The Inverter: Episode 50 – Automated

The latest Bad Voltage show, episode 50, was titled “Automated”. It marked a milestone, fifty episodes is a lot and the gang deserves credit for making it that far, and I was surprised they didn’t talk about it. That’s professionals for ya, just another show.

TL;DR: I didn’t really care for this show that much. Now, to me, Bad Voltage is like sex: when it’s good, it’s really good, and when it’s bad, it’s still pretty good, so please don’t tear into me too roughly for not praising it (see how I got “rough sex” into your brain and into the search engines?). This episode was a little more navel gazing than normal. They revisited the Mycroft Kickstarter (and now on Indiegogo), and then moved on to an interview that I thought was unnecessarily brutal. Many geeks are not the most socially gifted people on the planet and being on a podcast, even one like Bad Voltage, can make them extremely nervous and anxious. Considering that this was supposed to be a friendly interview I found it a little painful. Then there was a home automation “Internet of Things” discussion that I found too high level than I would of liked, and the episode ended with Jono’s review of a standing desk.

The show clocked in at seconds under ninety minutes. There is a large variation in times for these podcasts, and I’m happy listening to the team for as long as they are willing to talk, but the shows I like the most seem to be a little more focused, regardless of the length.

This episode started off with the announcement of the birth of Bryan’s second child, a boy named Solomon. It is the main reason he won’t be joining us in person for next week’s live Bad Voltage show, but congratulations are still in order.

The first segment was a discussion of the Mycroft project, which is attempting to create an open source Siri-like digital assistant. Yes, they discussed this on the last show as well, and while the Kickstarter has ended they have an Indiegogo campaign going on as well. I am eager to see what comes of this, but not willing to fund it at the moment. The last time I funded something, the open source fitness Angel Sensor, they took my money and it’s now a year overdue. Not really complaining (if I were complaining I’d be upset that the first app they plan to release is iOS only) but it kind of burned me on these kinds of things.

Still a cool idea, and it may be possible to eliminate any privacy concerns I might have. I need to help out by offering to read some stuff on Librevox as Aq suggests.

The second segment was an interview with Chris Waid. It turns out that the FCC is unhappy that, with software defined radios, one can increase the power in such a fashion that it violates the broadcast license for the device. For example, you could extend your WiFi range using the same gear through software. They want to stop this, but the concern is that the easiest way to do this would be to lock down the firmware for these devices, which would rule out things like installing alternative firmware on your home router, or perhaps even running free software on computers and laptops, as access to the WiFi and Bluetooth chips could be prevented.

While I’m in the camp that this is more a poorly thought out proposal on the part of the FCC than the FCC trying to be malicious, there is a chance this could be a Bad Thing™ and we should take steps to prevent it. However, in their zeal to get to the meat of this problem the team went a little overboard on poor Chris. Even when a guy in the room with Chris tried to help out, the immediate thought was that Chris was being corrected by one of his own guys (which wasn’t the case). Sure, it would have been funny, but Chris just got more flustered and the message got lost.

Now I’m all for skewering the bad guys, although I prefer it be done nicely as in the style of Jon Stewart, but this wasn’t a bad guy. At worst he is overstating the threat a bit, but compared to some of the jewels the US government has put forth in the past concerning technology, overstating the threat is worse than understating it. They do apologize, somewhat, at the end of the show, but the whole segment made me a little uncomfortable.

There was a short segment by Jeremy, resident home automation geek, about a project to mount a tablet inside a bathroom mirror. Not sure if there is a killer app for such a thing, but I have been in hotels with TVs in the mirror so it has possibilities.

The third segment was a discussion of home automation and “The Internet of Things”. A lot of it involved discussing all of the competing protocols and solutions, to the point where Jeremy needs several different hubs just to talk to everything. At the moment it is more like “The Internet of Silos”.

I was surprised no one mentioned X10. Any one of my three readers remember this? It was a home automation protocol that worked by sending signals over the home electrical wiring. I once had tons of the stuff: light switches, controllers, even a device that you could stick under your analog thermostat to turn on the air conditioning. It worked by turning on a small heating element that would make the thermostat think it was hotter than it was. Plus, no cameras or microphones phoning home with who knows what information to third party servers.

Those were the days.

The last segment was Jono reviewing a standing desk he bought. Standing desks are all the rage now, and he wanted to try one out so he bought one by LIFT. We got a bunch of movable desks from Varidesk at the office, and I quite like them. I do agree with Jono that if you are serious about them you need a floor pad.

