ChipLog – Page 3

VMware WSX 1.0.1, and the new Community Page

Last month, we released WSX 1.0. Those following along with the beta knew what to expect, as it was largely our latest Tech Preview release with some more fixes thrown in.

Unfortunately, we also threw in a regression that we’ve since been working to fix. The console would, at times, stop displaying anything, just appearing black. Clicking the little Refresh button would fix it, but it was annoying and, to me personally, quite embarrassing.

Today I’m happy to announce that we’ve released WSX 1.0.1, which has fixes for the black screen issue, and also support for Windows domains in usernames (indicated by “MYDOMAIN\username”) when logging in.

Along with the release, we’ve also introduced the new WSX Community Page, where you’ll be able to find the latest releases, documentation, and discussions on WSX. I’ll be on there, as will some of our QA, to answer questions.

VMware WSX July Tech Preview Release

45 Comments / VMware

A month ago, I announced the release of the June VMware WSX Tech Preview. In it, I covered our awesome new Retina support for MacOS X and iPad, voice input, Windows support, and more. We had some great feedback and worked to address some of the key issues, while putting in a few new things.

Today I’d like to announce the WSX July Tech Preview, which is chock full of improvements. Let’s go over them, shall we?

Improved Home Page

The Home page on WSX was a bit.. barren. Completely blank and useless, in fact, but no more. Now the Home page serves as a jumping point to get to your servers and to configure your server list. This replaces the Configuration page. In the future, I’d like to further improve this by giving quick access to your most recently used VMs.

Improved Server Page

The Server Page was a jumbled mess of links to VMs. Now it’s a nice, filterable, alphabetical list. Search for your VMs by typing part of their name, or filter them by power state. It’s much easier now to find what you need. Oh, and the VM icons now show the power state as well!

Big Honkin’ Power Button

Much like VMware Player and Fusion, we now show a Power On button on top of the screen when the VM is powered off or suspended. This gives you both a nice visual showing what state your VM is in, and a big, easy to hit target for powering it on. Particularly great for touchscreens.

Better Touch Input

Working with your VMs on an iPad is now much, much nicer. We map a bunch of gestures to mouse events, giving you support for right-click, middle-click, and scrolling.

To right-click, just tap-and-hold part of the screen. Or you can press with one finger and tap with a second. Pressing instead of tapping with the second finger is equivalent to holding down the right mouse button, letting you drag around the screen. The actual click will take place where you pressed the first finger.

Just add a third finger to the mix to work with the middle button. That is, press with one finger and then tap (or press) with two more fingers.

Drag up or down with two fingers to scroll. This works just like the mouse wheel.

Mouse Wheels

If you’re using WSX from a PC or Mac, your mouse wheel should now work! Scroll to your heart’s content.

(Note: Mouse wheels events work a bit differently across different browsers, so depending on which browser you use, the sensitivity may be off. It works pretty well in Chrome and Firefox.)

Better Retina Support

Retina was cool and all, but reconnecting to a VM would put that VM back in non-Retina mode, moving all your windows and icons around. No more! Now if your VM was in Retina mode before, it should be in Retina mode when you connect next.

You can pretty easily live in Windows 7 with high-DPI set in Retina mode on an iPad 3 now.

There’s also new Retina icons on the action bar below the screen.

SSL

WSX can now (optionally) encrypt all the traffic between the WSX server and your computer or mobile device. You only need to generate or purchase an SSL certificate, name the files wsx.crt and wsx.key and place them in your /etc/vmware/wsx/ssl/ directory (on Linux) or Application Data\VMware\VMware WSX\SSL directory (on Windows).

Why isn’t this the default, you may wonder? Of course we’d love to just generate self-signed certs by default and encrypt everything, but it turns out there are some browser compatibility issues with self-signed certs and WebSockets, which we use for all our communication. iOS, in particular, is currently broken in that regard.

There are many places on the web where you can get free or cheap certificates that should work fine for you. We highly recommend installing an SSL certificate to enable HTTPS for WSX. Another option is to require access to WSX through a secure VPN.

Easier Installation

Some Windows and Linux users hit problems with our installation in the previous release.

A few Windows users had a crash at startup. This was due to a naming conflict causing an early failure, which we’ve fixed.

Linux was a bit more of a complicated story. We required a specific version of Python on the system, and while not an uncommon version, it proved to be too hard to get going on many systems. This is no longer a requirement! You don’t even need Python installed. We run completely independently now.

So give it another try!

Smarter Defaults

New installs would come with a “Shared VMs” server pre-configured. The intent was to make it easy to get to your Workstation Shared VMs. Some people, though, had changed the port for their Shared VMs, which confused WSX and caused some problems. We’ve improved the smarts to only add this server if it’s installed on the same system as Workstation, and to grab the port from that configuration.

Performance Tweaks

Connecting to the VM should be a bit faster now.
Resizing the browser window no longer causes the VM to take forever to update its resolution. We were spamming it with resolution change requests.

