Linux

Daniel Pocock: Who are/were the FSFE Fellowship? Starting Fellowship 2.0?

Planet Ubuntu - Sat, 09/08/2018 - 10:37

Since the FSFE Fellowship elected me as representative in April 2017, I've received a lot of questions from fellows and the wider community about what the Fellowship actually is. As representative, it is part of my role to help ensure that fellows are adequately informed and I hope to work towards that with this blog.

The FSFE Fellowship was started in 2005 and has grown over the years.

In 2009, around the time the Fellowship elections commenced, Georg Greve, FSFE's founder commented

The Fellowship is an activity of FSFE, and indeed one of the primary ways to get involved in the organisation. It is a place for community action, collaboration, communication, fun, and recruitment that also helps fund the other activities of FSFE, for example, the political work.

Later in 2009, articles appeared in places like Linux Pro Magazine promising

From November 2009, the Free Software Foundation Europe will be offering three free Fellowships each month to open source activists.

In May 2018, when Fellowship elections were abolished by a group of nine people, mainly staff, meeting in Berlin, a small news item was put out on a Saturday, largely unnoticed by the community, arguing that fellows have no right to vote because

the community would never accept similar representation for corporate donors it is inappropriate to have such representation for any purely financial contributor.

How can long-standing FSFE members responsible for "community action, collaboration, communication, fun, and recruitment" be mistaken for a "purely financial contributor"? If open source activists were given free Fellowships, how can they be even remotely compared to a "corporate donor" at all? How can FSFE so easily forget all the effort fellows put in over the years?

The minutes show just one vote to keep democracy.

I considered resigning from the role but I sincerely hope that spending more time in the role might help some remaining Fellows.

Financial contributions

Between 2009 and 2016, fellows gave over EUR 1,000,000 to FSFE. Some are asking what they got in return, the financial reports use just six broad categories to show how EUR 473,595 was spent in 2016. One person asked if FSFE only produced EUR 37,464 worth of t-shirts and stickers, is the rest of the budget just overhead costs? At the very least, better public reporting is required. The budget shows that salaries are by far the biggest expense, with salaries, payroll overheads and office facilities being almost all of the budget.

In 2016 one single donor bequeathed EUR 150,000 to FSFE. While the donor's name may legitimately be suppressed for privacy reasons, management refuse to confirm if this person was a fellow or give the Fellowship representatives any information to ensure that the organization continues to remain consistent to the philosophy in practice whenever the will had been written. For an organization that can so easily abandon its Fellowship and metamorphise into a corporate lobby group, it is easy to imagine that a donor who wrote a will five or ten years ago may not recognize the organization today.

With overall revenues (2016) of EUR 650,000 and fellows contributing less than thirty percent of that, management may feel they don't need to bother with fellows or elections any more and they can rely on corporate funding in future. How easy it is to forget the contributions of individual donors and volunteers who helped FSFE reach the point they are in today.

Force-migration to the supporter program

Ultimately, as people have pointed out, the Fellowship has been a sinking ship. Membership was growing consistently for eight months after the community elected me but went into reverse from about December 2017 when fellows were force-migrated to the supporter program. Fellows have a choice of many free software organizations to contribute their time, skill and donations to and many fellows were prompted to re-evaluate after the Fellowship changes. Naturally, I have been contemplating the same possibilities.

Many fellows had included their status as an FSFE Fellow in their email signature and business card. When speaking at conferences, many fellows have chosen to be introduced as an FSFE Fellow. Fellows tell me that they don't want to change their business card to say FSFE Supporter, it feels like a downgrade. Has FSFE made this change in a bubble and misjudged the community?

A very German organization

FSFE's stronghold is Germany, 665 fellows, roughly half the Fellowship. With membership evaporating, maybe FSFE can give up trying to stretch into the rest of Europe and try to regroup at home. For example, in France, FSFE has only 42 fellows, that is one percent of the 4,000 members in April, the premier free software organization of the French speaking world. FSFE's standing in other large countries like the UK (83), Italy (62), Netherlands (59) and Spain (65) is also very rudimentary.

Given my very basic level of German (somewhere between A1 and A2), I feel very privileged that a predominantly German community has chosen to vote for me as their representative.

FSFE beyond the fellowship

As the elections have been canceled, any members of the community who want to continue voting as a member of the FSFE association or attend the annual meeting, whether you were a fellow or not, are invited to do so by clicking here to ask for the president to confirm your status as an FSFE member.

Fellowship 2.0?

Some people have asked whether the Fellowship should continue independently of FSFE.

It is clear that the fellows in Germany, Austria and Switzerland have the critical mass to set up viable associations of their own, for example, a Free Software Fellowship e.V.. If German fellows did this, they could elect their own board and run their own bank account with revenues over EUR 100,000 per year just from the existing membership base.

Personally, I volunteered to act as a representative of fellows but not as the leader or founder of a new organization. An independent Fellowship could run its own bank account to collect donations and then divide funds between different organizations instead of sending it all to the central FSFE account. An arrangement like this could give fellows more leverage to demand transparency and accounting about campaign costs, just as a large corporate donor would.

If other fellows want to convene a meeting to continue the Fellowship, please promote it through the FSFE mailing lists and events.

Concluding remarks

Volunteers are a large and crucial part of the free software movement. To avoid losing a community like the Fellowship, it is important to treat volunteers equally and fully engage them in decision making through elections and other means. I hope that this blog will help fellows understand who we are so we can make our own decisions about our future instead of having FSFE staff tell us who to be.

Download data used in this blog.

Categories: Linux

Sean Davis: Xubuntu Development Update September 2018

Planet Ubuntu - Fri, 09/07/2018 - 21:52

A week later than expected, it’s the September development update! The theme for August (and early September) has been visual improvements, with a few bug fixes tossed in for good measure. Check it out! 

Xubuntu Bionic Beaver (18.04)

Bionic was pretty stable in August, with only one of our packages making it through the SRU process and into the hands of our users.

We’re currently looking to get these new releases and fixes into Bionic.

  • Catfish 1.4.6
    • This is a new release with numerous bug fixes and a much-improved thumbnailer.
  • Xfce Settings: Mouse acceleration not configurable in Xubuntu 18.04 (LP: #1758023)
    • This issue is related to libinput taking over mouse configuration, and will be resolved by building xfce4-settings with libinput support.
Cosmic Cuttlefish (18.10)

The following source package updates landed in Cosmic in August.

  • elementary-xfce 0.12-1ubuntu1
    • The elementary-xfce icon theme is now available on Debian! Previously, this theme was part of the xubuntu-icon-theme package.
  • ristretto 0.8.3-1 (Debian sync)
  • thunar-archive-plugin 0.4.0-1 (Debian sync)
  • thunar-media-tags-plugin 0.3.0-1 (Debian sync)
  • xfce4-taskmanager 1.2.1-1 (Debian sync)
  • xubuntu-artwork 18.10
    • The development wallpaper is set on boot and the desktop.
    • The xubuntu-icon-theme is now a branding package, that upgrades the elementary-xfce icon theme with the Xubuntu distributor logo.
  • xubuntu-default-settings 18.10
    • “Square icons” were enabled in all supported plugins, improving size and shape consistency on the panel.
    • Orage configuration was updated to use the “paplay” command for sounds by default (LP: #1054396)
    • The panel was updated to be 80% transparent at all times. This is a settings migration to support the new GTK+ 3 panel.
    • The Xubuntu session was updated to correctly set XDG_CURRENT_DESKTOP (LP: #1590089)
  • xubuntu-meta 2.227
    • This package release replaces the fwupdate dependency with the newly minted fwupd.
Xfce New Releases

Xfce had 3 new releases in August, featuring a variety of bug fixes and usability improvements.

Xfce Display Profiles (Preview)

Simon has been hard at work implementing a nifty new feature for the Xfce Display Settings, display profiles! This feature allows you to save and switch between various display setups, useful for users on the go or presenters. This hasn’t been merged into master yet, so designs are not final.

Spacing Improvements

I’ve spent the last week submitting patches to the Xfce core applications, panel plugins, and Thunar plugins. My goal is to improve the overall look and feel of Xfce by improving the consistency of it’s preference dialogs. A few before and after screenshots are below.

I’ve based my work on the excellent GNOME 2 HIG Window Layout documentation. Xfce has long borrowed the design philosophies from this document (to varying degrees) and is once again benefiting from the well-written work.

Shimmer Project Elementary Xfce Icon Theme

Xubuntu’s beloved icon theme has had a few significant updates in recent weeks. From build optimizations to new upstream icons, there’s a lot to unpack.

The theme has added a Makefile and build tool to convert the theme’s SVG sources to PNG. Xubuntu has included the PNG-building functionality for some time, and now it’s available for everyone. PNG-based themes are faster to load and generally crisper at various sizes. Included in the new build options are PNG optimization. Optipng is now used to optimize each of the generated files, reducing the overall file size.

Updated icons coming from upstream this month include dialog-password, selection icons, graphics icons, and manila-colored folders. The manila folders are a sharp contrast from the longtime blue, but after using them for a few days, they’re actually pretty nice.

Other Updates Mugshot 0.4.1

I released Mugshot 0.4.1 early last month with a number of bug fixes and code quality improvements. You can check out the release notes and find downloads here.

Contributing

Ready to start giving back to your favorite open source projects? Remember that there’s something for everyone, and you can get started quickly with the Xubuntu and Xfce contributor docs. If you don’t know where to start, join us at #xubuntu-devel on Freenode… we’ll point you in the right direction.

Categories: Linux

Corey Bryant: OpenStack Rocky for Ubuntu 18.04 LTS

Planet Ubuntu - Fri, 09/07/2018 - 09:21

The Ubuntu OpenStack team at Canonical is pleased to announce the general availability of OpenStack Rocky on Ubuntu 18.04 LTS via the Ubuntu Cloud Archive. Details of the Rocky release can be found at:

https://www.openstack.org/software/rocky

To get access to the Ubuntu Rocky packages:

Ubuntu 18.04 LTS

You can enable the Ubuntu Cloud Archive pocket for OpenStack Rocky on Ubuntu 18.04 installations by running the following commands:

sudo add-apt-repository cloud-archive:rocky sudo apt update

The Ubuntu Cloud Archive for Rocky includes updates for:

aodh, barbican, ceilometer, ceph (13.2.1), cinder, designate, designate-dashboard, glance, gnocchi, heat, heat-dashboard, horizon, ironic, keystone, magnum, manila, manila-ui, mistral, murano, murano-dashboard, networking-bagpipe, networking-bgpvpn, networking-hyperv, networking-l2gw, networking-odl, networking-ovn, networking-sfc, neutron, neutron-dynamic-routing, neutron-fwaas, neutron-lbaas, neutron-lbaas-dashboard, neutron-vpnaas, nova, nova-lxd, octavia, openstack-trove, openvswitch (2.10.0), panko, sahara, sahara-dashboard, senlin, swift, trove-dashboard, vmware-nsx, watcher, and zaqar.

