Benjamin Mako Hill: DRM on Streaming Services

Planet Debian - jeu, 07/05/2015 - 05:43

For the 2015 International Day Against DRM, I wrote a short essay on DRM for streaming services posted on the Defective by Design website. I’m republishing it here.

Between 2003 and 2009, most music purchased through Apple’s iTunes store was locked using Apple’s FairPlay digital restrictions management (DRM) software, which is designed to prevent users from copying music they purchased. Apple did not seem particularly concerned by the fact that FairPlay was never effective at stopping unauthorized distribution and was easily removed with publicly available tools. After all, FairPlay was effective at preventing most users from playing their purchased music on devices that were not made by Apple.

No user ever requested FairPlay. Apple did not build the system because music buyers complained that CDs purchased from Sony would play on Panasonic players or that discs could be played on an unlimited number of devices (FairPlay allowed five). Like all DRM systems, FairPlay was forced on users by a recording industry paranoid about file sharing and, perhaps more importantly, by technology companies like Apple, who were eager to control the digital infrastructure of music distribution and consumption. In 2007, Apple began charging users 30 percent extra for music files not processed with FairPlay. In 2009, after lawsuits were filed in Europe and the US, and after several years of protests, Apple capitulated to their customers’ complaints and removed DRM from the vast majority of the iTunes music catalog.

Fundamentally, DRM for downloaded music failed because it is what I’ve called an antifeature. Like features, antifeatures are functionality created at enormous cost to technology developers. That said, unlike features which users clamor to pay extra for, users pay to have antifeatures removed. You can think of antifeatures as a technological mob protection racket. Apple charges more for music without DRM and independent music distributors often use “DRM-free” as a primary selling point for their products.

Unfortunately, after being defeated a half-decade ago, DRM for digital music is becoming the norm again through the growth of music streaming services like Pandora and Spotify, which nearly all use DRM. Impressed by the convenience of these services, many people have forgotten the lessons we learned in the fight against FairPlay. Once again, the justification for DRM is both familiar and similarly disingenuous. Although the stated goal is still to prevent unauthorized copying, tools for “stripping” DRM from services continue to be widely available. Of course, the very need for DRM on these services is reduced because users don’t normally store copies of music and because the same music is now available for download without DRM on services like iTunes.

We should remember that, like ten years ago, the real effect of DRM is to allow technology companies to capture value by creating dependence in their customers and by blocking innovation and competition. For example, DRM in streaming services blocks third-party apps from playing music from services, just as FairPlay ensured that iTunes music would only play on Apple devices. DRM in streaming services means that listening to music requires one to use special proprietary clients. For example, even with a premium account, a subscriber cannot listen to music from their catalog using an alternative or modified music player. It means that their television, car, or mobile device manufacturer must cut deals with their service to allow each paying customer to play the catalog they have subscribed to. Although streaming services are able to capture and control value more effectively, this comes at the cost of reduced freedom, choice, and flexibility for users and at higher prices paid by subscribers.

A decade ago, arguments against DRM for downloaded music focused on the claim that users should have control over the music they purchase. Although these arguments may not seem to apply to subscription services, it is worth remembering that DRM is fundamentally a problem because it means that we do not have control of the technology we use to play our music, and because the firms aiming to control us are using DRM to push antifeatures, raise prices, and block innovation. In all of these senses, DRM in streaming services is exactly as bad as FairPlay, and we should continue to demand better.

Catégories: Elsewhere

Steve Kemp: On de-duplicating uploaded file-content.

Planet Debian - jeu, 07/05/2015 - 02:00

This evening I've been mostly playing with removing duplicate content. I've had this idea for the past few days about object-storage, and obviously in that context if you can handle duplicate content cleanly that's a big win.

The naive implementation of object-storage involves splitting uploaded files into chunks, storing them separately, and writing database-entries such that you can reassemble the appropriate chunks when the object is retrieved.

If you store chunks on-disk, by the hash of their contents, then things are nice and simple.

The end result is that you might upload the file /etc/passwd, split that into four-byte chunks, and then hash each chunk using SHA256.

This leaves you with some database-entries, and a bunch of files on-disk:

/tmp/hashed/ef267892ee080862c96a8d2d05de62f48e20f0875f27379e7d58c73ea4455bf1 /tmp/hashed/a378977155fb42bb006496321cbe31f74cbda803c3f6ca590f30e76d1afad921 .. /tmp/hashed/3805b0245bc8375be7125ae228eef711552ac082ffb9bf8756e2964a2393a9de

In my toy-code I wrote out the data in 4-byte chunks, which is grossly ineffeciant. But the value of using such small pieces is that there is liable to be a lot of collisions, and that means we save-space. It is a trade-off.