Bug Fixes

Fixed a crash when accessing some Linux VMs that had Tools but didn’t support switching resolutions.
Fixed the styling of some parts of the UI on some browsers. The Log In page, in particular, looked pretty broken on the iPad.

Known Problems

Connecting to vSphere will still only show VMs in the root VM folder, and not in subdirectories or datacenters. Work is still needed here.

Feedback

As always, please let us know if you hit any problems or have any questions!

VMware WSX TP2: Faster, Shinier, and Less Broken

56 Comments / VMware

A few months back, I introduced VMware WSX, a new product I’ve been developing at VMware to access virtual machines in any modern web browser without plugins. The response blew me away. News spread to Ars Technica, Engadget, Windows IT Pro, InfoWorld, and many other publications and sites.

I’m happy to announce that we’ve released another build today: WSX Tech Preview 2. You can get it on the Workstation Technology Preview 2012 forum. Just click “Downloads” and download either the Windows or Linux installers.

Like the first Tech Preview, this is a prototype of what’s to come. I’m actively working on a rewrite that will prove much more reliable, with better compatibility and room for future growth. We have a pretty good release, here, though, and I’d like to break down what all has changed.

Windows Installer

The first preview of WSX was only for Linux. I work primarily on Linux, and as such, this was my priority. While we weren’t able to get a proper Windows build ready for TP1, we now have it for TP2. So Windows users, if that’s been holding you back, give it a try now!

Better Performance

We’ve optimized the rendering to the screen. This should result in faster updates, making things much smoother, particularly on iOS. We’ve added some mobile (and specifically iOS) rendering improvements, and they really help. As we continue to evolve WSX, expect the experience on mobile to only get better.

Retina on iOS

When you go to WSX on an iOS device, you’ll see some changes. First of all, the icons will be more crisp and Retina-friendly. Second, there’s a new “Retina” button for switching the VM into retina mode. I blogged about this a while back, and it’s finally ready to be played with. (Note: There are some occasional rendering bugs to work out.)

But wait! MacBook Pros have Retina displays too!

Speech-to-Text on iOS

You know that little microphone button on the iOS keyboard on the latest iPad/iPhones? Pressing that allows you to “type” with your voice on native applications. Now, we support it as well.

Open up an application in the VM (Word, for example), pop up the keyboard, and hit the microphone. Begin speaking, and your words will appear automatically in your application as if you were typing them. It’s fun!

Beginnings of Android Compatibility

I will warn you, this is not fully baked yet.

The main problem with Android is that most browsers, especially the stock Android browser, do not support the modern web features we need. WebSockets and fast Canvas rendering being a couple of the key issues. Those that do, like Firefox, suffer from other glaring rendering problems that make for a bad experience.

Work is being done here, though, and if you’re running on an Android browser without WebSockets, we now attempt to use a Flash shim that communicates with the server. This makes WSX semi-usable on the Android browser. However, it’s not fast, and there are input problems. In time, I hope to improve this.

Better iOS Compatibility

Input is much improved. Capital letters and most special symbols now work. There are issues still with international characters, though. Backspace key repeats now work, too.
Various fixes for things like question dialogs not appearing, username fields having auto-capitalize/correct on, and other little issues here and there.

Better Feedback

When a login attempt fails, you’ll see an error saying what went wrong, instead of seeing it wait forever.
We show a spinner now when attempting to connect to the VM’s display. This provides some feedback, especially over slower connections, and mimics what we do with Workstation.
Attempting to change the power state of a VM now shows a spinner on the appropriate power button. So, press Power On, and the button will spin until it begins to power on.
If the connection to a server drops, you’ll be notified and taken back to the Home page.

UI Improvements

Login pages aren’t so bare anymore.
The giant useless margin on the left-hand side of most pages have been removed.
Added a logout link! (One of our most heavily requested features.)

Bug Fixes

Connecting to vSphere no longer totally fails. Many users were having some problems with that, and I’m happy to say it should work better now. It’s still not meant to handle thousands of VMs, though.
Pressing Control-Alt-Delete now actually sends that to the VM. Sorry for all of you who couldn’t log into Windows.
WSX no longer disconnects when updating the screen resolution fails.
If you connect to multiple servers, the inventories should be correct on each. Previously, they’d sometimes show the wrong server’s inventory.

New Bugs

Occasionally, the screen may stop updating. We’re looking into that. In the meantime, there’s a Reload button you can press to re-establish the connection to the VM’s display.

What next?

I can’t give away all my secrets, but we’re looking into better ways of handling input in the guest (especially with touch devices), and making WSX a bit more scalable. We’ll continue to put out Tech Previews of WSX while it matures.

In the meantime, let us know how it’s working for you.

WSX, Meet Retina.

8 Comments / Uncategorized, VMware

On Friday the 16th, an angel in white, glowing robes delivered a shiny new iPad to my desk, as heavenly music played softly in the background. (I may be misremembering the details.)

