Happy Easter, everyone. 
P.S. I think that remembering and celebrating the fact that Jesus overcame death and that ultimately we will overcome it too is especially important after the last happenings here in Italy.
Earthquake
The last night, at 1:32 UTC (3:32 local time), a very bad earthquake happened in the center of Italy. As official sources (link in Italian) say it was 5.8 (or 6.3) magnitude on Richter’s scale and the ipocentre was 8.8km deep. The epicentre was near the city L’Aquila, a bit more than 100km from where I live, near Terni. Many buildings of L’Aquila and nearby towns have been destroyed, especially these that hadn’t been built with earthquakes resistance in mind; anyway, many buildings built with anti-earthquakes criterion in mind have also been damaged. The last news report more than 90 victims, hundreds people injured and about one hundred thousand people that can’t go back to their homes.
Update (19:15 UTC / 21:15 local)
The victim number keeps growing, now it’s more than 150. During the day several tremors happened, the population nerves are really tense. Some jackals started to exploit the chaos. Also, the hospital, which should have been built following the anti-quakes laws directives (it is 13 years old, such laws are about 20 years old instead) is severely damaged as well.
Update April the 7th (6:00 UTC / 8:00 local)
During the night several corpses have been found, now they’re 179 in total. The night passed away with some minor quakes, the strongest being 4.8 on Richter’s scale. It rained during the whole night, which didn’t quite help.
Update April the 7th (18:00 UTC / 20:30 local)
At 17:42 UTC (19:42 local) there was another tremor estimated around 5.7 on Richter’s scale; it caused some additional building’s damage and at least another victim, the cathedral of L’Aquila went completly down after that. So far, the number of dead people is 228.
Update April the 8th (20:10 UTC / 22:10 local)
The number of victims grew up to 272, he first funerals have been celebrated. The hope to find alive people lowers more and more, but tomorrow the search for people will continue.
Update April the 9th (19:45 UTC / 21:45 local)
The number of dead people is not 281. I just felt another tremor from where I live (near Terni, Umbria, 100km from L’Aquila): it was as strong as the strongest ones of these days but shorter, about 10 seconds. I still have no official news about this one.
Update April the 11th (9:15 UTC / 11:45 local)
This will be the last update, unless something unexpected happens; by now the situation seems stable enough. The number of victims is now 291, and yesterday there have been funerals for 205 of them.
I will probably write again about all this in future, but for now that’s all.
ZeroShell autologin
Have you ever had to regularly use a network with Captive Portal-like authentication? If you did, you surely know how annoying it can be, especially if you have some sort of automatic scripts to be executed right after connecting to the Internet.
Ok, maybe it isn’t a common situation but this is my case: at Perugia’s Mathematics and Computer Science department we have a wireless network that uses ZeroShell’s Captive Portal for authentication and I heavily use Arch Linux network facilities to run some scripts right after the connection. The problem here is that normally you have to authenticate yourself manually, via a web browser, before being able to access the Internet: only after this step the scripts would be able to to their job…
Luckily thanks to this little Python script by munhoz I can now authenticate myself automatically and my scripts can run normally. Thank you man! 
Memories
January the 27th was declared “Remembrance Day”: the memories are these of the Holocaust. That day and during the previous ones I’ve heard and read so many things about Jews and Holocaust that I decided to write down something about it for peace of conscience. I really feel for the Jewish victims of such atrocity; actually I feel also for every victim of it, but what the Remembrance Day is really just about Jews, as the Italian law that created it (the link is in Italian) clearly states:
“The Italian Republic recognizes January the 27th, date of Auschwitz’s gates’ falling, as the “Remembrance Day”, in order to remember the Shoa (Jewish people extermination), the racial laws, the Italian persecution of Jews citizens, the Italian that suffered deportation, confinement, death, as well as these that, also in other fields and sides, opposed themselves to the extermination project, and risking their life, have saved other lives and protected the persecuted.“
Maybe some day the other victims of Nazi’s extermination will get a remembrance day for themselves too, guaranteed by the Italian law, I really hope so.
As I said, I’m writing this for peace of conscience: it’s not like I had a role in the Nazi’s eugenic programme, nor my family did. Anyway, because I feel that such memories needs respect, I’m going to mention a little example of people who damage them and that, in my opinion, isn’t underlined enough by the so-called “official information”; I’m not going to cite other notorious examples just because they’re already well known.