While it wasn’t my favorite BV, I did enjoy it. It’s not like I want 90 minutes of my life back ‘n all. They also didn’t mention the morse code message from the previous episode and I’ve been too lazy to find out what was up with that. I like little Easter eggs. Perhaps they should come up with a contest where each week clues are hidden in the podcast, and if you put them together you win a laptop or something else cool.

Remember, the next show will be Live at the OpenNMS Conference in Fulda, Germany. We still have a few seats left, and if the 5€ fee is an issue, please drop me a note. We can work something out, and there will be beer.

Review: Varidesk Standing Desk

Several years ago we did a lot of work in Sweden (Hi, Lasse!), and that is where I first saw some really nice standing desks. The first standing desk I ever saw was when I worked at Northern Telecom and it was for an employee who needed one due to health reasons, but it was fixed in place. The ones they had in Sweden (from IKEA, ‘natch) had a little switch that you could use to raise and lower it as needed, and they had places to mount a PC and run cables so they wouldn’t get snagged when it moved.

When I looked for them for the office, I was shocked by the price. A decent one with options pushed $900 and they could go north of $2000 fully loaded. While I’ve read a lot about the health benefits of standing I just couldn’t afford to get such a desk.

Recently I was on an American Airlines flight, and I just happened to see a small ad for something called a Varidesk in the in-flight magazine (and I’ve never bought something from the back of an in-flight magazine). This was something you put on an existing desk and you could use it to lift a monitor, keyboard, etc. to a standing height. It was manual, but it was considerably less than a dedicated desk.

Now, being the CEO of a profitable company it is required that I have the huge executive desk, so I do. Of course, mine was free from a business that was moving offices and all I had to do was go get it, and then repair all of the broken bits so I could put it back together. My monitor sits in one corner of this monstrosity, and I was happy to see Varidesk made a product that would fit perfectly.

Varidesk Lowered

First off, the sucker’s heavy. It cost a lot to ship due to its weight, but that translates to a lot of stability when raised. The unit I bought had a shelf for the monitor, speakers, etc., with a lower shelf for the keyboard.

In the upper shelf you will notice two holes. You place your hands through them to release levers which will allow you to raise the desk. It does take strength to get it started, but then it is balanced so that it becomes easier.

(Note: the little green light on my PC is my OpenNMS Blink notification)

Varidesk Raised

I love that everything comes up with it: the speakers, the monitor, the keyboard, my Yeti mic, etc. It will also go fairly high – I’m a little over six feet tall and I can get it high enough that I’m comfortable using it. It isn’t perfectly stable, if you are energetically pounding on the keyboard it will move slightly, but it is easy to get use to it. I did have to get some USB cable extenders to make sure things like my camera didn’t go flying off when I raised the desk, but outside of that it pretty much worked out of the box.

And, yes, when standing I like to crank the tunes and dance. You do not want to see me dance.

The Varidesk is well built and I did find myself using it, so some of the other guys in the office were interested. They don’t have fancy executive desks, so I got a slightly cheaper model that fit theirs better.

Varidesk Developers

We bought three more and everyone seems to enjoy them, although we probably don’t use them as much as we should. Because they are stylish and convertible, even in the down position they look good.

I found that after about an hour of standing my legs started to hurt. Our office, like many, is pretty much industrial carpet over concrete. There is little padding, so I bought a pad on Amazon that works well for me and I can dance longer.

It’s also cool to elevate the laptop for our daily scrum call:

Varidesk During Scrum

So, if you are thinking about getting a standing desk but already own a desk, consider the Varidesk. While it isn’t the cheapest thing out there, it is well made and will give you experience to see if you even like working standing up, which would be considerably cheaper than buying a new desk and finding you didn’t like it.

Ad hoc Suspension of Polling Services

As I was reading through my RSS feeds this morning, I saw that a user named “Fredebben” had posted a neat find on the OpenNMS wiki.

I didn’t know this, but it turns out that you can temporarily suspend service polling with an event, and then resume it as needed. This is pretty cool, especially if you need to stop polling for just one service.

I once had a client with a requirement that there be a scheduled outage once a week for all services but ICMP. In their case I had them move ICMP into its own package, and then they could use a Poll Outage to suspend polling on the other services. That is still probably the best way to do it for a lot of services, but it is nice to know this event method works as well.

The Inverter: Episode 49 – The Tapas of All Bananas

I am a fan of the Bad Voltage podcast, but as it is hard for me to listen, pay attention and work at the same time, I tend to listen to it on airplanes. A lot of ideas and comments come to me during an episode, so I’m going to start a new feature on this blog called “The Inverter” where I review and comment on each show.