For a full list of packages and versions, please refer to: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/rocky_versions.html

Python 3 support
Python 3 packages are now available for all of the above packages except swift. All of these packages have successfully been unit tested with at least Python 3.6. Function testing is ongoing and fixes will continue to be backported to Rocky.

Python 3 enablement
In Rocky, Python 2 packages will still be installed by default for all packages except gnocchi and octavia, which are Python 3 by default. In a future release, we will switch all packages to Python 3 by default.

To enable Python 3 for existing installations:

# upgrade to latest Rocky package versions first, then: sudo apt install python3-<service> [1] sudo apt install libapache2-mod-wsgi-py3 # not required for all packages [2] sudo apt purge python-<service> [1] sudo apt autoremove --purge sudo systemctl restart <service>-* sudo systemctl restart apache2 # not required for all packages [2]

For example:

sudo apt install aodh-* sudo apt install python3-aodh libapache2-mod-wsgi-py3 sudo apt purge python-aodh sudo apt autoremove --purge sudo systemctl restart aodh-* apache2

To enable Python 3 for new installations:

sudo apt install python3-<service> [1] sudo apt install libapache2-mod-wsgi-py3 # not required for all packages [2] sudo apt install <service>-<name>

For example:

sudo apt install python3-aodh libapache2-mod-wsgi-py3 aodh-api

[1] The naming convention of python packages is generally python-<service> and python3-<service>. For horizon, however, the packages are named python-django-horizon and python3-django-horizon.

[2] The following packages are run under apache2 and require installation of libapache2-mod-wsgi-py3 to enable Python 3 support:

aodh-api, cinder-api, barbican-api, keystone, nova-placement-api, openstack-dashboard, panko-api, sahara-api

Other notable changes
sahara-api: sahara API now runs under apache2 with mod_wsgi

Branch package builds
If you would like to try out the latest updates to branches, we deliver continuously integrated packages on each upstream commit via the following PPA’s:

sudo add-apt-repository ppa:openstack-ubuntu-testing/mitaka sudo add-apt-repository ppa:openstack-ubuntu-testing/ocata sudo add-apt-repository ppa:openstack-ubuntu-testing/pike sudo add-apt-repository ppa:openstack-ubuntu-testing/queens sudo add-apt-repository ppa:openstack-ubuntu-testing/rocky

Reporting bugs
If you have any issues please report bugs using the ‘ubuntu-bug’ tool to ensure that bugs get logged in the right place in Launchpad:

sudo ubuntu-bug nova-conductor

Thanks to everyone who has contributed to OpenStack Rocky, both upstream and downstream. Special thanks to the Puppet OpenStack modules team and the OpenStack Charms team for their continued early testing of the Ubuntu Cloud Archive, as well as the Ubuntu and Debian OpenStack teams for all of their contributions.

Have fun and see you in Stein!

Cheers,
Corey
(on behalf of the Ubuntu OpenStack team)

Categories: Linux

Ubuntu Podcast from the UK LoCo: S11E26 – Twenty-Six Roses - Ubuntu Podcast

Planet Ubuntu - Thu, 09/06/2018 - 08:00

We discuss upgrading RAM in a Lenovo Yoga 510-14st and getting punched in the face. We reminisce about our OggCamp road trip, bring you some GUI love and go over your feedback.

It’s Season 11 Episode 26 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

In this week’s show:

That’s all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

Categories: Linux

Simos Xenitellis: How to manage LXD from within one of its containers

Planet Ubuntu - Wed, 09/05/2018 - 11:05

In a LXD (lex-dee) installation there is the host (where the LXD service is running) and there are the containers that you create. On the host, you can run the various lxc subcommands (like lxc list to get a list of the containers). The containers, on the other hand, are by default confined and isolated from the host. The containers do not access the host.

In the following we see how to poke holes in the container confinement so that some designated containers are able to manage LXD. There are some use-cases for this, in this post we see the generic functionality of getting a LXD client in a container to manage the LXD installation of its host.

There are two options to enable a container to manage the LXD installation. The first is to share the LXD Unix socket of the host to the container and the second is to use lxc remote (management over TCP/IP). In this post we see the first option.

Sharing the LXD socket to the container

On the host, the LXD client (the command line lxc utility) can access the LXD server through the LXD Unix socket. This socket in the

  • LXD deb package, is located inubuntu@server:~$ ls -l /var/lib/lxd/unix.socketsrw-rw---- 1 root lxd 0 Sep 1 2018 /var/lib/lxd/unix.socket
  • LXD snap package, is located in
    ubuntu@server:~$ ls -l /var/snap/lxd/common/lxd/unix.socketsrw-rw---- 1 root lxd 0 Sep 1 2018 /var/snap/lxd/common/lxd/unix.socket

Therefore, if we want to enable a container to manage LXD, then we need to give access to this Unix socket to the container. In LXD 3.4 (or newer) we can share a Unix socket between the host and the container.  This is performed by using the proxy device and specifying Unix sockets.

We know from above that the unix.socket socket has permissions 0660 (rw-rw—-), owner root and group lxd.

We also know that the Ubuntu container images from ubuntu: have LXD pre-installed and is configured to get activated when a LXD client tries to access /var/lib/lxd/unix.socket. That is, if you create a ubuntu:18.04 container and then run lxc list, you have just activated the LXD service in the container! Therefore, as soon as we create the container that will manage LXD, we remove the package lxd but keep lxd-client (the LXD command-line client). We do not purge the lxd package because we want to keep as a remnant the (almost empty) directory /var/lib/lxd/. If you purged, just remember to create the directory (in the container) yourself because we are going to use it to place the host’s Unix socket in there.

Having said all that, yala, let’s go! We create the management container, then remove the lxd package (but keep the lxd-client client package).

ubuntu@server:~$ ls -l /var/snap/lxd/common/lxd/unix.socket
srwxr-xr-x 1 root lxd 0 Sep 1 10:00 /var/snap/lxd/common/lxd/unix.socket
ubuntu@server:~$ lxc launch ubuntu:18.04 management
Creating management
Starting management
ubuntu@server:~$ lxc exec management -- sudo --user ubuntu --login
ubuntu@management:~$ sudo apt remove lxd -y
ubuntu@management:~$ exit
ubuntu@server:~$

Then, we use the LXD proxy device to link an existing Unix socket from the host into a new socket in the container.

ubuntu@server:~$ lxc config device add management lxdsocket proxy connect=unix:/var/snap/lxd/common/lxd/unix.socket listen=unix:/var/lib/lxd/unix.socket bind=container uid=0 gid=108 mode=0660  security.uid=65534 security.gid=130
Device lxdsocket added to management

Here is again the command in a more visual way (but more difficult to copy-paste),

lxc config device add management lxdsocket proxy
connect=unix:/var/snap/lxd/common/lxd/unix.socket
listen=unix:/var/lib/lxd/unix.socket
bind=container
uid=0
gid=108
mode=0660  
security.uid=65534
security.gid=130

Let’s dissect the long command-line from above.

  • lxc config device add, the subcommand to add a device to a container
  • management, the name of the container we created earlier
  • lxdsocket, the name of the device (arbitrary)
  • proxy, the LXD device type
  • connect=unix:/var/snap/lxd/common/lxd/unix.socket, connect to this existing Unix socket
  • listen=unix:/var/lib/lxd/unix.socket, create this Unix socket and start listening to anyone trying to connect to it,
  • bind=container, bind in the container (instead of host), which means that the connect= refers to the host and the listen= to the container. LXD will be listening to connections in the container and forward them to the specified Unix socket at the host.
  • uid=0, the User ID (UID) of the Unix socket in the container (bind=container) is 0 (root)
  • gid=108, the Group ID (GID) of the Unix socket in the container (bind=container) is 108 (lxd). An Ubuntu 18.04 (ubuntu:18.04) container defaults to the socket getting the GID 108. If unsure, verify the GID in /etc/group (in the container)
  • mode=0660, the mode of the Unix socket file (srw-rw—-)
  • security.uid=65534, the User ID of the LXD forkproxy process that runs on the host and facilitates the proxying of the Unix socket. This is the UID of the user nobody on the host
  • security.uid=115, the Group ID of the LXD forkproxy process that runs on the host and facilitates the proxying of the Unix socket. This is the GID of lxd on the host. You need to verify this in /etc/group on the host because it is most likely different from my value. 115 was the next available group ID value at the moment when I first installed lxd on my host.

Finally, let’s try to run lxc list in the container.

ubuntu@management:~$ lxc list -c ns4
+--------------+---------+----------------------+
| NAME | STATE | IPV4 |
+--------------+---------+----------------------+
... many containers ...
+--------------+---------+----------------------+
Troubleshooting Error “connect: no such file or directory”

Here is the full error,

Error: Get http://unix.socket/1.0: dial unix /var/lib/lxd/unix.socket: connect: no such file or directory

This means that the LXD client did not find any socket file at  /var/lib/lxd/unix.socket. Make sure that it exists.

Error “connect: connection refused”

Here is how the error looks like

Error: Get http://unix.socket/1.0: dial unix /var/lib/lxd/unix.socket: connect: connection refused

In this case, the LXD client found a socket file there but it is dead, it does not accept connections. Verify that the proxy device for the socket is active and running.

Error “connect: permission denied”

Here is the full error message,

Error: Get http://unix.socket/1.0: dial unix /var/lib/lxd/unix.socket: connect: permission denied

This means that the permissions of the Unix socket were not right. Check the ownership of the Unix socket in the container (both UID and GID), and also the mode. The mode should be 0660.

