Monthly Archives: July 2015

IETF 93 Day 5

The last day

The last day at the IETF was rather calm. A guy from Europe (Rob) won the Jon Postel award, which is an award given to people who have made significant contribution to the Internet. rob

Following Edward Snowden's appearance during the IETF 93, I met Daniel Kahn Gillmor, who works at ACLU. ACLU is The American Civil Liberties Union (ACLU): a nonpartisan, non-profit organization[5][6] whose stated mission is "to defend and preserve the individual rights and liberties guaranteed to every person in this country by the Constitution and laws of the United States

It's interesting seeing Americans taking the NSA to court :) I wish that we could do the same here for some Governmental organizations that do not work in the public interest of Mauritians :-)

Friday was rather calm, compared to previous days :) IETF was a great experience for me. Meeting people, and interacting with them face-to-face definitely helps in helping to move the Internet forward !


Installing Visual Studio Code on Linux (Ubuntu)

Installing Visual Studio Code on Linux (Ubuntu)

During this year's //build conference Microsoft officially announced a new member of the Visual Studio series called Code. As described by several people already it is a HTML5, JavaScript/TypeScript based text editor hosted inside the Electron shell and it runs natively on Windows, Mac OS X and Linux. This article hopefully gives you some ideas during installation and assistance to have an improved experience out of the box compared to the standard option - at least at the time of writing this article.

Getting Visual Studio Code

I started using Visual Studio Code since the first released version 0.1.0, and being part of the Insider Preview program for VS Code I managed to download and get the latest version always using this short-listed link:

Which is an alias for this web address:

Installing Visual Studio Code on Linux (Ubuntu)
Get the latest version of Visual Studio Code from the web site

Microsoft's web site of Code detects your operating system and directly offers you the best download option based on your current browser. I'm currently running Xubuntu 15.04 x64 - Vivid Vervet and the site offers me a direct link to get the latest 64-bit version of Visual Studio Code. In case that you'd like to download a different version please scroll down to the bottom of the site and check the additional options.

Note: Originally, I started using Code 0.1.0 on Xubuntu 14.10 and then upgraded my machine around mid of May. Also, on a different machine running Ubuntu 14.04 LTS I can confirm to use Visual Studio Code successfully.

Unzip the archive

After you downloaded the latest ZIP archive for your architecture, here:, you should decide where to extract the content of the compressed file. Well, in my case, I'd like to have third party products below the appropriate location, and therefore I usually choose /opt. Eventually you might ask yourself why? Well, here's a decent chapter about the Linux Filesystem Hierarchy written by The Linux Documentation Project (TLDP):

1.13 /opt

This directory is reserved for all the software and add-on packages that are not part of the default installation. For example, StarOffice, Kylix, Netscape Communicator and WordPerfect packages are normally found here. To comply with the FSSTND, all third party applications should be installed in this directory. Any package to be installed here must locate its static files (ie. extra fonts, clipart, database files) must locate its static files in a separate /opt/'package' or /opt/'provider' directory tree (similar to the way in which Windows will install new software to its own directory tree C:\Windows\Progam Files\"Program Name"), where 'package' is a name that describes the software package and 'provider' is the provider's LANANA registered name.

Looks good to me, or?

Anyway, let's just use this as base - given that you're root on the machine - it's surely a good choice, otherwise feel free to unzip the archive in your personal user space below your home directory. Next, let's extract the content as suggested using the console (or terminal in case that you'd prefer this term):

$ cd /opt
/opt$ sudo unzip ~/Downloads/

This is going to create a new directory VSCode-linux-x64 which contains the static binary to run Visual Studio Code on your system. Right now, you would be able to launch the text editor by executing the following command:

/opt$ ./VSCode-linux-x64/Code

Despite some warnings and errors on the console output, similar to those:

[3437:0724/] Running without the SUID sandbox! See for more information on developing with the sandbox on.
bash: cannot set terminal process group (-1): Inappropriate ioctl for device
bash: no job control in this shell

Visual Studio Code is up and running...

Installing Visual Studio Code on Linux (Ubuntu)
Welcome screen of Visual Studio Code on first start of the text editor

Adding a little bit more comfort

Hopefully, you were able to launch Visual Studio Code based on the description given above. Now, let's add a little bit more comfort to your user experience. Unfortunately, there is no out-of-the-box installation package for the usual distributions - at least not yet, and we are obliged to do some manual steps. Following, I'm going to give you my steps with some brief explanations about the why and how. Of course, there are always multiple choices and you might either skip one or the other step or even have better suggestions. Please use the comment section at the bottom to give me your tips & tricks. Thanks!