TL;DR: This episode was well done. It was tight, it flowed nicely and clocks in at slightly over an hour. That is their target time but the average show is closer to 80 minutes. There was a cool little mystery at the front followed by a discussion of the Endless Computer project, which was deemed too expensive to succeed. They talked about the horrible Nest smoke detector, version one, and the much nicer version two. Aq reviews Gliffy, a web-based Visio-like application, and they end with a segment on Microsoft’s changing relationship with open source.

This week I’m on a flight to DC so it is time to pull out my copy of the latest Bad Voltage. After the intro, starting about minute three, you get two minutes of what sounds like Morse code.

Intrigued, I found an app that will decode Morse (this webby one didn’t work for me but the Android app did fine) and read the following message:


Now, I’m not sure what “Insots” or “in Sots” are but I thought it was cool that they put this in the podcast, I probably would have added it after a delay at the end of the recording, as it was a little weird listening to two minutes of beeps (I thought my mp3 download was corrupt) but then only the hardcore listeners would have made it all the way through. Apparently you can find more about this in the t00bz but I’ve been too lazy. Cool addition, though.

The first segment was on the Endless Computer, which states it is building a “computer for the entire world” which brings to mind the One Laptop Per Child (OLPC) project. But there are a lot of differences, the main one being that Endless is a for-profit company (at least I think so – during my exhaustive, nearly 60 second perusal of their website, I didn’t find any verbiage to indicate that this was a charitable foundation versus a commercial enterprise).

As a for-profit company, their gear is not inexpensive, and most of the discussion on the show concerned the price, which is pretty steep for the hardware. There is also the issue that you still need to spend even more money to get it functional (as in buy a keyboard and a mouse). Jono, who was the only one who has actually played with the thing, pointed out that the user experience they have created is pretty nice, but the rest of the gang was still stuck on the price.

There is a $169 version, and a $229 version and they both have a funky look, something like an egg.

Now, I have zero experience with the thing but since that hasn’t stopped me from having an opinion before, here are my thoughts.

First off, I loved the OLPC project. I wonder what would have happened if the OLPC project started now, with the vast improvements in open source operating systems, instead of having to come up with their own O/S that was a little hard to understand.

Endless is not OLPC, and I think that’s the main reason for the price point – they need and want to make money.

If I really wanted to get computing power into the hands of the disenfranchised I would have gone with a tablet. For $229, you can make a decent tablet, which would remove the need to have a TV or keyboard/mouse. You could even add an option to charge it via solar cells. Heck, even the Endless website says “as simple as a tablet” which makes you wonder why they didn’t build one of those (margins, probably). With PC sales in free fall, starting a company to make a new one seems silly – like making a “VCR for the World”.

No, what I think happened is that someone found an investor in the Valley who heard “2 billion potential customers” and started seeing dollar signs. We can be the third world Apple! Simply make a funky design, hire a “Chief Growth Officer” and then … profit!

Another sign of impending doom is that they don’t even own the “” domain name. According to Paul Graham, it matters.

I’m willing to wager Endless is pretty much DOA, but then I guess I’m just bitter in that this pipe dream got funded and I can’t find decent investors for my company, which actually makes a profit. (sigh)

Moving on, the next segment was on the Nest “Protect” smoke detector. Apparently the first generation ones were crap, but Jeremy invested in the second generation and, so far, likes them. They have all kinds of whiz-bang features, such as two different sensors for various types of fires, and a networking feature so that in, say, a three story house like Jeremy’s, the detector on the third floor can set off all of the others.

I’ve avoided Nest products because I’m a bit of a privacy nut (odd, considering that I share most of my life on-line, I know). I don’t want microphones in my house. I don’t want things “phoning home”. Plus, my old smoke detector works just fine and alerts the nice people who provide my security monitoring when I cook bacon, so I don’t see the need to upgrade.

I did like hearing about the feature where the Nest can serve as a night-light and light up when people walk by it, sort of like the lights in a European hotel hallway. But I think I’d rather engineer that solution on my own then to buy something that is always talking to a third party, no matter how often that third party says I can trust them.

This episode the guys have introduced something called “Hack Voltage” in which one of the hosts will review something cool they’ve discovered. Aq did a short segment on “Gliffy” – a diagramming tool like Visio that you can run in a browser. As a hosted solution, you get some bits for free but then you pay a subscription fee for more features and storage. He seemed to like it, but for me I’d rather struggle with something open source, but if I ever have the need for such a tool I’ll check out the “free” version.

