Older blog entries for roozbeh (starting at number 67)

16 Jul 2005 (updated 16 Jul 2005 at 13:40 UTC) »
Zaheer, while there is copyright protection in Iran, for art, literature, music, and software, it does not include any work "first published outside Iran", since Iran has not signed any of those international copyright conventions. Also, since EULAs are not binding in Iran (only signatures are), they can't restrict any copying either.

In other words, one is legally allowed to freely copy software of non-Iranian origin in Iran. As for software of Iranian origin, we even have a special software copyright law, which in practice includes changes made to software "first published outside Iran". In other words, software first published outside Iran is like public domain.

The situation has led to some companies offering Linux solutions to their customers without the source code: the GPL won't hold if the copyright doesn't.

In answer, we have taken to make sure we have patches here and there, under our own copyright, first giving a copy of the patch to someone in Iran. So, when someone sells a product including some of our code (like GNOME or Mozilla), we can theoretically claim copyright infringement and ask for following the license.

I am open for questions about the legal situation in Iran, but let me assure you that your friend will be doing a very legal thing copying non-Iranian software in Iran. But as for importing that into another country, you should check the laws of that country.

Behdad, you rock! BTW, I love a corpus where the first thing after پروژه (project) is فارسی‌وب (FarsiWeb)...

Discworld: Regarding a previous post, I just finished reading Small Gods , and it suddenly appeared to me that the format Ogg Vorbis is very probably named after Discworld characters. Apparently, Ogg is not named after Discworld (although it happens to be the name of a character, Nanny Ogg), while Vorbis is named after a discworld character.
9 Jul 2005 (updated 9 Jul 2005 at 16:15 UTC) »
Iranian president: I seem to be obsessed by out president-elect Mahmoud Ahmadinezhad. After checking in a Persian translation by Masoud Ahmadzadeh, I have written his name as Masoud Ahmadnezhad!

Terrorism: I hate bombings etc. Specially when the western governments/media have made people autmatically think of Iranians etc when they hear the news or the world "terrorist". We, the innocent people living in hardline countries, were doomed when we were born, doomed to be considered terrorists, doomed to be considered second class citizens, both in our own countries and the world in general.

Google maps: It's been a while since Google's satellite coverage of many more countries, and even the level of detail has increased to some degree since then. So for the first time I can show people were in Tehran I live. It's right in the center of this photo. Zoom out (and shift left a little) to get some idea of how large the gray and polluted metropolis is.

I am now sitting there, at our rented home of EUR 200 per month, which we are planning to change after the one-year rent finishes a month from now. The thing we don't know yet, is for how long we should rent a new place, as it's very hard to plan in a life now full of undecidables, specially since our President-elect has become a personal nightmare. I can't even sleep before going over all the local political news, specially ones like Rooz (English articles) and Gooya, news sources that are published outside Iran and so avoid the usual censors.

6 Jul 2005 (updated 6 Jul 2005 at 16:30 UTC) »
Cultural differences: In a recent meeting, someone (the person who first told me about Unicode in 1997 or so) was telling me that how his western customers could not understand our social situation. He was telling me about a colleague's father's funeral, and how it was not understandable for the contact person in the western customer organization that the colleague would need two weeks off for that, because of things that Iranian people expect when someone dies, which includes five ceremonies (one as soon as possible, one on the third night of death, one on the seventh, one on the fortieth, and one the next year) which usually have a mosque version open for all and then sometimes a limited one after the mosque usually in the dead person's home. That is apart from the burial ceremony, when people nearer to the dead person are expected to be present during the whole process, which included washing the body. It's also apart from what is called The First Eid, which is the first public celebration (about ten in a year for Shia Iranians) after the fortieth day of one's death, where the family is supposed to take out the black clothes, and everyone comes and visits them.

