Case Study: Why You Want OpenNMS Support

I wanted to share a story about a support case I worked on recently that might serve to justify the usefulness of commercial OpenNMS Support to folks thinking about it. As always, OpenNMS is published under an open source license and so commercial support is never a requirement, but as this story involves commercial software I thought it might be useful to share it.

We have a client that handles a lot of sensitive information, to the point that they have an extremely hardened network environment that makes it difficult to manage. They place a separate copy of OpenNMS into this “sphere” just to manage the machines inside it, and they have configured the webUI to be accessed over HTTPS as the only access from the outside.

Recently, a security audit turned up this message:

Red Hat Linux 6.6 weak-crypto-key
3 Weak Cryptographic Key Fail "The following TLS cipher suites use
Diffie-Hellman keys smaller than 1024 bits: *
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (768-bit DH key)" "Use a Stronger Key If
the weak key is used in an X.509 certificate (for example for an HTTPS
server), generate a longer key and recreate the certificate. Please also
refer to NIST's recommendations on cryptographic algorithms and key
lengths (
) ." Vulnerable

and they opened a support ticket asking for advice on how to fix it.

I had some issues with the error message right off the bat. The key used was 2048 bits, so my guess is that the algorithm is weak and not the key. The error message seems to suggest, however, that a longer key would fix the problem.

Anyway, this should be simple to fix. The jetty.xml file in the OpenNMS configuration directory lets you exclude certain ciphers, so I just had the customer add these two to the list and restart OpenNMS.

And then we waited for the nightly scan to run.

This fixed the issue with the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher but not the first one. Nothing we did seemed to help, so I installed sslscan on my test machine to try and duplicate the issue. I got a different list of ciphers, and since openssl uses different name for the ciphers than Java, and it was a bit of a pain to try and map them. I couldn’t get sslscan to show the same vulnerabilities as the tool they were using.

We finally found out that the tool was Nexpose by Rapid 7. I wasn’t familiar with the tool, but I found that I could download a trial version. So I set up a VM and installed the “Community Edition”.

Note: this has nothing to do with open core, which often refers to their “free” version as the “community” version. Nexpose is 100% commercial. They use “community” to mean “community supported”, but it is kind of confusing, like when Bertolli’s markets “light” olive oil which means “light tasting” and not low in calories.

I had to fill out a web form and wait about a day for the key to show up. I had installed the exact version of OpenNMS that the client was using on my VM, so my hope was that I could recreate the errors.

First, I had to increase the memory to the VM. Nexpose is written in Java and is a memory hog, but so is OpenNMS, and it was some work to get them to play nice together on the same machine. But once I got it running, it wasn’t too hard to recreate the problem.

The Nexpose user interface isn’t totally intuitive, but I was able to add the IP address of the local machine and get a scan to kick off without having to read any documentation. The output came as a CVS file, but you could also examine the output from within the UI.

The scan reported the same two errors, and just like before I was able to remove the “TLS_DHE_RSA_WITH_AES_128_CBC_SHA” one just by excluding it in jetty.xml, but the second one would not go away. I found a list of ciphers supported by Java, but nothing exactly matched “TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and I tried almost all of the combinations for similar TLS ciphers.

Then it dawned on me to try “SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA” and the error went away. I guess in retrospect it was obvious but I was pretty much focused on TLS based ciphers and it didn’t dawn on me that this would be the error with Nexpose.

It was extremely frustrating, but as my customer was being beat up about it I was glad that we could get the system to pass the audit. While this was totally an issue with the scanning software and not OpenNMS, it would have been hard to figure out without the help we were happy to give.

It may not surprise anyone that a large number of OpenNMS support issues tend to be related to products from other vendors. Usually most of them can be classified as a poor implementation of the SNMP standard, but occasionally we get something like this.

Our clients tend to be incredibly smart and good at their jobs, but having access to the folks that actually make OpenNMS can sometimes save enough time and headache to more than offset the cost of support.

Welcome Costa Rica! (Country 28)

While I have never been able to personally visit Costa Rica (it is on my list) I am happy to announce that we now have a commercial customer from their, making it the 28th unique country for OpenNMS.

