Seeking a board seat at

I’ve stepped up to be considered for a seat on the Board of the Open Source Initiative.

Why would I want to do this? Simple: most of my technology-based career has been made possible because of the existence of FOSS technologies. It goes all the back to graduate school (Oregon State University, 1988) where I was able to work on a technology called TCP/IP which I was able to build for the OS/2 operating system as part of my MSEE thesis. The existence of newsgroups such as comp.os.unix, comp.os.tcpip and many others on usenet gave me a chance to be able to learn, craft and make happen networking code that was globally useable. If I did not have access to the code that was available on the newsgroups I would have been hardpressed to complete my thesis work. The licensing of the code then was uncertain and arbitrary and, thinking back, not much evidence that one could actually repurpose the code for anything one wants to.

My subsequent involvement in many things back in Singapore – the formation of the Linux Users’ Group (Singapore) in 1993 and many others since then, was only doable because source code was available for anyone do as they pleased and to contribute back to.

Suffice to say, when Open Source Initiative was set up twenty years ago in 1998, it was a formed a watershed event as it meant that then Free Software movement now had a accompanying, marketing-grade branding. This branding has helped spread the value and benefits of Free/Libre/Open Source Software for one and all.

Twenty years of OSI has helped spread the virtue of what it means to license code in an manner that enables the recipient, participants and developers in a win-win-win manner. This idea of openly licensing software was the inspiration in the formation of the Creative Commons movement which serves to provide Free Software-like rights, obligations and responsibilities to non-software creations.

I feel that we are now at a very critical time to make sure that there is increased awareness of open source and we need to build and partner with people and groups within Asia and Africa around licensing issues of FOSS. The collective us need to ensure that the up and coming societies and economies stand to gain from the benefits of collaborative creation/adoption/use of FOSS technologies for the betterment of all.

As an individual living in Singapore (and Asia by extension) and being in the technology industry and given that extensive engagement I have with various entities:

I feel that contributing to OSI would be the next logical step for me. I want to push for a wider adoption and use of critical technology for all to benefit from regardless of their economic standing. We have much more compelling things to consider: open algorithms, artificial intelligence, machine learning etc. These are going to be crucial for societies around the world and open source has to be the foundation that helps build them from an ethical, open and non-discriminatory angle.

With that, I seek your vote for this important role.  Voting ends 16th March 2018.

I’ll be happy to take questions and considerations via twitter or here.


Wireless@SGx for Fedora and Linux users

Eight years ago, I wrote about the use of Wireless@SGx being less than optimal some years ago.

I must acknowledge that there has been efforts to improve the access (and speeds) to the extent that earlier this week, I was able to use a wireless@sgx hotspot to be on two conference calles using and It worked very well that for the two hours I was on, there was hardly an issue.

I tweeted about this and kudos must be sent to those who have laboured to make this work well.

The one thing I would want the Wireless@SG people to do is to provide a full(er) set of instructions for access including Linux environments (Android is Linux after all).

I am including a part of my 2010 post here for the configuration aspects (on a Fedora desktop):

The information is trivial. This is all you need to do:

	- Network SSID: Wireless@SGx
	- Security: WPA Enterprise
	- EAP Type: PEAP
	- Sub Type: PEAPv0/MSCHAPv2

and then put in your Wireless@SG username@domain and password. I could not remember my iCell id (I have not used it for a long time) so I created a new one – They needed me to provide my cellphone number to SMS the password. Why do they not provide a web site to retrieve the password?

Now from the info above, you can set this up on a Fedora machine (would be the same for Red Hat Enterprise Linux, Ubuntu, SuSE etc) as well as any other modern operating system.

I had to recreate a new ID (it appears that iCell is no longer a provider) and apart from that, everything else is the same.

Thank you for using our tax dollars well, IMDA.

This is very interesting! (it is proprietary though)

I just came across something called hashgraph that seems to be able to replace blockchains as the basis of distributed ledgers.

The hashgraph is wrtten up by Dr Leemon Baird in this paper: is by the main author Leemon Baird.

