One SimCity per Child

It seems I haven’t been the only one raving about SimCity being great in every possible aspect; The OLPC (One Laptop per Child) initiative has gotten a generous donation by EA; the original (aka ‘Classic’, aka ‘1.0′) SimCity, for use on all these cheap laptops in developing countries. In another cool move;

the GPL open source code will soon be released under the name “Micropolis”

I think this is a very good move from EA; although the game is dated, it’s still a very useful and educational game. It was quite inspiring for me in my younger years as well.

Apple opens up on Darwin 9.0.

Not so long after the release of Leopard, Apple has decided to hit us with the release of the source code of the kernel. The Darwin 9.0 sources are available for download (free ADC membership required) here.

Now there’s a thing we little know and love about Apple; an open-source rendering engine and kernel (and of coures, even more open-source projects slightly less significant than those).

My personal Comm Station.

I have been working on a few technical things over the course of the weekend; first meshing my home wireless network by letting two routers form a single network, and after I was done, setting up MRTG (Multi-Router Traffic Grapher) for my Airport Extreme, which is the border gateway.

MRTG produces pretty graphs of networks statistics, and I integrated them into my Leopard desktop using a space station icon I am working on, a bit of Photoshopping and Geektool 2.1.2 (since the website is down, I’ll host it here for the interested). Geektool, in turn, is a preference pane that lets you show console output or images on your desktop, refreshed at a certain interval.

I’ll let the result speak for itself (click for larger version over at flickr);

If there’s any interest for it, I’m willing to write a nice how-to for setting all of this up easily. Drop a comment if you want to see such a post.

Wireshark replacement icon gets a Daily Deviation.

I’m honoured to present my third ‘Daily Deviation’ award on the biggest digital art site on the internet, deviantART. My replacement icon for Wireshark has gotten this beauty and I didn’t even notice until I had a gazillion messages and referrals to my website. Thanks for the kind words and downloads, everyone! If you want to download it, go to Icon Designer.

Link to the deviation in question…

I haven’t been very verbal lately and I couldn’t because I have had some life-changing moments that really need some thought. Perhaps I’ll divulge or make a long post about it a bit later on but at the moment, I’m really having some questions with utmost relevance about my future, my life in general, and well, what you are presented with here, my company, my idea, my ambitions. As I have said before, July will turn out an exciting month, but I can assure you it’ll be more of a rollercoaster to me and even more of a complete astonishment to you (or perhaps not, I just hope so). So, more updates soon… there has been huge progress in my work, and in my life. There’s certainly no lazy silence here. Not ever.

When everyone starts designing interfaces…

This kind of stuff happens.

Now, I’ve always been an open-source enthousiast. I’ve applauded the decision of the GNOME team to keep most of their decisions behind closed doors and not really take all the crazy feature suggestions serious. KDE 4, for some reason or another, thought it was a great idea, UI-wise, to just slap about 3 buttons on each icon on your desktop as you hover over it. Other than being brightly colored, they are quite nondescript. If this blog post wouldn’t exist, I’m quite sure very few people would know what it does. In the screen-cast you can actually see the person in question opening a file by clicking a badge over the icon with a gear on it. Oh, of course - if we click on gear icons in UI’s, files open. A totally logical piece of causality that commonly accepted.

Okay, I hear you say, it’s not even done yet; he’s just made it to show what it can do! Well, in that case, fantastic job regressing in the history of UI design. We’ve been doing everything possible to limit nondescript buttons and too much choice in the UI on the Mac; it’s in our interface guidelines. GNOME has been doing a great effort to keep it as simple and minimal as possible. What do these guys do? They just liberally sprinkle badges all over existing icons, that were meant to serve the function of the badges in the first place.

If you still think this is a good idea, you might imagine taking this step in OS X. Imagine you open Mail.app, and in the list of emails, every email is preceded by four brightly colored dots. It’s not really clear what function they have, but it seems you know because some icons on the dots seem familiar. You click the orange one and your email is suddenly gone. What happened? Well, your choice for a compact list view made the icon on the orange dot illegible and it was the button that marked it as trash. You go to your trash, where you click the green dot, and it opens a reply template. You can imagine the problems with such colored dots in small sizes.