They join the following countries:

Australia, Canada, Chile, China, Denmark, Egypt, Finland, France, Germany, Honduras, India, Ireland, Israel, Italy, Japan, Malta, Mexico, The Netherlands, Portugal, Singapore, Spain, Sweden, Switzerland, Trinidad, the UAE, the UK and the US.

2015 O’Reilly Open Source Conference

I think this year marks the eighth OSCON I’ve attended. I’m not sure of that, but I am sure that every year I can meet up with a number of interesting people that I just don’t see elsewhere.

I used to get the conference pass so I could see the presentations, and while they tend to be of a very high quality, I often found myself spending most of my time outside of those rooms, either on the Expo floor or just sitting and talking, so this year I just got the Expo pass.

OSCON 2015 - Entrance

I have a love/hate relationship with OSCON. It seems to be skewed toward large companies, and this year was no exception.

I got to see the jugglers at Paypal:

OSCON 2015 - Paypal

(Note: Jason, who used to work with us at OpenNMS, is now at Paypal and so I get to hear about some of the stuff they are doing around open source it is pretty exciting).

and Microsoft was back with the photo booth:

OSCON 2015 - Microsoft

There were also some smaller companies in attendance. I had to go by and say “hi” to the Atlassian team as we happily use a number of their products to make OpenNMS happen, such as Bamboo and Jira:

OSCON 2015 - Atlassian

and it was nice to run into Chris Aniszczyk, the open source guy at Twitter.

OSCON 2015 - Chris Aniszczyk

I had not talked to Chris since last year’s OSCON and it was cool to learn that he’s doing well.

One thing I’ve been looking at for OpenNMS is the best configuration platform with which to integrate. It is hard to choose between Puppet, Chef, Ansible and Salt (and we should probably do all four) but if the choice was solely based on the friendliest staff Chef would probably win.

OSCON 2015 - Chef

I never did get the full story on what happened with their booth.

Right around the corner was the Kaltura booth with its incredibly shy and withdrawn Director of Marketing, Meytal:

OSCON 2015 - Meytal Burstein

She was also at CLS and our paths crossed a lot, and I’m certain I’ll run into her in the future. Oh, and if you want her opinion, you’ll have to drag it out of her.

(Note: some of the above is not true)

OSCON 2015 - CDK Global

It was also cool to see a booth for CDK Global. CDK was formed by merging Cobalt and ADP Dealer Services, and the latter uses OpenNMS. Sam (the guy in the middle) was also a Frontalot fan, so we got along well.

I spent most of my time off to the side of the Expo floor on a row I called the “Geek Ghetto”. These are booths that OSCON offers to open source projects and organizations. It was cool to see that it was almost always packed with people.

OSCON 2015 - Geek Ghetto

I got to talk to the team at the Linuxfest Northwest. This is one conference I have yet to attend but I’m going to make an effort to get there next year. I’m hoping to convince the Bad Voltage guys to come along and do a live show (they will be with us at the OUCE this September in Germany)

OSCON 2015 - Linuxfest Northwest

Next to them was a booth from the EFF. Maggie, who was at the anniversary show in San Francisco, was also doing booth duty at OSCON.

OSCON 2015 - EFF

I believe in what the EFF is doing so it was nice to get to talk with them.

Last year I spent a lot of time learning about Free Geek:

OSCON 2015 - Free Geek

and it was nice to chat with them again. If you are in a Free Geek city, you should get involved.

It was good to see a large number of women in attendance, although it was still not reflective of the population as a whole. One group working to change that is Chicktech:

OSCON 2015 - Chicktech

Note that my picture got photobombed by “Open Source Man”.

Also in the Geek Ghetto was the Software Freedom Conservancy, run in part by Bradley Kuhn and Karen Sandler. I think highly of them both and enjoyed the time I got to spend with them.

OSCON 2015 - Karen Sandler

Now, I should probably explain my shirt.