So the main thing I was experimenting with was the size of the chunks. If you make them too small you lose I/O due to the overhead of writing out so many small files, but you gain because collisions are common.

The rough testing I did involved using chunks of 16, 32, 128, 255, 512, 1024, 2048, and 4096 bytes. As sizes went up the overhead shrank, but also so did the collisions.

Unless you could handle the case of users uploading a lot of files like /bin/ls which are going to collide 100% of the time with prior uploads using larger chunks just didn't win as much as I thought they would.

I wrote a toy server using Sinatra & Ruby, which handles the splitting/hashing/and stored block-IDs in SQLite. It's not so novel given that it took only an hour or so to write.

The downside of my approach is also immediately apparent. All the data must live on a single machine - so that reassmbly works in the simple fashion. That's possible, even with lots of content if you use GlusterFS, or similar, but it's probably not a great approach in general. If you have large capacity storage avilable locally then this might would well enough for storing backups, etc, but .. yeah.

Catégories: Elsewhere

Drupal core announcements: Drupal 8 Question-and-Answer Core Conversation at DrupalCon Los Angeles

Planet Drupal - jeu, 07/05/2015 - 01:05

Do you have questions about the upcoming Drupal 8 release (or Drupal 8.1.x or 9 and beyond)? On Thursday, May 14 at DrupalCon Los Angeles, I'll be moderating a question-and-answer core conversation with a panel of the Drupal 8 core committers. Questions can be submitted in advance online, and anyone can submit a question (or more than one). I will curate the submissions to ask the panel the most interesting and relevant questions.

Some suggested topics:

  • Drupal core's newly refined structure and decision-making process (see my earlier post for background information).
  • Contributing as a core subsystem or topic maintainer
  • The upcoming Drupal 8.0.0 release: what to expect and how we're going to get there
  • Any questions you have for core committers
  • Or anything else on your mind!

This is a rare opportunity for the community to communicate directly with the Drupal 8 committer team. Help us make the most of of it -- submit your questions now!

Catégories: Elsewhere

Matthieu Caneill: Debsources got swag and continous integration

Planet Debian - jeu, 07/05/2015 - 00:00

Debsources (http://sources.debian.net) is still under active development. We recently had a Gnome Outreachy intern, Jingjie Jiang, and we're about to work with 2 GSoC students, Clément Schreiner and Orestis Ioannou.

I will present here the GitHub mirror we've set up, in order to allow external pull requests to be submitted, and to use the continous integration service provided by Travis-CI.

GitHub and Travis-CI

Debsources' source code is hosted on Debian's git servers, and from there is mirrored to GitHub. Every time a commit is pushed (to master or other branches) or a pull request is open, the test suite will be automatically run on Travis-CI, and the result (tests pass or don't) is displayed on GitHub. This allows us to quickly filter external contributions (when they are submitted on GitHub), and be sure everything works with our setup, before reviewing work.

Travis-CI runs the tests on OpenVZ containers. The complete infrastructure was a bit challenging to setup, but as we now have a Docker recipe to quicly begin to hack on Debsources, most of the work could be done using the Dockerfile instructions.

In average, a run on Travis-CI (which includes git cloning the code and test data, setup the server, and run the tests suite) takes 7 minutes, which is an ok amount of time to wait for before submitting a pull request, in my opinion.

Bugs discovered in the process

Setting up this continuous integration infrastructure made me discover a few bugs.

Python magic does black magic

Debsources runs fine on Debian (not surprisingly), but I got tricked by black magic when I tried to run it on Ubuntu (which is the OS run in Travis-CI's containers).

We use the magic library to guess the type of files we're dealing with, for instance when we need to decide between rendering a file (for text files) or downloading it (for binary files).

Here comes the tricky part: the Python bindings for libmagic are not the same in Debian and Pypi. Debsources uses Debian package python-magic, which is not in Ubuntu 12.04. Moreover, there's no Python egg for it on Pypi, which has however another package (called magic) which provides a different API.

I solved this with a dirty hack, using the fact python-magic lies in a single file:

mkdir /tmp/python-magic && wget https://raw.githubusercontent.com/file/file/master/python/magic.py -O /tmp/python-magic/magic.py && export PYTHONPATH=/tmp/python-magic/:$PYTHONPATH

It simply downloads the library, saves it in a temporary folder and includes it in the Python path. Let's see for how long it works before everything breaks!

Size of a directory

One test in the suite was ensuring the information returned by ls -l on a directory and stored in the DB was the right information. Inode metadata was tested, such as name, permissions, type, or size.