UI design is a great job. You can think up all sorts of awesome stuff and these days, we have 3d interface possibilities for the willing. That doesn’t mean, however, that you should just do everything you can imagine because you think it’s cool. The reason why people like me are hired is that we weigh every possible user in. The same reason why the GNOME team is often criticized for being overly conservative when it comes to UI additions. KDE’s been known, to me, as the desktop with the ‘in progress’ cursor of a bouncing object and it’s XP-like icon sets. It’s never been usable, pretty, or otherwise impressive to me. This addition adds to that.

The comments on digg do make me smile. I loved this one;

” I wonder when the apple fanboys will raid this and clam they stole it from apple. sigh”

Somehow, I doubt they will.

Vienna without a flipped out Star-Trek pad.

Yeah, I dislike the icon that much. Anyway, all other replacements didn’t really do it either for me - I mean, I got a distinct image of a newspaper in my mind that I want it to be. Also, I got my own badge for a while now and I love it to death, so, to make the move;

I hope you enjoy this little Vienna icon replacement as much as I do. The badges are on the disk image, with instructions to get them working. Follow them closely. More on Icondesigner soon.

edit: fixed…

A bit of GNU vs. XNU

My day was filled with thoughts concerning the open-source developments on the GNU/Linux side, and Apple, my favorite work and play platform hardware- and software-wise.

I had a bit of a vision today. Well, not really, but it could be true. We were smashed a while back by the new icons of CS3;

How nice it is to see these icons have had a functional, but also aesthetic revamp. I no longer have to fuss about what flower, feather, or butterfly I need to drop my file on. Mentally, it works great, as you can discern apps by color and only two glyphs. A certain example of the ‘it just works’ approach. Very simple and good design. But it’s gone much further than that — a lot of weblog designs already feature subtle gradient designs, creative use of color, and rounded corners. This ‘new’ look is certainly becoming much more pervasive. Check out this great desktop manager (a GNUStep spinoff, so based on the same starting point as OS X, OpenSTEP), called Étoilé;

See? Simple gradients, beautiful use of color. We’ve seen this in the ‘new iTunes’ interface too, since 7, we’ve lost on Aqua, and gained on subtle gradients. Much more OS X widgets of the newer apps have a similar look, see for instance, Apple Remote Desktop 3 and higher;

We (OS X users) all know this alternative drop-down widget now, but it’s increasing presence could be an indication, like all the things mentioned here, that it may be the look we will remember this ‘age’ by.

Anyway, this whole Étoilé WM has brought me craving Linux a bit more lately. GNU/Linux and it’s interface have seen so much work (in all directions, all at once, of course, this is Linux!) and projects devoted to innovation, that it’s incredible. Check out, for instance, lowfat (screenshot presented below, but DO check that video!)

Although the it already looks good, it’s the potential behind these kind of projects that make it interesting. On the other hand, I am very glad we (on OS X) got Cocoa, and all those nice frameworks, sample code and nice and clean development purposes and guidelines which lead to, well, ‘desirable’ developments. I like organized things.

So will GNU/Linux turn into the eye-candy station for the geek with too much free time? No, absolutely not. It’s important to remember that the Mac has a small market share, and will remain a hardware platform. Linux will be a suitable replacement for Windows, no doubt about it. There is just still work to be done. I’ve seen my environment turn more and more Linux - the required knowledge gets less and less. I think that’s great, and it’s a fantastic platform. However, GNU/Linux, and alas, not even *BSD, can give me the feeling of ‘home’ my Mac gave me. I think it’s wonderful to feel like you can do anything, anytime, and it’ll be simple, and by that one team you love. Thanks, Apple.

Owning your network, open source style.

In this new quick and dirty how-to, I want to address how I secure my personal network, consisting of a few rogue Windows computers (I manage a network that connects two houses with one internet connection at home) and two Macs, a FreeBSD server and a Linux server (my computers). It’s got wired and wireless access points, and my servers use wired connections. I use several tools on all platforms that you can all test for yourself without even touching your computer with the latest 2.0 of the Backtrack live CD, a GNU / Linux security distribution that features some hot tools for you to use out of the box. Make sure it supports your hardware, though, or you will be in for a very boring ride.

