August 18, 2018

Welcome to the Ubuntu Weekly Newsletter, Issue 540 for the week of August 5 – 11, 2018. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Chris Guiver
  • Wild Man
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

on August 18, 2018 10:51 PM

August 17, 2018

S11E23 – Twenty-Three Tales - Ubuntu Podcast

Ubuntu Podcast from the UK LoCo

We’ve been upgrading RAM and tooting in the fediverse. We discuss Hollywood embracing open source, a new release of LibreOffice, pacemakers getting hacked and fax machines becoming selfaware and taking over the planet. We also round up the community news and events.

It’s Season 11 Episode 23 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

In this week’s show:

That’s all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

on August 17, 2018 02:00 PM

Akademy: closing time

Valorie Zimmerman

Akademy is always a whirlwind which is my excuse for not blogging! Today we wrapped up the program which leaves us in a nearly-empty venue and a bit of time after lunch to catch up.

I did manage to gather photos together in Google Photos:

Thanks again to the KDE e.V. for sponsoring my hostel and the Ubuntu Community Fund for part of my travel expenses. This allowed me to attend. Meeting Popey from the Ubuntu community and the Limux team was great, although we didn't do as much Kubuntu work as in past years. However, attending the Distro BoF was a great experience; very friendly and collaborative.

As always, the talks were interesting, the "hall track" fascinating, BoFs engaging. The high point for me personally was being given an Akademy Award on Sunday after a blessedly-short e.V. meeting. I almost fainted from surprise! It feels wonderful to be not just appreciated but honored for my work for the KDE community. 

Thank you again!

I will update here with a photo when I can.

Yesterday and today were taken up with trainings, which while exhausting are extremely valuable. Along with the documentation work ahead, I look forward to integrating both the Non-Violent Communication and Tech Documentation trainings into my work.

In addition, I will be happy to see our documentation team re-group and gain strength over the next year as we work with the contractor on identifying pain points and fixing them.

I got lost yesterday, which one should always do in a strange city. Here is one of the beautiful windows I saw before finding the tram and a different way home:

Tomorrow we meet at 3:45 am to share an Uber to the airport and the beginning of the journey home. To KDE friends new and old: we'll meet next year at Akademy I hope, or at least in IRC.

Local friends and family, I'll see you soon!
on August 17, 2018 01:05 PM
This is the ninth issue of The Lubuntu Development Newsletter. You can read the last issue here. Translated into: español Changes General We’ve been polishing the desktop more, but work has been blocked by the still ongoing Qt transition. The 16.04 to 18.04 upgrade has now been enabled! Please do let us know if there’s […]
on August 17, 2018 01:53 AM

August 15, 2018

MAAS 2.4.1 released!

Andres Rodriguez

Hello MAASTers

MAAS 2.4.1 has now been released and it is a bug fix release. Please see more details in [1].


on August 15, 2018 03:20 PM

August 14, 2018

When Things Become Bizarre

Stephen Michael Kellat

Welcome to August.

As you could see from my last post, there have been changes afoot. We're effectively in a state of freefall at my job right now. The normal progression of events would have me place on seasonal release otherwise known as furlough about now already. Due to a wide-ranging set of factors beyond my control, we barely know week-to-week what is going on. It is considered to be a bad economic situation to "live paycheck to paycheck" in US life but it is even worse when you have no idea about the status of your job week to week. Being unable to plan means I can't even pursue an off-season job or look for freelance work yet. My proficiency in LaTeX is improving, at least, as evidence by the maintenance of my main static website at

There have been some stressors at work. Our enterprise WAN almost collapsed outright last week. Due to legislative changes, we're having to fit in massive retraining with very little time available and no ability to totally down tools for such training. We have difficult days ahead potentially. If appropriations go haywire, none of this may matter. The countdown clock is running on what the Senate and House of Representatives may manage.

Partial OggCamp website screenshot

This also means I cannot travel to OggCamp. Essentially I have to stay within close range of my Post of Duty right now. Leave grants may be getting revoked soon. Getting shifted over to mandatory training status shortly makes that happen when the stakes are becoming as high as they are right now. Nobody has said this yet at work: "Failure Is Not An Option." With senior ranks in the chain of command coming to the Post of Duty in less than a week, we'll be learning how close things are to running aground. What makes me feel worse is that this was the year I specifically made provision to travel to England. Moving up the ranks at work means I can't escape responsible roles because I'm slowly becoming one of the persons others look up to because everybody else at my rank has either retired or left.

I have been working on an article. It has been a while since I pitched anywhere. I have to check the clock to see if it has run out on the pitch. Once upon a time I had been a working journalist in print. There are four days left on the clock before I try other options. With a link to an old effort from 2012 that brings back some memories, I offer some of the citations I'm working from to write the article:

Amatulli, Jenna. “Spotify Pulls Radio Show Episodes By InfoWars’ Alex Jones After Widespread Complaints.” Huffington Post, August 1, 2018, sec. Media.

Badawy, Adam, Kristina Lerman, and Emilio Ferrara. “Who Falls for Online Political Manipulation?” ArXiv:1808.03281 [Physics], August 9, 2018.

Beschizza, Rob. “Tech Platforms Quit Alex Jones and InfoWars.” Boing Boing, August 6, 2018.

Brown, Elizabeth Nolan. “Senate Democrats Are Circulating Plans for Government Takeover of the Internet.”, July 31, 2018.

Cellan-Jones, Rory. “Facebook, ITunes and Spotify Drop InfoWars.” BBC News, August 6, 2018, sec. Technology.

Crowe, Jack. “Facebook Deletes Infowars Page, Apple Deletes All Alex Jones Podcasts.” National Review (blog), August 6, 2018.

“Enforcing Our Community Standards | Facebook Newsroom.” Accessed August 6, 2018.

Gilmer, Marcus. “Facebook Deletes 4 Pages Belonging to Alex Jones and InfoWars.” Mashable, August 6, 2018.

Glaser, April. “Apple and Spotify Just Did to Alex Jones What Facebook Wouldn’t.” Slate Magazine, August 6, 2018.

Gold, Ashley. “Facebook Removes 4 Pages Owned by InfoWars’ Alex Jones.” POLITICO, August 6, 2018.

Gore, Leada. “Alex Jones Infowars: Facebook, Apple Remove Podcasts, Pages from Controversial Host.”, August 6, 2018.

Hern, Alex. “Facebook, Apple, YouTube and Spotify Ban Infowars’ Alex Jones.” The Guardian, August 6, 2018, sec. Technology.

Hernandez. “The War Against InfoWars and Free Speech.” Victory Girls Blog (blog), August 6, 2018.

Johnson, Bridget. “Homeland Security Officials: White Supremacist Extremists Skirting Social Media Bans.” Homeland Security (blog), August 7, 2018.

Kreps, Daniel. “Apple Removes Alex Jones, ‘Infowars’ Podcasts From Apps.” Rolling Stone (blog), August 6, 2018.

Legaspi, Althea. “Spotify Pulls Episodes of Infowars’ ‘Alex Jones Show’ Podcast.” Rolling Stone (blog), August 2, 2018.

McKay, Rich. “Facebook, Apple, YouTube and Spotify Take down Alex Jones Content.” Reuters, August 6, 2018.

Meza, Summer. “Facebook Finally Cracks down on Alex Jones and Infowars.” The Week, August 6, 2018.

Morris, Chris. “Facebook Bans Several Pages From Alex Jones and Infowars.” Fortune, August 6, 2018.

Neidig, Harper. “Facebook Deletes InfoWars Pages.” TheHill, August 6, 2018.

Paczkowski, John, and Charlie Warzel. “Apple Kicked Alex Jones Off Its Platform Then YouTube And Facebook Rushed To Do The Same.” BuzzFeed News, August 6, 2018.

Palladino, Valentina. “Alex Jones Hit with Bans from Facebook and Apple.” Ars Technica, August 6, 2018.