But it also happens the other way: I remember the first time I read the LaTeX manual, and how it used gnus, etc. all over the xamples. I didn't know there was a GNU project then, and didn't get the jokes that talked about "a big animal". But that could have happened to everyone. The best examples are references to The Lord of the Rings or, worse than that, the Discworld series, or the worst of all, The Monty Python. How is a reader of an English technical books outside the western mindset is supposed to have heard about Monty Python or be able to understand its jokes (it was sometimes very hard for me the get the jokes when we were watching them at Michael's home in Dublin, which resulted in Michael pausing the movie several times and explaining the cultural background), let alone having seen the movies a few times and recalling the jokes when one is reading a technical book. (Update: I didn't mean that the references to LoTR, Discworld, and Monty Python were in the LaTeX manual. They were spread in several different books. I don't necessary remember all the cases, but since I have only recently read Discworld, I was recently attracted to mentions of "Rincewind" and "Unseen University" in The LaTeX Graphics Companion.)

The basic effect is that when one (in the third world, or the east) reads those technical books, he doesn't get any of the niceties. He misses the psychological hints that helps him learn about the technical matter and remember them later.

You know the number of Iranians (living in Iran) I know who have read any of the Discworld books? One, myself. (I've read about seven of them, I guess.) I don't think I am not well connected to the science fiction and fantasy community in Iran, but I don't even know many people in that community who have even heard of Pratchett. They're probably ten or so. As a hardcore Iranian SFF fan, do you know how much I knew about any Tolkien thing when I borrowed The Hobbit (in English) about six or seven years ago? I had never heard his name. Do you know when I could finally get my hand on The Fellowship of the Ring? In 2001, when I first travelled outside Iran independently.

But let's get back to the main thread. I really have no clue how we can overcome these cultural burdens. But believe me, learing the language is not enough. People like me are forced to live the culture. And that's too high a price to pay for simply being efficient in today's world and be able to work outside borders.

I really hope I will not be forced to live more than the two that I'm currently living. My short contacts with the Indians and the Chinese were shocking, but well, I guess I can understand Brazilians to some degree.

4 Jul 2005 (updated 4 Jul 2005 at 14:17 UTC) »

Almost a month ago I told about a security bug I found and I was very excited about. Since enough time has passed, and the involved package, HelixPlayer, has now been released, I believe I can mention it now. The Red Hat guys told me they have fixed the issue, but they preferred that I keep my mouth shut about it until they release the updated HelixPlayer.

The problem was with the CVS system of Fedora Core, and the way it and related policies was implemented. In short, it was like this:

In Fedora Core, only the distro-related patches are kept in the CVS, and the upstream tarballs for the packages are kept somewhere else behind an HTTP server. There is anonymous access to the CVS, but through a little weird setup and directory hierarchy which is very probably not the same as what the people with commit access see. The tarballs are then supposed to be downloaded by a makefile system that reads a file (available in the CVS) called "sources" which has filenames and MD5 sums for them. They are downloaded through an HTTP server specially configured for this, which would only give you the file if you give it the right filename, package name, and checksum.

The problem was with the CVS commits mailing list. I was browsing through the list and suddenly found that there are a few emails about commits to branches called "FC3-embargo" and "FC4-embargo", which I tried several ways to access using the CVS, to no avail. Being the ignorant guy I am about the software security processes, I even had no clue what the hell "embargo" could mean.

Anyway, after searching the Red Hat site and the Google over those two branch tags, and coming to nothing, I tried the "embargo" word, and after lots of confusion found what it really means. (It is a term for cases when a security bug is known to the maintainer of the software but he doesn't tell the public about it and doesn't commit a patch to the CVS either, but tells the vendors, mostly distro people, about it and they arrange a time for simultaneous release of patches and keep everything secret before that.)

When I found it, I thought "Fine, it's a security thing, and I probably shouldn't know about it". But I suddenly thought "But weren't the committed patch about a new version, 1.0.5? If there is a new upstream tarball, maybe I could get it and feed the curiosity?" Helping the curiosity was that it was committed by GNOME's J5, who I had assumed could read Han characters when I met him in Norway, based on his face, which I am still ashamed of (he is half Italian-half Thai, IIRC), who had made the commit.

After playing a little with the HTTP server, and seeing that I can get nowhere without the MD5 sum, I suddenly realized that may be the changes to the "sources" file are also in the emails. Yes, they were there. So I constructed the URL and got the tarball easily. I had an embargoed tarball in my hands.