If you need to remove the Unix socket from the host in order to recreate it, remove it with this command,

ubuntu@server:~$ lxc config device remove management lxdsocket
Device lxdsocket removed from management


Simos Xenitellishttps://blog.simos.info/
Categories: Linux

Bryan Quigley: Firefox Snap is the best way to run Beta Firefox

Planet Ubuntu - Wed, 09/05/2018 - 10:53

First things first. I haven't been a huge fan of Snaps (despite working for Canonical) or Flatpaks. Both I felt initally put convenience over security. I believe both are maturing now, but it again puts the evaluation if a package is secure on users - instead of distros which actually have teams to review items before inclusion.. Anyway, with that said: On to how I am loving the Firefox Snap

Backstory

I'm a long time Beta user of Firefox, but I've been using stable for a while cause it's just easier. I generally preferred getting the tarball from Mozilla directly which has a minor issue. Long story short, Nautilus doesn't want to be a program launcher of files provided in tarballs. In fact, Nautilus just dropped that support entirely - just at the same time where it was worked around in Firefox.

Snap Install firefox beta

sudo snap install firefox --beta

That's it. No unpacking a tarball - no making a desktop entry so you can launch it more easily. Of course, just leave off --beta if you want to get the stable version of Firefox via a snap.

It uses a seperate profile from the deb installed Firefox, but you can only run one at a time. (This is the same if you download a tarball)

Some other steps that will vary based on wha you are doing: 1. Sync your data accross (I use mozilla sync) and setup your extensions, etc. 2. Replace the deb based one from your dock and add the snap based one there. (Right click details in Gnome to see which is which)

Upgrade to 63 beta

So snaps autoupgrade and I soon found myself on Firefox 63 beta and everything looked good until I tried to join a hangout. It didn't work. Since I was using snaps I just tried a: sudo snap revert firefox and I was back on 62 beta in time for my hangout starting in 2 minutes. (Note: it was likely worth just switching to stable instead with sudo snap refresh firefox --stable)

Snaps will automatically upgrade to the next version with the hope that it will have fixed whatever bug made you revert. A few days they released a new version of 63 beta and Hangouts broke again. In this case I determined it was actually a Google Hangouts/Meet bug. One good way to tell when different channels have had releases is to look at https://snapcraft.io/firefox.

Privacy

The snap version does provide more protection from a compromised Firefox. It also seperates the Downloads folder for the snap to a snap specific one at ~/snap/firefox/common/Downloads.

Other issues
  • Checkboxes didn't show up for a bit on version 62.
  • Multi-account container's has a bug in Firefox 63.

From what I can tell these issues are all Firefox beta issues, not issues specific with the snap version. The only snap specific issue I've ran into is the first time you start a snap it takes a while.

Conclusion

I'm staying on a Firefox snap. It's faster to change between stable and beta channels. It also seems like it gets updates faster than Firefox in the Ubuntu archive.

Give it a try today with (or remove the beta for stable): sudo snap install firefox --beta

Categories: Linux

Simon Raffeiner: A look a the Linux/CoinMiner.BC malware

Planet Ubuntu - Tue, 09/04/2018 - 10:29

I recently had the "pleasure" of helping a friend with his GNU/Linux box which was acting up. Turns out he had infected his machine with the Linux/CoinMiner.BC malware, probably by installing an unofficial Kodi plugin.

The post A look a the Linux/CoinMiner.BC malware appeared first on LIEBERBIBER.

Categories: Linux

The Fridge: Ubuntu Weekly Newsletter Issue 543

Planet Ubuntu - Mon, 09/03/2018 - 19:55

Welcome to the Ubuntu Weekly Newsletter, Issue 543 for the week of August 27 – September 2, 2018. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Wild Man
  • Bashing-om
  • Chris Guiver
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

Categories: Linux

Raphaël Hertzog: My Free Software Activities in July & August 2018

Planet Ubuntu - Mon, 09/03/2018 - 10:41

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.

Distro Tracker

A lot of things happened in the last two months. First of all there was a Google summer of code project adding new synoptic views for Debian teams (example here). I reviewed and merged many merge requests (31, 40, 42, 43). While investigating how to improve the performances, I discovered an annoying limitation the database-backed Django cache backend which I reported to the upstream developers (Django ticket #29584).

With the many incremental changes made over the last months, the documentation was really lacking. I used this opportunity to entirely restructure it with one big section for each kind of readers: simple users, administrators, developers/contributors. Have a look at it. When I did this, I merged the part of the documentation which was in the developers-reference and left there only a pointer to the new documentation.

I then made an announce to debian-devel-announce to let people know of the new features (and of the corresponding documentation).

I went away two weeks in vacation (around DebConf) and used this free time to start a big refactoring that I had planned for a long time (see Task redesign). I submitted the result in a merge request to get some feedback and put this into production when I came back home. I had to deal with a few regressions but I’m pleased with the result since it already helped me to fix a few longstanding issues (run tasks more often, better handling of standards-version see #895393 and #904694, catch up with extraction of some files that failed to be extracted and were never retried, etc.).

Finally, I did some bug triage and fixed a couple of issues along the way:

  • Fix the WNPP task to know about “RFS” tags
  • Fixed issue with custom auth backend
  • Dropped files that were incorrectly extracted twice (#784164)
  • Fix the management of keywords in subscription page (#906963), add functional tests for this
  • Fix regression in autopkgtest action item due to “neutral” status (#907062)
  • Improve distro-tracker vcswatch output (#906663)
  • I forbid users to login with their old Alioth SSL certificate, as the associated emails are no longer working.

And I also filed some tickets for things to improve in the future:

pkg-security

I sponsored many uploads (patator, wifite, hashcat, masscan, brutespray, curvedns, ledger-wallets-udev, ccrypt) and made many uploads by myself as we have to upload all our packages to fix the Maintainer field. I asked other team members to join and step in.

I noticed the IRC notifications were broken and I helped Alexander Wirt to fix them for all projects hosted on salsa. I also submitted a pull request to invite the BTS bot on our channel (to announce uploads and bugs).

After having investigated the RC bug file against acccheck, I requested its removal in #904200. And I also requested a bin-nmu for wcc due to changes in binutils (#904073).

Last but not least, I advocated Philippe Thierry (a team member) for his process to become a Debian developer!

Misc Debian work

Sponsorship. I sponsored asciidoc for Joseph Herlant and asked him to apply to the Debian Developer status. He did so a bit later and I advocated him. Yay for saving time for the future!

Pyside2 packaging. After lots of work, at Freexian, we were able to finish the pyside2 package and upload it to the archive. Along the way we filed a few issues to upstream: #740 (segfault in shiboken), #741 (python3.7 compatibility issue), #758 (small license problem), #759 (better compat with usual setup.py parameters), #764 (armel/armhf build failure), #765 (ppc* build failure).

Misc bug reports. I filed #907246 on git-buildpackage: gbp import-dsc should warn users when changes will be lost. And I also filed #903483 on dropbear with a patch to set a PATH for root that includes /usr/sbin and /sbin.

Other stuff. I submitted a pull request on pysimplesoap. I uploaded easy-rsa 3.0.4-2 adding the missing make-cadir command and adding autopkgtest (problem discovered while working on my book).

Thanks

See you next month for a new summary of my activities.

No comment | Liked this article? Click here. | My blog is Flattr-enabled.

Categories: Linux

Jeremy Bicha: GNOME Tweaks 3.30

Planet Ubuntu - Sun, 09/02/2018 - 16:06

GNOME 3.30 will be released within a few days. That makes this a good time to showcase the improvements in GNOME Tweaks 3.30.

One problem with moving power settings from Tweaks into Settings a year ago was that the Power panel only had one setting. GNOME Designer Allan Day suggested we use a new General panel to include the remaining power switch, the sound Over-Amplification switch, and the Animations switch.

(Note that if you’re using Ubuntu’s default session, the Over-Amplification switch is in the Settings app, not in Tweaks.)

Also, the volume indicators in GNOME 3.30 now indicate when over-amplification is in use:

There is only one new setting here: a sound theme selector. While sound themes aren’t very popular yet, maybe this will help them become a bit more noticeable. Ubuntu 18.10’s new Yaru theme (not pictured here) includes a sound theme named Yaru.

The Top Bar page now has a toggle for the weekday in the top bar clock. (The Activities Overview Hot Corner switch will only show if your distro includes the gnome-shell patch for that feature.)

Since we now have so many windows settings available, I split Window Titlebars into its own page. The Edge Tiling and Center New Windows switches are new in 3.30.

Ubuntu 18.10 now enables Center New Windows by default. I think it’s a nice touch and it would be nice if it were the default in GNOME too. Try it out for yourself!

For more details about what’s changed in 3.30 and who’s done the changing, see the project NEWS file.

Categories: Linux

Ubuntu Podcast from the UK LoCo: S11E25 – The Wrong Side of Twenty-Five - Ubuntu Podcast

Planet Ubuntu - Thu, 08/30/2018 - 08:00

This week we’ve been upgrading a Steam box. We discuss Steam Play beta and Proton, Google’s salty disclosure of security issue in the Android installer for Fortnite, and Windows 95 being available for all the things. We also round up the community news.

It’s Season 11 Episode 25 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

In this week’s show:

That’s all for this week! You can listen to the Ubuntu Podcast back catalogue on YouTube. If there’s a topic you’d like us to discuss, or you have any feedback on previous shows, please send your comments and suggestions to show@ubuntupodcast.org or Tweet us or Comment on our Facebook page or comment on our Google+ page or comment on our sub-Reddit.

Categories: Linux

Stuart Langridge: Emoji Silhouettes with CSS, a second approach

Planet Ubuntu - Tue, 08/28/2018 - 15:29

Every now and again it’s useful to display single-colour emoji on a web page; all the colours in those little emoji symbols are nice and all, but it does occasionally make your formal document look a bit like an angry fruit salad. I’ve seen a technique for this before (in particular from Bram van Damme, but searching for “emoji silhouettes” finds lots of other people doing it too), where you set the text colour to transparent and then set a text-shadow, and you’re done. This is nice, but it doesn’t work for me in Firefox, sadly; if you set the text color to transparent then indeed your emoji disappear, but if you set a text shadow they come right back, and in full colour.

So, I do it a different way, akin to the ancient and well-known image replacement method; set a text-indent on the element containing your emoji and then reverse that text indent in the text-shadow‘s offset-x position. So you set text-indent to something massive and negative like -2000em so it’s definitely off the page to the left, and then a text-shadow (which, we recall, is specified as text-shadow: offset-x offset-y blur-radius color) of plus 2000em to put the text shadow back where the original characters were before they were indented miles to the left.

<style> span.emoji { text-indent: -2000em; text-shadow: 2000em 0 0 red; } </style> ... <p>And here are some emoji silhouettes: <span class="emoji">🚀 🎭 </span>. Aren't they nice!<p>

And here are some emoji silhouettes: 🚀 🎭 . Aren’t they nice!

