This is quite a nice tool – magic-wormhole

I was catching up on the various talks at PyCon 2016 held in the wonderful city of Portland, Oregon last month.

There are lots of good content available from PyCon 2016 on youtube. What I was particularly struck was, what one could say is a mundane tool for file transfer.

This tool, called magic-wormhole, allows for any two systems, anywhere to be able to send files (via a intermediary), fully encrypted and secured.

This beats doing a scp from system to system, especially if the receiving system is behind a NAT and/or firewall.

I manage lots of systems for myself as well as part of the work I at Red Hat. Over the years, I’ve managed a good workflow when I need to send files around but all of it involved having to use some of the techniques like using http, or using scp and even miredo.

But to me, magic-wormhole is easy enough to set up, uses webrtc and encryption, that I think deserves to get a much higher profile and wider use.

On the Fedora 24 systems I have, I had to ensure that the following were all set up and installed (assuming you already have gcc installed):

a) dnf install libffi-devel python-devel redhat-rpm-config

b) pip install –upgrade pip

c) pip install magic-wormhole

That’s it.

Now I would want to run a server to provide the intermediary function instead of depending on the goodwill of Brian Warner.


UEFI and Fedora/RHEL – trivially working.

My older son just enrolled into my alma mater, Singapore Polytechnic, to do Electrical Engineering.  It is really nice to see that he has an interest in that field and, yes, make me smile as well.

So, as part of the preparations for the new program, the school does need the use of software as part of the curriculum. Fortunately, to get a computer was not an issue per se, but what bothered me was that the school “is only familiar with windows” and so that applications needed are also meant to run on windows.

One issue led to another and eventually, we decided to get a new laptop for his work in school. Sadly, the computer comes only with windows 8.1 installed and nothing else. The machine has ample disk space (1TB) and the system was set up with two partitions – one for the windows stuff (about 250G) and the 2nd partition as the “D: drive”. Have not seen that in years.

I wanted to make the machine dual bootable and went about planning to repartition the 2nd partition into two and have about 350G allocated to running Fedora.

Then I hit an issue.  The machine was installed with Windows using the UEFI. While the UEFI has some good traits, but unfortunately, it does throw off those who want to install it with another OS – ie to do dual-boot.

Fortunately, Fedora (and RHEL) can be installed into a UEFI enabled system. This was taken care of by work done by Matthew Garrett as part of the Fedora project. Matthew also received the FSF Award for the Advancement of Free Software earlier this year. It could be argued that perhaps UEFI is not something that should be supported, but then again, as long as systems continue to be shipped with it, the free software world has to find a way to continue to work.

The details around UEFI and Fedora (and RHEL) is all documented in Fedora Secure Boot pages.

Now on to describing how to install Fedora/RHEL into a UEFI-enabled system:

a) If you have not already done so, download the Fedora (and RHEL) ISOs from their respective pages. Fedora is available at and RHEL 7 Release Candidate is at

b) With the ISOs downloaded, if you are running a Linux system, you can use the following command to create a bootable live USB drive with the ISO:

dd  if=Fedora-Live-Desktop-x86_64-20-1.iso of=/dev/sdb

assuming that /dev/sdb is where the USB drive is plugged into. The most interesting thing about the ISOs from Fedora and RHEL is that they are already set up to boot into a UEFI enabled system, i.e., no need to disable in BIOS the secure boot mode.

c) Boot up the target computer via the USB drive.

d) In the case of my son’s laptop, I had to repartition the “D: drive” and so after boot up from the USB device, I did the following:

i) (in Fedora live session): download and install gparted (sudo yum install gparted) within the live boot session.

ii) start gparted and resize the “D: drive” partition. In my case, it was broken into 2 partitions with about 300G for the new “D: drive” and the rest for Fedora.

e) Once the repartitioning is done, go ahead and choose the “Install to drive” option and follow the screen prompts.

Once the installation is done, you can safely reboot the machine.

You will be presented with a boot menu to choose the OS to start.



