOSS license compliance. They're also increasingly using very clear contractual language throughout their supply chain to minimize the potential risk of any "hidden" GPL surprises in products they source from OEM/ODM companies.

We don't do Advertisement on the netfilter.org homepage

For some reason, the amount of inquiries about companies who want to put ads on netfilter.org has significantly increased. Since the content of that site has not really changed much in the last (at least) four years, this sudden interest is somewhat surprising to me.

However, we are absolutely not interested in advertisements. I personally hate any form of advertisement, whether in print media, radio, TV, WWW or on billboards. In fact, advertisements are the reason for me to not watch any privately owned TV or radio stations for at least eight years.

So to all the advertising companies out there: Only over my dead body will there be any kind of banner ads on any of the websites of the projects in which I have anything to say.

Schiphol airport uses active millimeter wave screening

I was quite surprised that Amsterdam airport is beginning to introduce active millimeter wave screening instead of the good old metal detectors. The specific device seen in operation at one of the queues between the international and the Schengen area of the airport was L3 Communications ProVision(TM).

While doing some research about this subject on the net, I discovered cargo X-ray solutions such as those described in this article. You can mount a mobile unit onto a track and then go as deep as 200mm of steel to x-ray through the metal plating of a cargo container. This is really scary stuff...

I don't work for Google - no matter what the rumors say

A number of people have recently independently approached me about rumours that I'm now working for Google/Android, after having left OpenMoko, Inc. in November 2007.

According to one source, some friend who visited Android was told by Android that I would be now working for them. There is no truth to this.

Please put an end to those rumours. I'm not working with or for either Google or Android. There also are no plans to do so, and there have never been any negotiations, aside from the usual Google headhunters that approach anyone visible in the FOSS world every so often - which I always decline, indicating that I am not interested in a dependent employment position, no matter for which company.

I will continue to be doing freelance contract work on projects that are interesting to me and within my fields of expertise. Should anyone chose to approach me with an interesting technical Android system-level and/or hardware related project, that would certainly potentially be interesting. But I'd look at it like any other inquiry.

KLM also using Linux in their Entertainment System

The intercontinental KLM flight from Sao Paulo to Amsterdam was using a fairly new (05/2007) Boeing 777-300, and it was equipped with something like an 8" wide screen entertainment system, not unlike the one that I saw some months back in a Shanghai Airlines flight.

This time I had the luck to see the Linux based system boot twice. The boot time is horrible (on the order of 4 minutes) and you can see many hardware details. It's using a Geode type CPU and a realmagic GPU, has a natsemi Ethernet chip and the credit card reader is actually a USB HID device.

All over the place they have fairly low-level debug code spit out to the console, this really looks like "it worked on one developer board, ship it to the airline" product. You can see mistakes in shell scripts ("ls: no such file or directory" and similar stuff from init scripts, as well as debug code from their UI applications.

It would really be interesting to get my hands onto an Ethernet link in that in-plane network. Guess one could have quite a bit of fun with that :)

I've taken a series of snapshots throughout the boot process. Will post them once I'm back home and find time to wade through the holiday pics.

Back from holidays

I'm currently sitting at Amsterdam Schiphol Airport, waiting for the last connection in my Recife - Sao Paulo - Amsterdam - Berlin return trip.

I'll be wading through the several thousand emails over much of the next couple of days, so please give me some time to get back to you.

Receiving the 2007 FSF Award for Advancement of Free Software

The news has already made it to the net during my (offline) holidays, so this entry in my journal will come hardly as a surprise to you: The Free Software Foundation Award for the Advancement of Free Software 2007 has been granted to me :)

I am deeply honored to be the recipient of the award, joining the list of (much more distinguished) recipients of the award. At the same time I'm sorry to not having been able to personally attend the awards ceremony. I've outlined the three key reasons for this in the statement that I prepared to be read at the ceremony.

Update from first week of holidays

For those of you who're curious: The first week of holidays went just fine, spending something three days in Sao Paulo and three days in Curitiba In Curitiba, I had a rental car and went to Vila Velha, as well as driving the serpentines of the Rua Graciosa through Morretes to the Beach. Oh, and obviously in Curitiba I had to go to Homem Pizza and Happy Burger, the two restaurants that I frequented the most while working at Conectiva 7 years ago.