You have to wrap your Unicode characters in their own little span, which is a bit unfortunate, but then you have to with other approaches too. (And your span has to be display: inline-block or block too, otherwise the text-indent gets ignored.) Anyway, not earth-shattering, but I quite like it.

Categories: Linux

Timo Jyrinki: Repeated prompts for SSH key passphrase after upgrading to Ubuntu 18.04 LTS?

Planet Ubuntu - Tue, 08/28/2018 - 01:46
This was a tricky one (for me, anyway) so posting a note to help others.

The problem was that after upgrading to Ubuntu 18.04 LTS from 16.04 LTS, I had trouble with my SSH agent. I was always being asked for the passphrase again and again, even if I had just used the key. This wouldn't have been a showstopper otherwise, but it made using virt-manager over SSH impossible because it was asking for the passphrase tens of times.

I didn't find anything on the web, and I didn't find any legacy software or obsolete configs to remove to fix the problem. I only got a hint when I tried ssh-add -l, with which I got the error message ”error fetching identities: Invalid key length”. This lead me on the right track, since after a while I started suspecting my old keys in .ssh that I hadn't used for years. And right on: after I removed one id_dsa (!) key and one old RSA key from .ssh directory (with GNOME's Keyring app to be exact), ssh-add -l started working and at the same time the familiar SSH agent behavior resumed and I was able to use my remote VMs fine too!

Hope this helps.

ps. While at the topic, remember to upgrade your private keys' internal format to the new OpenSSH format from the ”worse than plaintext” format with the -o option: blog post – tl; dr; ssh-keygen -p -o -f id_rsa and retype your passphrase.
Categories: Linux

The Fridge: Ubuntu Weekly Newsletter Issue 542

Planet Ubuntu - Mon, 08/27/2018 - 20:59

Welcome to the Ubuntu Weekly Newsletter, Issue 542 for the week of August 19 – 25, 2018. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Wild Man
  • Chris Guiver
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

Categories: Linux

Lubuntu Blog: Lubuntu Development Newsletter #10

Planet Ubuntu - Mon, 08/27/2018 - 19:39
This is the tenth issue of The Lubuntu Development Newsletter. You can read the last issue here. Changes General As always, more polish! A lot of the polish changes we had made, including a new version of SDDM, migrated with Qt 5.11.1 a few days ago. Thanks to everyone involved in driving the transition! Desktop […]
Categories: Linux

Tiago Carrondo: S01E01 – Todo o mundo é composto de mudança

Planet Ubuntu - Mon, 08/27/2018 - 17:48
Todo o mundo é composto de mudança

 

Pituntura do Alquimista Links de assuntos mencionados o episódio:

Considerem a possibilidade de apoiar-nos com contribuições via Patreon.
Os patronos têm acesso antecipado a conteúdo extra em cada episódio e outros benefícios.

Notícias Anúncios Descobertas Agenda Links Convidados Lopo De almeida David Negreira Comunidade Ubuntu Portugal Podcast Ubuntu Portugal

Subscrevam a feed utilizando o vosso Podcatcher (aplicação de podcast/audiocast) preferido, incluíndo Podbird para Ubuntu Touch, apple podcats, spotify, goodle podcasts, etc..

Se não encontrarem nessas aplicações podem sempre usar directamente o feed na vossa aplicação preferida.

Se precisarem de ajuda, na subscrição, podem visitar a nossa página de ajuda à subscrição.
se ainda assim precisarem de ajuda, contactem-nos!

Links para chats e Redes sociais

 

Tiago Carrondo Diogo Constantino

Facebook

 

Crédito de obras que re-Utilizámos
Categories: Linux

David Tomaschik: "Entry-Level" Security Jobs and Experience

Planet Ubuntu - Mon, 08/27/2018 - 01:00

I’ve seen a lot of discussion of experience requirements and “entry-level” positions in the security industry lately. /r/netsecstudents and /r/asknetsec are full of threads discussing this topic, and I heard it being discussed at both BSidesLV and DEF CON this summer. The usual complaint is something along the lines of “all the positions want experience, so how am I supposed to get experience?” I’m going to take a stab at addressing this, and hope to at least provide some understanding.

A Word on Posted Job Requirements

First off, let’s take a look at posted job requirements. When you see a job listing on a career search site or on the company’s own site, those are usually written by someone in HR who took the requirements from the manager and is doing their best to fill those requirements with the best possible candidate. If they’re concerned that they might get too many applicants and want to narrow down the field, one technique they’ll use is to raise the bar somewhat. In other words, some experience requirements are artificial gatekeeping by HR. Apply anyway. Maybe you’ll have some unique experience that catches their eye, maybe they won’t get as many applicants as they thought, maybe everyone with 5 years experience will laugh at their salary offers.

Security as a Specialization

I know this will not be a popular opinion, but most security roles are not entry-level jobs. If you have come straight out of school, you are probably not qualified for a lot of security roles. This is because security work is essentially a specialization of your previous work. Much like a doctor may do general surgery before specializing in cardiothoracics, or an airplane mechanic may do basic repairs before rebuilding engines, understanding fundamentals is key to success in security.

If you are going to work in network security (firewalls, access control, etc.), you need to have a thorough understanding of the OSI model, VLANs, the concept of “Layer 3 switches”, and so much more. One of the best ways to get that understanding is to work as a network administrator beforehand.

As an application security engineer, you need an understanding of how software is built, application frameworks, OS APIs, and the software development life cycle. Understanding how the design document you read translates to actual software, or how the application stack in uses handles authentication/authorization are critical for security reviews.

If you want to work in digital forensics & incident response, you need to understand how the operating systems involve work, where the artifacts you’re pulling from come from, how to find additional artifacts, and many other things.

In penetration testing, you need familiarity with a variety of operating systems, as most networks are a heterogenous mixture, as well as basic concepts of networking and application security. A basic understanding of the controls involved in securing the systems is also important for effective penetration testing (how can you test security controls you don’t understand?).

The biggest problem in security is that there are so many unknowns. Worst, of course, are the unknown unknowns – the things you don’t know that you don’t know. Having experience in these areas reduces (but does not eliminate, of course) these unknown unknowns.

Software engineers, developers, network administrators, etc., all depend on abstractions across the layers of computing. Part of working in security is about understanding where those abstractions break down, and it’s critical that security practitioners understand what those abstractions are and how they interact. Experience working with those technologies helps the practitioner understand the abstractions.

Getting Security Experience

There are a number of roles that can help gain relevant work experience:

  • IT Help Desk (Yes, it’s thankless, but it’s good exposure to a range of IT systems.)
  • System administrator (obviously a lot of understanding of how systems interact, how operating systems work, shell experience, etc.)
  • Network administrator (understand network ACLs, VLANs, network appliances)

All of this is not to say that formal work experience is the only way to gain relevant experience. There are many ways to develop technical experience. Fortunately, many of the relevant tools are open source or have community editions that are available.

I’ve written before about building a homelab for Offensive Security, but there’s many different approaches. There are online courses in this area:

Alternatively, you can take more of the self-taught approach with options like CTFs or HackTheBox.eu. There’s a number of different approaches.

Of course, if you’re still a student, there are internships to help you gain experience. I’ve now hosted (managed) 4 interns in security, and those have been a good way to gain experience and a better understanding of the industry. Some have worked out, some haven’t, but I’d like to think they’ve all learned something along the way.

If you don’t have much experience, find a way to work your lab or extracurricular studies into your resume. Place it under education, and list the things you’ve learned how to do. Don’t try to pretend that it’s industry experience, but show that you’re driven, that you’ve learned things, and that you can execute. In fact, having personal research/lab/etc., shows that you’re capable of getting things done on your own without individual supervision, which is a highly desirable trait.

Entry Level Positions in Security

Perhaps you really want to start off in security. There are positions, but they will be harder to find and might not be the position you think. Many of these positions involve very tool-specific or operational workflows and can be repetitive, but may offer a good learning and growth opportunity.

For example:

  • Tier 1 SOC
  • Some roles in a Managed Security Provider (MSP)
  • Vulnerability Management Engineer (Mostly scanning/patching)
Conclusion

Look, I know it’s not what everyone wants to hear (especially those with little experience) but it is what I see in the current industry. Understanding how security fits into the bigger picture makes the most effective security practitioner, and that comes from experience. Obviously, industry experience will please the HR and recruiters, but showing the experience you do have (and building your experience) will help you get the opportunities you want.

Categories: Linux

Stuart Langridge: LOWREZJAM 2018

Planet Ubuntu - Sun, 08/26/2018 - 07:10

As in 2016, I entered the 2018 LOWREZJAM on itch.io, a game jam where you have to build a game which runs in a 64x64 pixel square. So, really small — the Game Boy was 160x144, or about six times as big. So you’ve not got a lot of space to do things, but then constraints are the mother of innovation and you do get some really interesting game concepts! So, here are my reviews (which are also posted to itch.io so the developers get to see them; you can only rate and review as part of the jam if you entered your own game, which I did.

I’ve only rated games which are browser playable, mainly because there are loads of entries and I have to find a way to cut them down somehow, the reviews are in no particular order, and I didn’t quite get to them all (I nearly did, so apologies if I didn’t get to yours). Some thoughts on the jam as a whole after the reviews.

Block’ed

Honestly, I don’t understand what I need to do here. I can move my little robot around, and I worked out that I can pick up the little collections of 3 rocks (?), and when I put that collection back down again it seems to have turned into a red block with an exclamation mark on it. But I don’t understand what’s going on. This feels like it could be a really quite nice puzzle game, but the initial hurdle to get into it is too high. A set of tutorial levels which introduce the concepts would be really, really useful here. And this has, I admit, suffered because it’s part of a game and I have nearly 100 games to review, for which I apologise. If this gets some tutorials, and once I’m in a little less of a rush, I’d be happy to play this again and see how it feels!

Donuts Rage

A game where you have to tap the buttons as fast as possible! In pixel art graphics with 8-bit-ish beeping sounds! Makes me feel like I’m playing Daley Thompson’s Decathlon in about 1986. Anyway, the graphics here are pretty nicely done. The gameplay isn’t very engaging; tap the buttons as fast as you can, and eventually “as fast as you can” is not “as fast as the game wants you to” and you lose. This feels like it might be a nice brief diversion — a quick minigame embedded in something larger, which is a pretty good goal for these little 64x64 games. Good work for what it is!