Bryan Lunduke is one-fourth of the Bad Voltage team. While I have known Jono Bacon for some time, I didn’t get to meet Jeremy Garcia or Stuart Langridge until this year’s SCaLE conference. I never got to meet Bryan. To be honest, a lot of these “meetings” happened in bars and Bryan doesn’t drink, and I did try to get his attention on the show floor but he obviously didn’t hear me.

Then I was on the Bad Voltage podcast talking about OpenNMS. This was an episode where Bryan was ill, so outside of signing in to say he couldn’t do the show, I didn’t see much of him.

Finally, we are planning on having Bad Voltage come out to the OpenNMS User’s Conference this September. Bryan is expecting the arrival of his second child, so he had to beg off.

Now I just see these things as coincidences, but the guys in the office suggested the real reason is that Bryan hates me. Jessica, our graphic designer, took the bait and made up a graphic, and my friend Jason at Princredible printed a few really nice shirts.

I wanted to meet up with him in Portland, but he was only at CLS the second day (I was there the first). He was at OSCON on Wednesday. I wandered around the Expo floor trying to find him but we could never meet up.

It started to become amusing. People would stop me and say “Bryan was just here looking for you”. After awhile I thought it might be even funnier if we never met, just circled each other at the conference and to this day we still haven’t stood next to each other (he and Jono did call me later in the day, but I had already left).

Anyway, if you think Bryan Lunduke hates you too, you can get a nifty shirt just like mine. Jason will take orders until 10 August. These are high quality shirts that are actually printed – the image is dyed into the fabric and not screened on top were it is likely to crack and peel.

OSCON 2015 - Jono Bacon

Speaking of Jono, he did an “Ask Me Anything” session and I was very eager to get some of the burning questions off my chest. Unfortunately, it was subtitled to limit the questions to things like “community management” and “leadership”. Mine were, to a fault, all obscenely biological.

I want to end this note with a picture of one of my favorite people, within or outside of open source, Stephen Walli.

OSCON 2015 - Stephen Walli

I usually only see him at OSCON, and while in his sunset years he has quieted down a bit (grin), I always welcome the time I get to spend with him.

Hope to see everyone in Austin in 2016, if not sooner.

Review: MC Frontalot with The Doubleclicks

Best OSCON after-party ever! – Satisfied Customer

Even though OpenNMS has been around for over 15 years now, a lot of people, including open source people, don’t know we exist. In an attempt to fix that, we’ve been experimenting with various marketing efforts, and in keeping with our mission statement of “Help Customers – Have Fun – Make Money” we also want them to be fun.

I have a love/hate relationship with the O’Reilly Open Source Conference (OSCON) but I can be assured that many of my friends who are into free and open source software will be there. This year I thought it would be fun to host a concert featuring MC Frontalot. Not only is his music awesome, it should appeal to many of the attendees. We lined up a venue (the amazing Dante’s) and an opening act, The Doubleclicks.

My one fear was that no one would show up, so I was relieved when I rushed from a previous meeting to Dante’s to find the place full, and by the time the show started it was packed.

Prior to setting this up, I had not heard of The Doubleclicks. Angela and Aubrey Webber are sisters who sing about geek things. Prior to the show I listened to a lot of their music, and since I was paying for this gig they even did one of my favorites, “This Fantasy World (Dungeons and Dragons)“. When they sang the lyric “and their primarily Windows-based computers” it got a big laugh.

The Doubleclicks

One thing we struggle with in the tech world in general and open source communities in particular is how to encourage more women to get involved. As a male dominated industry, women can face particular challenges. When The Doubleclicks sang “Nothing to Prove” I realized I couldn’t have asked for a better set list if I’d tried:

We read books, we played games, we made art, we watched Lost
We said things like “D20”, “shipping” and “Mana cost”
It felt good to be myself, not being mocked
Still self-conscious, though, we whispered things about jocks

But one day, you grow up, come into your own
Now geek’s not rejection – it’s a label I own
Then ignorant haters come to prove me wrong
Tell me I’m not nerdy enough to belong

I’ve got nothing to prove
I’ve got nothing to prove
I’ve got nothing to prove

This rang particularly true due to OSCON being hit with a “gamergate“-like attack for having Randi Harper speak. Considering the number of women at the show, I think we succeeded in promoting an all-inclusive environment.