Version-(in)dependent folder and symbolic link

Not sure about you but given the manual installation steps I would like to have a better control each time I consider to install a newer version of Code. Also, this helps to keep some adjustments on constant path information like Application launcher and shortcuts to run Visual Studio Code. Okay, let's dig into that and first rename (move) the base directory of Code to a version-specific one:

/opt$ sudo mv VSCode-linux-x64 VSCode-0.5.0

Again, as of writing this article 0.5.0 was the latest available version. Meanwhile, the are good chances that you might have a higher version already - good! Next, I usually create a symbolic soft link back to the newly renamed folder in order to stay version-independent. Sounds confusing, right? Hold on, I'll explain it in a short, and you will see the benefits, too.

/opt$ sudo ln -s VSCode-0.5.0 VSCode

Your own /opt folder might look similar to this one right now:

Installing Visual Studio Code on Linux (Ubuntu)
Extract the Visual Studio Code zip archive below /opt directory and create a version-independent symlink

As you can see on the screenshot I've been using Code since the very beginning, and using this approach I am actually able to keep all versions installed side-by-side next to each other. The most interesting part is the version-independent symlink in the /opt directory. This allows me to launch Visual Studio Code by executing the following line from anywhere:


Like using the Application Finder on Xubuntu after pressing Alt+F2:

Installing Visual Studio Code on Linux (Ubuntu)
Launch Visual Studio Code from the Application Finder with fully qualified path to executable

This scenario gives us a good head start for further activities.

The power of PATH

Now that we have a "fixed" location for Visual Studio Code, it would be more comfortable to avoid to specify the full path information each time that we would like to launch the text editor. Also, looking to some of the cool command line options of Code on other platforms, it would be nice to have them as well on Linux. Okay, then let's do it using the PATH environment variable. The Linux Information Project has a good definition online:

PATH Definition

PATH is an environmental variable in Linux and other Unix-like operating systems that tells the shell which directories to search for executable files (i.e., ready-to-run programs) in response to commands issued by a user. It increases both the convenience and the safety of such operating systems and is widely considered to be the single most important environmental variable.

That sounds exactly like what we are looking for. And in compliance with other operating systems, we are going to create another symlink for our purpose, like this:

~$ sudo ln -s /opt/VSCode/Code /usr/local/bin/code

Changing the letter casing of the executable from proper writing - Code - to lower case writing - code - isn't a typo actually.

Update: Recently, I discovered that the official guide on Setting up Visual Studio Code on Linux also mentions the creation of a symlink as a tip.

Commonly, UNIX and Linux commands are written in lower-case writing anyway, so why should we break with this tradition? Of course, you will be able to launch the text editor now with this new path, too. Either on the console / terminal, like so

~$ code

or using the Application Finder - the choice is yours.

Installing Visual Studio Code on Linux (Ubuntu)
Launch Visual Studio Code from the Application Finder

Thanks to the PATH environment variable we can now completely omit the path information. Linux knows where to find our executable now.

Application launcher in Main Menu

Being able to start Visual Studio Code anywhere from the console has already given us some comfort but compared to Windows and Mac OS X users we are still living in the digital stone age, and no application is fully installed on your Linux OS without an application launcher in your main menu. In Xubuntu you would open Application Menu (or press Alt+F1) - Settings - Main Menu in order to add a new launcher to the menu. In the menu editor select the Development section or any other where you would like to place the launcher and click on New Item to define the Launcher Properties. Eventually, you might like to enter the following on your machine:

Installing Visual Studio Code on Linux (Ubuntu)
Add a new item to the main menu for Visual Studio Code

Unfortunately, this leaves us with an empty icon for now. Quickly open a new terminal and switch to an existing one and let's see which graphics are provided by Microsoft, like so:

~$ find /opt/VSCode/* -type f -iname '*.png'
/opt/VSCode/resources/app/client/vs/workbench/ui/parts/editor/media/[email protected]
/opt/VSCode/resources/app/client/vs/workbench/ui/parts/editor/media/[email protected]

Alternatively, you might also have a look at the SVG graphics provided by Visual Studio Code.

I chose the vso.png and to simplify my life in regards of future upgrades and unexpected changes, I placed a copy of the graphic file into the usual location on a Linux system:

~$ sudo cp /opt/VSCode/resources/app/vso.png /usr/share/icons/

Hint: Use the Move option in the window menu to relocate the dialog using the arrow keys, and then confirm your selection with a click on the OK button of the dialog.