Interestingly enough, the size of a directory was tested, and expected to be 4096 bytes. The size of a directory actually depends on the filesystem in use, and on the number of files this directory contains. We often see 4096 because it's the size of a not-too-big directory on ext4.

Travis-CI doesn't use ext4:

$ df -T Filesystem Type 1K-blocks Used Available Use% Mounted on /vz/private/209140041 simfs 125829120 103460612 22368508 83% / none devtmpfs 1572864 8 1572856 1% /dev none tmpfs 314576 56 314520 1% /run none tmpfs 5120 4 5116 1% /run/lock none tmpfs 1572864 0 1572864 0% /run/shm /dev/null tmpfs 786432 171584 614848 22% /var/ramfs

Simfs is a container filesystem for OpenVZ, on which directories have different sizes than on ext4:

$ ls -al / total 0 drwxr-xr-x 23 root root 480 Feb 4 18:08 . drwxr-xr-x 23 root root 480 Feb 4 18:08 .. drwxr-xr-x 2 root root 2480 Feb 4 18:20 bin drwxr-xr-x 2 root root 40 Apr 19 2012 boot drwxr-xr-x 5 root root 660 Apr 30 13:56 dev drwxr-xr-x 99 root root 3560 Apr 30 13:56 etc -rw-r--r-- 1 root root 0 Feb 4 17:56 fastboot drwxr-xr-x 3 root root 80 Feb 4 17:57 home [...]

Directory sizes are not even powers of 2.

Hence I changed the test to not check directory sizes. Hopefully this will help to make Debsources work on more filesystems!

An empty file is hiding

Last but not least, because this bug is still open in the wild. A file, which appears to be empty, is not taken into account by Debsources' updater. This file is sources/non-free/m/make-doc-non-dfsg/4.0-2/.pc/applied-patches. It is present in the filesystem in the container, is not the only empty file over there, but still doesn't appear in the database, and make fail the test which counts files.

The test has been commented out (booooooh), so that we still can use Travis-CI's platform for our GSoC students, before it's fixed.


Making Debsources run automatically on a different platform as the one we usually use permitted us to spot bugs, write dirty hacks, and expand the filesystems it's supposed to run on.

Now, let's hope the continuous integration will help our GSoC students, and let's wish them good luck!

Catégories: Elsewhere

Gizra.com: How we could monitor Twitter (if we had to)

Planet Drupal - mer, 06/05/2015 - 23:00

Monitoring your live site is a pretty good idea - that's generally agreed. Same goes for visual regression testing. Doing it, however, is hard. Enough so that very few companies actually do visual regression testing/monitoring, so don't feel bad if you haven't either until now. But after reading this post you should seriously consider doing it. Or at least give it a try.

For example, here's an overview of how we could monitor Twitter, if someone would actually ask us to (as always you can jump right into the repository):

Visual regression on a Twitter page. So much functionality has been asserted in this simple screenshot

Continue reading…

Catégories: Elsewhere

C.J. Adams-Collier: A harowing upgrade

Planet Debian - mer, 06/05/2015 - 22:16

I just dist-upgraded the blog server to jessie. A couple of errors from code with checks for which modules are enabled from .htaccess (deprecated and now obsolete behavior). Nothing all that rocky. Go team Debian!

Catégories: Elsewhere

Drupal core announcements: Drupal core updates for May 6th, 2015

Planet Drupal - mer, 06/05/2015 - 20:42

Congratulations to Alex "effulgentsia" Bronstein and Jess "xjm", who became core committers as part of the Evolving and documenting Drupal core's structure, responsibilities, and decision-making policy (which could still use your review)!

What's new with Drupal 8?

Since the last Drupal Core Update, the minimum version of MySQL needed to run D8 was raised to 5.5.3, and Drupal 8.0.0-beta10 was released in time for DrupalCon Los Angeles (which is next week).

Some other highlights of the month were:

How can I help get Drupal 8 done?

See Help get Drupal 8 released! for updated information on the current state of the release and more information on how you can help.

We're also looking for more contributors to help compile these posts. Contact mparker17 if you'd like to help!

Drupal 8 In Real Life Whew! That's a wrap!

Do you follow Drupal Planet with devotion, or keep a close eye on the Drupal event calendar, or git pull origin 8.0.x every morning without fail before your coffee? We're looking for more contributors to help compile these posts. You could either take a few hours once every six weeks or so to put together a whole post, or help with one section more regularly. If you'd like to volunteer for helping to draft these posts, please follow the steps here!