After their great set, MC Frontalot and the band prepared to take the stage. This was the fourth Frontalot show I’d organized but the first with the band. The reason I hadn’t hired the whole band before was simple: it’s more expensive. Plus, from the videos I’d seen on the Intertoobz, I didn’t think they added all that much.

I was so wrong.

It’s hard to capture on video the energy these four gentlemen bring to the stage. The man driving the beat on drums is The Sturgenius (aka Sturgis Cunningham). Blak Lotus (aka Brandon Patton) is the whirling dervish on bass. I sat an watched him spin from stage left, often winding the cord to his bass around his legs and then unwinding it just in time to avoid tripping. Vic-20 (aka Ken Flagg) played wireless keytar, and while everyone was mic’d, turns out he has the voice of an angel and did the most duty on backup vocals.

MC Frontalot and Band

They played all of my favorites, such as “Critical Hit” and “Stoop Sale“, and while Front has always given 110% at my shows, being with the band brought out something more.

When I walked around OSCON inviting people to the show, a lot of people were psyched but I still got that weird “Nerdcore Hip Hop?” look from many. I don’t think that anyone who has seen them live could mistake them for anything other than truly original musical artists.

OCSON is moving to May and to Austin, Texas, next year, and my hope is to bring the band out again. And I do actually plan to write up my thoughts on OSCON itself, but as I got almost no sleep in the last week that will have to wait. The fourteen and a half hours I slept last night seemed to have helped a lot, though.

2015 OSCON MC Frontalot and Doubleclicks Party

I just wanted to post a short note about tonight’s concert.

WHAT: MC Frontalot and The Doubleclicks
WHERE: Dante’s, Portland, OR, USA
WHY: To give back to our Free and Open Source Software Friends, and to promote OpenNMS
WHEN: Doors open at 8pm, Doubleclicks sometime after 9pm, Frontalot around 10pm

If you are still reading, OpenNMS has been able to get Frontalot to perform at a number of Linux conferences, but this is the first time we’ve been able to bring out the whole band (2015 is shaping up to be a good year). So in addition to the man himself, we have Blak Lotus on bass, The Sturgenius on drums and Vic-20 on the key-tar. This promises to explode with awesomeness.

Since this is Portland, we wanted to get a local group to open and The Doubleclicks were kind enough to join us. They are the sister duo of Angela and Aubrey Webber, who will entertain with their particular brand of nerd folk. I was introduced to their work just recently, and I think it will be the perfect way to start the evening.

We also want to thank O’Reilly for continuing to produce OSCON. In many cases, it is the only time in a year where I get to see friends of mine in person, and they bring together all different type of people from the free and open source community.

Finally, last but not least is Dante’s itself. The venue was kind enough to let us schedule this free event there, and while I’ve never been, I’ve only heard great things. The only downside is that I’ve been told it is somewhat small. Since we are not selling tickets, I have no idea how many people are showing up, but from the feedback I’ve been getting from OSCON attendees, we’ll probably pack the place.

To guarantee you get to see the show, doors open a 8pm, but since some of you might still be enjoying OSCON events at that time, please note that the show won’t start until sometime after 9pm, so we hope you can make it.

Oh, if you do come and like it, please give a nod to @opennms as we are working hard to correct the fact that it is the greatest open source project you have never heard of.

See you there.

Solution for One Trackpad Issue for the XPS 13

My new laptop is the beautiful new Dell XPS 13 running Ubuntu Gnome 15.04.

It is not perfect, but it is getting close. Lightweight, beautiful screen and awesome battery life (nearly 8 hours the way I use it).

One thing that was killing me, though, was that after a certain amount of time (on the order of tens of minutes and not hours), the trackpad/clickpad thingie would start misbehaving under Gnome Shell, registering bogus clicks. There wasn’t an easy way to fix it outside of a) reboot or b) use an external mouse.