Russell, Jon. “Apple Has Removed Infowars Podcasts from ITunes.” TechCrunch (blog), August 6, 2018.

Ryan, Jackson. “Apple Drops Alex Jones and Infowars from ITunes, Podcast App.” CNET, August 6, 2018.

Simon, Roger L. “InfoWars and the Rise of the Tech Fascists.” Roger L. Simon (blog), August 6, 2018.

Watson, Paul Joseph. “Facebook Bans Infowars. Permanently. Infowars Was Widely Credited with Playing a Key Role in Getting Trump Elected. This Is a Co-Ordinated Move Ahead of the Mid-Terms to Help Democrats. This Is Political Censorship.  This Is Culture War.Https://Www.Infowars.Com/Purged-Facebook-Permanently-Bans-Infowars-for-Hate-Speech/ ….” Tweet. @PrisonPlanet (blog), August 6, 2018.

Yilek, Caitlin. “‘Survival of Our Democracy’ Depends on Banning Sites like InfoWars, Dem Senator Says.” Washington Examiner, August 7, 2018.

on August 14, 2018 02:25 AM

August 10, 2018

S11E22 – Catch-22 - Ubuntu Podcast

Ubuntu Podcast from the UK LoCo

Alan and Mark shoot the breeze about stuff, you know? They miss Martin and hope he comes back soon.

It’s Season 11 Episode 22 of the Ubuntu Podcast! Alan Pope and Mark Johnson are connected and speaking to your brain.

In this week’s show:

That’s all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

on August 10, 2018 08:56 AM

IoT Hacker

Today I’m giving a talk in the IoT Village at DEF CON 26. Though not a “main stage” talk, this is my first opportunity to speak at DEF CON. I’m really excited, especially with how much I enjoy IoT hacking. My talk was inspired by the research that lead to CVE-2017-17704, but it’s not meant to be a vendor-shaming session. It’s meant to be a discussion of the difficulty of getting physical access control systems that have IP communications features right. It’s meant to show that the designs we use to build a secure system when you have a classic user interface don’t work the same way in the IoT world.

(If you’re at DEF CON, come check it out at 4:45PM on Friday, August 10 in the IoT Village.)

The TL;DR of it is that encryption (particularly with a key hardcoded in the device firmware) does not guarantee authenticity and that an attacker can forge messages triggering behavior on the door access controller. What’s more interesting is to discuss how to fix this problem in product designs going forward.

Getting encryption right is hard at the best of times. Doing it in a way that allows reasonable management of the devices, with proper authentication of connection, when you have devices that may not have hostnames (or if they do, may be internal only hostnames), that don’t have classic user interfaces, that may fail and need to be replaced, is very hard.

It’s also worth noting that the amount we should care about security really does depend on the product involved. While I don’t deny that an RCE in a light bulb could become part of a botnet, authentication bypass in an access control system is pretty scary. It literally has one job: to deny unauthorized access. Having the ability to bypass it over the network is clearly impactful.

I hope my talk will inspire conversations about how to do network trust among networks of embedded & IoT devices. As security professionals, we haven’t offered the device developers the tools to bootstrap the trust relationships in the real world. Here’s to hoping that next year, I can be discussing a different type of bug.


PDF: I’m the One Who Doesn’t Knock: Unlocking Doors From the Network

on August 10, 2018 07:00 AM

Welcome to the Ubuntu Weekly Newsletter, Issue 539 for the week of July 29 – August 4, 2018. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Chris Guiver
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

on August 10, 2018 02:55 AM

August 08, 2018

A short lived ride After some time on Kubuntu on this new laptop, I just re-discovered that I did not want to live in the Plasma world anymore. While I do value all the work the team behind it does, the user interface is just not for me as it feels rather busy to my liking. In that aforementioned post I wrote about running the Ubuntu Report Tool on this system, it is not part of the Kubuntu install or first boot experience but you can install it by running apt install ubuntu-report followed by running ubuntu-report to actually create the report and if you want, send it too.
on August 08, 2018 11:22 PM

I read Twitter with Tweetdeck. And I use the excellent Better Tweetdeck to improve my Tweetdeck experience. And I had an idea.

You see, emoji, much as they’re the way we communicate now, they’re actually quite hard to read. And Slack does this rather neat thing where if …

on August 08, 2018 11:19 PM
A lovely lunch and a shared afternoon and evening with Ade was a pleasant interlude in our time together here in beautiful Deventer. We changed tables a few times to avoid the sun! Last night we were wakened at around 2am with wind blowing rain into the open windows, which was quite exciting. Thunder roared in the south. It was still quite cool and breezy this morning so we ate inside.

After lunch, Boud proposed a walk around the town while the temperatures were moderate. We walked over much of the old town of Deventer, and spend some time in the Roman Catholic church, the old church on the "hill" with twin spires, the old Brush Shop, and back past the Weighing House and a lovely cast bronze map of Deventer.

Our favorite tree:

The Roman Catholic church whose steeple we see from the terrace:

On the wall of the Weighing House:

Our little corner of Deventer:

Tomorrow we travel by fast train to Vienna! I hope there is time to drink a cup of coffee. :-)
on August 08, 2018 04:00 PM

Mugshot 0.4.1, the latest release of the lightweight user profile editor, is now available! This release includes a number of bug fixes and will now run in the most minimal of environments.

What’s New?

Code Quality Improvements

  • Replaced deprecated logger.warn with logger.warning (Python 2.x)
  • Replaced deprecated module optparse with argparse (Python 2.7)
  • Resolved Pylint and PEP8 errors and warnings

Bug Fixes

  • TypeError in _spawn(): The argument, args, must be a list (LP: #1443283)
  • User-specified initials are not correctly loaded (LP: #1574239)
  • Include Mugshot in Xfce Settings, Personal Settings (LP: #1698626)
  • Support -p and -w office phone flags in chfn. This flag varies between chfn releases. (LP: #1699285)
  • FileNotFoundError when comparing profile images (LP: #1771629)

Support for Minimal Chroot Environments

  • Fix crash when run without AccountsService
  • Handle OSError: out of pty devices
  • Specify utf-8 codec for desktop file processing when building

Translation Updates

Catalan, Chinese (Simplified), Danish, Lithuanian, Spanish


Source tarball (md5sig)

on August 08, 2018 10:04 AM

August 07, 2018


Benjamin Mako Hill

Am I leading a double life as an actor in several critically acclaimed television series?

I ask because I was recently accused of being Paul Sparks—the actor who played gangster Mickey Doyle on Boardwalk Empire and writer Thomas Yates in the Netflix version of House of Cards. My accuser reacted to my protestations with incredulity. Confronted with the evidence, I’m a little incredulous myself.

Previous lookalikes are here.

on August 07, 2018 09:00 PM

August 06, 2018

Here is the eighth issue of This Week in Lubuntu Development. You can read the last issue here. Translated into: español Changes General Lubuntu 18.04.1 has been released! Lubuntu 16.04.5 has been released! We’re taking a new direction. The past couple of weeks have been focused on more desktop polish and some heavy infrastructure and […]
on August 06, 2018 10:09 PM

August 05, 2018

FreeDesktop platforms have come a long way in terms of usability and as we strive to make them better platforms for application developers, I think it’s time to shed one more shackle that slows that down: themes.

Now, coming from me that view may be a surprise (because of all those themes that I call personal projects) but I do feel it’s necessary mainly because the level of visual customisation that is being done at the distribution level has led to widespread visual fragmentation which impacts both user- and developer-friendliness.

Letting the Past Go

What themes used to be were sets of preset or configuration files that would only tweak the details of the user interface such as the window borders or how buttons and scrollbars looked but the overall layout and function stayed the same.

Theming on GNOME2

But user interfaces of the past were much simpler, there were fewer window states, fewer points of interaction, less visual feedback, and just plain fewer pixels. These limitations in old toolkits meant that they largely stayed the same from theme to theme and things were relatively stable.