The most talked about feature of the new iPad is, of course, the shiny new retina display (a 2048×1536 resolution). A few apps really show this off, and text is certainly crisp, but a few people wondered aloud, “Is it really that big of a difference?” Yes, it is.

Naturally, I had to play around with getting WSX to show a retina-friendly desktop. See, by default, everything is scaled up 2x to simulate the resolution of the original iPad (1024×768), but they have some support in there for loading higher-resolution images. Turns out, with some tricks, you can also make the canvas retina-friendly.

So let me show off what my desktop here looks like with some apps open on the iPad 1.

Okay, that’s a bit crowded, but it’s only a 1024×768 resolution (minus some UI at the top of the screen). How about with the retina display?

Wooo. Looks pretty awesome, right?

Of course, the problem is that everything is very tiny. This is usable if you increase the DPI a bit, but I’m thinking about some magnifying support now. Still, pretty cool.

WSX: Virtual Machines in Your Browser

164 Comments / VMware

Updated March 13, 2012 at 10:43PM: I have a list of limitations and known bugs toward the end.

Updated March 14, 2012 at 9:30PM: I’ll be on the VMware Community Roundtable podcast at 12:00PM PST today, where I’ll be talking about WSX and jumping into a little more detail.

Updated March 20, 2012 at 10:15PM: A lot of people are confused, so I want to point out that WSX is not AppBlast. That’s a separate project with separate goals. WSX is a remote console built using the same underlying technologies as Workstation and Player. It’s also not a front-end for View. I can’t speak for any of those projects’ goals and plans.

Virtual Machines have always been a great way to work with different operating systems, carry your desktop around with you, and manage lots of servers or configurations. In the past, you’d run the virtual machine on your computer and then use a product like VMware Workstation or Player to interact with them.

In Workstation 8, we introduced the ability to share VMs across a network with other copies of Workstation, and to use VMs running on ESXi/vSphere. You could use any computer in your network to reach any other VM and to manage your servers. I covered this in a previous post, and as I said there, we were very proud of this release.

Still, the world is evolving fast, and more people are moving to tablets and smart phones. It doesn’t mean the end of desktops or servers, but it does change how people are accessing their data and applications. And their VMs.

Get to it already

Alright.

I’ve spent the past few months on a prototype, one I’m proud to say we’re shipping as part of the Workstation Tech Preview. It’s currently called WSX (name may change in time), and it brings your VMs to your tablets, smart phones, and any PC or device with a modern browser.

WSX is installed as a mini web server in your network and serves up an interface for accessing your Workstation Shared VMs and your VMs on vSphere/ESXi 5. You can power your VMs on, off, suspend them, and interact with them. All from a web browser, and all without plugins, with nothing to install on the client end.

This means that you can walk into the Apple store, pick up an iPad right off the shelf, and in less than a minute, start using your desktop back home. (Of course, provided you’ve port forwarded your WSX server so it’s accessible outside your network.)

How does it work?

WSX makes use of some modern web technologies, such as HTML Canvas and Web Sockets, along with a small but powerful server to turn your browser into a full-on remote console. The WSX server talks to your Workstation, ESXi, and vSphere instances and relays the appropriate data up to the client running in the web browser. With that data, the client can stay updated with the latest changes to the VM and offer a full display of the console. We don’t use any plugins, meaning there’s nothing to install.

It’s known to work with the latest versions of Chrome, Firefox, and Safari. It also works with the Internet Explorer 10 preview (though I’m still working on some bugs there). And for tablet users, it works quite well with the iPad running iOS 5+. Android users running Ice Cream Sandwich may get some luck with Google Chrome for Android, but I’m still working on Android compatibility.

A lot of work has gone into making this pretty fast. If you stream a 720p YouTube video inside a VM and access it from Chrome or Firefox on a modern PC, you should see near-native quality and framerates. It’s not as fast streaming to an iPad just yet, but you’ll see some impressive changes there before long.

On some modern browsers, you can even make your desktop go full-screen, just like you can with Workstation.

Note: There’s a bug on the iPad today with the on-screen keyboard where capital letters and punctuation are a bit broken. I’ll fix it!

Tell me some use cases

Sure thing.

You can work on your documents from your iPad from anywhere, knowing your data is safe in your network and not on some desktop streaming service company’s VM somewhere in their datacenter, not worrying about what may happen to your data if their service is down.
If your server is acting up while you’re at the store, you can connect to your VM from your phone/tablet and deal with it instead of rushing home.
Play Windows Solitaire from your iPhone.
Confuse people by running a VM from within a browser from within a VM from within a browser from within a VM from within a browser from ……
Have your presentation or demo live within a VM so that when your laptop dies at just the wrong time, you can grab anyone else’s laptop or iPad and quickly resume where you left off.
Have your iPad set to sync music over the network with a copy of iTunes running in a VM, and then use the same iPad to interact with that same copy of iTunes without ever involving a PC or Mac.
Run Windows 8 in your VM full-screen on your iPad, so you can confuse everybody.