Lydian

This is excellent. Hack-and-slash, as it says, but really well implemented; the graphics are evocative despite being pixelated, the storyline is good (she got her daughter back! yay!), the music is cool (especially the title screen), the monsters are scary, the fighting is well done, the mysterious spirit between levels that gifts you new weapons is mysterious (why’s it doing this? Not that I want it to stop, you understand). The best of the old pixel art games managed to make their characters expressive even though they were only a few pixels tall, and this succeeds in that too.

A couple of minuscule issues, none of which harm the rating. I didn’t at first grasp that the weapon switcher (from pressing Space, which was very clearly indicated with the little space bar keyboard graphic, well done) needed me to hold space down and then use the arrow keys; I was just hitting space expecting that by itself to switch weapons. Maybe show left/right arrows on that screen too to indicate that? Tumbling/rolling seems to be a bit sensitive to the order the keys are pressed in; pressing z and then an arrow key does a little roll in place, whereas pressing an arrow and then z does a proper roll as expected. Perhaps this could be tweaked? This didn’t matter that much to me because I never needed to roll, or to use the health potion (was it a health potion? I guess so, but I didn’t use it) because of the final small issue: if this does become a real game, the ice axe is waaay overpowered. I loved the implementation — it was clear the ice axe was an _​ice​_ axe, and I like a lot that you can kill things without having to be horizontally aligned with them which most games of this sort forget to do — but once I had the ice axe, all the battles were super easy. That’s fine because the idea of this is to tell the story rather than being a challenging battle in itself, but that may not apply if this becomes a fuller game.

The developer also is very responsive; I found some technical issues with the game (as in other comments) and they were quickly fixed, which is good because it meant I got to play this.

Anyway, great work.

Hike

This does an excellent job of being unnerving to play. I found myself twitching at every even slight noise. The standing people — are they people? are they cardboard cutouts of people? — seem rather silently menacing. Great atmosphere, and good sound design. It’s hard to tell quite what’s going on, which is a function of the very low resolution, but that’s what lowrezjam is all about, so that’s OK. The controls are really too sensitive, though; I found it hard to control where I was going because a tiny move of the mouse would spin me halfway around the screen, and I’d lose track of where I was facing. This is more of a problem with a game where looking back means you die…

JAM in 64 Seconds

This is a neat concept. I really like that the screen ends up filling up with things you haven’t dealt with — work emails, dog leavings, and so on. And I laughed out loud when doing the “coding” section and an actual bug appeared that I had to get rid of. This is, despite its 64px nature, a terribly accurate description of how writing a game for the jam actually is! Nice work. The graphics were rather blocky and difficult to grasp, though — this is something that a graphic artist could doubtless improve on — and sometimes clicking on things didn’t seem to register which meant that in the first playthrough I didn’t realise that you could click on things to remove them (and so I lost very quickly). I got the hang of it, though; I’ll keep persevering to see if I can actually finish a game now :-)

grav-racer

Seems an interesting beginning to a game concept, and embracing Rust compiling to webasm and webgl is pretty cool. This could be good stuff when it’s finished; as it is, it’s more of a prototype, of course.

Set Fire to the Empire!

Cool music. I like the idea here, too; simple but good fun. It’s a bit hard to actually stay ahead of things, though, so it devolves rather into button-mashing, but that’s maybe the goal here. And the main player sprite is impressively expressive for being only about 5 pixels high!

For the Demon Lord

This is more detailed than I thought it would be at first. It’s essentially, tower defence; you’re attacked by an endless wave of heroes aiming to smash your collection of crystals, and you create monsters to fight back against them; your monsters are confined to the square they’re on, but you can upgrade them with points. Points (well, “souls”) get generated by your crystals, so you have the normal tower-defence decision to make, of “do I have a whole bunch of quite rubbish monsters”, versus “do I have only a couple of monsters but upgrade them continuously until they turn into the Hulk”? And I’m not sure which is actually best here, which is a good sign. The upgrade tree is complex, though; all created monsters start as a blob, and depending on which of their stats you upgrade, they turn into a variety of different monsters, and I never had a very good handle on which collection of upgrades turned my blob into a mega blob, or a skeleton, or a demon. It would be good if there were some sort of on-screen indication of where the next upgrade or upgrades will occur and what they might be, so I can choose to evolve in a different direction without having to try to make notes about what the upgrade tree looks like. One of the upgrade paths even leads to crystals, interestingly, so you can breed more crystals to get more points, thus regaining your power source after the heroes have destroyed some of them. This is a good mechanic, and I liked the ideas behind this game quite a lot. It suffers from the 64px restriction, though; the playfield is bigger than the screen, so you end up scrolling around the battlefield while looking at it through a pinhole, which is pretty annoying. But that doesn’t affect the core gameplay much, and I like the core gameplay. Nice work.

Also, since I’m a developer and all, I thought, hahaha, I’ll just stop the game in the debugger and give myself 100,000 souls and then I can upgrade everything and win massively. I was rather crestfallen to find out that the hero generation rate is actually tied to the number of souls you’ve got, so my little hacking adventure lasted about a minute before an unstoppable wave of hero death overwhelmed my monster force faster than I could upgrade them or add reinforcements. Very clever, developers. :-)

A lot of time.

I didn’t realise for quite a while that the “hand” icon actually is a hand, so I couldn’t do anything. Once I’d worked that out, it helped. I don’t understand the gramophone, though; I can put records on it, but then interacting with it just takes them back off again. The game kinda illustrates ennui and loss through actually making the player experience them, which is a technique I can’t decide whether I like or not. The graphics for the rooms are nicely implemented; objects not quite so much (I had no idea the records were records until I worked out I could put them on the gramophone, and the dog is… kinda representative of a dog. But when you’ve only got 15 pixels or so that’s probably the best that’s doable!)

Sherlock Jack

Simple concept — walk around a slightly confusing maze of paths, kill the monsters that get in your way, and find clues. The “tracker dots” around the edge of the screen are useful, since otherwise exploring the maze would be really frustrating. However, there are some usability issues; if you walk into a wall you tend to get “stuck” on it and have to back away. It would be much nicer if you were to slide along that wall rather than getting stuck on it; especially since you can only walk in 45-degree directions and the tunnels in the maze are at different angles, meaning that just walking is often joggling the keys to approximate that diagonal. This isn’t the fun kind of challenge :) Also, walking down a tunnel only to find that it’s a dead end is an amusing thing the first time but gets really tiring after that, because it’s just annoying; all you can do is retrace your steps. I like the Sherlock framing, though, and the “cheat” button was very much appreciated!

Tank Raid

Flagrantly and unashamedly violates the 64px rules; the rounded corners on everything and the wheels on the tank in no way conform to the 64px grid :-) I never really got a sense of why my “special attack” misses lots of the time; that’s not very special. Fun little game, though; I got quite into the strategy of whether to shield first and attack afterwards, and who to attack. And the graphics would be quite nice, in a jam which didn’t have the pixel restrictions. It’s worth ignoring the 64px thing, fixing this up to have nicer fonts and so on, and then releasing it, I would say.

Beat the Glitches

I think a game which shows glitchiness with corrupted graphics might want to pick a jam where it gets more screen resolution to play with, since it’s hard to tell whether a thing looks wrong because it’s “corrupt” or it looks wrong just because it’s hugely-inflated pixel art :) Anyway, basic gameplay seemed fine, but I never grasped whether there’s a point other than “keep killing the monsters until eventually you die”. I thought that the “green arrows” which appear were telling me a direction to go, but now I think that they just sometimes appear when I kill a monster, and I don’t know why. In short, a good proof of concept, but it needs a lot more before it becomes an actual game.

Arctic Arctic Adventure

Simple concept but a reasonable one; collect bullets and throw them at invading walruses before they eat all your ice. The bullets are actually curry, rather weirdly — do penguins particularly like curry? do walruses particularly not like it? — but the main problem here is that the walruses appear and then disappear waaaaaay too quickly. Either you need the reflexes of a particularly quick-moving cobra to play this, or I’m doing something wrong, because I hardly ever managed to get into position and actually hit one of the attackers before they vanished again, which puts the game too far into the “frustrating rather than fun” category. Nice idea, though; it’s quite reminiscent of the sorts of 8-bit games you actually got in the 80s.

Outer Space Problems

Turn-based fighting; a board game, essentially, but with an outer-space theme. It’s quite fun to play and there’s an interesting variety of movements and skills — some ships have a shield, others a laser, or the ability to “hack” which is actually altering the turn order. It’s also presented in isometric rather than overhead view, which is unusual in this jam; it’s a clever idea, but I think it might be unusual at 64px for a reason, because if you’ve got two ships, one behind another, it can be quite confusing to see what’s going on (where this would likely be a lot clearer with more resolution). Nonetheless, this is a complete game, nicely explained, fun to play, and with simple but good audio. I also found all the text very easy to read, which hasn’t been the case for a number of games I’ve played in this jam, so that’s a good piece of design too. (And I appreciated the use of text (“ATK”, for example) rather than some hard-to-identify icon!) Two thumbs up!

Tactical Air Support

Fly around and bomb things; an overhead plane game. Neatly done; this was actually quite good fun, bombing their tanks, and it was nice to see (realistically) that a bomb which lands near a tank swallows up that tank in the ensuing explosion. The description explicitly states that slowing your plane down is a good idea, and it is not wrong about that; I can’t help think that it would be easier to just start the plane at minimum speed rather than telling people to do that in the description. Graphics are a bit blocky and basic; some antialiasing would help here, I think. But the game is smoothly done, and fun to play, and that’s all good with me!

Infinitroid

This is, well, it’s Metroid-style, hence the name! Basic mechanics are sensible and easy to get a handle on (although I always take a while to get used to jump being a key rather than the up button), and I was soon bouncing all over the map shooting things. Those little gun turrets that don’t wake up (and are invulnerable) are really irritating because every time I jump to wake them up they fling a bullet directly into me, but that’s not the game’s fault, that’s me being rubbish :) I have a bit of a complaint in that I didn’t really have a good sense of how well I was doing; the “readout” section at the bottom of the screen is rather abstract, so I didn’t really know what my health was, or what difference collecting the different-coloured drops actually made to what I was doing. The sound is very PC-speaker squeaky; lots of seemingly unconnected beeps, so I didn’t really gather what they all meant. Fun little game, nonetheless!