Fast-forward to today where we have modern toolkits like GTK+ 3 with more complex visuals and detailed interactions means that without the same level of quality control that you find at the toolkit level, maintaining a separate theme is a very fiddly and potentially buggy prospect. Not to mention getting all the details right matters for both usability and accessibility.

“Look and Feel” as a Toolkit Component

It’s unfortunate that “Adwaita” is thought of as a theme when in fact it is a core component of the toolkit, but this is mostly a holdover from how we’re used to thinking about look and feel as it relates to the user interface. Adwaita is as closely tied to GTK+ as Aqua is to the macOS user interface, and as a result it has broad implications applications built with GTK+.

The reality is that GTK+ 3 has no theme framework (there is no API or documentation for “themes”) and “Adwaita” is simply the name of the stylesheet deeply integrated in GTK+. So when third-party developers build GNOME apps, they rely on this stylesheet when determining the look and feel of their apps and, if necessary, use it as a reference when writing their own custom stylesheets (since it is a core toolkit component).

Today’s themes aren’t themes

GTK+ 3 themes are not themes in the traditional sense. They are not packages of presets designed to work with the user interface toolkit, they are more like custom stylesheets which exist outside of the application-UI framework and only work by essentially overriding the toolkit-level stylesheet (and quite often only the toolkit-level stylesheet).


When GTK+ 3 applications are being used under third-party themes, what is being broken is the boundary an application developer has set up to control both the quality of their application and how it looks and feels and this becomes really problematic when applications have custom CSS.

In order for third party themes to work properly and not cause cascading visual bugs, they have to either become monolithic and start incorporating all the custom stylesheets for all the applications that have them, or work with application developers to include stylesheets in their applications that support their themes. Neither of these solutions are good for platform or application development since it will become a task of never-ending maintenance.

Visual Fragmentation

Across the GNOME desktop ecosystem exists “visual fragmentation” and it’s a very real problem for app developers. Since very few distributions ship GNOME as-is, it is hard to determine what the visual identity of GNOME is and therefore it’s difficult to know which visual system to build your application for.

Integrating the stylesheet with the user interface toolkit, in theory, should have solved many issues regarding visual inconsistency across the GNOME platform, but that’s an unsolveable problem so long as themes persist.

The biggest offenders continue to be downstream projects that theme GNOME extensively by overriding the default icons and stylesheet, and insist that that’s part of their own brand identity, but so long as that practice carries on then this fragmentation will continue.

Upstream vs. Downstream Identity

It is extremely rare for a Linux distribution to also be the platform vendor, so it can be said that nearly all distros that ship a desktop platform (like GNOME) are “downstream” vendors.

Platforms like GNOME and KDE exist irrespective of distributions and they have their own visual and brand identities, and own guidelines around the user interface. On the other hand, distribution vendors see a need to have unique identities and some decide to extend that to the look and feel of the desktop and apply themes.

But this practice raises questions about whether it is right or not for distributions to cut out or override the upstream platform vendor’s identity to favour their own. Should distributions that ship GNOME be asked to leave the default look and feel and experience intact? I think yes.

A similar situation exists on Android where Google is trying to control the look and feel of Android and hardware OEMs all over the place are skinning it for their phones, but the blame for issues gets conflated with issues in Android (unless you do some monumental branding effort and effectively erase Android, like Samsung)

Distributions owe a lot to the desktop platforms, as such I think that effort should be made to respect the platform’s intended experience. Not to mention, the same concerns for quality assurance regarding applications also applies to the platform, GNOME developers lose out when then forced to dedicate time and resources to dealing with bugs related to issues created by downstream theming and deviations.

The Future

If ending the wild west of visual customisation (which would probably end all of those projects of mine) on GNOME is necessary to grow the ecosystem, so be it.

I would rather see GNOME evolve as a platform and become a little less developer-hostile by dropping support for third-party themes, than stagnate. Doing so would also bring us in line with the how the major (successful) platforms maintain a consistent look and feel and consider app developers’ control over their apps and their rights to their brand identities.

That said, I doubt such a hardline position will be widely warmly recieved, but I would like to see a more closed approach to look and feel. Though, perhaps actually building some sort of framework that allows for custom stylesheets (so that downstreams can have their unique visual identities) that doesn’t involve totally overriding the one at the toolkit level would be the best solution.

on August 05, 2018 03:00 PM

August 02, 2018

I’ve spent an unhealthy amount of time over the past 6 months or so participating in the craze that is #badgelife. This year, I built badges for my Security Research Group/CTF Team: Attacker Community. (Because community is important when you’re attacking things.) Like last year, all of my badges were designed, assembled, and programmed by me. There are 24 badges this year, each featuring 8 characters of 14-segment display goodness and bluetooth connectivity. I may not be one of the big names in #badgelife, but if you just make some badges for your friends, there’s a lot less pressure in case something comes up.

Lit Badge


I spent a lot of time kicking around ideas for the badge this year. While I built my DEF CON 25 badge in secret (because I wanted to surprise people with them), this year I solicited ideas from my group. Eventually someone suggested a “Hack the Planet” globe with a display on it, and I ran with it.

The LED displays are intended to throw back to the ’80s, fitting with the DEF CON theme of 1983, but the microcontroller features integrated Bluetooth, bringing it to 2018. The artwork is matte black solder mask with white silk screen (because apparently I don’t know how to do color) and all but one of the badges has classic red LEDs.


I knew from the get go that I wanted to include Bluetooth functionality on the badge. Given the availability of powerful microcontrollers with built-in Bluetooth, it seemed obvious that an integrated solution would be the best option. At first, I looked at the ESP32, but while they are cheap, the power consumption is fairly high, and the documentation isn’t as good as I would have hoped.

Next, I looked at the nRF52 series, and decided I liked them right away. They feature an ARM M4 core, so have an architecture I’m well familiar with, and have a BLE 5 capable radio. Obviously, I didn’t want to build my own antenna and matching section, so I started looking for a module as a solution. At first, I looked at the Rigado modules, but they were a little bit more than I wanted to use for a small badge run (personally financed), so I was happy when I found the somewhat cheaper Fanstel BT832 series. I ended up going with the BT832A, which is based on the nRF52810, a lower flash/lower RAM variant of the popular nRF52832.


I bought a Fanstel BT832 dev board and some 14 segment displays. I started with the dev board and an Adafruit 14-segment LED backpack. This allowed me to get some experience with the nRF52 SDK, and make sure the general concept was sound without sending out for a custom PCB.


In preparing for the first prototype, I looked for an appropriate LED driver for the 120 LED segments on the 8 characters (organized as the 8 common groups of 15 LEDs). A typical way to drive these is by rapidly pulsing through the common pins (common anode in this case) and as each common pin is activated, the driver outputs the 15 signals for the various LEDs. Surprisingly, I found very little in the way of an easy to use driver, except for the Holtek HT16K33 used in the Adafruit backpack.

There were two problems with the Holtek chip, however. First, it’s relatively hard to obtain – it can’t be purchased on Digikey, Mouser, Jameco, or Arrow. The only source I could find was AliExpress, which is always a dicey proposition. Even at best, it often takes several weeks to receive the product. At worst, it never shows up, or the product is not what was advertised.

Secondly, the HT16K33 is a chip designed for 5V operation, with a specified range of 4.5-5.5V. My badge design was targeting a 3V supply. I began by testing my protoboard prototype and seeing how low I could drive the prototype and still have everything working. I was pleasantly surprised (and somewhat amazed) to see that the HT16K33 kept working until the voltage had dropped so low that the LEDs stopped lighting due to their forward voltage (~1.8V). Unfortunately, I had no way to know if that was specific to this one chip or if all of the chips would behave similarly. Still, since I had this working, I pressed onward with my design.