The biggest problem so far was the malfunction of the in-room Save of the Hotel in Curitiba, resulting in not being able to access any of my cash reserves, credit/debit cards, passport or laptop for two days. They actually had to physically break the safe open since the lock mechanism was stalled/clogged in a way that it did no longer move.

Now I've just arrived in Recife, where after two days, the journey will continue towards Porto de Galinhas.

Almost offline for holidays

I'm hereby announcing that I'll be offline most of the time between March 3rd and March 26. This is the longest time that I've been offline for quite some time - and it's a much deserved holiday after the intense work of the last year.

I'll be doing quite a bit of travel in Brazil through those more than 3 weeks, meeting some old friends and ex-colleagues from my time in 2001 at Conectiva. I'll also be spending some time at the beach, plus exploring a bit of Parana and Pernambuco by [rental] car.

This also means that I'll likely end up being forced to use my horrible Brazilian Portuguese again. But well, at least for me, unless forced to speak a certain language, I won't speak it at all. So this must be a good thing, then.

Please don't expect any reaction to e-mails, snail mail, phone calls, faxes or any of the like during that period of time. I won't even have my German GSM phone online to avoid roaming charges killing me.

Thoughts on FOSDEM 2008

I really have been disappointed quite a bit with my visit to FOSDEM this year. In fact, many of my observations might actually apply to Brussels as a whole, I really don't know.

It all started with arriving at Bruxelles Central station on friday, where the entire station was so crowded it took me ages to fight my way through the crowds. Then something like only the fourth idle cab driver was willing to actually take us to the hotel. The others for whatever reason didn't want to earn those 15 EUR. Aren't there some regulations forcing them to transport paying passengers?

Then, let's talk about the social event on friday. How can you hold such an event in a place that's about one third of the required size, and which has a music volume level that effectively prevents any form of communication. I left after about 10 minutes there, since there just was no point at all. One wonders what happens if there is a fire. Aren't there some kind of regulations of the max number of people you are allowed to cram into tiny places like that pub?

At the conference venue the problem seemed to re-occur. All the rooms are significantly too small. Combined with the lack of ventilation and the lack of a PA system it was not possible to stand more than a single talk in the X.org devroom, before I had to get out to get fresh air.

Getting in and out of the DevRooms is also a challenge by itself, since the hallways are over-crowded and full of noisy and loud conversations. Opening the door for even a small amount of time is barely impossible, since that would expose the talk on the inside to the enormous noise levels on the hallway. Especially since the DevRooms don't have any PA system, it's already quite a challenge to understand the speaker inside the room. Somebody opening the door just completely kills the communication flow

The entire idea of putting up all the projects with tables in the hallways seems questionable to me. They do nothing but block the path for other people (also blocking emergency escape paths). Furthermore, cold air gets in all the time since many people have to use the doors in order to walk between the different buildings. It would make much more sense to keep the hallways for what they are: Ways where people walk between rooms. The project tables should be inside rooms. Those rooms would self-contain the noise generated by the tables, be more comfortable (warm, no wind) and keep the hallways free for people to walk on.

The same problem exists for the "BAR" where you get food and drinks. It's too small, too crowded, and absolutely not comfortable at all (cold wind coming in through the permanently open doors, ...)

And then consider the public transport "performance" on weekends. It took me regularly more than an hour for something that was a 2.6km distance between hotel and venue. That's quite ridiculous. Given how crammed those few trams are that actually run, it doesn't seem to be a shortage of passengers that makes them operate so few trains per hour.

All in all, I could not do anything else but to attribute FOSDEM 2008 as something like "the most inefficient event", i.e. where I wasted a lot of time for reasons stated above, rather than actually attending lectures.

Flying from Berlin to Brussels without showing any ID

It was really surprising to see that there was absolutely zero control of any ID on the flight between Berlin and Brussels. I'm well aware of the marvels (and data protection nightmares) associated with the Schengen agreement. However, zero form of identification on air travel was really a big surprise to me. Not even my flights inside Germany had this 'feature'

How did this work? First of all, I booked the tickets through a travel agent quite some time in advance. No form of ID required (though he has my banking details). Next, I did a Lufthansa online check-in from my home, printed the boarding pass. On the airport, used the self-service luggage drop-off counter. Then directly went to the security check, and then to the gate. During the entire time, nobody asked for any form of ID.