Corrupted Space - LOWREZ edition

Walk around, touching every piece of ground to remove the bacteria near to it. It took me some time to realise that the bacteria grows back after you’ve removed it, meaning that you end up going over and over the same bits of the level trying to get it all clean before the first bit you did grows back; rather like painting the Forth Bridge, where once you get to the end you have to start all over again at the beginning. And once you get a few levels in, there are enemies that fire bullets which kill you (which is fine) but you walk faster than the bullets fly, so if you insert yourself into a bullet line and walk along with it, you end up walking into the bullet in front of you (and dying), which is pretty annoying. Although that’s likely my fault because I’m not good at this sort of twitch reactions game. The implementation is flawless as far as I can tell, graphics and music and all.

Prim d’avust

Impeccably implemented sliding 15 puzzle. Cool music, too. I am ashamed to admit that I didn’t get very far because I’m not very good at 15 puzzles, especially when the image is as abstract as this, but that’s not the game’s fault (and you even give a little sound and flash when a piece is in the right place, so there’s no excuse). Well done. Also great to see Godot being used; as someone who’d like to experiment with Godot I’d be an eager reader of a really detailed devlog explaining how this was built, how it was restricted to 64px, how you made it expand to a larger size on the page, and so on!

Insta Quest

What a nice departure from the normal type of game submitted to this jam! I enjoyed playing this; it’s clear what to do, and the mechanics are obvious and make sense. Also, I have terrible reactions and I should work on that. Good game; some audio would be a good addition, but the developer’s said that the game’s still being worked on, so that’s OK.

Seasons of Fortune

I was getting my one fortune a day for some days before the jam voting even opened :-) Nicely implemented, and the “one a day” trick (which is really the fundamental thing this does) is unusual to see, and quite good. The game suffers quite a lot from text not being very readable; a different font might help with that a little, perhaps? Other games also have the problem, but they’re not quite as centred around definitely reading the text as this is. I mean, it’s not a game, per se, but it’s well done for what it is. Good work.

Soldier 64

This feels (deliberately, I expect) very Spectrum-ish as a game, especially the colour blocking and font. It’s very basic, but it certainly works; I remember playing games similar to this back in the 80s. The music is a bit too repetitive, but for what this is the game certainly works.

Match X

Something like the venerable “Same Game” puzzle, but with a larger playfield comprising pixel art pictures. This is a take on the puzzle I’ve never seen before, and it’s surprisingly difficult, which is refreshing. It’s also very useful that you don’t have to entirely clear the playfield to progress; getting down to four pixels or less is fine, which is good because I’m not sure that some of the levels are actually completely clearable. I was expecting fallen columns to slide to the left to avoid leaving any completely empty columns, and they don’t, which made solving the first level more difficult until I realised that! But the game works, and it’s good to see new approaches to old ideas.

PIXEL ISLANDS

Not a game, per se; it’s a procedurally-generated landscape you can walk around in. Technically impressive, although it suffers rather from being bounced down to 64px — the resolution’s just too small to properly express the design, and so the screen does occasionally feel like it’s dissolving into random pixels. The audio is nicely done too. This would be an impressive base for an actual game to take place on, or done as a non-interactive art piece.

Silver Rule: Prologue

An interesting premise; you’re preparing to embark on a great quest. Unfortunately, you’re pretty lame, and so even passing the initial test is a challenge. This is partially because the vermin you have to kill move really fast, and partially because your magic power is rubbish; to attack an enemy with the default fire spell you have to be really close to them, and if you get that close you’re likely to touch them, which (a) costs you health and (b) more annoyingly, thrusts you away in a random direction, so you have to approach the enemy again, causing the same problem. This is improved a little by the second magic skill, which actually fires bolts of ice from a (short) distance. Over time your magical abilities wane, but there’s a little minigame that I’m very impressed with where you literally descend into your own psyche and chase away bad thoughts, clearing your mind and restoring your magical power. I like that idea a lot; very cool. Those bad thoughts also move really fast, but the minigame is easier because it’s in such a constrained location. I kinda got the feeling that you get when you play games originally intended for a 386 on a modern computer and everything’s sped right up; I’m sure this wasn’t intentional, but it feels rather weird. There is definitely the seed of a good game here, if the balance can be worked out (and the graphics made a little less blocky, perhaps). And the developer explicitly calls out that this is a work-in-progress, so fingers crossed for the improvements!

dot.Market 2

What an intriguing idea! I’m glad the tutorial was below the game or I’d have had no idea what I was doing, but this is pretty interesting. I don’t think I quite get the idea of price fluctuations, though; if I go away to make a cup of tea, do the prices change? Or do they only alter when I do things, like a stock market version of Superhot? Nonetheless, this is fascinating, and quite different from most other games; bonus points for idea creation here, and the pixel art editor is well-done and easy to understand.

Labyrintho - Low Rez Edition

A prototype, as the developer says, but surprisingly atmospheric. The clock tick is simultaneously quite unsettling, after a while, and a sign that you’ve ended up back in that room again. I should really make a map. Nicely implemented, and the graphics are excellent; you’d hardly know that it’s only 64px square, although this is helped a bit by the “saminess” of them all; walls and floor and that’s about it :) If this can be made into a small game and keep the atmosphere, it’ll be good, I think!

Sidestepper

Impressive for being 1KB in size!

Mini Organizer 3000

Nice variant on Sokoban and similar games. Some of the later puzzles are actually pretty tricky, which is good. No great shakes graphically, but it doesn’t really need to be for this sort of game to at least be playable! Nice work.

Fibonacci Box

Ultra-minimal but very clear. This is a good demonstration of how you don’t need good graphics to have good gameplay. And (I admit this sounds a bit stupid) the graphics are good, given the overall constraint of the game; something about the colours chosen or the widths of everything, but it just looks right. The physics is annoying, though; I keep falling off the edge of platforms, or finding it very difficult to move only a few pixels to left or right, and that’s just not a challenge I enjoy; it just makes me frustrated. I think I like my puzzle games to be puzzles and not require pixel-perfect moving. I don’t know whether this is a fault in the game or in me, though. Still, this is good stuff.

Fedora Rise

Hammer your space bar to raise your avatar’s fedora. I feel like this is an in-joke that I’m not in on…

🔦

As the game itself describes, it’s a tech demo rather than a finished thing. Cleverly done, though; the devlogs are fascinating. I had no idea that bitsy could even do things beyond the most basic of 1981-era games, let alone that there seems to be a community of people working on plugins/extensions to add more stuff. That’s neat. I need to look more into this.

UNLOCKR

Nicely implemented. It’s not difficult, per se — the only threat is overshooting — but the movement is very smoothly done and fast, and feels very tactile. The sound design plays into this well with the soft clicking as your lock spins. The music is perhaps a little overpowering. This would make a nice little minigame somewhere in a larger game, or as the method to open doors in such a game, or similar. Nice work!

Petoink

Weird premise (inhale ink? spit it at enemies, which then turn into ink? and that ink powers the ship?) but executes well on it. And as there are multiple ink colours it becomes a little bit of a puzzle game about resource management. The graphics are well done; shame there’s no sound!

Tafl

Excellent board game. This is a tafl game, from a long tradition; it’s a kind of small-board version of hnefatafl. Good fun to play, although the AI is not very sophisticated; I spent time being really careful about moving my king until I realised that the orcs just don’t care about the king at all. But I suspect they will start caring in future versions, so I am right to consider moves in detail. The game maps really nicely onto the 64px layout, and the graphics are quite illustrative (I like the subtle shadows on the players); the audio is good, too, in a simple way. This is a great implementation, and I think it could become something really good with some tweaking.

Blind Bird

A rather fun mouse-only game; the titular “blind bird” keeps walking, bouncing off walls and reversing direction, and you can move one magic block from place to place to help the bird climb obstacles or change direction in the right place. The first few moves give you all the time you want to place the block, but subsequent ones require quite accurate timing, as the bird (an eared dove, apparently) walks off your magic block onto a small safe place and you have to quickly move the block so they can walk onto it again and continue the journey. Because the resolution is so small, the screen camera moves quite a lot, and so I found myself putting the block one space higher or lower than it should be… but that’s my fault, not the game’s fault! Tiny, tiny graphical complaint: the bird’s eye isn’t green, it’s transparent, which means that if it walks in front of some of the tutorial writing, you can see the writing through the bird’s eye. Which looks a bit weird. But that’s seriously the only thing I have to complain about; this is a tiny nugget of joy, this game. I like the four-colour green palette and everything. This is good stuff.

UPCRAWL

Old-skool platformer, with a really high jump. There’s nothing necessarily innovative about this in gameplay, but there doesn’t need to be; it’s fun, and well-implemented. And it does a lot with not many pixels at all. I appreciated the ability to change the music, too. Nice work!

Total Dark

A well-implemented and good-to-play complete game. I like the mechanic of decreasing power when firing bullets; reminiscent of magic spells cast from hit points or stamina. And it’s kept away from being frustrating by having lots of recharge points rather than having them be a battle to even find. Took me some time to complete, and I persevered because I was enjoying myself. A tiny gripe: if the map had a flashing dot showing where I was it would be (I’ve measured this) one hundred billion times more useful. Maybe everyone else just has a better spatial memory than I do? Anyway, great work! One of the things I like most is that although the graphics are very boxy and straight-edged, that really works with the aesthetic rather than looking unfinished or childish like some other games. And the fading light shows that the developer could have done something looking more shaded and real if they’d needed to.

Pixel Beard

Blimey this game does a lot. Lots of primary colours in the graphics, so it feels very retro, not that that’s a bad thing. I got murdered by the barman for spilling all the grog, though :)

onychophora

Named for a velvet worm. This is rather like Snakebird, but with mining. I like the idea. It’s hard to properly understand why one gets buried, though; this is a problem which would, I think, be solveable with better graphics. I think the rule is this: if you’ve dug a hole so that a contiguous block of mud above you is completely separated from a block below you, then that block falls and crushes you. But it’s hard to tell because there’s no animation; digging the final piece of that hole immediately transitions to you being dead. If I could see the block above me fall, then it would be much clearer what was going on, which I think would help a lot. This prototype does suggest that there’s an interesting game here, though, and I’d like to see more of it once it’s completed with animation, maybe some improved graphics, and sound!

Reincarnation - When death calls

Played this, but didn’t get a chance to write a proper review. It made me laugh, though.

Flush Rush

Neat little platformer. The wraparound world takes some getting used to, but it’s a clever innovation. And the frenetic music really adds to the play. Good graphics; a gem, all in all. Nice work!