He is the founder of a company called Swirlds ( Swirlds has implemented the hashgraph algorithm and provides a development environment for people to write applications on top of. It seems that Swirlds has been in stealth mode for the last 5 years or so.

The swirlds technology is, unfortunately, closed source and their demo platform is at:

with demo apps (these demo apps are also in the download above):

Both the SDK and demo codes are jar files. The source code of the demo is in public domain.

One of the key advantages of hashgraph is the number of transactions per seconds that goes into the tens of thousands while being able to maintain consensus with a certainty of 1 and also to be fair.

Hashgraph does not suffer wasteful computational cycles of blocks to arrive at consensus (and hence the power savings).

They don’t have a public block yet (they have a demo of it).

Swirlds has 3 patents (

From their website, their business model is to license their base environment for production.

I feel they are on to something.

More backgroud:
b) (The Future is Not Blockchain, it’s hashgraph)
c) (The Future Of Consensus | A Panel Discussion With The Hashgraph Team At The Assemblage NYC

You can follow hashgraph on telegram

Three must haves in Fedora 26

I’ve been using Fedora ever since it came out back in 2003. The developers of Fedora and the greater community of contributors have been doing a amazing job in incorporating features and functionality that subsequently has found its way into the downstream Red Hat Enterprise Linux distributions.

There are lots to cheer Fedora for. GNOME, NetworkManager, systemd and SELinux just to name a few.

Of all the cool stuff, I particularly like to call out three must haves.

a) Pomodoro – A GNOME extension that I use to ensure that I get the right amount of time breaks from the keyboard. I think it is a simple enough application that it has to be a must-have for all. Yes, it can be annoying that Pomodoro might prompt you to stop when you are in the middle of something, but you have the option to delay it until you are done. I think this type of help goes a long way in managing the well-being of all of us who are at our keyboards for hours.

b) Show IP: I really like this GNOME extension for it does give me at a glance any of a long list of IPs that my system might have. This screenshot shows ten different network end points and the IP number at the top is that of the Public IP of the laptop. While I can certainly use the command “ifconfig”, while I am on the desktop, it is nice to have it needed info tight on the screen.



c) usbguard: My current laptop has three USB ports and one SD card reader. When it is docked, the docking station has a bunch more of USB ports. The challenge with USB ports is that they are generally completely open ports that one can essentially insert any USB device and expect the system to act on it. While that is a convenience, the possibility of abuse isincreasing given rogue USB devices such as USB Killer, it is probably a better idea to deny, by default, all USB devices that are plugged into the machine. Fortunately, since 2007, the Linux kernel has had the ability to authorise USB devices on a device by device basis and the tool, usbguard, allows you to do it via the command line or via a GUI – usbguard-applet-qt. All in, I think this is another must-have for all users. It should be set up with default deny and the UI should be installed by default as well. I hope Fedora 27 onwards would be doing that.

So, thank you Fedora developers and contributors.



A better model to work with citizens

I have been putting off installing the SGSecure application on my phone.

I finally decided to do it via the Google Playstore. It got downloaded and installed and when I started the app, it needed me to agree to the Terms of Use:


I know most people would just hit the “I agree” button, but not me.

I hit the “Terms of Use” link and it then brought me to Ts&Cs page.


As an open source advocate, I am very disappointed that a tax-dollars funded application is kept proprietary. I am OK for the contents the app works with as “proprietary”, but at the very least, I expect that the application code be placed on an open source license like the GNU General Public License. Why? So that we can all work to make it even better. The government is not the best in building applications and as has been demonstrated over the last few years, working with the free and open source community helps build a significantly better application no matter who you are.

Continuing the Ts&Cs:



I have a problem with 4 (b) above. Why would the app need access to messaging services? Shouldn’t the app be able to send information to the relevant recipients directly?


What’s with 4 (e) where it says that PII may be shared with non-Government services? It is easy to say “to serve you better”. I would want to know who the non-G service providers are and how they manage these PII.


The link at the bottom of the screenshot above, brings me to – a substantially similar one as the one included in the app.

I decided to uninstall it.  And I tweeted about my hesitation in accepting this app. Hopefully someone is listening and I am more than willing to discuss.