As WSX evolves, so too will the use cases. I’m personally very curious to see how people will be using it.

Installing WSX

Right now, WSX ships with the Workstation Tech Preview for Linux installer. You’ll be asked for a port (defaults to 8888), and then it’ll install once Workstation is installed. Make sure you have the python2.6 binary installed on your system, or it won’t run! (This is a temporary limitation.)

Now there is a bug today where the installer won’t start the service for you. You’ll need to do:

    sudo /etc/init.d/vmware-wsx-server start

After that, you should be able to point your browser to http://localhost:8888/. If you want to reach your VM from outside your network, just port forward this one port in your router and you’ll be set.

You’ll log in with your system’s username and password. No need to create a new account.

Windows is another story. We don’t have a build out just yet, but stay tuned on this. I’ll make an announcement when that’s ready.

What’s the plan going forward?

I can’t speak to our long-term plans, but as I continue to work on the WSX tech previews, my main goals are to make it faster, improve browser compatibility, and make it easier to interact with your VM. This means gestures (two-finger scrolling in place of a scroll wheel on tablets), gamepad controls (play Portal 2 on your iPad!), multitouch, and whatever else we can figure out.

These are my goals, and not necessarily those of VMware’s, so don’t hold the company to anything I say here!

Limitations and Bugs

There are some known limitations and bugs in this build of WSX. Please remember, this is a new prototype, and is not a finalized product!

You must have the python2.6 binary installed on Linux for this to run.
On the iPad, the on-screen keyboard is currently a little broken when it comes to capital letters and punctuation (anything involving Shift, basically).
We use the on-screen keyboards on mobile devices, which don’t contain things like Control keys, function keys, etc. So for now, those keys aren’t available. Looking into proper solutions here.
There’s no sound. Sorry if I confused some of you! There’s some things we’re waiting for in modern browsers before we implement this. No ETA or promises from me.
You can run against Workstation 8 Shared VMs (I think?), but you won’t see as good performance. Same with ESXi VMs.

Feedback?

If you try playing around with WSX, I’d love to hear about it. This has been a pet project of mine for the past few months, and I’m pretty excited about it. Yes, there are rough edges that we know about and will be smoothing out as we go forward, but I think it makes for a great prototype, and certainly one I’m starting to love using.

A Proud Moment: VMware Workstation 8

21 Comments / Uncategorized

Today is kind of a career highlight for me. A moment I’m especially proud of. We just released VMware Workstation 8. Code-named “Nitrogen,” this release has been in the planning stages since around the time I joined VMware 7 years ago. It has been in active development for the past 3 years. Easily the longest development cycle we’ve had for Workstation, but also easily the best release we’ve ever done.

Previous users of Workstation will notice quite a lot of improvements to this release. We have a lot of changes, but I want to go into a few that I’ve worked on over the past three years, which I think are of particular interest.

Remoting

This is the big one.

Workstation 8 can share VMs with other Workstation 8 clients. You can run a VM on one system (say, a beefy desktop machine in the back room) and access them from another (say, a light-weight laptop). All the processing happens on the machine running the VM. They can be made to start up along with the system, so you don’t even need Workstation running. You don’t even need X (on Linux).

Users of VMware Server or GSX should find this familiar. We’ve essentially succeeded the Server product with this release, with more features than Server ever had. For instance, one client can connect to multiple servers at once, alongside all your existing VMs.

That’s not all, though. You can also connect to ESXi/vSphere. As a developer, this is something I take advantage of nearly every day. I have an ESXi box running in my back room with several VMs for testing, and a couple for in-home servers. By running on ESXi, I minimize the overhead of a standard operating system, and gain a bunch of management capabilities, but previously I had to use vSphere Client to connect to it. Now I can just talk to it with Workstation.

Hear that, Linux admins? You don’t need vSphere Client running on Windows to connect to your ESXi/vSphere box anymore. That’s a big deal. (Unless you need to do some more advanced management tasks — we’re more about using the VMs, and light customization).

VM Uploading

We also make it easy to upload VMs to an ESXi/vSphere box. Connect to another server, drag a local VM onto it, and the VM will convert and upload directly to it. Super easy. Developing a VM locally and putting it up on a server as needed is just a simple drag-and-drop operation now.

No More Teams

Teams was a feature that we’ve wanted to rework for a long time. For those who aren’t familiar with them, Teams was a way to group several related VMs together (say, parts of a test server deployment) such that they could be viewed at the same time with a little live thumbnail bar. It offered some support for private virtual networks between them, with each NIC being able to simulate packet loss and different bandwidth limits.

We felt that these features shouldn’t have been made specific to “special” VMs like they were, so we tore the whole thing apart while preserving all the features.