So if I did buy the tickets on cash rather than with bank transfer, it would actually still be possible to travel under false name and thus anynomously. Amazing. Am I missing something?

flu provides opportunity to watch linux.conf.au video recordings

A quite serious flu hit me four days ago. While this prevented me from getting any serious work done (my doctor actually explicitly asked me to refrain even from mental work), it provided me with ample opportunity to watch through all the exciting video recordings of linux.conf.au 2008.

The various technical X.org driver side related talks were really good to hear, and I'm happy that there is so much innovation and development happening there now.

The most hilarious talk according to my scale of humor was Matthew Garrett's presentation on suspend to disk. I had to watch it twice, just because it's so entertaining. Rusty: Even you'll have a hard time competing against that level of entertainment :)

Something is wrong if your mail client is using 13.0GB of memory

On my fairly new quad-core 4GB RAM system I noticed that suddenly closing tabs in the web browser resulted in tons of disk accesses, which I [correctly] attributed to swap usage. This is quite a big surprise, since I don't use any integrated desktop and generally only run lots of uxterms in ion3 (over two 1600x1200 heads with 8 virtual desktops on each head) plus firefox.

As it turns out, earlier today I started thunderbird (Debian calls it icedove) in order to do some cleanup (moving folders around) on my IMAP server. After about half a day, I was looking at the following line in top:

  PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND                                                               
 3474 laforge   20   0 13.1g 3.1g  10m D    1 81.7  47:49.91 icedove-bin

This is ridiculous. 13GB virtual, 3.1GB resident set size. And all that with something like roughly 3 million e-mails spread over about 200 IMAP folders.

Who is supposed to use those programs? What do they use for testing? People with 10 mails in their inbox? Also, if you actually download the headers of a new folder, or headers of new mails in a folder, it takes _ages_. It looks actually like they individually request the headers of each email, without using the tagged command features of IMAP, thereby removing all the pipelining effects and being bound to one complete thunderbird-through-kernel-through-network-through-imap-server roundtrip per message. I haven't actually looked at the code, but just from observing the application, this seems to be the case. Also, every time I use the 'search messages' feature for any header that the IMAP server does not have an index for, thunderbird refuses to wait long enough until the server responds.

So far I always thought mutt's memory usage of 40-80MB is already excessive, considering all it does is displaying a bit of plain-text emails. Well, for once I've been happy again that I'm not a regular user of those kind of bloated GUI programs. firefox somehow being the sole exception to that. It's barely useable on my 1.06GHz / 512MB laptop, where you already notice quite considerable lag in the responsiveness of the UI. :/

Guess next time I have to move folders, I'll probably revert to something like cyradm (that's a minimalistic imap client with command shell, not unlike the old 'ftp' command for FTP).

Working on ISO15693 support for librfid

It's really been bugging me for a long time that librfid was lacking support for the ISO15693 protocol. The supported reader hardware ASIC can do it, but librfid always was lacking the respective code. It has been on my agenda even three years ago, but there were always higher priority items to pre-empt it.

In December 2007, Bjoern Riemer submitted a long patch to add partial ISO15693 support to librfid. The size of the patch reflected the huge amount of work that must have went in that code. So I couldn't really afford to let all that work bit-rot. I went through several iterations of code cleanup, starting with cosmetic issues, and digging deeper and deeper. I think it now doesn't really look all that similar to what Bjoern originally did, but at least now we have a working and fairly well-organized ISO15693 anti-collision implementation in librfid.

However, ISO15693 has many different options with regard to speed, modulation, coding, etc. All those combinations have to be carefully tested. What's also missing is a way how to iteratively cycle through all available ISO15693 tags within range, similar to what we do with ISO14443A and B.

Once that work has been finished, the actual higher-level standard commands, as well as the nxp I*Code2 and TI Tag-it vendor-specific extensions can be implemented on top. This can probably be done on one or two more days of additional work. Stay tuned...

Meeting between gpl-violations.org and FSFE FTF

The last two days, I enjoyed a meeting between gpl-violations.org and the FSF Europe Freedom Task Force.

Participating were Armijn Hemel (whom I have to thank to assure gpl-violations.org doesn't die while I was in Taiwan for OpenMoko), Shane Coughland (who is doing an excellent job coordinating the FTF) and myself. For a couple of hours we've also been joined by Till Jaeger, who has handled all the legal cases of gpl-violations.org so far.

