Another milestone, Pastebin rewrite done!

So, believe it or not, but I did it! Eventually! is alive! Since it’s more powerful than Pastebin, given its support for files and images, I decided to call it “Pastebit” and registered paying with cash out of my pocket. Check it out, it’s a painless, easy way to paste your stuff from everywhere!

So, now that the modularization is done ( is working great already, and more has to come there [JSON API]), we can eventually focus on the main website restyling.

An updated version of pastebunz is coming to repos, already.


AppStream, I did it in 2008

It’s the same old story. A stupid has an intuition, the smart comes and steals the idea. The stupid keeps struggling trying to make a living, the smart wins prizes and zillions of $ (best case).

In this case, the stupid is me, and the smartest guys are these.

Exactly four years ago, even before Apple AppStore, Android Market and Nokia Ovi. I had the intuition that applications should have been brought to users with some “content” generated directly by other users. I called this “the Web 2.0 of software”. I’ve been able to implement some of my ideas, thanks to NLnet funds, wrote package, wrote the “UGC” part of But when I tried to push the idea to the wild wild², I only got cold feedback.

This happens when you’re nobody, cannot count on offshore money, and are probably too young.

This is the life, they say. We will for sure support AppStream, anyway.

User laziness impact on infrastructures

This is what happens when you are not enough paranoid on bandwidth management and monitoring. Especially when you forget that users are lazy, and ignore that consuming bandwidth downloading 10 packages simultaneously from (our fallback Entropy mirror, main source of fresh pkgs when slave mirrors are still syncing) can have serious impact on our costs.

So, if you are reading this, and still using to fetch your Entropy packages, please remove it from the list or lower its priority. So, here is 5TB consumed in less than 25 days, just on (other subdomains, including www, are running on another server). You can see a drop, on the 25th, the day where I re-enabled some bandwidth limiting.

At the same time, because I’m not stupid, starting from Entropy 1.0_alpha9, we are able to enforce fallback mirrors to have the lowest priority, despite what the user setting is inside repositories.conf ;-).

Every time you download a package from, a kitten dies.

When games matter!

Gaming, and games, are a great opportunity for Linux proliferation. I keep saying that since last year success at FDC09 in Florence (Italy). They are also a good magnet for people just walking through stands in any Expo.

I feel it on my skin and that’s what people running Windows tell me. They just keep it on their HD because of games, mostly. They want to play Age of Empires, GTA, PES and whatever. They just don’t care about the rest. For these people, Wine is not an option, they don’t want to spend their free time struggling trying to make their game working. They want things working, period.

The only thing we can do, as Linux distributors and “moderate” Free Software activists, is to keep making things working out-of-the-box, providing a solid and reliable platform, STOP breaking APIs every other day, lobbying the Gaming industry, and hope.

I am one of many people out there ready to pay the double to play native games under Linux. We’re a lot, and want to have fun, too.

I tell you, things are starting to change, slowly but steadily, keeps pushing on the “Gaming” button every day, keeping the hype and expectations high. That’s the right direction, and I really hope that 2011 will be remembered as the “Gaming on Linux” year.

Got stuff to do, what’s cookin’

So, what’s cooking inside Sabayon and inside my life?

First of all, I am happy to announce that I am close to extend my contract with Weswit, if you don’t know who is it about. It’s a Web3.0 company (XD) producing the Award winning multi-platform Real-Time data transmission Server called Lightstreamer. I’m having an outstanding experience there, learning new things every day, fighting against the most bloody bastard bugs you can ever imagine, where data concurrency is the standard. So, things are going really well on this side.

At the same time, I’ve been busy with the damn university stuff, studying really tedious things, like Probability and Statistics, sucking all my time. I hope to graduate in a year and a half, depending on business opportunities (and my laziness). I’m also planning to do the internship next year, hopefully at Google (if I’ll pass the tricky tests) or somewhere else, who knows.