I know more than you do

I cannot help but continue to be baffled by the way the G responds to some of the continuing challenges that the nation faces.

Way back in 2009, the Ministry of Home Affairs announced the formation of the Singapore Infocomm Technology Security Authority. It apparently is an entity within the Internal Security Department. Fast forward four years, the Ministry of Defence announces the setting up of a Cyber Defence Operations Hub. Not sure how much these two efforts are costing us, the tax payer, but suffice to say, an extra $130 million will apparently be spent on more cyber security stuff over the next 5 years. Nice.

Money is not an object is seems. There is plenty to be spent. Will any of this help create new software and hardware that is open? Will the tax dollars being spent enable the citizens to help and innovate upon? I suspect that they will not buy the “security by obscurity” meme and claim national security being paramount and so all things have to be hidden.

While all of this was happening, some websites got defaced. Defaced by groups who label themselves as “Messiah” and claiming affiliations with the Anonymous group. The clueless mainstream media, obviously, go about saying that the sites were “hacked”. Hacking is a noble thing. It is a skill, a frame of mind, a can do bravado. A cracker/vandal, on the other hand, is one who does not live up to the hacker ideals and ethics and abuses her skills. She is no different from a housebreaker who by day is a locksmith.

So, amidst all of these defacements and “cyberwar” preparedness, we get reports of some individuals being caught and the charged in court for allegedly undertaking the defacements. These alleged vandals, if we are to go by the MSM reports, seem to be nothing more than script-kiddies who could not even do the basic “cover your tracks” that any criminal worth his salt would have done. These script-kiddies merely locked on to pre-existing flaws in the sites they chose to vandalize and did the deed. Perhaps they deserve the book being thrown at them.

On the other hand, these alleged vandals could be fall guys. They were unskilled enough to have been caught.

This is too cool!

[harish@phoenix ~]$ traceroute
traceroute to (, 30 hops max, 60 byte packets
 1 ( 2.473 ms 2.937 ms 3.902 ms
 2 ( 15.342 ms 15.664 ms 16.515 ms
 3 ( 17.175 ms 17.540 ms 18.104 ms
 4 ( 18.865 ms 20.381 ms 20.813 ms
 5 ( 24.398 ms 24.337 ms 24.227 ms
 6 ( 28.237 ms 17.013 ms 16.335 ms
 7 ( 15.227 ms 21.645 ms 21.858 ms
 8 ( 20.962 ms 21.042 ms 20.766 ms
 9 ( 21.584 ms 22.500 ms 22.639 ms
10 ( 213.814 ms 214.532 ms 216.222 ms
11 ( 209.283 ms 209.811 ms 206.368 ms
12 ( 197.110 ms 199.926 ms 203.206 ms
13 ( 231.479 ms 234.769 ms 234.712 ms
14 ( 246.268 ms 246.252 ms 246.026 ms
15 ( 273.176 ms 273.562 ms 273.933 ms
16 ( 257.073 ms 257.860 ms 258.197 ms
17 * * *
18 Episode.IV ( 279.888 ms 277.874 ms 280.236 ms
19 A.NEW.HOPE ( 285.736 ms 284.384 ms 285.730 ms
20 ( 291.342 ms 293.745 ms 293.975 ms
21 Rebel.spaceships ( 295.027 ms 300.389 ms 300.605 ms
22 striking.from.a.hidden.base ( 300.050 ms 300.106 ms 299.865 ms
23 have.won.their.first.victory ( 284.885 ms 291.515 ms 293.083 ms
24 against.the.evil.Galactic.Empire ( 282.759 ms 280.749 ms 280.269 ms
25 During.the.battle ( 301.951 ms 300.714 ms 297.183 ms
26 Rebel.spies.managed ( 306.370 ms * *
27 * to.steal.secret.plans ( 304.887 ms 301.879 ms
28 to.the.Empires.ultimate.weapon ( 292.549 ms 290.469 ms 291.832 ms
29 the.DEATH.STAR ( 290.021 ms 281.892 ms 280.153 ms
30 ( 283.677 ms 295.996 ms 285.008 ms
[harish@phoenix ~]$

Good stuff, Episode IV.

