System Overlord

A blog about security engineering, research, and general hacking.

The expectations of new users of FOSS

03 Jun 2010 in Linux (Reading time: 3 minutes)

Many new users of Free/Open Source Software come with one of two (if not more) unrealistic expectations: either an expectation for support despite not having paid anything for the software or support, or an idea that Open Source = Public Domain.

Community-based support is not the same as commercial support.  Community-based support is a purely volunteer effort, and should not have particular expectations of response times.  For example, telling the community that a particular issue is "Urgent!" does not generally make it more urgent for the community.  Making no effort to solve the problem yourself generally leads to even less urgency from the community.  If you want a commercial level of support, pay for it.  For example, Canonical offers commercial support for Ubuntu.  There are many support vendors out there.

Open Source is not Public Domain software.  It has a copyright and a license.  I have seen several people complaining that particular libraries are GPL-licensed (or other so-called "viral" licenses) preventing them from using them in their commercial applications.  Please realize that you are asking to take someone else's work for free and turn a profit on it.  Either participate in the social contract of open source, find another library, or approach the developer and offer to pay for a dual-license to allow use in your proprietary work.  Using GPL code without adhering to the copyleft provisions of the license is software piracy, which nobody should tolerate.  Presumably, if you don't want your application to be open source, you're looking for others to pay you for your work.  I don't think you'd very much appreciate it being resold without a license and without revenue for you.

There is a social contract in addition to the legally-binding licenses behind FOSS.  Respecting it will continue to encourage the development of a productive software ecosystem.

Ubuntu Membership

01 May 2010 in Misc (Reading time: 1 minute)

For a while now, I've considered going for Ubuntu Membership, and I've decided now is the time.  I feel that my contributions to the community are significant and that Ubuntu has become a significant part of my life.  I'd like to ask anyone who feels comfortable supporting me to post on my Ubuntu wiki page at https://wiki.ubuntu.com/Matir.  I appreciate your support in the community.

AXIS IP Cameras = Fail

20 Feb 2010 in Work (Reading time: 5 minutes)

At work, we've been developing a custom camera recording solution for the past 4 months. Essentially, it's a system to provide a web-based interface to record a number of IP cameras, transcode the videos, and output the videos to a variety of the web applications we use (Moodle, Drupal, etc.) The cameras in question are Axis Q1755 cameras, which are really intended for use as HD security cameras and not in the studio-type environment we have here. (Neither I nor my department was involved in camera selection, and those who were have serious second thoughts.) In any case, these cameras are a continuous source of frustration for us.

H.264 Support

The h.264/RTP support in these camera doesn't seem to fit to any real standard.  Multiple clients have complained about the malformed h.264 stream coming from these cameras.  (The I-frame numbering seems inconsistent, among other things.)

Hardware Capabilities

The manual claims the camera supports a maximum of 10 clients.  In our testing on a GigE network, video quality began to degrade at 3 Unicast clients (720p capture mode, h.264 streaming, GOV length of 32).  Looking at the CPU load on the cameras, load averages exceeded 5.0 with 3 clients.  This is completely unacceptable for our needs.  So we thought we would turn to multicasting.  We even called networking, confirmed that the network was setup for multicasting, and got a multicast IP allocation.  Seems that would fix things up, right?

Multicasting

Multicast support is an adventure.  Several readings of the manual found the only documented multicast capability was on Windows with IE and an Axis ActiveX control called Axis Media Control (AMC).  AMC, of course, requires administrator privileges to install.  Even that would leave Linux, Mac, and Firefox users in the cold.  I figured we were just missing something and we should contact AXIS Support.  Big mistake.  Big waste of time.  The response to the initial inquiry was, essentially, a nice RTFM:

Thank you for contacting Axis Communications. My name is <cut> and I will be happy to assist you today. The Axis Q1755 has multicast enabled by default, where as some of our older units required you to enable multicasting.

The manual is a good place to start
http://www.axis.com/files/manuals/um_q1755_35572_0905.pdf

On page 11 and 12 explains ways to pull the multicast stream from the camera.

Best regards,
Axis Customer Services

Ok, I figured that maybe they get a lot of people who haven't read the manual.  Or maybe I missed something.  I reread the relevant section of the manual, but found nothing regarding standard RTP/multicasting support.  I typed up a longer description of the steps we had taken and asked about the location of a multicast-ready SDP file from the camera.  Their response, in its entirety, reads:

The Axis Q1755 has a configuration page for Multicasting.
http://<IP>/admin/config.shtml?group=Network
Under the section Network RTP R0:

Best regards,
Axis Customer Services

Clearly, this was what I asked, since I had included the current value of our multicast settings in a previous message.  Once more, I attempt to elicit useful information from Axis support.  Imagine my surprise when I received an informative, if disappointing response:

I have found another case which has this to say about multicasting.

Unfortunately RTP multicast using VLC doesn't work on the new generation of products running firmware version 5.xx (like the Axis Q1755). Although multicast is only supported using AMC and Windows Media Player.
AMC is only available with Internet Explorer.

Best regards,
Axis Customer Services

In other words: we took out an industry standard and substituted our own homebrew multicast "solution" that only works with IE.  Thanks, Axis.  Removing functionality is always a market winner.

Conclusion: Don't use Axis products unless you're happy doing things the "Axis way."  Forget industry standards.  With a little luck, this will be the last time I work on a project involving Axis cameras.  Fortunately, I think those who are making the buying decisions have seen the problems and will start looking at alternative suppliers.

Axis, and others: vendor lock-in = bad.  You might think it helps.  Think again.

Ubuntu Women Leadership Candidates

07 Jan 2010 in Misc (Reading time: 1 minute)

The Ubuntu Women group is in the process of selecting a new leader.  Currently, testimonials are being accepted for the 3 candidates (Amber Graner, Melissa Draper, and Penelope Stowe).  Check out these talented women who seek to break some of the gender barriers in the Ubuntu community: http://wiki.ubuntu-women.org/UbuntuWomen/LeadershipNominations/January2010/

RHCE

06 Dec 2009 in Linux (Reading time: 1 minute)

Generally speaking, I try not to push my ego on here too much. It's big enough on its own. However, I feel like this is a pretty major accomplishment for myself, and I haven't posted in a while, so I thought I'd throw it up there. As of this past Friday, I am now a Red Hat Certified Engineer (RHCE)™! This is without a doubt the hardest test I've taken, as a "practical" (hands-on) exam. No multiple-choice guessing here.

I'll probably lean towards working on an LPIC-1 certification next.