Your Main Menu editor might look like this now:

Installing Visual Studio Code on Linux (Ubuntu)
Visual Studio Code as proper entry in the main menu of Xubuntu

Congratulations, your new application launcher has been added to the menu and you can either navigate into the Development section (or the one you chose) or type your choice into the application quick filter textbox to find and execute Visual Studio Code.

Installing Visual Studio Code on Linux (Ubuntu)
Navigate the application menu to launch Visual Studio Code

Installing Visual Studio Code on Linux (Ubuntu)
Use the quick filter entry of the application menu to launch Visual Studio Code

Creating a Desktop Entry file

As we are working with Linux there are always multiple ways to achieve the same or similar result. And eventually you might prefer the possibility to create and use a file-based application launcher which adds itself to the menu structure automatically. Creating a .desktop file is not too challenging and requires a simple text editor - like Visual Studio Code ;-) - to write the following definition into it:

[Desktop Entry]
Name=Visual Studio Code
GenericName=Integrated Development Environment
Comment=Code Editing. Redefined. Build and debug modern web and cloud applications.

Save it as vscode.desktop and then put this file into the appropriate location for a Linux system:

~$ sudo cp vscode.desktop /usr/share/applications/vscode.desktop

Thanks to the proper location of the shared icon and the symlinks we created earlier, we do not have to specify any absolute paths in our Desktop Entry file. As soon as the file has been copied below the shared applications folder it automatically appears in your main menu and is ready to be used.

For your extra comfort you might like to download the vscode.desktop file. You will have to rename the file and place it accordingly on your system.

Make it a launcher in Cairo Dock

As for the different options of Ubuntu I have to admit that I'm a long-year user of the Xfce environment, called Xubuntu, and on top I also like using a flexible dock panel (or two or three). Cairo dock is a fantastic package in case that you would like to have a little bit of Mac OS X flavour on your Linux desktop, and adding a launcher for Visual Studio Code is very simply to do.

Installing Visual Studio Code on Linux (Ubuntu)
Add Visual Studio Code to a dock panel like cairo dock or similar

First, run Visual Studio Code using one of the previously described methods. Next, after the application runs and an icon of code appears in the dock panel right-click the icon, then select the sub-menu entry "Make it a launcher" from the "code" context menu entry and you're done. That's actually similar to pinning an application to the taskbar in Windows 7, Windows 8 or Windows 10. Close the text editor and your new launcher will still remain in the dock panel.

Resume on installing Visual Studio Code

Without any question it is fantastic to have an identical text editor for all three major operating system. But Linux users are currently confronted with some lack of comfort compared to their Windows and Mac OS X friends. Although there are several and in my opinion easy ways to increase the user experience in using Visual Studio Code under Linux I'm a bit concerned whether Microsoft is keeping it on par to the other systems. Right now, installation takes some manual steps, there are essential parts missing in order to provide an excellent first contact and other editor features like automatic updates aren't yet available for the Linux variation compared to Windows and Mac OS X.

Bearing in mind that the product has been launched back in April/May this year only and we are currently on version 0.5.0, I am very interested in the future development. The documentation online has some neat features for you, and the team at Microsoft has an open ear to the feedback and wishes given on their UserVoice website, too.

That's all for the installation part of Visual Studio Code. Please leave your comments as well as tips & tricks for me.

Happy coding!

IETF 93 Day 4

Taking out my Axe !

I went to the SDN working group in the morning. After that, I moved to the TLS working group. I met Daniel J Bernstein. I thanked him for the liberal version of ED25519 that he made available on the Internet. We were able to integrate it in OpenSSH.


While heading out for beer & food, I met Benno (who was recently promoted to managing director) from NLnetlabs, and we talked about NSD, Unbound & OpenDNSSEC :)


Hacking OpenSSL

Rich and I started hacking OpenSSL a bit to make it a bit more secure. In particular, following the recent DH problems, we performed a security audit for those issues. We bounced patches back and forth, and Rich committed them to the OpenSSL repository :)

Later on, we went out for beer and food with the RedHat folks, and the discussions were very lively in the small indian restaurant.