Android Wear Translate Screenshot

For my own version of Hack Voltage, the coolest new thing I’ve been playing with is Google Translate on my watch. I haven’t had time to make a video, but you set up your source and destination languages, speak into to the watch, and voilà, translation. When you flip the watch over (like you would when showing it to another person) it enlarges and displays just the translated text. I plan to use this a lot when I’m in Germany for the OUCE and Bad Voltage Live.

The final segment was on Microsoft warming to open source, which it once referred to as a “cancer”. The new CEO seems to be very open to working with open source projects as well as integrating with them, although certain things, like requiring Surface tablets to boot in secure mode, seem to harken back to the bad old days.

All I can say is that Microsoft has always treated OpenNMS well, including gifting us with an MSDN subscription so that we can improve OpenNMS support on Windows. Overall, Microsoft is much more friendly toward open source than they have been in the past.

That was it for this episode. Short and focused with a minimum of swearing and a modicum of mystery. Just one more show before they descend on the little town of Fulda, and I’ll probably listen to it on the plane ride over there. Hope you can make it.

OUCE 2015: Fulda? Where is Fulda?

With the OpenNMS Users Conference less than a month away, I hope you have convinced your boss to let you attend. Ronny updated the website recently, the call for papers has closed and the schedule is being finalized.

With that in mind I thought I’d share a little about the town of Fulda (pop. 65,000) where the OUCE is being held.

The reason we are holding the OUCE in Fulda is mainly due to it being the home of the Hochschule Fulda, the University of Applied Sciences. This is where a number of OpenNMS contributors went to school and some of them still work there. The facilities are excellent, as is the bandwidth, and the town itself is pretty cool.

The city started in 744 when Saint Sturm founded a monastery there. For someone from the United States it is mind boggling to visit a place that is nearly a millennium older than most places in my country. Thus modern Fulda is a mix of old and new.

In addition to the university, the OUCE will visit a number of other places. On Tuesday night, Nethinks is hosting a dinner for the attendees at Viva Havanna, a Cuban style restaurant (I learned that in German, the extra “n” actually means the “n” sound is pronounced in a shorter fashion than normal). On Wednesday night we’re having the Bad Voltage team do a show, and afterward we’ll most likely end up at a biergarten called the Wiesenmühle.

It is easy to get to Fulda. If you are coming by air, the closest major airport is Frankfurt (FRA) and you can take a train from there to Fulda Station. The website has more details.

Fulda has some historic significance as well. Nearby is the Fulda Gap, an east-west route often used by invading forces into Europe and it was thought to be a primary route any Soviet invasion of NATO countries would use. Thus there was a strong military presence in the area during the cold war.

My favorite “Fun Fulda Fact” is that the monastery there was responsible for the survival of the book/poem De rerum natura (On the Nature of Things). Written in 100 BC by the Roman poet Lucretius, it was one of the first books to state that the world could be explained by natural phenomena versus gods, and includes such gems as all matter being made up of atoms. As you might imagine, there were those who disliked these ideas and thus all copies of the poem were thought destroyed.

De rerum natura image from Wikipedia

However, in 1417, ­Poggio Bracciolini found one at the Benedictine abbey at Fulda. He made a copy, and thus the book survives to this day. Author Stephen Greenblatt wrote a book called The Swerve about the impact of the poem. From the New York Times article “The Almost-Lost Poem That Changed the World”:

Titus Lucretius Carus’ “De Rerum Natura,” or “On the Nature of Things,” is a 7,400-line poem in Latin hexameters written in the first century B.C. It covers philosophy, physics, optics, cosmology, sociology, psychology, religion and sex; the ideas in it influenced Newton and Darwin, among others.

Cool, huh? Well, I have been to the abbey in Fulda, and you can too, if you come to the OUCE. Hope to see you there.

Send an SMS with OpenNMS

I thought I’d written this post years ago, but apparently I didn’t. Since my friend Salma asked about SMS notifications with OpenNMS I felt it was a good opportunity to document this process.

Of course, OpenNMS can’t send an SMS message without a little help. You’ll need some sort of modem that can actually connect to the network. We use one from the great folks at MultiTech.

Multitech Modem

It’s USB powered, so all you need to do is insert an active SIM card and plug it in. Here is the exact model:

Multitech Modem Back

and you can find more information on their products on their website.

For the SIM card, I just added a phone to my AT&T plan for a few dollars a month.

The next thing you’ll need is software to send the notices. I used smssend, which comes in RHEL/CentOS via the smstools package:

Name        : smstools
Arch        : x86_64
Version     : 3.1.15
Release     : 12.el7
Size        : 748 k
Repo        : installed
From repo   : epel
Summary     : Tools to send and receive short messages through GSM modems or mobile phones
URL         :
License     : GPLv2+
Description : The SMS Server Tools are made to send and receive short messages through
            : GSM modems. It supports easy file interfaces and it can run external
            : programs for automatic actions.