I designed a full-scale prototype with the NRF module, the 4 displays (2 characters each), the HT16K33 LED driver, and a number of test points to measure voltage, current, etc. I sent the board design off to JLCPCB. (I’d heard good things, figured it was a good opportunity to try them out.)

Prototype PCB

About two days later, I realized I had made a terrible mistake in the design: while I had properly laid out the pinout of the LED displays, I had neglected to take into account the physical overhang of the displays beyond the pins. There’s no way all 4 displays would physically fit on the board! I debated immediately redoing the board, but decided to try to “make it work” in the interests of time. I ended up attaching the displays using segments of hookup wires. It wasn’t the best option, but it got the job done.

Final Design

The final electronic design ended up with:

  • BT832A module containing nRF52810 SoC
  • HT16K33 LED Display Driver (8x16 memory mapped)
  • 4 dual 14-segment LED displays
  • 2xAAA battery holder providing 3V nominal
  • A 5-way joystick for user control

There’s a handful of other passives (both bulk and bypass capacitance, an indicator LED for BLE status, etc.). Internal pull-ups were adequate for the I2C lines to the HT16K33. In production firmware, the reset pin is disabled to avoid spurious resets. On the prototype board, there’s a reset button with an RC circuit for debounce.


PCB Final

I had the final boards produced at Elecrow (because they don’t print order numbers on the boards and offered matte black solder mask). After I received the PCBs, I assembled a quick test badge (#0x01) and was pleasantly surprised to find that it actually worked!

Then I had to assemble the 24 other boards. By hand. Without a reflow even. It turned out that working in batches of 4-5 boards at a time was the most efficient way I could.

I placed all the SMD components (except the battery holder) on the back of the board and used my hot air gun to reflow the SMD components. Placing the BLE module and get its castellations aligned was, by far, the hardest part of this stage. (Though don’t underestimate trying to solder 0603 components with a hot air gun – they really like to blow around from the force of the wind.)

Next, I inserted the 4 displays from the front, and hand-soldered each of the 72 joints (that’s 1800 total joints on the 25 badges). I added the battery holder and joystick and soldered those in place. At this point, each badge should be functional, but it’s hard to know for sure since there was no software on them yet to make them do anything.


Unlike when working with most microcontrollers, where using the vendor’s SDK is optional (you can directly interact with the various control and I/O registers), when working with an embedded BLE controller, you really need to use the SDK. In the case of the nRF52 series, the SDK is necessary to talk to the “SoftDevice” that runs the BLE stack.

One thing worth noting is that, due to the tight timing constraints of the BLE stack, the highest priority interrupts are reserved for it. Consequently, depending on very tight timing can be difficult. I discovered this during the first prototype and had to debug it using the Saleae logic analyzer. (These logic analyzers are the Swiss Army Knife of digital domain signals.)


In particular, the Saleae logic analyzer helped me discover that I was occasionally transmitting the completely wrong bytes to the HT16K33 display driver. It turns out that pointer math is hard, and you should be really careful about that. Amazingly, I managed not to corrupt memory (or at least, not badly enough to completely break things) but given that the firmware is written in low-level C, there’s a fair bit of pointer weirdness going on. Eventually, though, I got it right.

Saleae Screenshot

The minimal firmware I built was just enough to display a single message on the displays, and allow turning the displays on/off. This was the proof of concept that ran on the breadboard design.

I used the prototype board to begin building out the more extensive firmware. This included multiple messages and display styles (scrolling, etc.), variable brightness, and the Bluetooth setup to allow customizing messages and other settings.

One of the biggest firmware challenges was getting the BluetoothLE Secure Connections (LESC) feature enabled. As of the time I was working on it, the SDK would not even compile with LESC enabled on the nRF52810. It’s clearly not an oft-used (or tested at Nordic) feature. The documentation also left a lot to be desired in terms of understanding the requirements for the LESC feature.

Programming & Testing

Each badge has 4 round contact points (test points) for the voltage supply (VCC), ground (GND), and Single Wire Debug Clock (SWDCLK) and Data (SWDIO) lines. These four lines allow me to program the badges using 4 spring-loaded contacts and a USB to SWD adapter.

Because of the hand-assembled nature of the badges, I really needed to find a way to test the electrical connections. With 16 connections on the BLE module, 72 LED display connections, 28 pins on the HT16K33, and 6 contacts on the joystick, there were plenty of places for things to go wrong even after a visual inspection. Consequently, I wrote a mode into the firmware that tests all of the LEDs as well as the joystick. Given the overall design, this tested nearly all of the relevant electrical connections.

Each badge can be “factory reset”, which triggers the self-test again, as well as resetting all the messages to the default, and clearing any Bluetooth pairings. This was necessary in case I needed to re-run the tests or modify the format of the data stored in flash.

Android App

Obviously, if you’re going to use something that has Bluetooth, you need a way to talk to it. I wanted people to be able to configure the messages to be displayed on their badge, allowing for personalization, and I thought it would be a little different than other badges. So I figured I’d make a quick Android app – how hard could it be?

It turns out that if you haven’t done any Java in about 10 years, it gets much harder. But eventually I got things working. There was a lot of back and forth between the Android App and the firmware in order to get the pairing working, the communications working the way I want to, etc.


Eventually, the Android App came together and was actually my first published Android application. Hopefully it’ll actually work in the field.

Lessons Learned

  1. Do not trust SDK documentation. It will be wrong in some way. Be prepared to read the SDK source code in order to understand how the SDK really works.
  2. If you are using digital signals between chips on your PCB, get a logic analyzer. It will make your life so much easier if you can see what your chips are actually doing.
  3. Put test points for all your signals on your prototype board. Why force yourself to try to clip to TSSOP leads when you could have put proper test points on the board?
  4. If you estimate how long something will take, you will be wrong. It will take longer.
  5. If you want to make more than a handful of badges, don’t plan on assembling them by hand. It’s repetitive, and repairing your errors will burn your time like no other.


Badge Front

This has been a fun build. It’s my first time developing for Android, first time developing with Bluetooth, first time with this chipset. It’s been a blast, but it’s been a ton of work.

If you want to see all the details, I’ve open sourced it all. It’s all there: the firmware, the KiCad files, the Android App, and it’s all under the MIT license.

Other Adventures in #badgelife

I’d be remiss if I didn’t mention that this wasn’t the only badge I worked on this year. My company hosts an amazing invite-only lounge during DEF CON each year, and this year we have an electronic badge. A team of 3 of us put this one together, so hats off to @twitchyliquid64 and claymore. The badges interact via IR when our hosts (Googlers) and guests interact. I’m really excited to see how they work out at the event.

on August 02, 2018 07:00 AM

I have no friends or colleagues

Benjamin Mako Hill

ICA "You have no friends or colleagues."Although it’s never fun to have the most important professional association in your field tell you that “you have no friends or colleagues,” being able to make one’s very first submission to screenshots of despair softens the blow a little.

on August 02, 2018 02:20 AM

August 01, 2018

As we begin getting closer to the next release date of Ubuntu Studio 18.10, now is a great time to show what the best of the Ubuntu Studio Community has to offer! We know that many of our users are graphic artists and photographers and we would like to see their/your talent also reflected more […]
on August 01, 2018 04:18 PM

July was an surprisingly productive month for Xubuntu. While several folks in the team were on vacation for some portion of the month, we still managed to deliver a number of great updates!

LTS Updates

Xenial Xerus – 16.04.5

This is the final point release for Xubuntu 16.04 “Xenial Xerus”. As Xubuntu has a 3-year support cycle, this release will be supported until April 2019. There have not been any major changes from the Xubuntu team for this point release, but there have been a number of other improvements and security updates for other components.

16.04.5 is expected to be released tomorrow, August 2, 2018. If you have a few moments, feel free to do some testing and make sure everything is working as well as we think it is!