In my opinion, the worst kind of disrespect for the memories of the Holocaust is the one that comes from the descendant of the people who suffered it. No, I’m not talking about the murder of Palestinians, that’s already well known (for example, see here, here, here and here).
Here I would like to underline how vile and shocking is the operate of these who damage historical memory by making up fake happenings; and no, I’m not referring to the usual negationists (who I still despise), they are also well known.
Some of these that should care more for the memories of the happenings of their own kind actually mocks them just by writing stories: hoaxes about the Holocausts, written by Jews (or supposed ones, keep reading…). I’ll just cite two (actually, three) examples:
- Misha Defonseca, in her book “Misha: A Memoire of the Holocaust Years”, she described her Holocaust experience, in her childhood: she lived with wolves to escape the Nazis, she killed a German soldier for self defense and she traveled about 5000 kilometres through Europe to find her parents. She later admitted that such stories were completely made up by her; she isn’t even Jewish.
- Benjamin Wilkomirski wrote a book called “Fragments” about his remembrances of the Holocaust as child. In the book he describes with a direct and crude language the horror of the Holocaust as he remembers it. His true name is Bruno Grosjean, he’s not Jewish and he lived in Switzerland during the whole Holocaust. Ironically he was found out because he claimed to know another fake Holocaust survivor, Laura Grabowski; the latter invented her fake Jewish identity to sell a book as well and get money with donations.
Shame on them and on every other jackal who exploits such tragedy for their petty ambitions: they just contribute to raise suspicions and hate about the honest Holocaust victims, Jewish and otherwise.
System Rescue CD
I’ve been looking for quite some time for a live CD that supported Loop-AES in order to do some system maintainance on my laptop; Knoppix does a very good job at that, but unluckly it doesn’t have a recent kernel. As result, with Knoppix I could mount easily my encrypted root partition but I was unable to use both my wireless and ethernet network cards.
When I was about losing hope to have something ready and I almost started building a custom Knoppix with a recent kernel (or a custom Slax, patched with Loop-AES support) I found a wonderful Live CD that has everything I need: System Rescue CD.
The distribution's logo
The last x86 version features a 2.6.27.10 kernel and full Loop-AES support. I just tested it and it works flawlessy: I can mount my Loop-AES encrypted root partition and use my ethernet and wireless network cards while running this live distribution from an USB pen-drive!
I still havn’t explored the tools available on the Live CD/USB but it looks like having a rather interesting feature list. The distribution itself is based on Gentoo Linux.
Kudos to the System Rescue CD authors… They really did a cool job!
Disk encryption: an example with Loop-AES
This post’s topic is exactly the same as a speech that I did at the MOCA 2008. I enjoy using encrypted disks from several years and I think it is a topic worth writing about. The first part of this post will be an introduction about disk encryption in general; an overview about a particular setup for laptops’ hard disks will follow.
Why you should bother about encrypting your disks? The exact goal here is to protect the confidentiality of your data when it is not being used. This means that you should not worry about other people accessing your files if your laptop is stolen, or if you lose a CD-ROM or a USB memory key. On the other hand, if an opponent accesses your encrypted disks while you’re using them disk encryption will be bypassed. Also, disk encryption alone doesn’t grant data integrity and availability.
So, is it worth to spend time and effort into encrypting your disks after all? As usual, when taking decisions about security, you have to make a trade-off: if you encrypt your disks you’re not likely to put at danger 25 million people’s personal data just by losing a CD-ROM, for example. Nowadays we can store a lot of data in very little space: think about CD-ROMs, USB memory keys… even laptops keep getting smaller. The smaller the storage device, the easier is to lose it or to have it stolen.
I am going to describe my laptop’s disk encryption setup as a practical example of what disk encryption involves. My laptop runs Linux (Arch Linux, to be precise) and it has only one hard disk. To implement disk encryption I’ve used Loop-AES; it was the best choice for the setup I wanted to do and I think this still holds true. Loop-AES has a very well made README: everything I will describe can be seen there in detail, command by command and updated to the last Loop-AES version. For this very reason my description won’t be detailed: if you want to do this setup, or one of the others described in the Loop-AES README, check it out; if you’re Italian you may also want to look at the translation of the README’s sections that involve this particular setup.