It seems that this issue has been addressed in the 4.1 kernel, so I decided to try it. I’m not sure if Ubuntu is going to support the 4 kernel series officially before 15.10 so I didn’t want to wait.

I downloaded the 4.1.1 kernel here (you’ll need three debs: the “all” headers deb and the image and headers debs for your CPU – I used “generic” and “amd64”), installed them with “sudo dpkg -i” and rebooted. The problem seems to be fixed.

But, my Broadcom wireless driver wouldn’t work. I had to download one more deb from here (via my phone – never play with kernels when you are on a long road trip), install it and now wireless is back.

Now if we could just get palm detection fixed …

2015 Community Leadership Summit

I’ve been working full time with open source software for fourteen years, and I can remember a time when we were pretty much making everything up. No one had experience with this market which most of us now take for granted, and there were a lot of questions about dealing with an open source “community” versus paying customers for open source related software and services.

Out of this arose a role, for lack of a better word, called a “Community Manager”. It doesn’t quite fit since “manage” isn’t accurate. It is hard to apply old school management techniques to a group of sometimes anonymous volunteers, many of whom you might only know by a name such as “Zaxxon476”.

One of the first people to document this role was Jono Bacon. He was one of the leaders of the Ubuntu community, one of the larger of such communities in existence. He wrote a book called The Art of Community and he also founded the Community Leadership Summit (CLS) which meets the weekend before OSCON. Due to scheduling I have never been able to be there, but OpenNMS has been a sponsor every year it has been around.

CLS - Sponsors

This year I was finally able to attend, and I wasn’t disappointed. A large, eager group of people showed up, and I really enjoyed the diversity. Not only were women strongly represented (in both attendees and session leaders) there were many people from outside of the United States.

Jono kicked off the conference:

CLS - Jono Bacon, the delicious meat

with help from another amazing fellow, Stephen Walli:

CLS - Stephen Walli, the other white meat

The format was in the “unconference” style, meaning that the attendees set the agenda. After an initial group of planned 15-minute presentations, those people wanting to host a session would write a short description on a card, get up in front of everyone and announce the session, and then go post it on a large schedule “wall” in the main hallway.

I’ve been to a number of such conferences but rarely seen such participation levels. We actually ran out of Saturday spots, but in the true cooperative style a number of people were able to combine sessions so I think it all worked out.

CLS - Schedule

The whole event had a really good vibe. It wasn’t just open source people, either. The “open source way” can be applied to a number of different fields, and it had to be stressed that in any given session you couldn’t make assumptions about the open source knowledge of the people in the room. One woman discussed how she was dealing with mental illness, and an on-line community was key to her becoming healthy. Another woman was discussing how concepts from the formal study of psychology could be applied to make communities stronger. Even proprietary companies such as New Relic were there because the user community has become key to the success of almost any technology endeavor.

I got to make new friends and catch up with old ones, so I have to admit like many conferences I spent more time chatting in the hallway than in actual sessions (as some of those session were in the hallway, I had to be reminded that my voice carries. Ooops and sorry).

For high school I went to the North Carolina School of Science and Mathematics, and I constantly run into alumni in this field. OpenNMS’s own Seth Leger went there, as did Spot Callaway and Gina Likins from Red Hat. I got a cute picture of Gina (pronounced “Jenna”) with Ulf.

CLS - Gina Likins

It looks like the second day might even be stronger than the first, but unfortunately I won’t be able to make it. As OSCON is moving to Austin next year, it will be interesting to see how that changes CLS, and I plan to make every effort to be there.

The EFF Turns 25

In 1990, when the Internet was much smaller and slower than it is today, a bunch of forward-thinking people realized that this new technological wonder would create some unique issues for our society, and they formed the Electronic Frontier Foundation to protect people from its negative effects.

I can’t remember the first time I got involved with the EFF, but for years I’ve followed their efforts and cheered them on. Before I wore it to shreads, my “Protect Bloggers Rights” T-shirt was one of my favorites, and I still carry my passport in an EFF-badged wallet that blocks RFID transmission.