This meeting has been over-due, mostly because I basically dropped off the planet for way too long time. We've discussed all the current matters regarding strategies for license enforcement, current cases, progress of the FTF legal and technical networks, as well as future plans for incorporating the gpl-violations.org project.

Yes, you have read correctly. I've been planning to do this for quite some time, and I'm confident that 2008 will finally be the year in which this happens. It's too early to talk about any details, but this is the logical step to assure both financial and legal independence of the project from my person, as well as scalability. As you might know, we have a couple of hundred reported violations and can only cherry-pick those we consider particularly important.

In any case, it was a very productive meeting. I seriously believe it has helped to make all of us work together in a coherent manner, i.e. increased productivity and effectiveness for a long-term strategy to increase the amount of free software license compliance in the industry.

Disrespect for election observers in Hessen

My fellow friends from the CCC have tried their best to observer the elections in Hessen (Germany) yesterday. The amount of resistance they've met is more than shocking. If you want to read more about this (in German), I'd suggest reading Frank's blog entry, Holger's blog entry and the official CCC release on this subject.

In fact, in some of the municipalities the election supervisors have received official statements warning them about the CCC's intention to disturb the elections. What nonsense is this ?!?

Having been part of a CCC election observer team in the past, I can only state that this is beyond anything that we've seen before. Why would there be any resistance against quiet and peaceful observation of the elections?

The CCC election observers have absolutely zero history of ever having disturbed an election in any possible way. I'm sure you can ask about any municipality that has had first-hand contact about this. We know the laws and regulations very well, and want to do nothing else but to _observe_ the

Learning about NAS chipsets

For gpl-violations.org, I've been analyzing a number of NAS devices recently. While most of them are based on some kind of more or less general purpose CPU (Intel StrongARM based IOP or e.g. VIA's embedded x86) plus standard peripherals, there appear to be more and more special purpose SoC's for this purpose.

To some extent, this is only a logical development. NAS appliances seem to be a growing market, and the desire to achieve higher integration by e.g. moving the SATA/IDE controllers into the SoC make development easier and reduce BOM cost.

It's quite amazing how much effort some companies actually go through. One series of chips that particularly caught my attention is the Stormlink Gemini series of NAS CPU's, e.g. the SL-3516. Looking at the public data sheets is particularly boring since they only have two pages. Instead of that, I'd recommend looking through the kernel sources that their downstream appliance vendors publish. They actually have hardware crypto, hardware IPsec acceleration, TSO (TCP segmentation offloading), hardware NAT, ...

As if that wasn't enough already, they also now have a dual core variant, which has two ARM920 cores next to the hardware crypto and pimped-up Ethernet controller!

While reading through the code, I made a slightly cleaned up diff against vanilla 2.6.15. It reveals a number of things that I'd like to point out:

They have actually managed to implement a arch/arm/mach-sl2312 directory (instead of just editing some existing machine), though there seems no distinction between 2312/3516/3518/...
They have GPL licensed drivers for their entire hardware functionality, not a single bit of proprietary stuff. It even comes with proper license headers and MODULE_LICENSE tags. This is really remarkable, especially for stuff coming from Taiwanese hardware companies. Congratulations!
They integrate DMA capable RAID5 hardware generation, integrated with the Linux raid code
They have two OTG capable EHCI USB controllers
The ARM core they use is a FA526. It seems to originate from (another Taiwanese) ASIC/IP vendor called Faraday. Apparently an independent implementation of the ARMv4 instruction set, allegedly 100% compatible, even including a replica of the ARM ICE/JTAG. Could Faraday be to ARM what VIA is to Intel? In any case, definitely exciting.
While the vendor-released GPL licensed sources contain support for this FA526 in a fairly decent way, it has not been merged into the mainline kernel. That's a pity. Does anyone know more about this? I think this should definitely be cleaned up and merged mainline.
they re-use an entry from the mach-types registry for the sl2312. Not only do they use that machine type for all Stormlink SoC, but also the downstream hardware vendors use the same for all their products. not good. Did anyone tell them that registering new machine types is free?
They're doing some obscure I/O pin sharing between IDE and the flash controller resulting in lots of ugly code. Probably a hardware workaround :)
They have very invasive code all across the Linux crypto code, probably because they need async crypto support, which the crypto framework of 2.6.15 doesn't yet provide
They seem to integrate their crypto with cryptoloop, but not dm-crypt
They seem to be able to store their OS image in NOR, NAND or serial SPI(!) flash
They have four hardware queues per Ethernet MAC
They have done some serious hacks to the network stack in order to integrate their TCP offloading engines and hardware NAT. This code is obviously not the most beautiful you have seen. But what surprises me is that they actually have it working, and went all they way to get it developed. And all that for some obscure NAS chipset. I would be interested to learn how many man-years of engineering time they have in that code... Oh, and they do actually have code for TCP-over-IPv6 offloading
Hardware-accelerated recvfile support