First off, wireless networking is a very big hole in the security of any network. It’s trivial to penetrate many networks, in spite of encryption, MAC filtering (filtering devices by their hardware address) and other security mechanisms, it adds an attack vector for anyone with malicious intent. For rather personal reasons (I don’t like people whining about internet being a hassle) and fun and profit (more about this later on) I chose to keep my wireless access point.
What’s always important to know, is who or what is on your network. The primary tool I use to enumerate hosts on my networks is Nmap, by the brilliant Fyodor. In any environment that’s got a shell (even Windows has a shell, check out Cygwin), Nmap is trivial to automate, and it’s output is trivial to process. It runs nice and fast, and it has a host of options. Check out this shell command as an example to find hosts on your network and get the output in a format that is readable and even printable by dope things like Geektool (OS X), to put the output on your desktop.
'/opt/local/bin/nmap' -sP 192.168.2.0/24 | awk '/192.168./ {print $2, $6}'
Note; /opt/local/bin/ is my path to nmap. Use your own. The -sP command does a ping sweep of all hosts in the 192.168.2. subnet. In other words, the netmask is 255.255.255.0, or /24. You should change this to your network’s IP address range, as well as the two fields in awk. The output of the command looks like this;

192.168.2.1 up.
192.168.2.2 up.
192.168.2.4 up.

Now, that’s just handy. Now we can already know what ping-replying people are on the network. If there seems to be a bit of a delay, and our scan doesn’t return results, we can use the more advanced options of Nmap - which require privileges. Some options to consider; -sL; the list scan. Will mass-scan a list of hosts, which you can use with the following, useful flags; -v for verbose mode, extra output! You can use the -PR, -P0 or -PN options to respectively use ARP for pinging, not ping at all, or use ICMP netmask requests (a clever one which can bypass Windows and OS X ’stealth’ mode firewalls default ICMP rules). With the -O flag, you can also let Nmap try to fingerprint the hosts’ OS, which can be handy, as well as giving a guess of the network device’s hardware vendor with the aforementioned verbose mode. There are many open-source programs to quickly or otherwise uniquely enumerate or find hosts on a network, and I leave it to the reader to vary with programs like hping3, arping, fping, scanrand and others to get different or better results. I use arping and scanrand (Dan, the man!) on a regular basis, because each has it’s own advantages.

A commonly-used attack on networks once in is using a poisoning attack to capture traffic. Virtually all routers operate as switches today, which means they don’t just send out all traffic on the network to anyone, but switch it between appropriate hosts. To keep track of all the hardware addresses and routing between platforms in the traditional IPv4, the ARP protocol is used. My very, very favorite tool for fucking with ARP (excuse my language) is ettercap, but most people, for the safety of their own network, will merely want to keep tabs to see if people aren’t doing nasty shit. For this purpose, arpscan is a very fine choice. It compiles cleanly on virutally all operating systems (I don’t know about Windows, but this is owning your network open-source style, not borked-lego-interface style) and it sends an email to your local account when some suspicious activity occurs. Suspicious could be someone new seen on the network, or someone doing real nasty stuff (MAC spoofing / ARP poisoning). You can always manage these messages with the most owning open-source Mail program, pine, or simply use the command-line tool mail.
Offensive network defense is sometimes a good idea if someone won’t leave the network when asked politely. Make sure you know what you are doing, and use Backtrack, or any UNIX with ettercap to use the dark side of… ARP (and a host of other attacks!).

Say hello to ettercap -C. Ettercap obviously requires privileges, and it can be used to sniff out traffic first, but also make a nice host list and perform attacks on these hosts. The -C option uses by favorite interface system, Curses, but if your X11 has GTK, you can download ettercap-gtk and run it in it’s own window, with a ‘real’ interface. It can, obviously, also be ran as a command-line tool.
If you do not know what you are doing, fooling around with ARP Poisoning could break a network. Yes, you can get in dire trouble if you really start to fuck around with this in places other than your own network. Now, if you don’t mind your router being harassed by routing the traffic, you can disable internet for a host by simply not changing your routing settings, and performing ARP poisoning with ettercap. The hosts’ traffic will be routed through the router, to your computer, which will drop it. Incidentally, this often means the host sends it’s IM login info several times, which ettercap will display for you.