Earlier this year, the animator Chad Essley auctioned off the chance to be added to his video for the MC Frontalot song “Shudders” with all proceeds going to the EFF. The result was that the OpenNMS mascot Ulf gets a few seconds of much deserved fame and I got an invitation to the EFF’s 25th anniversary party.

I wasn’t going to make it (I don’t live in the Bay Area) but when I decided to attend this week’s Community Leadership Summit followed by OSCON up in Portland, it turned out that it wasn’t much more expensive to fly here first before heading up to Oregon. I know several people in the area and I figured I could find something to do before the party, but then the EFF created a half-day “minicon” so I decided to attend that as well.

EFF - DNA Lounge

The minicon consisted of three panel discussions. It was held at a nightclub called the DNA Lounge and when I got there just before noon the line to get in was already stretching down the block. When I did get in, there was a stage set up for the panels (a moderator’s podium and a table with four chairs for the panelists) as well as two banners describing what the EFF does.

EFF Banner

I thought the left one was pretty succinct: Free Speech, Privacy, Innovation, Transparency, Fair Use, International. Yup, that about covers it.

I didn’t take any pictures of the attendees (this group does attract a contingent from the “black helicopters” crowd) so while I probably had the right to take pictures as part of a public gathering it would have been rude. It was nice to see a fairly even split between men and women, and for once I wasn’t the oldest person in the room. It was mainly Caucasian and Asian faces that I saw (hey, that’s pretty much Silicon Valley) and I did see people with colorful hair (bright pink, electric blue, etc.) That part was similar to the open source conferences I attend, but there wasn’t a single utilikilt. The vibe was also different. Whereas FOSS conferences also attract technical people with a strong libertarian bent, this crowd included a lot more people concerned with social activism.

Which brings us to the first panel: Activism.

EFF - Panel 1

Not only does the EFF identify threats to liberty brought on by new technology, one of their pillars is to mobilize people to effect change, so this panel discussed ways to more effectively do just that. Should you call your Congressional Representative or e-mail them? Is publicly tweeting about them better than a private correspondence? One panelist commented on the fact that you can’t A/B test reality so it can be hard to determine the best action. Plus, if a particular effort is successful, such as with SOPA, the bar is set high for the next one, which can cause its own problems.

It was the first time I had been introduced to Annalee Newitz, and I really liked her comments. Yet another person to follow on the Twitters.

They also announced a project by Sina Khanifar called which is supposed to make it easier for people to contact those in government.

The second panel focused on Copyright.

EFF - Panel 2

I am not an anti-copyright person. Copyright law is what makes free and open source software possible. However, it is obvious that it is broken. As a process created to mainly protect things like the written word, it doesn’t lend itself well to computer code. Plus, some copyright holders have a track record of abuse. I’ve even experienced it in such things as bogus DMCA takedown notices.

Part of this discussion focused on the concept of “fair use”. If I am given something or I pay for something, does the person from whom I got that something have a right to set limits on what I can do with it? It’s a tricky question. If I use someone’s song in a television commercial, it seems obvious that I should have to pay the owner of that song, especially since it may imply that the creator of the music endorses my product or service. But what if I invite 30 people over for a party and put on some music? Does that count as a “public performance”? It’s tricky.

The EFF is very concerned with transparency, and quite naturally has issues with secret negotiations such as the Trans-Pacific Partnership agreement (TPP). Proponents of keeping trade negotiations secret will claim that they don’t want the discussion to disrupt markets. For example, if the discussion was about whether or not to place tariffs on corn exports, whether or not they would actually come about, this could cause undue fluctuations in the market for corn.

As one of the panelists noted: Copyright is not corn.

The TPP has a focus on intellectual property rights which will have far reaching repercussions for users of technology. Without oversight, the government’s zeal to protect, say, the movie and music industry, may result in actions that are detrimental to end users. People in government don’t tend to have strong technical experience, so it is important that these discussion take place in the open.

Privacy was the topic of the final panel.