This is quite a nice tool – magic-wormhole

I was catching up on the various talks at PyCon 2016 held in the wonderful city of Portland, Oregon last month.

There are lots of good content available from PyCon 2016 on youtube. What I was particularly struck was, what one could say is a mundane tool for file transfer.

This tool, called magic-wormhole, allows for any two systems, anywhere to be able to send files (via a intermediary), fully encrypted and secured.

This beats doing a scp from system to system, especially if the receiving system is behind a NAT and/or firewall.

I manage lots of systems for myself as well as part of the work I at Red Hat. Over the years, I’ve managed a good workflow when I need to send files around but all of it involved having to use some of the techniques like using http, or using scp and even miredo.

But to me, magic-wormhole is easy enough to set up, uses webrtc and encryption, that I think deserves to get a much higher profile and wider use.

On the Fedora 24 systems I have, I had to ensure that the following were all set up and installed (assuming you already have gcc installed):

a) dnf install libffi-devel python-devel redhat-rpm-config

b) pip install –upgrade pip

c) pip install magic-wormhole

That’s it.

Now I would want to run a server to provide the intermediary function instead of depending on the goodwill of Brian Warner.


UEFI and Fedora/RHEL – trivially working.

My older son just enrolled into my alma mater, Singapore Polytechnic, to do Electrical Engineering.  It is really nice to see that he has an interest in that field and, yes, make me smile as well.

So, as part of the preparations for the new program, the school does need the use of software as part of the curriculum. Fortunately, to get a computer was not an issue per se, but what bothered me was that the school “is only familiar with windows” and so that applications needed are also meant to run on windows.

One issue led to another and eventually, we decided to get a new laptop for his work in school. Sadly, the computer comes only with windows 8.1 installed and nothing else. The machine has ample disk space (1TB) and the system was set up with two partitions – one for the windows stuff (about 250G) and the 2nd partition as the “D: drive”. Have not seen that in years.

I wanted to make the machine dual bootable and went about planning to repartition the 2nd partition into two and have about 350G allocated to running Fedora.

Then I hit an issue.  The machine was installed with Windows using the UEFI. While the UEFI has some good traits, but unfortunately, it does throw off those who want to install it with another OS – ie to do dual-boot.

Fortunately, Fedora (and RHEL) can be installed into a UEFI enabled system. This was taken care of by work done by Matthew Garrett as part of the Fedora project. Matthew also received the FSF Award for the Advancement of Free Software earlier this year. It could be argued that perhaps UEFI is not something that should be supported, but then again, as long as systems continue to be shipped with it, the free software world has to find a way to continue to work.

The details around UEFI and Fedora (and RHEL) is all documented in Fedora Secure Boot pages.

Now on to describing how to install Fedora/RHEL into a UEFI-enabled system:

a) If you have not already done so, download the Fedora (and RHEL) ISOs from their respective pages. Fedora is available at and RHEL 7 Release Candidate is at

b) With the ISOs downloaded, if you are running a Linux system, you can use the following command to create a bootable live USB drive with the ISO:

dd  if=Fedora-Live-Desktop-x86_64-20-1.iso of=/dev/sdb

assuming that /dev/sdb is where the USB drive is plugged into. The most interesting thing about the ISOs from Fedora and RHEL is that they are already set up to boot into a UEFI enabled system, i.e., no need to disable in BIOS the secure boot mode.

c) Boot up the target computer via the USB drive.

d) In the case of my son’s laptop, I had to repartition the “D: drive” and so after boot up from the USB device, I did the following:

i) (in Fedora live session): download and install gparted (sudo yum install gparted) within the live boot session.

ii) start gparted and resize the “D: drive” partition. In my case, it was broken into 2 partitions with about 300G for the new “D: drive” and the rest for Fedora.

e) Once the repartitioning is done, go ahead and choose the “Install to drive” option and follow the screen prompts.

Once the installation is done, you can safely reboot the machine.

You will be presented with a boot menu to choose the OS to start.



I know more than you do

I cannot help but continue to be baffled by the way the G responds to some of the continuing challenges that the nation faces.