Use this attack, with the ‘remote’ option. Don’t forget to use the ‘Stop mitm attack(s)’ when you are done. The console should provide you with output like the dropped packets and passwords. Configure logging to a convenient file in the logging tab, and make sure you have your router configured as Target 1, and the victim as Target 2 in the host list (under Hosts, obviously). Dandy. You can mess around with other, potentially destructive options on your own network at your own discretion. Just remember, I didn’t break it.
Now, what else can we do to own a network? Well, the former Ethereal (now Wireshark) is an excellent cross-platform (Nmap-cross platform, Windows users, go wild) packet sniffer. You can use it to take a more in-depth look at your traffic, as it can often sniff out raw wireless packets too, and login information. The convenient protocol coloring shows you what part of the network traffic is what, even measured in percentages. Think that sounds nice? Here’s an obligatory screenshot.

Ooh, pretty colors. Remember you can always check all these tools out hassle-free if you have a Backtrack-compatible setup.

This should give you some pointers on what steps you can take to feel like you are owning your network a bit more. Remember to look at the tools, read the documentation and be creative. The only way to control a network is to get in touch with the technical side.

digg this!

A package came in today…

Well, I got a package today, to my surprise, they are very early. This is a free package I ordered through Ship-It - Canonical’s free system to deliver Ubuntu to users.


Those three CD’s are the 32-bit X86 version, the 64-bit AM64 version and the PowerPC version of Ubuntu 6.10. They have absolutely beautiful inlays (you just have to look over the somewhat overly happy front stock photo people - Hello happy stock photo people!) with detailed information.

Also, it comes with stickers! Woo-hoo! I am completely going to slap an Ubuntu label on anything I happen to liberate! No, not really, I’d get severely abused. But I’ll find a use for them, or let them have company with the brand adhesives you get with your Apple computer, that are merrily gathering dust in a dark corner of my desk.

At the moment, my Linux on the Mactel is still broken, but this weekend I am doing a resurrection with a new live CD - fingers crossed. For the uninformed, I completely trashed my system after building a custom kernel. Home-cooking gone bad, so to say. Well, I will get it running, but at the moment, it doesn’t even start up, so I am in a bit of a gripe. I’ve got a legion of mactel-happy coders to help me, though, so I will eventually sort it all out. For now, Mactel-Linux is not for human beings. I did manage to get back a screenshot from it when I was still running it, behold my sexy black UI;

21st Century Musings.

We should really stop making obsolete technologies. Some people just have the right mentality lately when it comes to hyper-modern cutting edge technobabble-esque inventions. For example, take making a cure for cancer. Sure, you could do all that boring stuff in a lab, with proteins and… biology, but hey, Antimatter is cool! Why not use antimatter to cure cancer? Anyway, while all this may be a bit over the top, we -are- pushing our technologies to the next level, whether it is necessary or not, we always want to explore new frontiers.

Take, for example, Resolution Independence. I’ve seen the KDE 4 icons today, and well, they are svg’s! For those MIME-Type challenged among us, that means Scalable Vector Graphic, which means as much as that you are now officially able to print out the icon for whatever in whatever format you want, there is no quality loss in the traditional sense of pixelation and distortion. Now, GNOME 2 can do this as well - it’s GNOME icon set has a very nice scalable set that works great in small and big sizes, but these icons, well, let them speak for themselves;


Courtesy of the Oxygen icon suite - in SVN repositories near you! Anyway, this is awesome stuff. The Iconfactory has a post on resolution independence, but they used a PDF standpoint, which did offer a huge speed disadvantage. These streamlined SVG’s are superfast in rendering, and the detail is considerable. Of course, things are moving towards the resolution-independent UI now, with Leopard probably being the first OS to ship with a truly resolution-independent UI in April or so.

In the meantime, Microsoft is doing their usual ‘innovating’; attempting to introduce a new image format; HD-Photo! Buzzwords, anyone? The format, which is already obsolete, is supposed to be some sort of JPEG replacement, and of course, has nothing to do with High-Definition at all. I think this is very much in line with Microsoft’s confusingly-named OO-XML ‘replacement’ (slash competitor slash killer) for the Open Document Format, which is being required by law soon. For those new to the war, we don’t want .doc files littering public services anymore, as they are not public formats, but proprietary, courtesy of daddy Bill. So, there is an initiative to store -all- office document data in one format, so that would be your contemporary Powerpoint, Excel sheets, Word documents, anything, in an XML container. And the good thing is, everyone can read it! Unless, of course, Microsoft finds some way to get into the legislation. It’s the war of the times, and I strongly hope this is a war Microsoft doesn’t win, because the implications could be dire.