In a word, wow!

I am not sure if this is a report that contains stuff taken out of context, but if its true that PM Lee thinks that his government did not have clarity in vision, what does that mean to all the justifications of paying sky-high wages to the “ministers” who were, after all, the ones who should have looked out for us?

I await back-peddling and clarifications before commenting on what appears to me an admission of failure.

While we are talking about failures, let me point a huge failure playing out in the Singapore civil service in the form of the fiasco called the  “Standard Operating Environment”. There is no one in the civil service that has anything positive to say about the fiasco that they have to be living with for the next umpteen years. The amount of tax dollars wasted and continued to be wasted because of the closed, proprietary software chosen is appalling. We need to stop it. Now!

Mr Prime Minister, I made an offer to help set up a Singapore Open Institute that will propel the Singapore public sector rapidly forward with the adoption and use of open source software and make it innovative and forward thinking. The offer still has not been taken up by you or your office.

Let’s make rapid changes and changes for the better. I look forward to hearing from you at h dot pillay at ieee dot org.

Doing the right thing and a proposal

I am glad to read the the Prime Minister has decided to probe the sale the applications (built and paid using tax dollars) by the PAP Town Councils to the PAP-owned company AIM.

<stand up> <applause> <applause> <applause> <applause> <applause> <sit down>

I would like to know the following:

  1. Who will head this?
  2. What kind of time frame will this have to be done by – one month, one year, by next general election?
  3. In the meantime, what happens to the monies that have been spent (and to be spent) in the transaction
  4. Will there be a public disclosure of companies that are PAP-owned and a list of transactions done by them with public sector agencies. I would expect the same from the WP and other political parties as well.

I would also like to hear from the Prime Minister on how we can ensure that all technology used/developed/deployed in any public sector entity in Singapore will FIRST consider open source solutions and failing to find something, then with a request for exemption (RFE), filed, published and approved, to look at non-open source options.

The time is NOW to make the bold and exciting change, Mr Prime Minister. I am sure this is of no concern to you, but rest assured your legacy will be being acknowledged as the Open Source Prime Minister.

While it might be premature to say “well done”, any progress is good progress. Doing the right thing is what this is all about.

As citizens, we need to keep a watchful eye on this probe to ensure that nothing is left unturned and keep the pressure on.

Again, my offer to help build an open source solution to managing Town Council system remains.

Let me take this opportunity to flesh out a proposal of how this can be accomplished.


  • We establish a Singapore Open Institute, funded by government and/or corporate sponsors.
  • SOI’s role will be primarily at assessing all the open source solutions being developed around the world especially for government (and education) and finding local use of them. Likewise, local public sector agencies can seek SOI’s help in creating open source solutions.
  • SOI will be the trusted agency that public sector entities will seek advise and clearance in projects they want to undertake.
  • SOI will also create a Public Sector Software Exchange (PSX). The PSX will be open to anyone, anywhere to contribute to as well as to consume code from. All code in PSX could be on a GPLv3 or Apache License v 2 or something Singapore-branded, like the EU open license. PSX will also host SMEs, start-ups and individuals who can provide solutions. Parts of the Instruction Manual will have to be amended as needed to accomodate this.
  • SOI will also be the entity to which requests for exemption (RFE) has to be applied for by public sector agencies before going for closed source products. RFEs will have an expiry period and will be specific to a project.
  • SOI will also be the catalyst in creating and running programming contests, hack-a-thons etc (both with open source software and hardware). This is principally to encourage as many people to learn coding and build solutions.
  • Mindef, Police, SCDF and security related agencies are exempted from SOI but are strongly encouraged to create an equivalent of
  • SOI will also be the thought leader for Open Data, Open Source, Open Hardware and Open Standards.

It is an idea whose time has come for Singapore to act on, Mr Prime Minister.

Let’s do the right thing.