EFF - Panel 3

This panel included Bruce Schneier. This was the first time I had seen him speak, and I was not disappointed. One of the questions was to predict privacy challenges due to technology 25 years from now. Bruce pointed out that it was harder to predict the impact of new tech on society than the tech itself. For example, we now have flying robots that kill people. On the one hand this is very frightening, and on the other hand, in a way, it is really, really cool.

He was referring to drones of course, and I couldn’t help but think of the trauma some drone operators are now facing even though they are thousands of miles from actual combat. Tech has also created an “interrupt driven” culture that may be fostering short attention spans. Heck, I’ll be surprised if even one of my three blog readers makes it this far in this long post, and we’ve had to come up with tags like “TL;DR” to deal with things like this. I can’t imagine what changes this will bring about in 25 years.

I was also impressed by panelist Parisa Tabriz. She is the “Security Princess” at Google and a solid public speaker. She pointed out that at Google they sometimes struggle with security versus privacy, in that certain security tech can leave a fingerprint that might weaken anonymity.

It is hard to talk about Google without bringing up Apple, and it was pointed out that Apple fails miserably on the transparency front but does do a good job when it comes to privacy. The argument goes that since Apple makes money on hardware (compared to Google’s model) they have less motivation to look at their users’ data. It would have been nice to have someone from Apple on the panel, but I’m not sure if they were asked. I did ask the EFF via a tweet, but didn’t get a response.

While most panel discussions suck, I enjoyed these, and I’m glad I went. The minicon ended around 4pm and since the party didn’t start until 8pm I decided to head back to the hotel, work on some e-mail and take a nap.

That was a mistake.

When my alarm went off at 7pm, I was so tired I considered blowing off the party entirely. I decided to go because Maggie had managed to find another RFID blocking passport wallet, as my EFF-branded one is pretty tattered, and I need another. It doesn’t have the EFF logo on it, but I hope they make more in the future.

EFF Passport Holder

My passport has had RFID technology embedded in it for years, but in all my travels it has never been legitimately accessed. It is just another example of technology being chosen because it exists without a firm plan on how to use it. I like knowing that I now can chose when to enable it or not (and yes, I know I could nuke it in the microwave but I’m not ready to go that far, yet).

Another thing I wish the EFF would do is advertise more about Amazon Smile. If you shop on Amazon Smile you can choose to have a portion of your purchase benefit a specific organization. It doesn’t cost you anything, and while I can’t find an actual total, since I shop on Amazon a lot I feel that I’ve probably sent a significant amount of money to the EFF. Of course, I can’t imagine that they are happy with things like Amazon Echo, so perhaps there is a conflict of interest, but I still wanted to make people aware of it.

EFF - Party Stage

So, I grabbed an Uber, went to the party, met Maggie and got my new passport holder. I then made a pass around the club but didn’t really feel comfortable. These were my people but then again not my people. It was obvious many knew each other, and while I’ve never been one to have a problem with a room full of strangers (in most situations I make new friends) the environment was pretty loud and not conducive to conversation. I just didn’t have the energy so I left.

This means I missed seeing Wil Wheaton and Cory Doctorow, two more people I’ve never seen in person but would like to one day. From social media it seems like it was a good time, but I just wanted to grab some dinner and sleep.

EFF - Wil Wheaton

Overall, I had a good time with the EFF. It is rare that I agree with everything even people I like do, but I can’t think of something the EFF has done in the last 25 years that bothered me or pissed me off. It is one of the few organizations that I regularly donate to, and I plan to leave them some money in my estate (if there is any left, I also plan to live for another 100 years and die after I’ve spent my last dime). If you haven’t supported them yet, I’d like to suggest that you do so.

Today I’m off to Portland for the CLS and OSCON, and these really are my people. I’ll let you know how it goes.

Uber vs. Taxi

Back in 2012, I first experienced Uber. While I assume everyone knows what Uber is, just in case you don’t, it is a ride service that heavily leverages modern technology to disrupt the livery/taxi industry.

When I first used Uber in 2012, it was limited to “black cars”, vehicles like Town Cars on the higher end of the scale, and the price reflected it. Now they have a number of different options, such as UberX (similar to a taxi), UberPool (more of a ride share version of UberX), UberSushi, UberMusic, etc. (okay, I made the last two up).