This will install a daemon called smsd that is configured via /etc/smsd.conf. You’ll need to edit that file to set the path to your modem, in my case it’s /dev/ttyUSB0. Then start the daemon (via “service” or “systemctl”, etc.)

At this point you can test if it works by running:

smssend [number] "This is a test message"

Note that the number must include the country code, such as “+19195330160”.

Once you have that working, it is pretty easy to set up in OpenNMS. First, edit notificationCommands.xml and add the “smssend” command:

    <command binary="true">
        <comment>Send an SMS</comment>
        <argument streamed="false">
        <argument streamed="true">

This configuration includes the full path to the “smssend” command, and I used the mobile phone “-mphone” field as well as the short message “-nm” field, which are the only two parameters required for the command.

At this point you’ll need to restart OpenNMS. It actually isn’t necessary to make this work, but it is needed to make the webUI know that the “sendSMS” command has been added.

The rest of the configuration can be done through the webUI. For every user you want to receive SMS messages, make sure that their mobile number (including country code) is configured on their user account page. Then you can just add “sendSMS” as a notification action on a destination path and it should just work.

I, Robot

Today is the 11th anniversary of The OpenNMS Group. We started on September 1st, 2004 with little more than a drive to build something special, a business plan of “spend less than you earn” and a mission statement of “Help Customers, Have Fun, Make Money”.

Since I’m still working and people are using software other than OpenNMS to manage their networks, I can’t say “mission accomplished” but we’re still here, we have a great team and the best users anyone could want, so by that measure we are successful.

When it comes to the team, one thing I worry about is how to connect our remote people with the folks in North Carolina. We do a lot of Hangouts, etc, but they lack the aspect of initiative – the remote guys have to be passive and just sit there. Then I got the wild idea to investigate getting a telepresence robot. Wouldn’t it be cool if remote people could pop in and drive around the office, attend meetings, etc?

After a lot of research, I decided on a robot from Double Robotics.

Robot Tarus

The buying decision wasn’t a slam dunk. It is a very iPad/iOS centric solution which bothered me, and I had some issues concerning the overall security of the platform. So, I sent in a note and ended up having a call with Justin Beatty.

It was a great call.

Double is pretty serious about security, and assuming there are no firewall issues, the connection is encrypted peer-to-peer. While there are no plans to remove the requirement that you buy an iPad in order to use the robot, they are working on an Android native client. You can drive it on almost any platform that supports the Chrome browser (such as Linux) and you can even use it on Android via Chrome. There is a native iOS app as well.

What really sold me on the company is that they are a Y Combinator project, and rather than focus on raising more capital, they are focused on making a profit. They are small (like us) and dedicated to creating great things (like us).

Justin really understood our needs as well, as he offered us a refurbished unit at a discount (grin).

Anyway, I placed an order for a Double and (gulp) ordered an iPad.

It was delivered while I was away in England, but I was able to get it set up on Monday when I returned to the office. They have a number of easy to follow videos, and it probably took about 20 minutes to understand how everything went together.

You take the main body of the robot out of the box and place it on the floor. I had purchased an external speaker kit (otherwise, it uses the iPad speaker) which makes it look like a little Dalek, and you install that on the main post. Then you plug in the iPad holder and screw it to the post with a bolt. That’s about it for robot assembly.

The next step is to take the USB charging cable that came with your tablet and mount it inside the iPad holder. You then insert the iPad upside down and connect the cable so that the robot can power and recharge the iPad. The Double supports any iPad from version 2 onward, and they have a spacer to use for the iPad Air (which is thinner). Finally, you connect a directional microphone into the audio slot on the bottom of the iPad (or top, depending on how you look at it) and the unit is assembled.

Then I had to set up the iPad, which was a bit of a pain since I’m no longer an Apple person and needed a new Apple account (and then I had to update iOS), but once it was configured I could then pair the iPad to the robot via bluetooth. Next, I had to download the Double app from the App Store and create a Double account. Once that process was complete, I could login to the application on the tablet and our robot was ready to go.

To “drive” the robot, you log in to a website via Chrome. There are controls in the webapp for changing the height of the unit, controlling audio and video, and you move the thing around with the arrow keys.

It’s a lot of fun.