Way back in 2009, the Ministry of Home Affairs announced the formation of the Singapore Infocomm Technology Security Authority. It apparently is an entity within the Internal Security Department. Fast forward four years, the Ministry of Defence announces the setting up of a Cyber Defence Operations Hub. Not sure how much these two efforts are costing us, the tax payer, but suffice to say, an extra $130 million will apparently be spent on more cyber security stuff over the next 5 years. Nice.

Money is not an object is seems. There is plenty to be spent. Will any of this help create new software and hardware that is open? Will the tax dollars being spent enable the citizens to help and innovate upon? I suspect that they will not buy the “security by obscurity” meme and claim national security being paramount and so all things have to be hidden.

While all of this was happening, some websites got defaced. Defaced by groups who label themselves as “Messiah” and claiming affiliations with the Anonymous group. The clueless mainstream media, obviously, go about saying that the sites were “hacked”. Hacking is a noble thing. It is a skill, a frame of mind, a can do bravado. A cracker/vandal, on the other hand, is one who does not live up to the hacker ideals and ethics and abuses her skills. She is no different from a housebreaker who by day is a locksmith.

So, amidst all of these defacements and “cyberwar” preparedness, we get reports of some individuals being caught and the charged in court for allegedly undertaking the defacements. These alleged vandals, if we are to go by the MSM reports, seem to be nothing more than script-kiddies who could not even do the basic “cover your tracks” that any criminal worth his salt would have done. These script-kiddies merely locked on to pre-existing flaws in the sites they chose to vandalize and did the deed. Perhaps they deserve the book being thrown at them.

On the other hand, these alleged vandals could be fall guys. They were unskilled enough to have been caught.

This is too cool!

[harish@phoenix ~]$ traceroute
traceroute to (, 30 hops max, 60 byte packets
 1 ( 2.473 ms 2.937 ms 3.902 ms
 2 ( 15.342 ms 15.664 ms 16.515 ms
 3 ( 17.175 ms 17.540 ms 18.104 ms
 4 ( 18.865 ms 20.381 ms 20.813 ms
 5 ( 24.398 ms 24.337 ms 24.227 ms
 6 ( 28.237 ms 17.013 ms 16.335 ms
 7 ( 15.227 ms 21.645 ms 21.858 ms
 8 ( 20.962 ms 21.042 ms 20.766 ms
 9 ( 21.584 ms 22.500 ms 22.639 ms
10 ( 213.814 ms 214.532 ms 216.222 ms
11 ( 209.283 ms 209.811 ms 206.368 ms
12 ( 197.110 ms 199.926 ms 203.206 ms
13 ( 231.479 ms 234.769 ms 234.712 ms
14 ( 246.268 ms 246.252 ms 246.026 ms
15 ( 273.176 ms 273.562 ms 273.933 ms
16 ( 257.073 ms 257.860 ms 258.197 ms
17 * * *
18 Episode.IV ( 279.888 ms 277.874 ms 280.236 ms
19 A.NEW.HOPE ( 285.736 ms 284.384 ms 285.730 ms
20 ( 291.342 ms 293.745 ms 293.975 ms
21 Rebel.spaceships ( 295.027 ms 300.389 ms 300.605 ms
22 striking.from.a.hidden.base ( 300.050 ms 300.106 ms 299.865 ms
23 have.won.their.first.victory ( 284.885 ms 291.515 ms 293.083 ms
24 against.the.evil.Galactic.Empire ( 282.759 ms 280.749 ms 280.269 ms
25 During.the.battle ( 301.951 ms 300.714 ms 297.183 ms
26 Rebel.spies.managed ( 306.370 ms * *
27 * to.steal.secret.plans ( 304.887 ms 301.879 ms
28 to.the.Empires.ultimate.weapon ( 292.549 ms 290.469 ms 291.832 ms
29 the.DEATH.STAR ( 290.021 ms 281.892 ms 280.153 ms
30 ( 283.677 ms 295.996 ms 285.008 ms
[harish@phoenix ~]$

Good stuff, Episode IV.