I tried to find J5 on the IRC, couldn't find him, tried the Red Hat bugzilla, found that there is no security checkbox for bugs related to Fedora Core infrastructure, but found the link there about security bugs and Red Hat's "secalert" team. Imported their GPG key and emailed them about it. (The sad thing is that I can no longer read the email I sent, because evolution keeps it under secalerts' chain and lock.) They confirmed the issue, fixed it to some degree, and asked me very politely (but with lots of rechecking to make sure I understand them) to not disclose the issue until the new HelixPlayer (the package I tried) is released.

The lessons I learned: Be curious and try things, apart from the educational benefits it may prove good for lots of other people. You never know when you have found a security issue. Several other people may have overseen it by simply thinking the way they do and not thinking the way you do. Don't underestimate your own eyeball.

TeX: Wow! Thanks to the recent log I just found that the great Karl Berry, a TeX guru and president of TUG, has a blog on advogato.
3 Jul 2005 (updated 3 Jul 2005 at 12:46 UTC) »
Google and sanctions: This got forgotten in the election atmosphere: Since Google has agreed to Behdad's project proposal, after he clearly mentioning that he is an Iranian and doesn't hold any other nationality, I consider that they have taken back their restriction about no Iranian particapting. This may have had its negative effects anyway, discouraging Iranian students living abroad to apply, of course, but I don't personally know of any such case. I assume Google will fix this in their next requirements document or whatever of a new service or project or something, so I will not call them racist or whatever unless it happens again.

There is still the ban about those students in Iran, but I believe Google can't do anything about it. It's US Federal Government's "discrimination" agaist Iranians, Syrians, etc. I am still educating myself on the matter, and I still believe that Fedora Project etc are infringing copyright by sticking that Federal Government text over the GPL. But I still haven't completed all the documents that have been posted by the US government about these: I'm only thorough some of the ones posted on the US Treasury website. The ones about cryptography and all that weren't there.

Democracy: BTW, don't listen to the crap the US media are telling about the new President-elect's involvement in US hostage crisis or his involvement in killing Kurdish opposition leaders in Austria. Very probably it was not him. Very probably he is simply someone who will make life a lot harder for us living here, in both the money we earn and the rights we can practice.

For example, Ahmadinejad has mentioned that the human rights issue "is a sickening issue that has become a cliché" and that "Europe should step down from his ivory tower" of mentioning these. These guys believe in something called "Islamic Human Rights" (which I, and several muslims, don't consider Islamic). For example, they consider that the case of a father killing his son should not be considered equal to someone else killing the boy, because the boy's blood was "owned" by the father in the first case. Another is that noone practicing any religion other than the four mentioned in the constitution (Islam, Christiany, Judaism, and Zoroastrianism) to work in any office in our huge government. I won't go into more examples, and I'm not an expert in law anyway, but that should give you some idea.

GNOME people in ICANN meeting?

Gavin Brown asks if anyone in the GNOME community is attending the Luxembourg meeting in July. Please contact him at "gavin.brown at uk.com" if you are a member of the GNOME community and you are planning to do so. He is "interested to see how big the intersection is between the two communities." I don't believe it's big at all, but let's see.

26 Jun 2005 (updated 3 Jul 2005 at 12:47 UTC) »
Democracy and Iran: Daniel has asked about what really happened. The short answer is "we can't claim we know". We only have our own limited answers.

Forgive my limited English vocabulary, but to me, this was an election between wisdom and ignorance. People voted for Ahmadinejad because he talked like them, talking hopefully but without much thinking. Because he was not sophisticated, while every single sophisticated person (writers, artists, reformist politicians, and even several conservative politicians) has talked against Ahmadinejad and in favor of Rafsanjani.

Rafsanjani, on the other hand, had well-thought plans and good proofs to make sure he can implement them. (I had even directly influenced Rafsanjani's plans by asking someone I knew in the commitee who worked on Rafsanjani's plans to remove a part about expanding the patent system, by explaining that it's practically more dangerous than useful to both business and science, and it was actually removed at the end!)

People voted for Ahmadinejad because he said he will lower the economic difference between the rich and the poor, but without any figures or definitions about who is considered poor and who is considered rich (Rafsanjani was considered rich, of course). I know several people who are much richer than the average Iranian (say, they own a shop in the capital selling PC peripherals), but by looking higher than themselves they thought that the lowering the economical difference of the classes will make them richer instead of poorer. So they voted for Ahmadinejad.