Now, every VM’s NIC can simulate packet loss and bandwidth limits. Any VMs already together in some folder or other part of the inventory can be viewed together with live thumbnails, just like Teams. Any VM on the local system can be part of any other VM’s private virtual network.

It’s much more flexible. The restrictions are gone, and we’re back to using standard VMs, not special “Team VMs.”

Inventory Improvements

You may have noticed the search field in the inventory in my screenshots. You can now filter the listed VMs by different criteria. Show the powered on VMs, the favorites, or search for VMs. Searching will take into account their name, guest OS, or data in the Description field in the VM. The Description searching is particularly helpful, if you’re good at documenting/listing what’s in a VM that you may care about (IE6, for instance).

Favorites was reworked. It used to be that every VM in the sidebar was a “favorite.” Now we list the actual local VMs, and we don’t call them favorites. Instead, you can mark one of the listed VMs as a favorite (by clicking a little star beside it) and filter on that.

UI Improvements

We’ve streamlined the UI quite a bit. All our menus are smaller and better organized. Our summary pages are cleaner and highlights the major things you want to see.

We have new ways of navigating your VMs, which is especially handy on large servers. You now get a tab for any folder-like node in the inventory showing your VMs in either a list view (with info on power states) or a zoomable live thumbnail view showing what’s happening on each VM.

And Much More

That’s just a few of the major things. There’s many, many more things in this release, but the official release notes will cover that better than me. (Honestly, I’ve been developing and using this release for so long, it’s hard to even remember what was added!)

Tip of the Hat

A lot of great people worked on this release. The engineers that developed the various components across the company. The QA groups who have provided valuable testing to make sure this was a solid release. The product marketing and management teams who kept us going and help draft the goals of this release and market it. The doc writers who spent countless hours documenting all the things we’ve done. Upper management who allowed us to take a risk with this version. Our beta testers who went through and gave us good feedback and sanity checks. And many others who I’m sure I’m forgetting.

I said this already, but I’m so proud of this release and what we’ve accomplished. More effort went into this than you would believe, and I really think it shows.

And now that we’re done, we’re on to brainstorming the next few years of Workstation.

ThinkPad T520/W520, NVIDIA, Wide Gamuts, and You!

17 Comments / Misc Computers and Tech

Update: Linking to a better color profile below.

Update 2: I narrowed down the ACPI issues, and have a better solution.

I recently purchased a brand new, maxed out ThinkPad T520. My old laptop was 4 years old, and while I absolutely loved it (and still do!), an opportunity came up to get a T520 with a nice discount. So I took advantage of that. I like large screen resolutions, as I tend to have a few thousand windows on screen at any given point in time, so I went with the 1920×1080 option, and put Ubuntu Linux on it.

And let me tell you, for an Ubuntu-certified laptop, it sure didn’t work out of the box.

Optimus!

It took a lot of effort to get Ubuntu working, due to some hardware problems. The biggest issue was the display adapter. The T520/W520 (and I believe the T420, etc.) come with two graphics chipsets: An Intel something-or-other, and an NVidia 4200M. By default, this is in “Optimus” mode, meaning that the OS can essentially switch between the cards for performance/power savings reasons, depending on use.

Not surprisingly, this does not work on Linux.

Your system will try to use the Intel card. You won’t have any 3D, and try as you might, that NVIDIA card just will not work. It’s maddening, but there’s a solution. One with its own set of problems, but at least it gets you there..

The trick, it turns out, is to go into the BIOS, go into the video settings, and switch to “Discrete Graphics” and disable auto-detection of Optimus. Once you do this, your NVIDIA card will work! You’ll get 3D, and it’ll be fast and smooth and so wonderful.

If you can boot, that is.

Once I switched over, I found I could no longer boot. Now this was 4:30 in the morning and my brain stopped functioning, so I wasn’t making all the connections. All I know is that booting locked up, and when I went into recovery mode, I started seeing I/O errors on my brand new 160GB SSD. Figuring it was just my luck, I decided I’d call Lenovo in the morning and get a new one. If this sounds at all familiar, stay calm! It’s not your SSD, and your system is not hosed. It’s ACPI.

(Of course it’s ACPI… Nobody ever said it was the Year of the Linux Laptop.*)

Update: I previously said that passing acpi=off in grub would fix things. That disabled battery and other stuff, though. The new solution below is far better. Suspend/resume and brightness work!

So, to fix that, go back to Intel graphics, edit your /etc/default/grub file, and set GRUB_CMDLINE_LINUX_DEFAULT to:

GRUB_CMDLINE_LINUX_DEFAULT="quiet splash acpi=noirq"

~~Unfortunately, you won’t get Suspend/Resume, and I think the battery monitor is busted, but you’ll get Hibernate. It’ll mostly work. Sometimes. It’s Linux, afterall.~~

I’m not sure if this is needed anymore, but you may also need to add this to the “Device” section in your xorg.conf:

Option "RegistryDwords" "EnableBrightnessControl=1"

Once you have a working X/Unity/Compiz/3D/Minecraft setup working, you may notice some problems with colors….