When moving you want to have the robot in its lowest height setting. Not only will it go faster, it will be more stable. This isn’t an off road, four wheeling type of robot – it likes smooth services. There is a little bump at the threshold to my office and once the robot has gone over that you want to wait a second or two because it will wobble back and forth a little bit. Otherwise, it does pretty well, and because the rubber wheels are the part of the robot that stick out the most in the front and the back; if you run into a wall it won’t damage the iPad.

I did have to mess with a couple of things. First of all, it needed a firmware upgrade before the external audio speaker would work. Second, sometimes it would keep turning in one direction (in my case, to the right), but restarting the browser seem to fix that.

You do need to be careful driving it, however. One of my guys accidentally drove it into a table, so it hit the table along the “neck” of the robot and not on the wheels. This caused the unit to shoot backward, recover and then try to move forward. It fell flat on its face.

Which, I am thankful, did no damage. The iPad is mounted in a fairly thick case, and while I wouldn’t want to test it you are probably safe with the occasional face plant.

I bought an external wireless charger which allows you to drive the robot into a little “dock” for charging instead of plugging it in. To help park it, there is a mirror mounted in the iPad holder that directs the rear camera downward so you can see where you are going (i.e. look at the robot’s “feet”). Pretty low tech but they get points for both thinking about it and engineering such a simple solution.

Everyone who has driven it seems to like it, although I’m thinking about putting a bell on the thing. This morning I was jammin’ to some tunes in my office when I heard a noise and found Jeff, piloting the robot, directly behind me. It was a little creepy (grin).

I bought it with a nice (i.e. expensive) Pelican case since the plan is to take it on road trips. I bought the iPad that supports 4G SIM cards so I should be able to use it in areas without WiFi. It’s first outing will be to the OpenNMS Users Conference, which is less than a month away. If you haven’t registered yet, you should do so now, and you’ll get to see the robot in action.

Robot Bryan

Bad Voltage will also be there, with Bryan Lunduke piloting the robot from his home in Portland. I had him try it out today and he commented “So rad. So very, very rad”.

At the moment I’m very pleased with the Double from Double Robotics. It’s a little spendy but loads of fun, and I can’t wait to use it for team meetings, etc, when people can’t make it in person. You can also share the output from the unit with other people with the beta website, although you could always just do a Google Hangout and share the screen.

Double Logo

I even like the Double Robotics logo, which is a silhouette of the robot against a square background to form a “D”. I am eager to see what they do in the future.

OUCE 2015: Bad Voltage Live

Every year at the OpenNMS Users Conference (OUCE) we have a good time. In fact, learning a lot about OpenNMS goes hand in hand with having fun.

At this year’s SCaLE conference, the team behind the Bad Voltage podcast was there to do a live version of the show. You can watch it on-line and see it went pretty well, and this gave me the idea to invite the gang over to Germany to do it again at the OUCE.

Since there may be one or two of my three readers who are unaware of Bad Voltage, I thought I’d post this little primer to bring you up to speed.

Bad Voltage is a biweekly podcast focused on open source software, technology in general and pretty much anything else that comes across the sometimes twisted minds of the hosts. They deliver it in a funny manner, sometimes NSFW, and for four guys with big personalities they do a good job of sharing the stage with each other. As I write this they have done 47 episodes, which is actually quite a nice run. For anyone who has done one or thought about doing a periodic podcast or column, know that after the first few it can be hard to keep going. It is a testament to how well these guys work together that the show has endured. Believe it or not, I actually put time into these posts and even I find it hard to produce a steady amount of content. I can’t imagine the work needed to coordinate four busy guys to create what is usually a good hour or three of podcast. (grin)

Bad Voltage as The Beatles

Anyway, I want to introduce you to the four Bad Voltage team members, and I thought it would be a useful analogy to compare them to the Beatles. As I doubt anyone who finds this blog is too young to not know of the Beatles, it should aid in getting to understand the players.

Bad Voltage - Jono Bacon Jono Bacon is Paul. If you have heard of anyone from Bad Voltage, chances are it is Jono. He’s kind of like the Elvis of open source. He was a presenter for LugRadio but is probably best known for his time at Canonical where he served as the community manager for Ubuntu. He literally wrote the book on open source communities. He is now building communities for the XPRIZE foundation as well as writing articles for and Forbes and occasionally making loud music. He’s Paul because is he one of the most recognizable people on the team, and he secretly wishes I had compared him to John.

Bad Voltage - Bryan Lunduke Bryan Lunduke is John. He gets to be John because he has heartfelt opinions about everything, and usually good arguments (well, arguments at least) to back them up. He has passion, much of which he puts into promoting OpenSUSE. I’ve never met Bryan in person, but we’ve missed each other on numerous occasions. I missed him at SCaLE, he missed the Bad Voltage show I was on, and I missed him again at OSCON. And I’ll miss him in Fulda, as his wife is due to deliver their second child about that time, but he will be there virtually. He adds depth the the team.