BEETLE RUSH

A more complex game than it first looks. The premise is simple; identify identical pairs of beetles in the 4x4 grid and drag them together, which causes them to explode, clearing part of the playing field. But this is quite a lot harder than it looks because all the beetles look roughly the same! You have to watch them move fairly closely to tell which ones are actually pairs… and if you pair up two non-identical beetles, they turn into a sort of pupa which blocks up a square on the board. And then once you get the hang of that, right-click drag moves the playfield and you realise that the 4x4 grid you were seeing is actually just a 4x4 section of a much larger grid, which is completely full of beetles, all madly moving and needing pairing up. This is clever stuff; the realisations of each of these things gave me quite a surprise as to how much bigger the game was than I first anticipated. I do have a few small issues to think about, though. Incorrectly pairing two beetles turns them into a sort of red pupa, which is bad. But it doesn’t look bad; I didn’t realise at first that I was doing the wrong thing! Perhaps that pupa could look a little more… incorrect, somehow? Also there are two issues that others have brought up: moving the camera to show a different part of the playfield is way, way too sensitive, and the score at the top of the UI sits on top of the top row of the grid and makes it hard to see. The developer has already acknowledged these, and I’m sure they’ll get fixed. Even despite these, this is a really interesting puzzle game, and fits really nicely into the 64px pixel restriction. Great work!

Full Volley

A full, if simple, game. I didn’t have much of an idea about what good strategy was; I just kinda held down the fire button permanently and moved vaguely around the court, and won 5-1. The graphics has surprising realism; shadows beneath the players, antialiasing and the like; it’s like I’m looking at a video or much higher res imagery, but scaled right, right down (which perhaps is actually the case, depending on what game engine this was built with!) A fun enough diversion, and the developer is not wrong about the 80s hair rock soundtrack :-)

Iceberg 2: Wrath of Don

Little bit of politics :) Actually, this is a game I could completely imagine playing in 1983 or so; escape the enemy, collect the tokens. It’s nicely implemented for what it is, and I like the “Bad Don” frame around it. However, when you (inevitably) run into “Don” (who is very recognisably drawn given the few pixels there are to work with) and get the “we’re doomed” screen, there doesn’t seem to be a way to restart? One has to reset the Pico console. Maybe this is some subtle message (after all, when you’ve destroyed the environment and are doomed, you can’t undo it or start over) but it’s on balance more annoying than it should be :-)

Spider Rider

A complete game, and nicely done. I always know a thing is good when my complaints are about things within the game and not the implementation of it. In particular… man, I hate those solid walls with one gap in them. I run into those all the time. Top score of 335, though, which I’m pretty much OK with after playing a bunch of times. The music’s good (and fits the tone of the game nicely), and the enemies are varied; this would be a launch title if someone put out a 64px gameboy :) One microscopic complaint: the “death” screen which shows your score has the top score value touching the bottom of the screen, and the “score” and “top score” text in a tiny 3x3 font. This makes that screen look less cool than it should; I think that that having the scores one pixel up, and using a slightly larger font, wouldn’t significantly hide the cool background image and would make that screen look so much nicer. That’s honestly the biggest complaint I can come up with, which is a good sign :-)

Jelly Hearts : Gooperts Quest (DEMO)

A fairly basic walk-places-and-attack-things game, but nicely implemented, and the player sprite is quite cute which is cool. Since enemies move around very fast, attacking tends to end up being button-mashing; enter into a room and hammer the space bar to attack until you’ve killed everything. Sometimes a dead enemy drops a heart, which I assume gives health back; one thing missing is that there’s no health bar on screen, which is a bit of a problem because you don’t know how close you are to death. There are also fire squares, and there’s a rather neat effect where touching a fire square not only does damage but turns your sprite a darker colour; increasing amounts of being burned make your player look more and more charred and brown, which is cool. I should also note that the player movement is too smooth; it doesn’t move on the 64x64 grid, but can move in sub-pixel increments. And the music is the same 16 notes over and over; but the developer explicitly calls out that this is a demo and is still under development, and I’m sure all of these things will be fixed with further work!

Conglomecorp

A good concept here, I think. I would agree with other commenters, though; it really suffers from the 64px limitation. I’ve seen the screen essentially be dissolved into what looks like a random collection of pixels and I’ve got no clue what’s going on; this is essentially because the graphics are, I think, at higher resolution inside the game engine and are being rendered and dithered down to fit 64px. A more standard game resolution would likely help a lot with this. I’m also not sure about the overall feel; the ship moves, explicitly, rather slowly (with a “turbo boost” button which speeds it up) and that rather implies that the overall approach is that you pilot slowly, take your time, consider each shot, move gradually and thoughtfully into place, attack from ambush stealth kind of thing. But the first real tutorial is a fast-moving laser space battle between ships, which would much better fit a quick-moving, react-on-instinct, blast-everything twitch style of gameplay. So I don’t know how I’m meant to be playing, which makes me confused. I was also a bit taken aback by having to use a whole bunch of keys to do different things; again, that’s something more suited to a thoughtful slow style of play, which is at odds with the laser battle I’m made to participate in. There’s some good things here (in particular, I think the graphics would look pretty good if they weren’t harmed by being rendered at such a low resolution, and the acceleration audio is evocative and let me know exactly how fast my ship was going), so it will be interesting to see what happens when development continues.

Cybermancer X

Run around and shoot things. The graphics here are very basic, but in a weirdly compelling way I rather like them; it’s stripped back to absolute minimum. As the developer notes, it’s not 64x64, so low rating for that particular thing, but I liked this game rather more than I expected to. As with all games with unlimited firepower, though, there’s no reason to not just hold down the fire button the whole time, which is exactly what I did. I think there are too many controls — left and right are expected, but “fire upwards”, “jump”, “fire”, and “dash” are all separate keys, which is hard to manage in a twitch game like this rather than something more contemplative and thoughtful. There also seem to be some issues with the key handling; sometimes, if you’re firing and running at the same time and then press “jump”, the jump doesn’t register, which is pretty annoying. But this is more fun than I admit I thought it would be at first!

The uke player

Weird concept. The graphics are (deliberately) childishly drawn, and the gameplay isn’t up to much (move around the screen while avoiding obstacles, and that’s it) but it’s given a jaunty, feel-good sort of vibe by the ukulele background music! Not something one would play over and over, but it got a smile and will cheer up people’s days, and there are many, many worse outcomes. A tiny technical complaint; the up and down keys aren’t suppressed by the game, so they also take effect on the embedding web page, which is really annoying; that’s something worth fixing.

Le Chat Fonce: Petite Adventure 2

The Dark Cat goes around collecting coins. This is an old-skool platformer — jump from platform to platform and collect all the tokens until you’ve got enough to win. There aren’t any enemies; your nemesis is missing a jump and falling all the way back down to the ground and then having to climb up again. This is really well implemented, though; the main character is almost featureless but still clear and nicely but simply animated, and the sound design is good. I can completely imagine this being an actual released game in the mid 80s. I think it could be a little bit clearer that a locked door actually is a locked door, though; I found the door to Upper St, and couldn’t get through it, and then later on I somehow had a key and then it opened. I don’t know where I got that key from — presumably I picked it up somewhere? So that was a little confusing. There are also a couple of places where it’s slightly hard to tell whether a platform is a platform or is part of the background. But these are very small complaints! Nice work.

CIA Fish Enthusiast List

Nice work on the graphics. I actually thought, is this really 64x64? And checked, and it is. So you know the developer’s done well there :-) There’s not much to the actual game — walk around, hammer the fish monsters to death — but it’s nicely implemented. The sound is quite good, too; in particular, I realised I was getting cues from it without having to consciously notice them, which is always a sign of good audio design. I’m not quite sure where the CIA fit into this, mind, but perhaps I missed a whole chunk of the game where you put down the axe and invade Cuba or something :-)

The animated GIF screenshots of the game don’t respect the 64px limit, I should note :-) That’s not the game, though, so it doesn’t affect the rating…!

Wildfire

Lovely little Sokoban-style puzzle game, with an interesting frame story. It’s not very difficult (I won third time out), but I think that this could be the basis for a real game with loads of levels, and I’d happily play it. (The first two times I failed, one of them was not realising that one may need the fire to burn away obstructions before killing it, and the second was trying to pick up Mr Bernt himself to take him to the cabin, at which point I discover that… well, that that doesn’t work, and it made me laugh, but I won’t spoil it for people reading this!)

Oh, and I liked the “dollarone” scrolling credit as the game opened. Nice.

The Adventure

Charming little platformer. The player is a very engaging little fellow, and he moves fast and jumps high, both of which are good and contribute to a very flowing feel. He’s pretty vulnerable, though; I died all the time, through accidentally walking into enemies. And although I really liked the hole falling animation and look of surprise the first time around, it’s much less cute on repetition after I’ve died a bunch of times and have to wait through it. Also, having space for jump and X for attack is really rather awkward to control; the up arrow for jump would be considerably easier. There’s a nice vibe about this generally, though; with some polish, this could be a fun little dungeon explorer game.

The mysterious case of Lord Bolton

The beginnings of a good little game here, I think. It does a fair job of providing a slightly creepy atmosphere; the picture of the tentacled guy along with an audio “sting” actually made me jump a little, which was prety cool. However, once I’d found the lever and the key and then opened the gate, the game ended! This may be because it’s really just a proof-of-concept demo for the jam, but I feel like I missed out on something; some explanation, or some conclusion. If this is really just a trailer and will continue to be developed into something larger then I think it’s done its job as a teaser and to prove the tech works ok, though, nice work! One minor complaint: the tables being made of the same texture as the floor makes them ratehr invisible. I couldn’t understand why I was unable to walk further into a room, until I realise that there was a table in the way. This could be solved with shadows, or making the tables be made from a slightly different material than the flooring.

Everyday Struggle

A game about anxiety. I haven’t been in the right frame of mind to play this properly yet and so I won’t rate it because that would be unfair, but it’s courageous of the developer to put this out there, and I applaud that.

Gossamer Girls

Excellently fun game. I took a little while to grasp the exact mechanics — for example, I didn’t realise that bullets were limited for ages, because you start off with a lot, and so I didn’t know what the point of picking up the Xs that dead enemies leave behind was — but that didn’t take long to work out. Good distribution of reward chests and enemies (and a good variety of reward chests too!), and the footsteps being left behind in areas you’ve explored is a really nice touch. A minor complaint: the low “dong” noise you get when you pass through an “empty” square in the between-levels bonus pickups screen makes it sound like you’ve made a mistake in some way. Beyond that (and the enemies looking a bit too basic graphically which is out of place with the rest of the game), I have no complaints at all. Top fun.