Bionic Beaver – 18.04.1

This is the first point release for Xubuntu 18.04 “Bionic Beaver”. At this time, users of Xubuntu 16.04 should begin receiving notifications to upgrade to this release. There have been a few updates from the Xubuntu team, and others are still on their way. Download 18.04.1 here.

Application Updates

Catfish 1.4.6

The latest release of Catfish features a greatly improved thumbnail manager and numerous bug fixes. With 23 translation updates, this is the most localized release to date! Finally, Catfish 1.4.6 is the first release as an official Xfce project. Check out my earlier blog post for more details.

Xfce4 Panel Profiles 1.0.8

Formerly known as Xfpanel Switch, Xfce4 Panel Profiles has joined the Xfce family. This application makes it incredibly easy to backup, restore, and share panel layouts with other Xfce users. The latest release improves profile management and includes a number of translations. Find out more about the latest updates on the release announcement.

Xfce Releases

There were 7 new Xfce releases in July, including the two applications listed just above. These releases feature a number of improvements and translation updates, with Xfwm4 4.13.1 featuring an astounding 81 non-translation updates!

Cosmic Cuttlefish Updates

The following components have been updated in Xubuntu 18.10 since July 1st.



Panel Plugins

Thunar Plugins

Other Updates

What to Expect in August?

With the summer months coming to a close, kids are back in school and everybody is back in front of their computers. This means more updates! Here are some things expected soon:

  • Updated packaging for the elementary-xfce icon theme. Work on separating this theme from xubuntu-artwork has already been completed. We are now just waiting for some sponsored uploads. The benefit of this change is that the elementary-xfce icon theme is now available in Debian!
  • Xfce Settings 4.13.5. There have been some improvements to the settings managers that we’ll be releasing soon. One improvement is the removal of the broken icon theme color generation. This worked great with GTK+ 2 themes, but has been pretty broken for GTK+ 3. With this removal, Appearance Settings now loads instantly!
  • I’ll be taking a look at the Pidgin codebase this month, hoping to improve the theme manager to support system-wide status icon and smiley theme installation. This will make it possible for us to ship the pidgin-elementary themes and further improve our desktop consistency.
  • There have been a few bugs reported with Thunar in Xubuntu 16.04 in regard to copying and moving files. I’ll be working to update the Thunar version in Xenial to fix these bugs and help folks transition to the latest and great Xubuntu 18.04. (LP: #1514912)

Keep up with the latest Xubuntu developments on our development tracker. Have a great month!

on August 01, 2018 11:56 AM

July 30, 2018

Prologue After a week away from my computer I want to organize my thoughts on the progress made towards build VMs by providing this write up since that forum post can be a bit overwhelming if you are casually wanting to keep up to date. The reasons for this feature work to exist, for those not up to speed, is that we want to have a very consistent build environment for which anyone building a project can have an expectable outcome of a working snap (or non working one if it really doesn’t).
on July 30, 2018 08:47 PM

July 28, 2018

Remembering Gerv Markham

Benjamin Kerensa

Gervase Markham (cc by sa didytile)Gervase Markham (cc by sa didytile)

Gerv Markham, a friend and mentor to many in the Mozilla community, passed away last night surrounded by his family.


Gerv worked at Mozilla for many years working in a variety of capacities including being a lead developer of Bugzilla and most recently working on special projects under the Mozilla Chairwoman.


I had the pleasure of working with Gerv in the Thunderbird community and most recently on the MOSS Grants Committee as one of the inaugural members. Between these two areas, I often sought Gerv’s mentoring and advice, as he always had wisdom to share.


Anyone who has been intimately involved with the Mozilla project likely engaged Gerv from time to time, although much of his work was behind the scenes but nonetheless important work.


I think it goes without saying Gerv had a significant impact on the open web through his contributions to Bugzilla and various projects that moved the open web forward and he championed the values of the Mozilla manifesto. All of us who knew him and got the opportunity to collaborate were rewarded with a good friend and valuable wisdom that will be missed.


Thanks Gerv for being a friend of Mozilla and the open web and you will be surely missed.

on July 28, 2018 10:44 PM

July 27, 2018

Lunar Eclipse Blood Moon

Sebastian Kügler

Blood Moon of July 2018Blood Moon of July 2018

Tonight, I spent some time on the balkony with my SLR, a glass of Shiraz and the most significant lunar eclipse of the century.

on July 27, 2018 10:04 PM

Stickers are just glorified icons right??

Adorbs used to be an iMessage sticker pack that I maintained, but I let my Apple developer account lapse, so I made them into a Telegram sticker pack! Available now!

Adorbs for Telegram

Download for Telegram

on July 27, 2018 04:00 PM

July 26, 2018

The first point release for 18.04 Bionic Beaver has now been released.

As usual, this point release includes many updates, and updated installation media has been provided so that fewer updates will need to be downloaded after installation. These include security updates and corrections for other high-impact bugs, with a focus on maintaining stability and compatibility with Ubuntu 18.04 LTS.

The point release images are available as torrents immediately from the links below.

64-bit systems32-bit systems

The images are also available as direct downloads from As the main server and mirrors might be busy for the first few days after the release, we recommend using the torrents if possible.

on July 26, 2018 07:35 PM

MAAS 2.5.0 alpha 1 released!

Andres Rodriguez

Hello MAASters!

I’m happy to announce that the current MAAS development release (2.5.0 alpha 1) is now officially available in PPA for early testers.
What’s new?
Most notable MAAS 2.5.0 alpha 1 changes include:
  • Proxying the communication through rack controllers
  • HA improvements for better Rack-to-Region communication and discovery
  • Adding new machines with IPMI credentials or non-PXE IP address
  • Commissioning during enlistment
For more details, please refer to the release notes available in discourse [1].
Where to get it?
MAAS 2.5.0a1 is currently available for Ubuntu Bionic in ppa:maas/next.
sudo add-apt-repository ppa:maas/next
sudo apt-get update
sudo apt-get install maas
on July 26, 2018 05:46 PM

KDE neon Bionic Update

Jonathan Riddell

The work to rebase KDE neon on Bionic is progressing. Apologies if it feels slow but it’s keeping our infrastructure busy while continuing with the xenial builds alongside.  I’ve just managed to get the package version check to turn green which means all the packages are now built.  The installable ISOs are also green on our builders, but we’re keeping them hidden until we’ve ironed out the bugs.  The two installers we use have some quirks and hacks that need tidied up but the automated install tests are also turning green.  Some of you have already found our preliminary instructions for doing the upgrade and it seems to be working for everyone who has tried it, but “it seems to be working” is not what we want, “it is working” is what we want and while the git-unstable edition is green in the tests the user edition is not so some more tidying up to be done there. We’ll announce the installable ISOs and upgrade more formally for beta testing once the tests are green and turn on the full upgrade shortly after.  Hasta pronto.


Facebooktwittergoogle_pluslinkedinby feather
on July 26, 2018 03:06 PM

A few weeks ago I ran the ninth annual Community Leadership Summit in Portland, Oregon. As usual, O’Reilly provided the venue space and AV for us (as it happens the weekend before OSCON), and we had a fantastic line-up of sponsors, including:

CLS 2018 Sponsors

Many thanks to all our fantastic sponsors!

The event was fantastic. We had over 200 great attendees (from all manner of backgrounds, disciplines, and experience), 8 keynotes, 40+ discussion sessions, and a raft of fantastic hallway discussions, social events, and more. Thanks also to Todd Lewis, Aaron Griswold, Van Riper, Catharine Lipton, and others who helped make this a success.

While CLS is in it’s ninth year, this year felt even more energized than usual. There were some deep, complex discussions getting to the heart of how people collaborate, and these conversations covered a wide range of topics.

Here are some photos from the event (thanks to Jim Grizanzio for taking these, and see the full album):

Opening Keynote

Kicking Off The Event

Finalizing the Contributed Sessions Board

Kara Sowles from Puppet

The CLS Crowd

Hard Work In Action

A Session In Action


See you next year, everyone!