Wide Gamut

The T520/W520/T420/etc. line of ThinkPads have a new 95% Wide Gamut LED display. It makes everything all bright and nice. And it butchers your colors.

Applications that support color management should in theory compensate for this. Not all apps do, though. What bothered me was my web browsing experience. Every color was broken, and as someone who writes webapps, I needed accurate colors. I was about to throw out this laptop before I managed to figure out a solution.

Modern Ubuntus should come with a Color Profiles control panel under System -> Preferences. From here, you can load ICM profiles and get things working. That will solve some of your issues, so let’s start there. Note that this is in Ubuntu 11.04 (I think), but I’m running 10.10 (I thought originally 11.04 was the source of my problems), so for me I had to:

apt-get install gnome-color-manager

And here, I the Color Profiles applet was causing problems, and I couldn’t directly use it, so I installed dispcalGUI, which allowed me to load in a profile and install it into Color Profiles, and activate it.

~~On some site, I found a working color profile (ICM file). I don’t know where I originally found it, but you can download it here. Note that this is only tested on my 1920×1080 display, so YMMV.~~

~~I’m not confident that this profile is 100% correct, but it’s close. At least as far as I can tell.~~

You’re free to try that profile, but I found a better one which preserves the crispness of the display with the actual accuracy you’d want on the web. WordPress is even looking correct now.

NotebookCheck’s review of the ThinkPad W520 links to a color profile that works much better.

Firefox Color Profiles

Now, you’ll still notice problems with Firefox and Google Chrome. Chrome doesn’t seem to understand color profiles, but Firefox does. You just have to tweak it.

In Firefox, go to about:config. In there, search for gfx.color_management. Set gfx.color_management.mode to 1, and then set gfx.color_management.display_profile to the path of that ThinkPad ICM file I linked to earlier.

Restart Firefox. You should now see more or less correct colors!

Now it’s not perfect. The ThinkPad screen is very bright, and some things can get a bit washed out and perhaps slightly tinted. As I type this, I’m noticing that the WordPress UI is a bit off, and things blend together more than they should (lots of light grays on a bright screen). But it should be much better than it was!

If you use a T520/W520/T420/etc. and have other solutions or tips for color management on Linux, I’d love to hear about them! And hopefully this saved someone else hours or days of rage.

* Thanks to James Farwell for the “Year of the Linux Laptop” snark.

I Invented Port Knocking

15 Comments / Uncategorized

Let me tell you about something that’s been bothering me for a while.

I invented Port Knocking. No, really. In 2002.

According to portknocking.org, it was invented by Martin Krzywinski in 2003. I’m not here to debate that he didn’t come up with the idea separately, and choose the same names (it’s a pretty good name for the technology). But I do want to make it clear, for the record.

Wait, hold on, what’s Port Knocking?

Oh, got ahead of myself there.

Port Knocking is a security method where you can cloak a network completely (close all ports or put them in stealth mode) and yet still allow access from any computer in the world, by way of a sequence of “knocks” on a predefined list of ports.

The server can specify a list of ports (say, 53, 91, 2005, 2131, 7) and monitor to see if there are attempts to open them. If an outside computer accesses each of these ports in sequence, without hitting any other ports, and within a time period, the server can open a select set of ports (separate from the knock list) to that IP address only.

In my original designs, before opening the ports after a successful knock sequence, an authentication port would be opened at a predefined port, which the client would have to access, exchanging credentials, before the ports would be open.

And why the controversy?

First, some history.

In mid-2002, I was 18 and interested in security, amongst other things. Along with writing code for Pidgin (then Gaim), and a couple other projects, I was fooling around with firewalls and such.

I had this idea one morning while in the shower to add another layer of security. I really wanted to be able to completely close off my network, but still access it when out of town. I can’t tell you how it came into my head. Just a moment of inspiration. I wasn’t even really looking for another project, just brainstorming, but I liked the idea too much. I started writing code and made it work.

It was a while before I discussed it publicly on my old blog on Advogato. There are many posts, but I’ll highlight a couple here, where I introduce what I was working on:

The blog is full of lots of old teenage angst, so ignore most of it, but I spend the next few weeks going over my progress, answering questions from people who are asking for more information, etc. I was very open about it.

At one point a couple months later, I realized this was stupid. I had a good idea. I should patent it. I took it down for a while. This was after I had already put up the sourcecode, though, and many people had it.

Now, in retrospect, I should have made this into a full-on open source project and gained the recognition myself, continued development. But I was too busy with other things and didn’t really want another major product on my hands. I remember at one point I thought, “maybe I can sell this to a security company, or patent it!”

And since then…

One day, I opened a magazine and saw “port knocking” on the cover. My heart skipped a beat. Somebody wrote an article on my port knocking! I opened the magazine and read through it. “Invented by… Michael Krzywinski? What?!” I re-read to make sure. It was all my terminology, my methods. I was floored.