A’maze’ing

A simple Bitsy maze game. Sadly, it’s in violation of the 64x64px requirement; it seems to be on a 128x128px grid, which means it’s got twice as much resolution as the jam dictates. Beyond that, it’s a maze game; move around, collect the key, open the door. The maze being on multiple screens is a nice touch; this feels rather like a first game for the developer, and it’s perfectly playable, if basic; finishing a game is important in itself. Hopefully they’ll go on to bigger and better things; a complete game would also have audio, a more detailed title screen, and some measure of extra challenge, and that’s something the developer can work on in future games to make them more accomplished. Good first effort!

Cave-Trapped

What a fun idea! There have been lots of games in this jam which have done well despite the 64px limitation, but this is the only game I’ve seen which thrives upon that limitation and actually puts it to use. The spider’s path being much more complex in a way that the person doesn’t see, because it’s too small for them to notice, is a really clever way to take advantage of the limited size: if you’ve not got much space, zoom it up even further and show all the hidden detail! Very impressed. I also like the graphics; the spider is cute, despite being only six pixels. Evocative. If I have a complaint, I’d say that the difficulty curve is quite high; the first couple of tutorial levels don’t show any complexity but instead just explain the mechanics, which is fine, but then the very next level is rather complicated as we suddenly introduce the idea that the spider’s path is very convoluted. This is not helped by the spider’s physics; it can walk over gaps or fall in an arc as long as it’s moving fast, but I didn’t realise that for ages because when contronted with a puzzling path I move slowly to explore different details. So I kept falling through gaps, and assumed that the goal was to work out how to approach the other side of the gap from a different direction, not that the gap isn’t meant to be a barrier at all as long as you’re walking at speed when you hit it. But these are small issues; the concept here is great, and I like this game a lot.

The Riddlebox

Find the one important object which solves the riddle and bring it back to the starting room. This seems deliberately designed to punish the player; you must bring one object and only one back in order to win, and it needs to be the right one. The actual pictures of the objects are, in most cases, not detailed enough to be able to tell exactly what an object is, so I assume that there’s no way to win other than to repeatedly try each of the objects, fail, die, and start again, over and over. The “learn by dying” game method, in other words. Also, the game seems to be built on a 128x128 resolution rather than 64x64, but since the graphics don’t really need the extra resolution I assume this was an oversight rather than a deliberate attempt to ignore the rules. Anyway, not much of a game, but maybe the next one will solve some of these issues!

Star Raid

Nicely done, with a very retro feel. At first I was annoyed by the slow movement, but after a while I got quite into it; you are a space explorer, after all, and gravity is weird. I got above 200 coins, and the secret rooms were interesting to find. There seems to be some weirdness with jumping onto platforms above and to the side of oneself; my feet don’t reach the platform (although my body does) and I sorta “glitch” onto that platform anyway. This could probably be solved with a tiny little animation, much like the (excellent) one where our little explorer does a three-point “superhero” landing when falling from a height.

And, of course, now you’ve looked at all those, you should go and play my game… Pipe Flip

This jam was good fun. Thank you to Jack Oatley for organising it!

One of my major limitations in game writing is that I am supernaturally, volcanically bad at graphics. So something like Lydian, the winning game, is completely beyond me to create, sad to say. This is why I made a puzzle game; the graphics in it are simplistic, to say the least. A few sprites of pipes, and the creeping fluid, and the entry and end screens. One of the advantages of the lowrezjam specifically is that you don’t have to create screens on the fly with code; you can just literally pre-render a bunch of them as PNGs and load those PNGs, because they’re only 64x64 pixels, which is tiny; the title screen, with logo and big PLAY button, is a 1.4KB png file which I just load into place. That’s pretty useful. I also made the game with pure HTML, CSS, and JavaScript; it’s not using a game engine which renders to a <canvas>. All of the things on screen are actually HTML elements. One of the nice advantages this gives is that mobile support is pretty easy, because browsers are already good at that; if I show the thing on screen, the browser handles clicks and so on for me. I can use all the CSS I want, so to scale a thing I don’t need to work out scaling algorithms myself; I just do everything at 64x64, and then apply transform: scale(10) or whatever to the whole containing element to make it bigger. (Pro tip: if you want to do that, and you want it to scale up, pixelated, then apply image-rendering: -moz-crisp-edges; image-rendering: crisp-edges; image-rendering: pixelated; to the thing you’re scaling, and then it’ll scale pixel by pixel, rather than blurring everything. That doesn’t work on fonts, annoyingly, but the rest is fine.)

Another thing I learned was that reviewing other people’s games helps. I grabbed all the results from the jam and put them in a spreadsheet (you can download the CSV file here), and I discovered something. You see, I came 69th overall, which out of 170 isn’t too bad. But I got more reviews on my game than almost anyone; Pipe Flip had 27 reviews and only two games got more than that. I am pretty confident that that happened because I wrote the above set of reviews, and posted them to each game, as the jam was going on. To review a game as part of the jam you have to have entered the jam; what this means is that when you get a review, you know that the reviewer also entered something. And I did my best to write meaningful reviews; not just that a game was good or bad but also what was good or bad about it, suggestions for improvements, applause for things that worked particularly well. I certainly wasn’t the only one doing this, but I think it helped; I not only got a bunch of useful feedback on Pipe Flip but I also had comments back from developers responding to my thoughts on their own games; I think this encouraged them to review mine. Of course, next I need to write a game which people review with higher scores, but that’s for next year :-) And in the meantime, there’s a message here; participate. We’re all in this together; everyone in the jam is looking to hear detail about their own games, whether good or bad, because it makes us all better game developers.

Anyway, that was the LOWREZJAM, 2018. I enjoyed it. Roll on the next one.

Categories: Linux

David Tomaschik: Hacker Summer Camp 2018: Wrap-Up

Planet Ubuntu - Sat, 08/25/2018 - 01:00

I meant to write this post much closer to the end of Hacker Summer Camp, but to be honest, I’ve been completely swamped with getting back into the thick of things. However, I kept feeling like things were “unfinished”, so I thought I’d throw together at least a few thoughts from this year.

BSides Las Vegas

I can’t say much about BSides as a whole this year, as I spent the entire time Gold Teaming for Pros vs Joes CTF. (Gold Team is responsible for running the game infrastructure, scoreboard, etc.) It was a great experience to be on Gold Team, but I do miss having a team to support and educate. Overall, the CTF went fairly well, but there were a few bumps that I hope we can avoid next year.

BSides also announced that they are ending their free badges. In some ways, I’m disappointed, but I also understand the reasons they are doing this. Even though I’ve had a badge included with my participation in the PvJ CTF for years, I’ve also been a personal sponsor of BSidesLV for those years as well. I’m lucky enough to be well-employed in the industry that BSidesLV supports, and I want to support their mission. I hope others will do so as well, but I also want to try to find a way to support those who aren’t able to shell out for a badge. Once details are announced for badges next year, I’ll look for an opportunity to support passionate students in our community.

DEF CON 26

DEF CON 26 was an incredible event. I know there were some bumps and warts to it, but I had a great con. (Also, I think it’s the only conference I attend that I refer to simply as “con”.) The villages are my favorite part of DEF CON, and the villages were in rare form this year with the expansion.

This year was my first year speaking at DEF CON (as a village speaker) and I am incredibly humbled by the experience. To think that something I had done was seen as interesting enough for 150 or so attendees to choose to spend 45 minutes of their time listening to me really makes me feel like I’m making an impact. The audience was great, and thanks to the IoT village for having me. (Maybe one day I’ll get a DEF CON speaker badge to place on my wall of badges.)

I have hopes that next year, villages will have some way to divide their rooms or reduce noise for the presentations in their space. So many run another activity (a CTF, hands on activities, etc.) and the noise from that can be problematic when it comes to speakers in the same space. (I experienced this both as a speaker and as an attendee for the talks.)

I also hope that next year, DEF CON will have helped to work through the issues we had with Caesar’s security this year. A good friend of mine landed in hot water over a misunderstood tweet, and there were the obvious reports of “room checks” that were not going according to the established policy. (I’m not even a fan of the room checks, but rifling through guests belongings is completely unacceptable.)

Splitting across Las Vegas Boulevard was also not the best situation. I look forward to moving back to Paris/Bally’s and having Planet Hollywood join the con. (Plus, breakfast crepes!) Getting over to Flamingo was such an ordeal that I only went over there once, and it was a brief visit at that. The ICS village over there was really impressive, and I missed out on a chance to get a Car Hacking Village badge. Some of this was poor planning on my part, but also the sheer distance between the two conference areas made it anything but convenient.

Conclusion

I can’t wait until next year. I’ll begin my planning guide around the beginning of 2019 to try to provide support to those looking for travel information, and I have a feeling that DEF CON 27 will be an even stronger showing. Here’s to all the contributions of the hacker family!

Categories: Linux

The Fridge: Ubuntu Membership Board call for nominations

Planet Ubuntu - Fri, 08/24/2018 - 14:12

As you may know, Ubuntu Membership is a recognition of significant and sustained contribution to Ubuntu and the Ubuntu community. To this end, the Community Council recruits from our current member community for the valuable role of reviewing and evaluating the contributions of potential members to bring them on board or assist with having them achieve this goal.

We have five members of our boards expiring from their terms, which means we need to do some restaffing of this Membership Board.

We have the following requirements for nominees:

  • be an Ubuntu Member (preferably for some time)
  • be confident that you can evaluate contributions to various parts of our community
  • be committed to attending the membership meetings broad insight into the Ubuntu community at large is a plus

Additionally, those sitting on membership boards should have a proven track record of activity in the community. They have shown themselves over time to be able to work well with others and display the positive aspects of the Ubuntu Code of Conduct. They should be people who can discern character and evaluate contribution quality without emotion while engaging in an interview/discussion that communicates interest, a welcoming atmosphere, and which is marked by humanity, gentleness, and kindness. Even when they must deny applications, they should do so in such a way that applicants walk away with a sense of hopefulness and a desire to return with a more complete application rather than feeling discouraged or hurt.

To nominate yourself or somebody else (please confirm they wish to accept the nomination and state you have done so), please send a mail to the membership boards mailing list (ubuntu-membership-boards at lists.ubuntu.com). You will want to include some information about the nominee, a Launchpad profile link, and which time slot (20:00 or 22:00) the nominee will be able to participate in.

We will be accepting nominations through Monday, September 10th at 13:00 UTC. At that time all nominations will be forwarded to the Community Council who will make the final decision and announcement.

Thanks in advance to you and to the dedication everybody has put into their roles as board members.

Categories: Linux

Pages

Subscribe to Bill's Place aggregator - Linux