As a summary: Kudos to those who have designed the product, and actually implemented all its features, in purely GPL licensed code. It's just such a pity that none of the code, not even the most generic and clean bits have been merged mainline.

Securitization

As a friend of mine (who has studied political science) recently told me about the process of securitization. Finally I know a word for the process that seems so commonplace in todays politics: Framing something that is actually a minor problem with some criminals into a question of essential survival, thus eliminating any rational debate about it.

Repairing VIA EPIA-ME6000 busted capacitors

Just before Christmas, my vdr powered diskless Linux-based digital video recorder went bust. A bit of testing revealed that the VIA EPIA-ME6000 main board itself must be dead.

I immediately ordered a replacement mini-ITX board without further investigating the broken one, expecting that the replacement might actually arrive before the Christmas holidays. Unfortunately this didn't happen. While replacing the board, I discovered that six of the 1000uF electrolytic capacitors went bust.

So today I finally found a bit of time (it's great to be able to find time to do things again) to try and replace the broken capacitors. Despite the new ones being slightly larger, the board now works again like a charm. And that at a total cost of 1.62 EUR.

So now I have two working mini-ITX boards. Guess I have to either find some use for it, or sell the new one again...

My personal favourite from 24C3: Xbox 360 hacking

I've seen quite a number of presentations live at 24C3 as well as recorded ones in the days following the event. While many of them cover important subjects, there is one lecture that is outstanding: "Deconstructing Xbox 360 Security".

The level of technicality of this presentation was just right. Finally something that went deep down into the technical details. Explaining what kind of flaws they found in the disassembled power PC object code.

I definitely want to see more lectures/presentations like this. Don't be afraid to overload the audience with technical details. Just go ahead with it :)

Also, this presentation has shown how far advanced the game console hacking is compared to mobile phone hacking (at least from what I've seen in the ETC (Ada-developers) and and Motorola hacker communities). The problems are similar: Completely undocumented hardware, cryptographic authentication of code by the boot loader (sometimes down to mask ROM), ...

So I hope that the mobile phone hacker community will grow and more people with this skillet, attitude and time will join. Free your phones!

proprietary MiFARE [in]security finally falling

At a presentation entitled "Mifare - Little security, despite obscurity" at the 24C3, Henryk Ploetz and Karsten Nohl presented about their revelations of the proprietary Philips MiFARE classic RFID system.

As everyone in the IT industry suspected, the level of security provided by such a cheap, low-gate and completely undisclosed system is in fact very limited.

I'm particularly proud that this security research is exactly what Milosch and me originally wanted to enable by creating the OpenPCD and OpenPICC project. We wanted to put easier accessible and open, documented tools for low-level access to 13.56MHz RFID systems.

With a bit of luck, at some point in 2008, it should once again become clear that security by obscurity doesn't work. This lesson seems to be well-understood in the Internet world, but apparently has little penetration into the RFID sphere so far. There are still many proprietary systems whose security relies solely on the secrecy. Once a single person reveals that secret, the system is broken.

I can only hardly imagine the amount of economic damage imposed by the perpetrators of such systems. There are a couple of hundred million MiFARE classic tags on this planet, particularly in public transport ticketing and access control. The vendors of such systems should be blamed for their false claims. And anyone who bought it should be blamed for their blind belief in the claims of profit-oriented corporations without any independent validation or verification.

Dependency of essential Linux bluetooth features on dbus

Apparently I'm not the only one with outspoken criticism of the BlueZ dependencies on dbus.

I do not want to debate the merits of a message bus system on any system (desktop or non-desktop) and neither do I want to start a debate on how efficient dbus is trying to solve that problem.