The post Community Leadership Summit Recap and Pictures appeared first on Jono Bacon.

on July 26, 2018 03:00 PM

July 24, 2018

Last week I ran the Community Leadership Summit in Portland, Oregon, and also attended the OSCON summit there. It was a fantastic week and I will be following up with more details about CLS soon.

While there, my old friend (and editor of The Art of Community), Andy Oram, asked if he could interview me about how community leadership has evolved over the years. We had an interesting discussion, touching on how this work has changed, how the job descriptions and roles have adjusted, how companies fit it into their organizations, and more.

You can watch it here:

Can’t see the video? See it here.

The post Video: Interview About the Evolution and Professionalization of Community Management appeared first on Jono Bacon.

on July 24, 2018 09:30 PM

A beautiful theme gets a beautiful name

Communitheme has been a community effort from the start with an overwhelming amount of feedback from an even larger community. Surprisingly, the still ongoing discussion thread of more than 1500 messages hasn’t (yet?) broken discourse!

However, the effort to refresh the look and feel of Ubuntu has gone way beyond just a theme. From the start, Sam Hewitt’s beautiful Suru icons were included and over time, the effort brought new system sounds and new cursors under its wing. Some of the design discussions have gone even further than this, but the desire to stay as close to upstream GNOME as possible has put most of those in the freezer for now. So, in order to reflect the broad scope and in light of its upcoming inclusion in Ubuntu, a new name is in order.

After 8 months of intense labour, we are proud to announce the birth of Yaru!

Yaru vs Suru

A fully community grown theme, ready to look good and be awesome. Yaru continues on the Japanese influences of Suru, and its meaning, “to do” or “to give” fits perfectly with this project: Yaru is here because we did it, we’re happy to give it to you to spread Ubuntu’s culture of sharing, and we hope it helps you do cool stuff on Ubuntu. Best of all, even the name was vetted in by the community! A poll confirmed that this name is widely loved by the entire Communitheme-community. A longer explanation of Yaru vs Suru could be found here.

We did not do it in a day..

Communitheme project got immediately big expectations from the community. Many people were eagerly awaiting this style refresh and wanted it as default theme in the 18.04 LTS (codename Bionic Beaver) release. However, we decided to postpone its release to give us the freedom to keep changing the theme, since an LTS would mean that the theme’s look and feel is fixed for a few years. Two months after the Bionic release, looking at the commit activity and at the list of pull requests, it’s clear this was the right decision. We have gone through several iterations that affected also the very basic elements of style.

GNOME Shell theme

  • The color & shape of our button sets changed to look bright, sharp and elegant.
  • The colors for the window and sidebar background are changed to a more warm and welcoming tone, like we did for the headerbars at the beginning.
  • We abandoned the strong orange for the text selection and changed it to a more discrete blue.
  • We changed the Color & shape of GNOME and GTK notifications so that they pop up nicer from the background.
  • Finally, many changes were made to the transparency, borders, shadows, colors and depth effects so GNOME Shell looks like something in between Unity7, Unity8 and the new design ideas.

The use of flat design was also discussed thoroughly, because it is very common nowadays. Flat UI is less distracting and gives an uncluttered and sharp look, but it can also be boring and decrease the UX. We decided to mix both styles: the contours, GNOME shell and the headerbars are flat and the applications themselves in the center have a gentle 3D effect to better highlight where the focus should be.

GTK theme

Those themes are based on both upstream GNOME Shell and Adwaita themes sass files, making the whole maintenance way easier.

We did not do it alone…

We sincerely want to thank for all the feedback, ideas, PRs and also testing and reports the whole community, just to name a few: ya-d, jaggers, yazub, NusiNusi, nana-4, CraigD, vinceliuce, Paz-it, mivoligo, taciturasa. Without their huge support we surely would not have gone this far in so little time, and of course we want to thank the Design and Development team Stefan Eduard Krenn, Carlo Lobrano, Mads Rosendahl, Frederik Feichtmeier, Merlijn Sebrechts, Aaron Papin, whose constant effort and professionalism shaped Yaru theme commit after commit and discussion after discussion since the very beginning of this awesome journey.

What will happen in the coming days?

If you are one of the 19 000 people who downloaded the communitheme snap on ubuntu 18.04 LTS, basically nothing will change for you and you will still get the regular flow of daily (commitly? ;)) or weekly updates depending on which channel you have chosen ! We made a good deal in keeping backward compatibility for this user base. Snaps can’t be renamed yet, and consequently, we decided on keeping “communitheme” codename for this version. You still get latest of latest, and the build system has now some tweaks to ensure you get a compatible version with your system. You will still log into your communitheme dedicated session.

We are going to transition Cosmic (incoming 18.10 Ubuntu release) very soon to use a newly set of distribution packages under the Yaru new name. The new package will enter in the coming days to the ubuntu archive and the default ubuntu session will switch to it soon (once we get the package in main and makes some changes in various projects and default settings)! It won’t get as many refresh cycle as the snap based version, but we’ll make regular snapshots. Please use the snap if you want to give continuous feedback on the ubuntu hub with its dedicated section or or directly install from source.

Speaking of installing from source, we merged last week our different repositories (5 of them) into a single one to ease maintenance and releases. Now, we can get very easily the “Yaru” experience (GTK2, GTK3, GNOME Shell, icon, cursor and sound themes), cloning a single git repository and installing from it!

Eager to help?

Note that screenshots are still Work In Progress, there is still some discussions about keeping the Ubuntu logo by default on the launcher or not and other fundamentals changes that the community can decide until the Cosmic Cuttlefish release.

We still need some helps, in particular in the GTK2 world (which will be used to provide theming for Qt applications as well). It has never been easier to contribute to Yaru thanks to the recent repository reorganization: contributing to the projects is now simply heading to the Yaru repository under the ubuntu organization, read the README and contributing guidelines. All coordination still goes through the community ubuntu HUB and its dedicated topic. Will you be the next one? :)

Didier - on behalf of the whole communitheme core contributor team who contributed to this announce.

on July 24, 2018 09:10 AM

Some people have been wondering where I've been online. In conformance to some "employee protection" orders at work, I've had to begin terminating various & sundry bits of online presence. These sorts of orders are such that I do eventually have to obey them.

My Twitter account is gone. I currently have no active presence there.

My Flickr account is gone. I currently have no active presence there.

My account on the Mastodon network via has been gone for some time. If you've been looking for me there that account isn't being restored any time soon.

My account on is as good as gone considering I can't even get a ping response back from that system. After all, this is what I get from attempting a ping:

 $ ping
 PING ( 56(84) bytes of data.
 --- ping statistics ---
 811 packets transmitted, 0 received, 100% packet loss, time 829416ms

My account on Identica is locked in "Hotel California" mode and cannot be terminated by me at this time. That's probably a good thing. The network still exists, ya know.

Additionally, I've been getting tired of seeing things spill over on various social networks about how the current President of the United States (my 11th-line supervisor) is the embodiment of evil walking this planet. It is bad enough spending eight hours per day being paid by the federal government to hear that garbage while protecting the nation's financial interests. Coming home to hear that too is just a step too far. There just comes a point where I can't handle it anymore & have to cut something back.

This blog remains. I'm not going totally dark. Trying to be a light and to spread light is just not as easy as it sounds in this crazy world. Thankfully there is F/LOSS like the many flavours of Ubuntu to at least ensure that I don't have to include computer issues among my many worries right now. Worst comes to worst, you can give me a call on Telegram perhaps if you are so moved.

on July 24, 2018 01:38 AM

July 23, 2018

Inside out

Stuart Langridge

Recently the question of whether browsers should have a View Source function has reared its head again. Chris Coyier says no, as do Tom Dale and Christian Heilmann. Jonathan Snook says yes they should.