Fun day :)

IETF 93 Day 3

IETF Day 3

Bob Hinden is known as one of the designers of the IPv6 protocol. As the chair of the IPv6 working group, he overseas much of the current design work. I asked Bob if he could sign my IETF-card, and he did ! Bob was very happy to sign it :)

Next I met Jamal again. Jamal is one of the developers of the Linux kernel, and he's a very funny guy. We talked about the areas that we can improve in Linux. A very interesting discussion, and hopefully, we'll see more work there :) jamal

The next person that I met is Paul Wouters, who works at RedHat. We talked about OpenDNSSEC, and the database issues. I definitely think that we'll see more Open Source stuff there, as I believe that we have some good patches that would be useful to other DNSSEC users out there :)

Last but not least, I delivered a track on IPv6 Security fixing on Open Source Operating Systems, such as CentOS and FreeBSD. I was invited by Fernando Gont, a well-known IPv6 Security expert in the IETF. The discussions, and set of questions were very good. Code is in the pipeline too :) Very rewarding day !


IETF 93 Day 2

A great many people

Day 2 has been incredibly productive and fun ! First I met Dave That who worked on the idea of bufferbloat -- eliminating excessive buffering that impairs services like Skype, Google Videos, Whatsapp, Viber, and quite a few other real-time services. We talked about the issues that the Networking Industry faces and what the expectation of normal users are.

Next, I met Bjoern Zeeb, who is THE FreeBSD IPv6 expert. I met him in the NOC where he helps runs the IETF Network during the IETF conference. Despite being very tired, he keeps working very hard. We discussed about a few IPv6 patches that I had been working on in FreeBSD, and the way forward towards making IPv6 more secure.

The third person that I met is Rich Salz, of the OpenSSL project. He works at AKAMAI, which is the CDN network that caches stuff in Mauritius to make it faster for us when we access content on the web. We spoke a bit about OpenSSL security problems, and the code that I've been working on to make OpenSSL a little bit more secure.

The forth person that I met, and not the least, is IPv6 Security Expert Fernando Gont. He's working on a lot of ideas to make IPv6 better. Tomorrow, I'll be at a side-conference presenting a few IPv6 security problems that I've fixed. It was a very interesting discussion !


IETF 93 Day 1

First day

As the plane landed in Prague, I decided to explore the surrounding region while in the Taxi. Prague is so beautiful with its old buildings that date back to pre-World War II. See for yourself below:


Next stop: Hotel

I arrived in my Hotel exhausted, but determined to meet up with the various people that I had contacted: I met Michael Tuxen & Randal (Randy) Stewart who were there at the IETF hackathon. Michael Tuxen noticed that I was looking around for familiar people, and followed me when I left the room. He surprised me, and asked me If I was looking for him :) That caught me by surprise :) After exchanging a few words, he invited me to sit at the Hackathon table where other FreeBSD gurus were sitting. I started poking Randall Stewart who is one of the FreeBSD performance gurus when it comes to networking. Randal Stewart was a distinguished engineer at CISCO, and later moved to Netflix. Netflix served 1/3 of the North American Traffic during peak hours ! After the hackathon, I joined Michael and Randal, for dinner ! We spoke about FreeBSD, Netflix, Back to the future, and Star Wars ! I jokingly referred to Randall as "Doc Randall" in reference to the Back to the future Doc Emmett :)


And the Beer ?

With so many friends around, it was inevitable that I was going to taste the czech republic beer. After 2 bottles, I felt that I had enough, and decided to head to my Hotel room. While heading to my Hotel room, I met face to face with an IPv6 legend. More to come soon ...


Ubuntu Jam at the University of Mauritius

Ubuntu Jam at the University of Mauritius

Operating systems are simply tools to do a job...

And therefore, I have to admit that even though I use Microsoft Windows on a daily base to earn my living, I'm also using Linux since almost two decades on various machines. Together with different types of virtualisation I actually do not care whether an OS is running on bare-metal or inside a virtual machine. And given the computing power of recent machines it's not a question after all anymore. Given this little insight, let's directly hop into the Ubuntu Jam event from February 2015.

Saturday is usually the time the children are on tour with me and so why not take them to the University of Mauritius and have some fun together. Also, they know quite a number of folks of the Linux User Group of Mauritius, too. When we arrived at the campus it was actually simple to get a proper parking - just speak to the security guys around POWA, they are actually very friendly and willing to help. ;-)

Next, we had to look for those Linux geeks and penguins... Near the cafeteria they said, as if I know where the cafeteria is. Frankly, it was on our direct way to ask a group of students. Even though they gave us a strange but curious look, they were really glad to help and we managed to be around in time. Well, even too early... Anyway, enough time to get our gear in place. Even though that my dear son was more busy with his Nintendo DS than a Linux-driven laptop but hey that's absolutely fine. He's already geeky enough. Actually, later on - I don't know he managed it - he was gaming on someone else's Android smartphone.