By that point, he made a name for himself as the inventor. And again, I’m not trying to discredit him, because he very well may have come up with the same thing separately. But it stung, because I had a great idea, a year before he wrote a paper on it, and I didn’t promote it the way he did.

Lesson learned

This is one of those life lessons. You always regret what happened, but you use it to make better decisions in the future. These days, I’m happy working on some awesome products. My day job at VMware and my highly successful code review software, Review Board (for which we’ve recently started a company).

Now, if I have a good idea, I make sure it’s heard, and demonstrated, far and wide. Truly great ideas don’t really come that often, so when you have one, make sure you do something with it, or you may end up regretting it for years to come.

Sentience discovered in the Linux kernel

19 Comments / Uncategorized

Ladies and gentlemen, after much experimentation, I have made a remarkable discovery. Perhaps the very first case of a sentient AI has been discovered, sitting right under our noses, in the Linux Kernel. With such a complicated codebase that has evolved greatly over the years, there are certainly more surprising places for it to spring up, but it’s still quite unexpected.

And where, specifically, has this sentience manifested itself? The suspend/resume code.

See now, like many of you, I’ve dealt with the instabilities of suspend/resume. I’ve considered it to just be buggy, unreliable, and possibly incompatible with my hardware. That is, until I realized that there’s a pattern. One that began to make a sort of sense.

A couple months back, I gave suspend/resume another shot, and to my surprise it worked. I figured that Ubuntu 10.04 finally fixed it, but it still wasn’t perfect. I still noticed problems.

The first thing I noticed was that when I unsuspended at work, I couldn’t use my volume keys. Everything else was fine, but my laptop’s volume keys didn’t register as a key press on anything. If I suspended again and brought it back home, the keys would work fine. If I suspended at home and resumed at home, I wouldn’t have the volume key problem. Weird, but just buggy, right?

It was a couple weekends ago when I suspended my laptop to take it somewhere. It wouldn’t suspend at all. Just hard-locked. This continued until the week, when it worked again. Last weekend? Same problem, couldn’t suspend. Monday, it worked fine.

It was then that I realized suspend/resume was breaking deliberately! See, my laptop feels more comfortable at home, less so at work but it tolerates it (with some complaining), but absolutely doesn’t want to leave during the weekend. It’s like a cat that just wants to be in a familiar environment, selfishly vying for your attention through mischievous acts. Look at it hard enough and the pattern emerges. It’s undeniable.

That got me thinking. What other possible instances of AI have we been misconstruing as bugs or random glitches? All those inter-connected street lights that occasionally shut off as you walk underneath them? Maybe they’re just shy, or they hate you. Maybe NES cartridges just found being blown stimulating.

So remember guys. Windows suspend/resume may work just fine. Mac too. But Linux’s suspend/resume isn’t a buggy pile of crap. It’s an intelligent buggy pile of crap, that just wants to be loved.

Looking Back on Review Board

6 Comments / Uncategorized

Just over 3.5 years ago, David Trowbridge and I spent some time discussing the annoyances of the typical patch submission and code review processes in the open source projects we participated in and at companies, and decided to play with some ideas for improving this. At the time, we knew very little about what we intended to do. We had a name for it pretty early on, but that was about all we had. We didn’t even know whether we’d get past an early prototyping stage. But here it is, over 3 years later, and we have the leading open source code review tool with an active support and development community, hundreds of companies using it, and exciting new innovations for aiding in the code review process.

I was thinking a few days ago about how far we’ve come and some of the decisions we made along the way. I went digging through our commit history in order to relive some of the past of our little project. Since so few people were even aware of Review Board’s existence at the time, I thought I’d share some of our history with you. Particularly the interesting and funny bits.

“Add the reviewboard.”

Commit #1. The very first thing we put in our Subversion tree on September 27, 2006. I don’t even remember what was in this change now. We transitioned to Git last year and this commit is now just plain empty. Maybe it was jut the directory structure? Who can say.

Early on, we didn’t refer to “Review Board” as a proper name. It was generally “the reviewboard” or something similar. The codebase was young. We didn’t actually do code review on the project at this point (and it shows!). The first few months are littered with odd or nonsensical commit messages, small breakages, and bad decisions.

A few of my favorite commit messages are:

“I suck. Make submitting of reviews.”
“Don’t stuff the list of files in the bug list. It’s impolite.”
“Avoid failing out with Christian’s wacko form”
“Gum.”
“Holy apple pancakes. It worked!”
“I suck… The array was empty… The tests never had a chance to fail. :(“
“‘This is a summary’ sucks. Now we use fortune for the summary, description, and testing done. ‘You’re ugly and your mother dresses you funny.'”
“Unbreak things before ChipX86 notices”
“I’m just… garhgh”

Nowadays, our commit messages look nothing like that, but that’s the fun of a new project. You get to go commit-crazy while you try to figure out what you’re building.