In general, when encrypting a disk the more data you encrypt the better it is. Most of Linux full disk encryption setup that I found on the Internet are not really full. They leave out the /boot partition because the boot loader, be it LILO or Grub, is not able to boot the system using a kernel from an encrypted /boot partition. Keeping your /boot partition unencrypted makes it relatively easy for it to be tampered with and this could have bad consequences for the rest of the encrypted disk too. Even if I said before that disk encryption does not assure data’s integrity I think that it is better to avoid leaving /boot unencrypted. Being this paranoid, I’m not even going to consider encryption schemes that involves only home directories for the same reason and, moreover, because sensitive data can be written on other disk places as well: think of /var or /tmp as examples.
My setup involves two partitions on the hard disk: the root and the swap partition, both encrypted using the AES cipher with 256 bit keys. I assume that the target system has a working Linux installation with that partition scheme.
The first step is to install Loop-AES itself. Loop-AES has a kernel space part, which just replaces the standard kernel module for loopback devices management, loop.ko. The user space tools required to use Loop-AES are modified versions of some util-linux programs: mount, umount, swapon, swapoff and losetup. In order to realize the full disk encryption with a boot CD-ROM, diet-libc and statically compiled versions of GPG, and AESpipe are also needed. The latter is an utility downloadable from the Loop-AES website that can encrypt the data that it reads from the standard input.
The swap partition is simply encrypted with a random key generated at every computer’s boot. After having installed Loop-AES this means just a little modification on /etc/fstab. Using a random encryption key at every boot means that that at every reboot the data previously written on the swap partition is lost. This is not a problem for me because I don’t use suspend-to-disk.
The root partition setup instead is more articulated: the unencrypted /boot partition resides on a CD-ROM that I bring along with me even when I don’t have my laptop at hand.
To create the boot CD-ROM you need to have a kernel with some custom options set : as example, you don’t want to compile the loopback device driver on it, neither built-in nor as module, because Loop-AES replaces it. Then you will need a key file, created with GPG; Loop-AES will use your password to unlock this key file and the 65 keys that are on it to encrypt the disk; this implies that an opponent without the keyfile (that is on the boot CD-ROM) will have to crack all the 65 keys to get your data. An initial RAM-disk is also needed: in the Loop-AES distribution there is a script that creates it accordingly with a configuration specified by you. Last, to have your boot CD-ROM working, you will need to put a boot loader on it: the README suggests using ISOLINUX that indeed works very well (I had fun customizing its startup picture).
The last step is to encrypt the data of your root partition. In order to do this you need to reboot your system with a Live-CD or something alike, modify the /etc/fstab root partition entry and use the AESpipe utility to actually encrypt your disk’s content. This will take quite some time (at least it did on my old laptop), but after this your work is really done!
Django at the Linux Day 2008
In October the 25th I had the pleasure to do a speech at Perugia’s Linux Day. The Linux Day occurs every year in Italy from 2001 most of Italy’s Linux User Groups organizes events like conferences and “install fests” about Linux and free/open-source software in general. Perugia’s LUG, that I am a member of, was no exception.
My speech title was “Django: Python for the web”. Django is a Python based framework for web development that has several interesting features: among the other things it has an easy to use object-relational mapper and a powerful template system. Django based web applications are organised in a model-controller-view like structure, with few naming changes: the controllers are called views and the views are called templates. Python’s power allows run-time code generation; because of that, Django based web applications contains almost no redundant code, especially at the ORM level. Also, Django based web applications (called “projects”) are made by one or more modules (called “applications”): this encourages writing reusable components and using modules already written by other developers and already widely tested.
The speech, in Italian, consisted in two parts: a short presentation of Django and a demo based upon Django’s overview.
The Linux Day logo
Software Freedom Day 2008
On Semptember the 20th, in Perugia, I had the occasion to do a speech about Python. The presentation was part of the Software Freedom Day program; the event was organised by the people of Free Software User Group Italy.
The speech was just an introduction to Python targeted to technical high school students and professors; in fact, the audience was mostly made of students of high schools that adheres to the OSSPG project. OSSPG is a project targeted to spread the adoption of open source software on Perugia’s province schools that so far counts three high schools among its members. My goal was to convince the audience that Python is a very useful programming language and very good for teaching the art of programming; to do so, I’ve first shown some Python’s base characteristics (forced intendation, dynamic typing, imperative/functional/object-oriented programming support, great standard library), then I focused on the adoption of Python by several big players in the software industry (one for all: Google).