Bad Voltage - Jeremy Garcia Jeremy Garcia is George. Although none of these guys could be described as “quiet”, he is the most reserved of the bunch, but when he opens his mouth he always has something interesting to say. You can’t be part of this group and be a wallflower. I’m not sure if he has a day job, but fifteen (!) years ago he founded and has been a supporter of open source software even longer. He adds a nice, rational balance to the group.


Bad Voltage - Stuart Langridge Stuart is Ringo, known to his friends as “Aq” (short for “Aquarius” – long story). He is pretty unfiltered and will hold forth on topics as wide ranging as works of science fiction or why there should be no fruit in beer. He was also a member of LugRadio as well as an employee of Canonical, and now codes and runs his own consulting firm (when he is not selling his body on the streets of Birmingham). If there was a Bad Voltage buzzword bingo, you could count on him to be the first to say “bollocks”. He adds a random element to the group that can often take the discussion in interesting directions.

They have been working hard behind the scenes to plan out a great show for the OUCE. Since many of the attendees tend not to be from the US or the UK, it is hoped that the show will translate well for the whole audience, and to make sure that happens we will be serving beer (if you are into that sort of thing). If you were thinking about coming to the conference, perhaps this will push you over the top and make you register.

But remember, you don’t have to attend the OUCE to see the show. We do ask that you register and pony up 5€. Why? Because we know you slackers all too well and you might sign up and then decide to blow it off to binge on Regular Ordinary Swedish Meal Time. Space is limited, and we don’t want to turn people away and then have space left open. Plus, you’ll be able to get that back in beer, and the show itself promises to be priceless and something you don’t want to miss.

If that isn’t enough, there is a non-zero chance that at least one of the performers will do something obscenely biological (and perhaps even illegal in Germany), and you could say “I was there”.

Convince Your Boss to Send You to the OUCE

With this year’s OpenNMS Users Conference a little over a month away, I plan to be writing about it more in the run up to the event. I figured I should probably start on why you should go and, better yet, how to convince your boss to pay for the trip.

First off, if you aren’t using OpenNMS, why not? (grin)

In all seriousness, if you are happy with your network management solution you can stop reading now. But if you aren’t happy, are in the process of considering alternatives, or if you have a serious interest in discovering the benefits of an open source network management platform, the money you will spend to investigate OpenNMS through the Users Conference is a rounding error compared to the price of similar commercial solutions.

Second, OpenNMS is more of a platform than an application. I know of a number of organizations who manage billion dollar budgets using Microsoft Excel, but it didn’t work for them out of the box. They had to build the spreadsheets, integrate it with databases and other applications, but now they have a custom system that fits their needs. Most network management applications require the user to adapt their processes to fit the application. For most IT organizations those processes are what differentiate them from their competitors, so it makes more sense to use a platform like OpenNMS which can be customized to better complement them instead of the other way around.

Third, OpenNMS does have a steep learning curve. It is a broad and powerful tool but it does require an investment in time in order to realize its full potential. One way to get such knowledge would be to attend a week-long training class at the OpenNMS HQ. The cost would be US$2500 plus travel.

Contrast this with the OUCE. The full four day package runs 1000€, currently about US$1100, or less than half the price of the standard training course. Even with travel expenses (assuming you aren’t in Germany in particular or Europe in general) it should make more sense to go to the OUCE than to the usual training course (plus, the next one isn’t until January of next year). If you don’t have the need to go to the one day OpenNMS Bootcamp, it is even less expensive. It makes good financial sense.

Fourth, this is a *users* conference. If you come to training you will most likely get to listen to me for five days. At the OUCE you get to meet and talk with the people who *use* OpenNMS. Got a common problem? Find out how others solved it using OpenNMS. Got a weird problem? I can guarantee that someone at the conference will have a weirder one that they used OpenNMS to fix. The initial list of accepted talks is awesome and will only get better.

Fifth, a lot of the key people behind OpenNMS will be there as well (including yours truly) and so you can experience first hand what makes the OpenNMS community so special. Plus, since we don’t “unveil” new features, you can see first hand what is currently available in the development version of OpenNMS, including “big data” storage, new and improved graphing, elasticsearch integration and distributed polling via “minions”.