On the Sabayon side, 3 main things to report:

  1. Sabayon Gaming Edition. Christmas is coming, and so our Gaming Edition, can you imagine, a Sabayon DVD full of wonderful Linux games? Unfortunately, there aren’t many commercial games around, so their demos (hoping to see things changing with the introduction of Chrome OS), but still, we can show the world that Linux is a valuable, performant Gaming platform when the whole Graphics stack works (fglrx and nvidia drivers aren’t that bad, with the latter being as performant as in Windows).
  2. Website. We’re planning a migration to Drupal, moving the Entropy part to a separate subdomain, hoping to make it easier to keep in sync with the rest of the coolness around (skins mainly). ETA: Spring 2011, hopefully. If you can help out, mail us.
  3. Entropy. Conditional dependencies ( ( app-foo/foo & foo-bar/baz ) | new-baz/bar ) support. Binary packages delta downloads (almost implemented, just missing client-side code). Integrated anti-rootkit functionalities (equo security oscheck). Reworked the configuration files syntax, keeping backward compatibility. And a lot of other bug fixes, speed improvements and API refactoring. The next big thing will be mitigating the effects of corrupted filesystem on a sqlite3 database (sqlite3 db is used for storing repository metadata).

Why Free Software doesn’t always fly

One of the reasons why this happens, unfortunately, in my opinion, is very simple: as I wrote before, developers keep breaking the compatibility of their libraries with the rest of the world, whenever they feel, with no communication with downstream at all.

Since the amount of free software libraries is high, the probability of having a breakage is not something very uncommon as you may expect. Here in Sabayon we receive daily reports regarding things that break, that broke or could potentially break. We spend half of our (non-paid) time to just keep things working, without being able to fully dedicate to “progress”. With “progress” I mean, things that could make the Linux Desktop experience better every day.

A third reason for all this mess is human errors. At any level, and it’s part of the “domino effect” starting from developers mentioned in the first paragraph. Most FLOSS devs are very young boys and girls wanting to experiment and mess (in a good way, to make experience) with their code without being forced to follow an enterprise grade “code evolution path”, just to say one. We need more professionals, but to get there, we need to turn the free software thing into a profitable business, like it or not.

To make our philosophy successful, we need to find a good mixture of business and openness. – what lazy people should use

I keep forgetting my Android mini-USB cable and most of the times, this was a big big problem when I had to quickly move some files from my HTC Magic running CyanogenMod to my Laptop. Until today, when I discovered Now I just upload something, get the code and download from my Macbook. Cool! Security included!

Underestimation of Software Security

It’s like a virus, it’s everywhere. Whoever I talk with, doesn’t give a shit about software security. I’m not talking about some cryptic concepts or whatever, just, the basics, like pitfalls of strncpy(), just to name one.

Moreover, every single lecture I attended until now has never ever mentioned anything about this very, expensive and important field of Computer Science. Just one exception (worth mentioning): Lorenzo Dematté (kudos to him and his lectures, really appreciated) during his Computer Architecture course, explaining why buffer overflow are very cheap and devastating.

Hey, teachers!? Care to tell your students anything about software security and why developers should freaking care? (I’m pointing the fingers to the latest bunch of security exploits discovered in the Linux kernel, driving distro maintainers *cough* nuts).

Just my today’s rant!

An iterator that never ends

Most of the time I feel like dealing with a never ending iterator while fixing bugs. Once you fix one bug, another immediately pops up somewhere else. Or while you fix a bug, you find other two in a row. 90% of the time, it is because somebody else decided to break his API or just because in hurry, thus not seeing the whole picture in that exact moment. A new super-fast rewritten routine could impact the reliability of the whole code and cause damage. Even if a stupid file path mistake could generate tremendous effects. It is here, that corner-cases support is dropped.

What do I mean? That probably somewhere in your application you’re using a library in a legal-but-not-very-common way. …and upstream doesn’t know about it!
So, the efficiency drops a LOT! I can estimate that 60% of my time as free software developer is spent at fixing what other people broke. And other people spend time at fixing what I break, too, of course. So what could be a viable “solution” in order to mitigate the problem? Beside saying “there’s nothing against laziness, nothing against people forgetting to let other people know about important changes in their software” not much. Perhaps some kind of Twitter/ interface? The Publisher/Subscriber pattern might work well. Maybe this is going to happen someday in future, who knows…


I’m officially back from my 2 weeks vacation.
As usual, bad things happen only when you are on holiday. A customer got a UDP flood (Fraggle) attack and I spent several days doing security auditing and studying tcpdump dumps.

Anyway, there are a lot of things boiling  in my pot, some I’ll start blogging about in the next days, others are expected to be ready to be eaten before the end of September: Sabayon 5.4, Entropy improvements, Molecule features.

While the Sabayon project is constantly looking for new developers and people joining our devel mailing list, I am at the same time looking for new customers!

hello, twitter

Enter your email address to follow this blog and receive notifications of new posts by email.

Join 583 other followers