However, what I'm fundamentally opposed to is when basic interaction in a network or between a computing device and its peripherals depends on extensive userspace dependencies. Now you might argue that ipsec needs a userspace keying daemon, that routing protocols need a routing daemon, and 802.1x or WPA need a userspace daemon, too. This is not the point. There are very valid technical reasons for doing so, and nobody really proposes that such things should move into the kernel. Also, none of the above-mentioned programs have requirements on other userspace components aside from glibc or maybe some netlink specific library.

Bluetooth however now requires dbus. At least it is almost impossible to do without. I have tried for neverending hours and didn't make it work. Others apparently have similar problems.

If people want to [d]bus-enable their kernel-related tools, let them do it. But please make it optional and don't depend on it. This is just not how things are done in the Linux kernel world until now, and I don't think there has been any debate on whether we really want such a paradigm change yet..

Personal reflection on the 24th annual Chaos Communication Congress

It's great to be at 24C3, the 24th incarnation of the Chaos Computer Clubs annual congress in Berlin.

In fact, this is my 10th anniversary at this congress, i.e. the first one I visited was 15C3. I ended up at 15C3 as somewhat of a coincidence by just following a fellow Linux hacker from the Linux User Group Nuernberg to whom I've since lost all contact.

What's actually worth mentioning is that this is the first CCC congress that I visit as a pure guest. I have no lecture, and I am not actively involved with any of the things I have been involved before, such as the video recording/streaming team or the Sputnik RFID location system.

Interestingly, I felt the first day much more tiring than usually, despite having slept more than in any of the previous years. Apparently the lack of constant adrenaline caused by last-minute-problem-solving has its impact..

The congress is a lot of fun, I've been talking to many old friends, colleagues and fellow hackers from all over the world, involved in all of the projects and/or companies that I've remotely had any contact throughout that ten year time period.

It's a very nice feeling. I doubt there is any other event or occasion where I would feel more at home than at this annual congress. This is my culture. This is where I belong. Here are people who understand, or rather: understood.

HTC TyTN II / Kaiser doesn't look like a GPL violation!

There have been numerous rumors floating around the net that the HTC TyTN II (aka Kaiser) might be a GPL violation due to a number of strings in the firmware image referring to Linux and vmlinux.

I've done some analysis on this subject, and posted my preliminary results in this posting to lkml earlier today.

So as indicated, I do not see any reason to believe there is a GPL violation with regard to the Linux kernel in the MSM7200 modem side as used in the abovementioned device.

So please stop those rumors now. I'm obviously not opposed to people being watchful and report/investigate potential GPL violations. But before you call it an actual violation, please rather make sure that you have some evidence!

Final cleanup of OpenMoko Neo1973 kernel patches

I'm doing one final review+cleanup iteration for the OpenMoko Neo1973 GTA01 related kernel patches before pushing them for review later tonight or at some point tomorrow.

The cleanups are mostly dead code removal, avoiding compile-time warnings as well as cosmetic cleanups such as adding MODULE_DESCRIPTION to all modules, and using consistent naming for files and driver names.

GTA02 will have to wait a bit more. On the one hand, changes that the kernel developers want me to do on PCF50606 will likely appear in the PCF50633 driver, too. On the other hand, the entire Smedia Glamo driver core has not been polished yet.

Playing around with the HTC TyTN II / Kaiser

For reasons that I cannot yet disclose, I have obtained a HTC TyTN II (aka Kaiser). This is my first (and hopefully last) Windows Mobile based device.

So far I've taken the device fully apart, unmounted all the shielding covers and took high-resolution photographs of each and every part of the phone. The resulting information is now that I'm aware of all the major components in the device, and I've started to do some data mining on those components.

As everyone knows, HTC used a Qualcomm MSM7200 based chipset in this device. The MSM integrates both the GSM baseband (DSP+ARM9) as well as the application processor (ARM11) and many other things. What's less known is the further peripheral configuration.

The Bluetooth and WiFi chips are from Ti (BRF6300 and WL125, respectively).
The power management unit is a Qualcomm PM7500
NAND+DRAM are in a multi-chip module (1.8V, 2GBit NAND x8, 1GBbit DRAM x32) from Samsung
The 3G/GSM RF part consists of Qualcomm's RFR6500 (receive with integrated GPS) and RTR6275 (transmit) as well as AWT6280, AWT6273 and AWT6273 amplifiers
There furthermore is a CPLD: Xilinx XC2C128 (3000 system gates, 128 macrocells).