Finally, it’s a lot of fun. I can remember meeting Ian Norton during an OUCE several years ago. He had been forced to attend the conference by his (now previous) employer and was very unhappy about it. Not knowing who I was, he candidly ranted about issues he saw with the product. I assured him that we would work hard over the next two days to address them. Now he is one of our biggest supporters, and all it took was two days to “get it” and understand what makes OpenNMS so magical (in the interest of full disclosure, schnapps was involved).

In conclusion, if you are not using OpenNMS you are probably paying too much for a lesser solution. This may not be true in your particular case, but you should at least seriously investigate the possibility. It makes financial sense to do this at the Users Conference, even with travel expenses, plus you can see how real users, just like you, are getting the most value out of the tool. And even if you decide OpenNMS is not for you, you’ll have had some fun and can rest assured you did your due diligence when examining management options for your employer.

Hope to see you there.

Case Study: Why You Want OpenNMS Support

I wanted to share a story about a support case I worked on recently that might serve to justify the usefulness of commercial OpenNMS Support to folks thinking about it. As always, OpenNMS is published under an open source license and so commercial support is never a requirement, but as this story involves commercial software I thought it might be useful to share it.

We have a client that handles a lot of sensitive information, to the point that they have an extremely hardened network environment that makes it difficult to manage. They place a separate copy of OpenNMS into this “sphere” just to manage the machines inside it, and they have configured the webUI to be accessed over HTTPS as the only access from the outside.

Recently, a security audit turned up this message:

Red Hat Linux 6.6 weak-crypto-key
3 Weak Cryptographic Key Fail "The following TLS cipher suites use
Diffie-Hellman keys smaller than 1024 bits: *
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (768-bit DH key)" "Use a Stronger Key If
the weak key is used in an X.509 certificate (for example for an HTTPS
server), generate a longer key and recreate the certificate. Please also
refer to NIST's recommendations on cryptographic algorithms and key
lengths (
) ." Vulnerable

and they opened a support ticket asking for advice on how to fix it.

I had some issues with the error message right off the bat. The key used was 2048 bits, so my guess is that the algorithm is weak and not the key. The error message seems to suggest, however, that a longer key would fix the problem.

Anyway, this should be simple to fix. The jetty.xml file in the OpenNMS configuration directory lets you exclude certain ciphers, so I just had the customer add these two to the list and restart OpenNMS.

And then we waited for the nightly scan to run.

This fixed the issue with the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher but not the first one. Nothing we did seemed to help, so I installed sslscan on my test machine to try and duplicate the issue. I got a different list of ciphers, and since openssl uses different name for the ciphers than Java, and it was a bit of a pain to try and map them. I couldn’t get sslscan to show the same vulnerabilities as the tool they were using.

We finally found out that the tool was Nexpose by Rapid 7. I wasn’t familiar with the tool, but I found that I could download a trial version. So I set up a VM and installed the “Community Edition”.

Note: this has nothing to do with open core, which often refers to their “free” version as the “community” version. Nexpose is 100% commercial. They use “community” to mean “community supported”, but it is kind of confusing, like when Bertolli’s markets “light” olive oil which means “light tasting” and not low in calories.

I had to fill out a web form and wait about a day for the key to show up. I had installed the exact version of OpenNMS that the client was using on my VM, so my hope was that I could recreate the errors.

First, I had to increase the memory to the VM. Nexpose is written in Java and is a memory hog, but so is OpenNMS, and it was some work to get them to play nice together on the same machine. But once I got it running, it wasn’t too hard to recreate the problem.

The Nexpose user interface isn’t totally intuitive, but I was able to add the IP address of the local machine and get a scan to kick off without having to read any documentation. The output came as a CVS file, but you could also examine the output from within the UI.

The scan reported the same two errors, and just like before I was able to remove the “TLS_DHE_RSA_WITH_AES_128_CBC_SHA” one just by excluding it in jetty.xml, but the second one would not go away. I found a list of ciphers supported by Java, but nothing exactly matched “TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and I tried almost all of the combinations for similar TLS ciphers.

Then it dawned on me to try “SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and the error went away. I guess in retrospect it was obvious but I was pretty much focused on TLS based ciphers and it didn’t dawn on me that this would be the error with Nexpose.

It was extremely frustrating, but as my customer was being beat up about it I was glad that we could get the system to pass the audit. While this was totally an issue with the scanning software and not OpenNMS, it would have been hard to figure out without the help we were happy to give.

It may not surprise anyone that a large number of OpenNMS support issues tend to be related to products from other vendors. Usually most of them can be classified as a poor implementation of the SNMP standard, but occasionally we get something like this.

Our clients tend to be incredibly smart and good at their jobs, but having access to the folks that actually make OpenNMS can sometimes save enough time and headache to more than offset the cost of support.