Dashboard, quips and fortunes

The UI of old looked quite different than the UI of today.

We had a dashboard from the very beginning (before the review request pages, even) but it wasn’t anything like the dashboard we had today. It was a simple page with a table containing all outgoing review requests and a table containing incoming review requests. But it also had one more thing: quips.

The beginning of quips functionality was being built. Quips are just little random quotes that are inserted in the UI. I think the plan was to put quips on certain pages, making Review Board a little more fun. We were using them in the dashboard for empty lists, with variations all saying something about the dashboard being empty. Quips are a neat feature that just never survived the early days of development.

Fortunes are similar. On Linux/Unix systems, there’s a little program called “fortune” that just displays a random quote. Since we at first had to test review request functionality without actually having a repository backend of any sort, and we didn’t want to input all the information each time, we just used fortune to generate the summary, description and testing done text. This made for some really funny review requests early on, but this is of course something that had no reason to survive initial development.

Sometimes we would create a bunch of review requests just to see what kind of quotes we’d get. 🙂

Multiple repositories? Almost didn’t happen.

One of the really critical parts of Review Board today is the ability to talk to a variety of different types of repositories in one instance. But, it turns out, this almost didn’t happen.

The initial goals were not that ambitious. Review Board talked to one repository per instance. Everything was basically hard-coded with one repository in mind. That type of repository, as well as its information, was customizable. You just couldn’t have more than one. At the time, this wasn’t a problem, but it didn’t take long until we had a need to talk to two repositories.

We discussed this and at first decided that if we needed to talk to two repositories, we could just set up two instances. It would have been a lot of work to update it for multiple repositories, after all. And really, this was a small project. Who would really need more than a couple repositories? This started to nag at me, though, and so I spent a couple nights rewriting all of the code as an experiment. It ended up working pretty nicely, and we were able to ditch the multi-instance model.

The importance of rewards

It’s always nice to have a little reward for milestones. Developers sometimes compete over cool bug numbers, revisions, etc. Initially, we were going to use quips to add some fun to the site, but we ended up settling on our current trophy system.

One of our first Review Board instances started to approach review request #1000, which was a huge milestone for us. I decided to commemorate the event by staying up and quickly hacking in a hidden feature for showing a trophy for review request #1000. The way we implemented it, you’d see the first ever trophy at 1,000, and from there you’d see it at every milestone number (1,000, 2,000, 3,000, 10,000, etc.). I didn’t want to stop there, though, so I added support for a second type of trophy, one that has confused people with its appearance to this day. Mission complete.

Of course, when we updated the server and someone finally hit 1000, it triggered a bug in the new trophy code and broke his review request. Oh well, I tried.

Diff viewers are hard

If I could pick one point during the whole history of Review Board where I was ready to completely give up, it would be during the creation of our diff viewer. All three diff viewers.

See, the first diff viewer was a complete and total hack. We generated a side-by-side diff using the diff tools and just parsed the output, basically generating a table of that. It was ugly, though, and limiting. It also caused problems where text on a row would either be truncated or would break the parser. I spent a long time working on this before I totally gave up and went on to try a new approach.

My second approach was closer to what we have today, but also limiting and very, very buggy. We were using Python’s built-in diff generation module, which implements a basic diff algorithm. It gave us insert and delete information, but not replace information. We had to hack that in ourselves, and it was really a hack. Try taking a bunch of inserts and deletes and find out which of those are really changed lines. No, really, try it. It’s harder than you think, and it’ll often be wrong.

Still, we stuck with this for a long time. It was slow, buggy, and didn’t generate the sort of output people expected from diff tools. Most people see diffs from GNU Diff, which implements the Meyers Diff Algorithm (with a few additions and tweaks). These Meyers diffs are much nicer to view than what Python gave us. Another problem we hit was that we didn’t have real line number information, so we had to output fake line numbers. They weren’t really line numbers so much as row numbers in the table. Ugh. Even getting this far was really hard and frustrating, and the result still wasn’t good.

Attempt #3. I decided to build our own diff parser and generator from scratch. What a project. I knew nothing about diff generation and hardly knew where to start. I spent probably a good month or so just trying to work on this new diff code, and was so close to giving up so many times. It ended up being completely worth it, though, as we ended up with a very nice, extensible diff parser.

Without that third attempt, we’d be in the stone age. Review Board would not be as nice to use. We wouldn’t have inter-line diffs (where we highlight what changed in a replace line), syntax highlighting, move detection (coming in 1.5), or function/class headers (where we show which function/class the part of the diff is in — also coming in 1.5).

What else…

Well, there’s a lot more I could talk about. Our initial attempts at JavaScript code for the UI, our trials and challenges with database migration, or our early problems storing diffs with different encodings in databases. This is getting long, though, so I’ll cover these in another post on lessons learned.