I had a rather positive experience with Uber back in 2012, but I rarely had the chance to use it much after that. Later, when I started reading about some “evil” things they were doing, I wasn’t inclined to call on them when I needed a ride, and their Android app seems to need an awful lot of permissions in order to work correctly, so I wouldn’t install it.

I am currently spending a few days in San Francisco, and when I landed at SFO I decided to take a taxi instead of BART. I like BART, but I was running late and also had a fairly large suitcase with me, so I opted for the convenience of a cab.

It was a bad experience.

When I approached the cab stand, I was assigned the next cab in line. This was car 226 from “Veteran’s Cab Company” and it was a very tired Toyota Prius. The driver seemed more interested in listening to music on his phone and texting than getting me to my hotel.

Texting Taxi Driver

He repeatedly ignored my requests that he not text and drive, and as I was watching for the best routes on Google Maps, he also ignored my requests to take me on the faster route. Outside of putting my life in danger, he probably cost me an extra $10 and an extra 15 minutes.

I did survive the trip, and I checked into the hotel, dropped my bags and headed back out because I was meeting a friend and we were going to take BART to the East Bay.

Although her house was only a 10-15 minute walk from BART, she was in heels and decided that we would catch a ride with Uber. This was UberX. The driver was waiting for us in an immaculate Prius and promptly took us to the house. As I ended up staying there past the time that BART stopped running, they called me another UberX ride to take me back to the hotel. This was also in a Prius, clean, and the driver was very friendly and safe.

It is hard to express the stark contrast between the experience of a normal taxi versus Uber.

I was in town for the EFF’s 25th anniversary party. While I walked to the “minicon” they held during the day, I decided to take Uber to the evening party. I dusted off my Uber account, updated the credit card, and called for a ride.

Within three minutes Ye showed up in a nice Toyota Camry. The route to the DNA Lounge was already in his phone, adjusted to avoid traffic, and the trip was quick and pleasant. As everything is paid for via the app, I had nothing to do but enjoy the ride.

I can see why people could get used to this.

For the ride back, I used Uber again. This time Allam picked me up in a Honda CR-V. Again, he arrived within three minutes. I was his first customer for the night and we hit it off to the point where I didn’t want the ride to end (he was originally from the West Bank of Israel and we talked a lot about the Middle East, which I’ve enjoyed visiting).

When I go to the airport tomorrow to head to CLS and OSCON, I plan to take UberX, or I might try UberPool.

While I still have concerns about some of Uber’s policies, and I probably need to check out Lyft (a competing service), we are talking about an experience that is orders of magnitude better than the old status quo. I’ll be hard pressed to take a taxi again.

The OpenNMS Calendar

As I was spending this morning trying to get organized, I thought it would help me to post some of the OpenNMS events coming up over the next few months.


The O’Reilly Open Source Conference, being held the week of 20 July in Portland, OR, USA, is probably the last great commercial open source conference. I’ll be there on the Expo floor and would love to chat with folks about OpenNMS and open source. We are also sponsoring a free concert with MC Frontalot and the Doubleclicks at Dante’s on Thursday night the 23rd:

August: Training

We are holding our formal week-long OpenNMS training course the week of 10 August at OpenNMS HQ in Pittsboro, NC. This is the best way to get up to speed with OpenNMS, plus you get to meet a lot of the people who make it happen.

September: Users Conference

This year’s users conference is shaping up to be the best yet. It will be held from 28 September to 1 October at the University of Applied Science in Fulda, Germany, which is just outside of Frankfurt.

Sponsored by the independent OpenNMS Foundation, The Call for Papers is still open. Also this year we’ll have the gang from the Bad Voltage podcast doing a live show for your entertainment.

October: All Things Open

From 18-20 October, the All Things Open conference returns to America’s Open City: Raleigh, NC (home of Red Hat). This is a great time and OpenNMS will be a sponsor this year.

Hope to see you at one or all of these events.