For those interested, I'll go through my PCB photographs and will edit and publish them soon.

I am now digging through all the various XDA/WM6 hacker information out there and trying to understand the various tools that can be used for further taking apart the software side. I've already managed to get into the bootloader, which apparently offers a standard USB serial emulation that can be accessed even from a Linux PC.

Unfortunately the MSM7200 is a highly proprietary/closed chipset, and there is very limited public information available. I've already ran into this while evaluating potential hardware for OpenMoko at some point in the past. I became curious about this MSM7xxx chipset family when they were first added to the ARM-Linux machine type registry many months ago.

Anyway, meanwhile Google seems to be doing a lot using this chipset, as they have recently announced the availability of a linux-msm.git tree. The source code should document many things such as GPIO assignments, IRQ's and contain drivers for most of the hardware (on the application processor side).

Now if some of you ask yourselves if I have turned my back on OpenEZX and OpenMoko: No, that's not true. I'm just looking at this for a very peculiar reason. Hopefully I'm able to reveal more soon.

Merging OpenMoko patches with u-boot and kernel mainline trees

Those following the OpenMoko commitlog will have noticed quite a bit of activity in the areas of u-boot and kernel patchset. For u-boot we always tried to track mainline git. For the kernel, there is now a patchset against the current Linus git tree (2.6.24-rc4 should also work) at http://svn.openmoko.org/branches/src/target/kernel/2.6.24.x/patches.

I'm intending to do some level of testing after the merge, and then submit the majority of the stuff. For kernel, I don't expect many issues. For u-boot, it will be a quite painful process.

So if you now think this means that I'm back working for OpenMoko, this is wrong. I'm doing this for a personal reason: I merely want to make sure that the code I wrote throughout the last 18 months will not bit rot somewhere but is actively merged into mainline.

Day one of FOSS.in

It was a great first day at FOSS.in 2007. It's been surprisingly quiet at the venue today, compared with the previous incarnations of the event. This is due to the changed structure, in which the first two days are focused "project days" and the main conference only starts on day three.

This does by no means imply that the project days are less important, or that the lower number of people is bad. Quality matters, not quantity. And since the event is about contributions, project days are a very important addition to FOSS.in

I spent most of the day talking to Rusty and James. It has been quite nice and I now have learned about Rustys new exciting CCAN project. As a long-time perl developer (I have leanred Perl before C!), I definitely understand the beauty of something like CPAN. With C however, the hardest issue will be resolving the namespace problem. Unfortunately I am currently not in the mood of adding even more unfinished things to my task list.

incommunicado for a while

It seems like my main mail server, ganesha.gnumonks.org, is facing some severe problems (ext3 corruption on a 3ware hardware RAID-1, i.e. something that clearly should not happen.

As per Murphy's law, this had to happen exactly while I was in-flight on my trip to Bangalore for FOSS.in 2007 :( Had it happened 2 days earlier, i would have actually within physical reach of the machine in question.

Luckily, all my hosted servers have remote consoles and actually even remote access to the BIOS setup. So I'm trying to recover what's to recover. The exim mail spool is on the affected /var partition. The much more important cyrus IMAPD spool is not affected. What a relief.

Still, everyone who tried to contact me: Please expect some delays in email based communication through the next few days. Sorry for the inconvenience.

Looking forward to FOSS.in

In a few days FOSS.in 2007 will start. I'm departing from Germany on Monday next week. I have a ton of things to do until then, including a trip to my family in Nuernberg on Friday,, visiting a industrial festival in Chemnitz on Saturday and packing my suitcases on Sunday ;)

So this will be the fifth year in a row that I visit Bangalore in late November/early December for the event formerly known as Linux Bangalore. What once started like a crazy reason for visiting India the first time (after enjoying Indian food and bollywood music from Germany for a couple of years), has turned into a regular mark in every years' calendar for me.

I've been told that FOSS.in this year will be very different from all the previous events. The focus has been shifted from doing just another round of 'this is free software and this is how to use it' event, the focus is now entirely on the community developer.