The argument against essentially boils down to this: the browser devtools are better. This is undeniably …

on July 23, 2018 05:26 PM

You have a cloud server and you got more than one public IP addresses.

How do you get those additional IP addresses to associate to specific LXD containers?

That is, how do you get your LXD container to use a public IP address?

This post has been tested with a baremetal server.


You have configured a cloud server and you arranged to have at least one additional public IP address.

In the following, we assume that

  • the gateway of your cloud server is
  • the unused public IP address is
  • the network is
  • the default network interface on the host is enp0s100 (if you have a bonded interface, the name would be something like bond0)

Creating a macvlan LXD profile

Create a new LXD profile and set up a macvlan interface. The name of the interface in the container will be eth0, the nictype is macvlan and the parent points to the default network interface on the host.

$ lxc profile create macvlan$ lxc profile device add macvlan eth0 nic nictype=macvlan parent=enp0s100

Here is how the profile macvlan looks like.

ubuntu@myserver:~$ lxc profile show macvlan
config: {}
description: ""
    nictype: macvlan
    parent: enp0s100
    type: nic
name: macvlan

Launching the container

Launch the container by specifying the macvlan profile on top (stacked) of the default profile. The container is called c1public.

$ lxc launch --profile default --profile macvlan ubuntu:18.04 c1public

Get a shell into the container and view the network interfaces

ubuntu@myserver:~$ lxc exec c1public bash
root@c1public:~# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet6 fe80::216:3eff:fe55:1930 prefixlen 64 scopeid 0x20<link>
        ether 00:16:3e:55:19:30 txqueuelen 1000 (Ethernet)
        RX packets 82 bytes 5200 (5.2 KB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 16 bytes 2788 (2.7 KB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@c1public:~# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
8: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 00:16:3e:55:19:30 brd ff:ff:ff:ff:ff:ff link-netnsid 0

At this stage, we can configure manually the appropriate public IP address for the network interface eth0 of the container and it will work. If you are familiar with /etc/network/interfaces, you can go ahead and make the static network configuration. In the next section we are going to see how to use netplan to configure the network.

Configuring the public IP with netplan

In the container, create a file /etc/netplan/50-static-public-ip.yaml so that it as follows. There are two options for the renderer, networkd (systemd-networkd which is available on Ubuntu 18.04) and NetworkManager. We then specify the public IP address, the gateway and finally the DNS server IP addresses. You may want to replace the DNS server with that of your cloud provider.

root@c1public:~# cat /etc/netplan/50-static-public-ip.yaml
  version: 2
  renderer: networkd
      dhcp4: no
      dhcp6: no

Applying the netplan network configuration

Run the following command to apply the netplan network configuration. Alternatively, you can restart the container.

root@c1public:~# netplan --debug apply
** (generate:294): DEBUG: 15:46:19.174: Processing input file //etc/netplan/50-cloud-init.yaml..
** (generate:294): DEBUG: 15:46:19.174: starting new processing pass
** (generate:294): DEBUG: 15:46:19.174: Processing input file //etc/netplan/50-static-public-ip.yaml..
** (generate:294): DEBUG: 15:46:19.174: starting new processing pass
** (generate:294): DEBUG: 15:46:19.174: eth0: setting default backend to 1
** (generate:294): DEBUG: 15:46:19.175: Generating output files..
** (generate:294): DEBUG: 15:46:19.175: NetworkManager: definition eth0 is not for us (backend 1)
DEBUG:netplan generated networkd configuration exists, restarting networkd
DEBUG:no netplan generated NM configuration exists
DEBUG:device lo operstate is unknown, not replugging
DEBUG:netplan triggering .link rules for lo
DEBUG:device eth0 operstate is up, not replugging
DEBUG:netplan triggering .link rules for eth0

Here is the network interface with the new IP address,

root@c1public:~# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
        inet netmask broadcast
        inet6 fe80::216:3eff:fe55:1930 prefixlen 64 scopeid 0x20<link>
        ether 00:16:3e:55:19:30 txqueuelen 1000 (Ethernet)
        RX packets 489 bytes 30168 (30.1 KB)
        RX errors 0 dropped 0 overruns 0 frame 0
        TX packets 18 bytes 1356 (1.3 KB)
        TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
root@c1public:~# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway UG 0 0 0 eth0 U 0 0 0 eth0
root@c1public:~# ping -c 3
PING ( 56(84) bytes of data.
64 bytes from ( icmp_seq=1 ttl=53 time=8.10 ms
64 bytes from ( icmp_seq=2 ttl=53 time=8.77 ms
64 bytes from ( icmp_seq=3 ttl=53 time=9.81 ms

--- ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 8.106/8.896/9.810/0.701 ms

Testing the public IP address

Let’s test that the public IP address of the LXD container works. We install nginx and modify a bit the default HTML page.

ubuntu@c1public:~$ sudo apt update
ubuntu@c1public:~$ sudo apt install nginx
ubuntu@c1public:~$ cat /var/www/html/index.nginx-debian.html 
<!DOCTYPE html>
<title>Welcome to nginx!</title>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href=""></a>.<br/>
Commercial support is available at
<a href=""></a>.</p>

<p><em>Thank you for using nginx.</em></p>
ubuntu@c1public:~$ sudo sed -i 's/to nginx/to nginx running in a LXD container with public IP address/g' /var/www/html/index.nginx-debian.html 

Let’s visit the public IP address with our browser!

It worked!


Help! I can see the IP address but there is no route?!?

Most likely you misconfigured the network prefix in the netplan configuration file. Find the details at

ubuntu@myserver:~$ sudo apt install ipcalc
ubuntu@myserver:~$ ipcalc
Address: 01100100.01100100.01100100.01100 000
Netmask: = 29 11111111.11111111.11111111.11111 000
Wildcard: 00000000.00000000.00000000.00000 111
Network: 01100100.01100100.01100100.01100 000
HostMin: 01100100.01100100.01100100.01100 001
HostMax: 01100100.01100100.01100100.01100 110
Broadcast: 01100100.01100100.01100100.01100 111
Hosts/Net: 6 Class A

The public IP addresses have the range 100.100.100.[97-102]. Both the gateway ( and the LXD container public IP address ( are in this range, therefore all are fine.

on July 23, 2018 04:30 PM

July 21, 2018

When I searched for a way to configure ddclient for, some pages mention protocol=dyndns2 with a custom URL. But actually, ddclient supports protocol=noip out of the box, so minimal steps would be something like:

$ sudo apt install ddclient
$ cat <<EOF | sudo tee /etc/ddclient.conf

And here we go.

$ echo 'run_daemon="true"' | sudo tee -a /etc/default/ddclient
$ sudo service ddclient restart
$ journalctl -u ddclient.service
systemd[1]: Started LSB: Update dynamic domain name service entries.
ddclient[24631]: SUCCESS: updating good: IP address set to 118.X.Y.Z

For more details, refer to ddclient -help.

on July 21, 2018 06:56 AM

On Thursday 19th July 2018, Xubuntu 17.10 goes End of Life (EOL). For more information please see the Ubuntu 17.10 EOL Notice.

We strongly recommend upgrading to the current release, Xubuntu 18.04, as soon as practical. Alternatively you can download the current Xubuntu release and install fresh.

on July 21, 2018 05:20 AM

July 20, 2018

A Debian LTS logoLike each month, here comes a report about the work of paid contributors to Debian LTS.