Disclaimer: I won't be accountable for any hacks and root kit installations on your device that he's going to do!

So better keep your smartphone under your control. Anyway, it seems that the phone owner and my son had a good time checking out some gaming apps. This gave me a bit of liberty to show my older laptop running on Xubuntu 14.10, to answer a couple of Xfce4 related questions and to advertise the Developers Conference. Yes, I keep a git clone on that machine, too - actually running on different TCP ports on Apache and nginx simultaneously. Geeky style... 

Ubuntu Jam at the University of Mauritius
Lots of hardware and software during the Ubuntu Jam - and the choice of tools covered a wide range...

Ubuntu Jam at the University of Mauritius
Despite some light spray of rain, we had a great time during the Ubuntu Jam at the University of Mauritius (UoM)

Thanks to the vicinity of the UoM cafeteria it was a no-brainer to just get inside and grab some drinks and food for the lunch-break. Quite surprisingly, they also offer power drinks and other selections. Now, again well fed and still ambitious to handle Linux questions, I managed to get some exchange with Ish, Nirvan, Nadim, Pritvi and others regarding the organisation and ideas for the DevCon. Even though that there was a slight spray of rain, it seems that we all had a good time on the campus and I'm looking forward to attend the next Linux Jam - maybe then on openSUSE Leap or other distributions.

I’am officially a Google security supplier !


Security Services

Last night, I got the confirmation that I am officially recognized as a Supplier of Security Services for Google, the Internet Search Giant :)


What does this mean for Internet Security

I will be working more closely on Internet Security by focusing on key Open Source projects, and this effort will be sponsored by Google. Needless to say, I'm very excited ! I look forward to building a more secure Internet, that benefits not only the Google, but also Mauritius, as we are also heavy consumers of products that are heavily powered by Open Source Software: Android, gmail and quite a few others.

Collaborative efforts

By working together, as a team, we can strengthen the foundation of Today's Internet, so that we avoid another Heartbleed. I look forward to not only work on code, but also with different people spread across the globe and who speak different languages. There's something beautiful in Open Source: Despite our divergent opinions, we are able to work together. I believe that our strength comes from our ability to readjust ourselves to an increasingly hostile Internet.

Google Security Supplier, am excited for this new adventure! :)


23:59:60, the cyberisland and the leap second that we forgot

The US is busy planning for the leap second transition

Please see my previous blog post if you are not familiar with the leap second issue.

The US has a document for "Best Practices" (URL: which has been published by the Department of Homeland Security. I'm going to quote a few sections from it: Sponsored by the National Cybersecurity and Communications Integration Center in coordination with the United States Naval Observatory, National Institute of Standards and Technology, the USCG Navigation Center, and the Nation al Coordination Office for Space - Based Positioni ng, Navigation and Timing . This product is intended to assist federal, state, local, and private sector organizations with preparations for the 30 - June 2 015 Leap Second event.

Below the introduction part of the document are a list of well detailed steps to prepare for the transition for the leap second that will occure on the 30th of June.

Meanwhile in Mauritius

I immediately went to look for the same information for Mauritius. My first choice is the Mauritius Standards Bureau. Looking at the relevant pages show nothing about Time (url:

My 2nd choice is thus CERT-MU, which is the Mauritian equivalent of CyberSecurity, expecting to find a document for "Best Practices" for the Leap Second. Result of the search on CERT-MU website : Zero.

At this I start wondering what could be impacted by leap second in Mauritius. Websites crashes have been reported when previous leap seconds were added. Quote from a website: Sites such as Reddit, Gawker, LinkedIn, Foursquare and Yelp crashed after a "leap second" was added to the universal clock in order to keep up with the Earth's rotation. So, A few critical websites might crash. This is important to everyday users.

Other problems ?

Wikipedia says that: Older versions of Motorola Oncore VP, UT, GT, and M12 GPS receivers had a software bug that would cause a single timestamp to be off by a day if no leap second was scheduled for 256 weeks. How many companies are relying on GPS for their operation: Car fleets, Car drivers, boats, and people with smartphones, and The Amadeus airline reservation system was disrupted for more than two hours which affects plane fights.


Important information such as leap second transition should have been available on CERT-MU website so that people and organizations can better prepare themselves, and avoid disruptive problems across the Mauritian Infrastructure.