India still has, to my deep regret, shown relatively few significant contributors to Free Software - especially if you relate it to the size of the IT industry and the number of people working as software engineers in that country. Thus, I very much welcome any effort to nurture and foster the active, contributing part of the FOSS community there.

Meanwhile, the Schedule has been published by the organizers. Looking at the speakers and topics covered, it definitely looks more than promising!

Also: My openmoko-induced absence to the major Linux events in Europe and Canada have resulted in a way too long time since I've last met Rusty and James, my former fellow netfilter/iptables hackers :) Make sure you don't miss any of Rusty's talk. It's going to be fun :) And be prepared to switch your brain's English parser into high-speed mode :)

As a final side note: I'm happy to learn today that my application for a five year visa to India has been granted. During the last five years, I had to obtain a total of seven 6months visas - sufficient evidence to support my argument in favor of a 5 year visa.

Slowly getting back to my normal life

For the last couple of days I finally felt like in the "good old" (pre-openmoko) days. Suddenly things that have been piling up to higher and higher stacks are getting resolved. Tax related issues, various other administrative things like housing, insurance related, etc. I even find time for regular medical checkups like dentist's visit again.

I'm also slowly browsing through the various lists like netdev, which I haven't had time to read throughout the last year or so. Finally I get the feeling of being "in sync" again with what's happening in the rest of the Linux world.

I'm also making quick progress on gpl-violations.org (just ordered two new test purchases of allegedly infringing devices). And I even have time for the occasional homepage update of my various rotting (and rotten) websites.

I'm also almost finished with Ulrich Dreppers excellent paper "What Every Programmer Should Know About Memory". Being a kernel hacker, most of the issues have been known to me more or less, but it's good to read about all of them in a concisive paper, together with benchmarking on current hardware.

There ares still hundreds of pending issues here and there, and I yet have to find some time to e.g. finally do a ulogd2 release, work on integrating all the pending patches in librfid, work on ISO15693 support for it, and last but not least work on getting a lot of the work I did for openmoko on u-boot and kernel finally merged mainline. But if I'm able to continue getting things done at this pace, I'm very optimistic

It seems like all the time with OpenMoko has actually made me forget how easy and fast things have been moving all the time before ;)

Leaving OpenMoko "Lead System Architect" position

The regular reader of this blog will have noticed a distinct lack of any OpenMoko related news. This is not a coincidence. As Mickey wrote in a blog entry, there has been quite a bit of internal friction lately.

Adding that to the enormous amount of stress over the last 18 months has made me feel quite a bit demotivated over time. I've tried to cut down on the amount of work I do, but it hasn't helped much. So now I'm at a point where I feel unable to work in any active/leading role inside the project and/or company. My deep apologies to the the project and its community.

But don't worry. OpenMoko is a team, and I'll do everything to help smoothen the transition. I'm more than willing to assist those who will take care of my various tasks.

From today on, I'm nothing more than a volunteer to the project. I'll likely continue a bit of hacking in my areas of personal interest. Just like in many of the other FOSS projects that I have been (or still am) involved.

All the best to the OpenMoko project, the OpenMoko company, FIC Mobility. The last 18 months was an intense experience. Thanks to everyone who has helped the project both inside FIC/OpenMoko and outside. Thanks to FIC for funding and supporting the project. I wish everyone the best, and I'll be the most happy person (next to Sean) at each and every milestone the project achieves in the future.

My last netfilter training

Since I've been doing no netfilter/iptables related work recently, I've announced that the three day training is going to be the last one, at least for the time being.

Though stressful as usual (have you ever talked/presented straight 8 hours on three consecutive days?) it was a quite joyful experience. Apart from the netfilter/iptables workshop earlier this year, the only contact with my former much-beloved project in 2007.

However, the training made me realize how outdated all the existing documentation (and even my own training material) is. Basically everything was written in the early 2.4.x days - and much has changed ever since.

There's all the nf_conntrack / nf_nat related changes, as well as the x_tables transition, which can cause many subtle errors due to old scripts expecting different kernel module names, etc.

None of the HOWTO's or similar documents talk about the conntrack userspace program yet, there's no documentation (and no release) for ulogd2, etc.

So I'll really try to sit down and find some time to improve some of those areas. It yet remains to be seen if I can actually make it. But I feel there's a real gap to be filled...