Me, talking about Python
During the day there were also three other speeches:
- Alexjan Carraturo did a (due) introduction about the free software concept and the realities behind it;
- Domenico Margiotta presented a set of free software applications that can be used on every day activities (web browsing, music listening etc…) in stead of proprietary ones;
- Francesco Crippa, our special guest from Lodi (near Milan), Fedora Ambassador, did a nice summary of Linux’s history through its main distributions with a special focus on Red Hat and the Fedora project.
I’d like to underline the fact that Francesco did a travel of about 500km to attend the speech! Very nice of him, he’s definitely a cool guy.
Francesco and Alex
After the presentation we did the usual FSUG Italy lunch at the Chinese restaurant; by now it’s a tradition!
Eating Chinese!
In the afternoon there was a meeting between us who did the speeches and some professors; it was a very interesting discussion because they presented very clearly their difficulties and opinions about the adoption of free software in their school, both as infrastructure and as teaching tool. More to come about this. 
MOCA 2008
From August the 21st to August the 24th I’ve been at the Metro Olografix Camp (codename: MOCA), in Pescara. Metro Olografix is a no-profit association that promotes free access to computer related knowledge; the camp itself was a north European style hacking camp, with people from all around Italy and some from other countries too. I went there with a group of people from Free Software User Group Italy:
FSUG Italy at MOCA (I'm on the right)
The experience was really amazing: I’ve never seen so many hackers, crackers, whatever… together in the so-called real life! Special guest was the famous John Draper, in art Captain Crunch:
Captain Crunch!
During the camp there were also talks about several topics, mostly computer security related. I especially enjoyed those about cryptography, secure data erasing and implementing a secure platform based on Gentoo Linux (the Lollobox); I really enjoyed also the “historical” talks: Captain Crunch’s one was full of funny anecdotes and Raul Chiesa, together with Alessandro Fossato, made a lovely travel across the Italian hacking and phreaking’s scene between the ’80s and the ’90s.
I also managed to do a talk myself, about disk encryption with Loop-AES. It was really cool… I love to talk in speeches like this and the people listening helped a lot: they were awake and even attentive all the time!
Me, during my speech
We also found the time to revel at the beach! The sea of Pescara is not very good because of the seaport nearby but few kilometers away the water was clean enough to swim into. Computers, camping and beach… Definitely a great combination!
Marmore’s Falls
August the 15th is an important holiday in Italy. It has at least Roman origins and its name, Ferragosto, is a derivation of the Latin Ferie Augustæ (holidays of emperor August). Later the Catholic Church decided to remember with this holiday the Assumption of Mary.
As usually me and some friends did a little trip. Little, because we just couldn’t organize ourselves and we decided to leave quite late in the morning! Because of this situation we decided to go in a place nearby our town. Luckly we happen to live in a lovely region of Italy, Umbria, which is full of both natural and human made beauties for everyone to admire. Few kilometers away from our town there is something that somehow belongs to both categories: Marmore’s Falls.
Thanks to their 165m of height, these waterfalls are the highest of Europe. Also, they are the highest man made waterfalls in the world. Their costruction was ordered in 271 BC by the Roman consul Curius Dentatus to deal with a wetland nearby. Today’s look is the result of modifications that have been done in later times:
In our visit we followed some of the paths prepared for the tourists, starting from the panoramic viewpoint on the top of the waterfall; from there you can see the valley and the hills all around, a great landscape.
The waterfall's top
Landscape from the waterfall's top
While going down, we especially appreciated a viewpoint near the main water mass: the Lover’s Balcony, called this way only because people that are crazy or in love (assuming that there’s some difference between the two ) would go through it; in fact, the price to pay to get so near to the waterfall is some heavy rain all around! All considering it wasn’t bad at all, given the hot weather.
On the bottom there are other paths and an area called Byron square: from those places you can get a wonderful view of the entire waterfall, a scenographical show of rare beauty.
Byron Square
View from the bottom
If you happen to be in Umbria, near the city of Terni, I really advice you to take a day to visit Marmore’s Falls, you won’t regret it!