Ahmadinejad is either a total idiot or an expert liar (I consider the second one more probable). For example, in his interviews, he told that Iran is a rich country, by comparing the amount of Iran's petroleum and mineral reserves to those of the the whole world, and then doing the same with the number of people. He concluded that since Iran holds 1% of the population of the world but more than 2% of the reserves, it is a rich country, ignoring other revenue-generating industries in the world, like manufacturing and services. He then blamed the rich people and their corruption as the reason, ignoring that we really are a poor country in terms of any infrastructure except those related to extraction of petroleum. But the people, who don't read much anything, including newspapers who explained how wrong this explanation is, assumed that he knows what he is talking about, or he wouldn't have received a PhD...

But let me try to answer Daniel's questions:

  1. How will we be able to help?
    By spreading wisdom and information about the situation around the world. By making sure your politicians, specially the ones in the United States who are very happy to see a hardliner come to power in Iran, understand that you are no fools and don't support a war against a country of people poor in both money and wisdom. Make sure you elect pacifists next time. Make sure the same destiny of Iraqis don't happen to Iranians. A war, possibly over the controversial atomics, is what both the US and Iranian neocons who are both now in power look forward to, to the expense of both of their people. Finally, you can help by advising us what to do. We feel very crushed under the situation, and this seriously stops us from thinking clearly.
  2. How can this happen in a country where women have the right to vote?
    By fooling a lot of women into believing that he will not restrict them much in some aspects, but not exactly mentioning which aspects: he insisted that he believes a very important role for women in the society, but failed to mention any role other than the usual kitchenwork and childcare in his generalized explanations. But it is also very probable that most Iranian women prefer staying at home than having a presence in the society. Most of them prefer "having more to eat" and "making sure their children get a job" to a political or social role in Iran (he has explicitly mentioned that he does not consider women suitable as ministers). In other words, we don't have that many feminists in Iran.
  3. Is there vote statistics available to try to understand town vs. countryside, sex, age influence on people's vote?
    Any kind of opinion polls on the day of election were banned by the government (and almost all independent polling institutes were closed by the conservatives because of publishing results they didn't like, like more people being in favor of diplomatic relations with the United States than not), so the only statistics available should be town vs countryside one. I don't know if it will be published or not, but worth mentioning is that even people living in Tehran, who are supposed to be more educated, voted more for Ahmadinejad. I have heard that in some rural areas people have voted more for Rafsanjani, but I fail to understand why. (Rafsanjani was a cleric of course, which may have been one of the reasons. People living in rural areas are more religious, after all.)
  4. Of course those who didn't vote deserve the right to be ignored.
    This is not a question of course, but it's worth answering. I add the people who didn't vote to the supporters of Ahmadinejad. Although it is widely believed that if they were forced to vote most of them would have voted for Rafsanjani, they didn't vote for him for several different reasons, including the reverse psychological techniques used by the Supreme Leader, like mentioning that voting for any candidate also means an approval of the ruling regime. These people prefer being bystanders to having a say, yes, but no, we can't ignore them. They simply lacked the same wisdom that people who voted for Ahmadinejad lacked. I really hope they could think properly (and mathematically). Is it so hard to understand that not voting in an election that makes a real difference for you is necessary?
  5. I had to go vote for Chirac in the last presidential election here to block the ultra right wing, and still feel bitter about this but this is democracy rules.
    Yes, this was compared to that election by many intellectuals, and I guess I feel more bitter about what I did to block Ahmadinejad. I made several phone calls to friends and family members and talked them into voting for Rafsanjani and doing the same as me by calling their friends and family. Elnaz and I both volunteered as official government inspectors of a polling station, the only governmental service I had done in my life (it was more than 16 hours nonstop). All this, considering that Rafsanjani is a proven liar, his family are widely considered to be involved in the corruption, and he is really an aristocrat cleric. But at least he was a moderate politician who knows basic economics to know that one can't improve the livings of the people by paying the petroleum money directly to them instead of building infrastructures. I am very sad that my people elected the Iranian Le Pen. This only proves that they lack the basic wisdom necessary for democracy. Perhaps they really deserve the very limited democracy they have now. Perhaps this was the reason they exchanged one dictator for another in their 1979 revolution. Or soon afterward, they voted for a very ambiguous and undefined "Islamic Republic" almost on the same day I was born.

58 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!