Individual reports

In June, about 202 work hours have been dispatched among 13 paid contributors. Their reports are available:

  • Abhijith PA did 8 hours (out of 10 hours allocated, thus keeping 2 extra hours for July).
  • Antoine Beaupré did 24 hours (out of 12 hours allocated + 12 extra hours).
  • Ben Hutchings did 12 hours (out of 15 hours allocated, thus keeping 3 extra hours for July).
  • Brian May did 10 hours.
  • Chris Lamb did 18 hours.
  • Emilio Pozuelo Monfort did 17 hours (out of 23.75 hours allocated, thus keeping 6.75 extra hours for July).
  • Holger Levsen did nothing (out of 8 hours allocated, thus keeping 8 extra hours for July).
  • Hugo Lefeuvre did 4.25 hours (out of 23.75 hours allocated, but gave back 10 hours, thus keeping 9.5 hours for July).
  • Markus Koschany did 23.75 hours.
  • Ola Lundqvist did 6 hours (out of 8 hours allocated + 17.5 remaining hours, but gave back 15.5 unused hours, thus keeping 4 extra hours for July).
  • Roberto C. Sanchez did 29.5 hours (out of 18 hours allocated + 11.5 extra hours).
  • Santiago Ruano Rincón did 5.5 hours (out of 8 hours allocated + 7 extra hours, thus keeping 9.5 extra hours for July).
  • Thorsten Alteholz did 23.75 hours.

Evolution of the situation

The number of sponsored hours increased to 210 hours per month. We lost a silver sponsor but gained a new platinum sponsor with the Civil Infrastructure Platform project (hosted by the Linux Foundation, see their announce).

We are very happy to see the CIP project engage directly with the Debian project and try to work together to build the software stack for tomorrow’s world’s infrastructure.

The security tracker currently lists 57 packages with a known CVE and the dla-needed.txt file 52.

Thanks to our sponsors

New sponsors are in bold.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

on July 20, 2018 02:28 PM

Kubuntu Linux has been my preferred Linux distribution for more than 10 years. My attraction to the KDE desktop and associated application set, has drawn from Kubuntu user, to a tester, teacher, developer, community manager and councilor. I feel really privileged to be part of, what can only be described as, a remarkable example of the free software, and community development of an exceptional product.

This latest release 18.04, effectively the April 2018 release, is a major milestone. It is the first LTS Long Term Support release of Kubuntu running the “Plasma 5” desktop.
The improvements are so considerable, in both performance and modern user interface ( UI ) design, that I was really excited about wanting to tell the world about it.

Which is why I was completely ecstatic when I was commissioned by Linux Magazine to write a 2000 word article, spanning some 4 pages, as a major review center piece in their magazine.

Published as “Linux Pro Magazine” in the US and “Linux Magazine” in Europe.

In the article I dive into one of the greatest and most unsung features of KDE Plasma 5; “Activities”. The introduction of activities in KDE has been a revelation to me, and completely changed the way that I work on a day to day basis. I encourage you whole heartedly to explore them, if you haven’t done so already.

Published in the August 2018 edition, and from which the introduction is available online at or of course you can buy the August issue from

It is fantastic to see Kubuntu hitting the main stream publishing and to have an in-depth review article in one of the global leading Linux magazines is wonderful.

by Rick Timmis

on July 20, 2018 01:39 PM

July 17, 2018

Why everybody should you care about data safety, and how ZFS and BTRFS can help protect the data on your Linux systems.

The post Improving data safety on Linux systems using ZFS and BTRFS appeared first on LIEBERBIBER.

on July 17, 2018 01:20 PM

July 16, 2018

The low-latency kernel offering with Ubuntu provides a kernel tuned for low-latency environments using low-latency kernel configuration options.  The x86 kernels by default run with the Intel-Pstate CPU scheduler set to run with the powersave scaling governor biased towards power efficiency.

While power efficiency is fine for most use-cases, it can introduce latencies due to the fact that the CPU can be running at a low frequency to save power and also switching from a deep C state when idle to a higher C state when servicing an event can also increase on latencies.

In a somewhat contrived experiment, I rigged up an i7-3770 to collect latency timings of clock_nanosleep() wake-ups with timer event coalescing disabled (timer_slack set to zero) over 60 seconds across a range of CPU scheduler and governor settings on a 4.15 low-latency kernel.  This can be achieved using stress-ng, for example:

 sudo stress-ng --cyclic 1 --cyclic-dist 100 –cyclic-sleep=10000 --cpu 1 -l 0 -v \
--cyclic-policy rr --cyclic-method clock_ns --cpu 0 -t 60 --timer-slack 0

..the above runs a cyclic measurement collecting latency counts in 100ns buckets with a clock_nanosecond wakeup interval of 10,000 nanoseconds with zero % load CPU stressor and timer slack set to 0 nanoseconds.  This dumps latency distribution stats that can be plotted to see where the modal latency points occur and the latency characteristics of the CPU scheduler.

I also used powerstat to measure the power consumed by the CPU package over a 60 second interval.  Measurements for the Intel-Pstate CPU scheduler [performance, powersave] and the ACPI CPU scheduler (intel_pstate=disabled) [performance, powersave, conservative and ondemand] were taken for 1,000,000 down to 10,000 nanosecond timer delays.

1,000,000 nanosecond timer delays (1 millisecond)

Strangely the powersave Intel-Pstate is using the most power (not what I expected).

The ACPI CPU scheduler in performance mode has the best latency distribution followed by the Intel-Pstate CPU scheduler also in performance mode.

100,000 nanosecond timer delays (100 microseconds)

Note that Intel-Pstate performance consumes the most power...
...and also has the most responsive low-latency distribution.

10,000 nanosecond timer delays (10 microseconds)

In this scenario, the ACPI CPU scheduler in performance mode was consuming the most power and had the best latency distribution.

It is clear that the best latency responses occur when a CPU scheduler is running in performance mode and this consumes a little more power than other CPU scheduler modes.  However, it is not clear which CPU scheduler (Intel-Pstate or ACPI) is best in specific use-cases.

The conclusion is rather obvious;  but needs to be stated.  For best low-latency response, set the CPU governor to the performance mode at the cost of higher power consumption.  Depending on the use-case, the extra power cost is probably worth the improved latency response.

As mentioned earlier, this is a somewhat contrived experiment, only one CPU was being exercised with a predictable timer wakeup.  A more interesting test would be with data handling, such as incoming packet handling over ethernet at different rates; I will probably experiment with that if and when I get more time.  Since this was a synthetic test using stress-ng, it does not represent real world low-latency scenarios, however, it may be worth exploring CPU scheduler settings to tune a low-latency configuration rather than relying on the default CPU scheduler setting.
on July 16, 2018 12:22 PM

GUADEC 2018 Almería

Robert Ancell

I recently attended the recent GNOME Users and Developers European Conference (GUADEC) in Almería, Spain. This was my fifth GUADEC and as always I was able to attend thanks to my employer Canonical paying for me to be there. This year we had seven members of the Ubuntu desktop team present. Almería was a beautiful location for the conference and a good trade for the winter weather I left on the opposite side of the world in New Zealand.

This was the second GUADEC since the Ubuntu desktop switched back to shipping GNOME and it’s been great to be back. I was really impressed how positive and co-operative everyone was; the community seems to be in a really healthy shape. The icing on the cake is the anonymous million dollar donation the foundation has received which they announced will be used to hire some staff.

The first talk of the week was from my teammates Ken VanDine, Didier Roche and Marco Treviño who talked about how we’d done the transition from Unity to GNOME in Ubuntu desktop. I was successful in getting an open talk slot and did a short talk about the state of Snap integration into GNOME. I talked about the work I’d done making snapd-glib and the Snap plugin in GNOME Software. I also touched on some of the work James Henstridge has been working on making Snaps work with portals. It was quite fun to see James be a bit of a celebrity after a long period of not being at a GUADEC - he is the JH in JHBuild!

After the first three days of talks the remaining three days are set for Birds of a Feather sessions where we get together in groups around a particular topic and discuss and hack on that. I organised a session on settings which turned out to be surprisingly popular! It was great to see everyone that I work with online in-person and allowed us to better understand each other. In particular I caught up with Georges Stavracas who has been very patient in reviewing the many patches I have been working on in GNOME Control Center.

I hope to see everyone again next year!
on July 16, 2018 02:41 AM