Catégories: Elsewhere

John Goerzen: I Give Up on Google: Free is Too Expensive

Planet Debian - mer, 06/05/2015 - 20:26

I am really tired of things Google has done lately.

The most recent example being retiring Classic Maps. That’s a problem, because the current Maps mysteriously doesn’t show most of my saved (“starred”) places. Google has known about this since at least 2013. There are posts all over their forums about it going back to when what is now “regular” Google Maps was beta. Google employees even knew about it and did nothing. For someone that made heavy use of it, this was quite annoying.

But there have been plenty of others:

  • Removing My Places and My Maps from Maps for Android. Those features were used to, for instance, plan trips, highlight routes, add campground possibilities, etc. (They eventually brought this feature back months/years later, in limited form.)
  • Removed the 7-day and month views from Calendar for Android, claiming this was “better” for users. Finally re-added those views a few months later after many complaints. I even participated in a survey process with them where they were clearly struggling to understand why anybody wanted to see 7 days at once, when that feature had been there for years…
  • Removing the XMPP capabilities in Google Talk/Hangouts.
  • Picasaweb pretty much shut down, with very strong redirects to Google+ Photos. Which still to this day doesn’t have a handy feature for embedding in a blog post or anything that’s not, well, Google+.
  • General creeping crapification of everything they touch. It’s almost like Microsoft in the 90s all over again. All of a sudden my starred places stop showing up in Google Maps, but show up in Google Drive — shared with the whole world. What? I never wanted them in Google Drive to start with.
  • All the products that are all-but-dead — Google Groups and the sad state of the Deja News archives. Maybe Google+ itself goes on this list soon?
  • Looks like they’re trying to kill off Google Voice and merge it into hangouts, but I can’t send a text from the web with Hangouts.
  • And this massive list of discontinued services and products. Yeowch. Remember when Google Code was hot, and then they didn’t touch it at all for years?
  • And they still haven’t fixed some really basic things, such as letting people change their email address when they get married.
  • Dropping SIP from Grand Central, ActiveSync from Apps, etc.

I even used to use Flickr, then moved to Picasa when Yahoo stopped investing in Flickr. Now I’m back to Flickr, because Google stopped investing in Picasa.

The takeaway is that you can’t really rely on Google for anything. Counting on something being there for an upcoming trip and then having it be suddenly yanked away is a level of frustration that just makes the service not so useful. Never knowing when obvious things (7-day calendar view) will be removed means you just can’t depend on it.

So, are there good alternatives? Things I’m thinking of include:

  • Alternative calendar applications. Ideally it would support shared calendars for multiple people in a family, an Android app that lets you easily view some or all calendars, etc. I wonder if outlook.com is really the only competitor here? Last I looked — a few years ago — none of the Open Source options really worked well.
  • Alternative mapping applications. Must-haves include directions, navigation in the car, saving points of interest, and offline storage on Android. Nice-to-haves would include restaurant review integration, etc. Looks like Nokia (HERE.com) and Mapquest, plus a few OSM spinoffs, are the leading contenders here.
  • Email is easily enough found elsewhere, and I’ve never used Gmail much anyhow.

Anybody else moving off Google?

Catégories: Elsewhere

Jim Birch: No more usernames! Setting up Drupal 7 for Email Login

Planet Drupal - mer, 06/05/2015 - 19:00

Sorry, the user name 'Super Incredibly Good Looking Jim' is already taken...

I don't need another username.  I really don't need another username on a site that I am not going to have a public profile.  There are sites where having a username makes perfect sense, and then there are those that don't.

Reasons you may need to have a Username:
  • If the site offers a public profile
  • For use in internal commenting
  • For use in internal forum
  • For use in internal messaging

Even in some of these cases, we could get away with using a display name.  We will explore how to set up a Display Name that is separate from core's login funtionality below.

I am not building Twitter.  Nor am I building Ello, Reddit, Pinterest, or Periscope. In most cases, I only have administrators and content creators accessing the site.  Trying to keep the login process as painless as I can for my users, I will use an email address field as the unique identifier.  I would venture to guess that everyone online has at least one of those.

Read more

Catégories: Elsewhere

Promet Source: Melding AngularJS With Drupal Sites: Retrospective

Planet Drupal - mer, 06/05/2015 - 18:28
Let's start with the template file. A brief tour of the template file If you pull up the template file, you will see something similar to the following:
Catégories: Elsewhere

Ben Hutchings: Debian LTS work, April 2015

Planet Debian - mer, 06/05/2015 - 18:27

This was my fifth month working on Debian LTS. I was assigned 16 hours by Freexian's Debian LTS initiative. I worked on several packages but haven't uploaded updates yet.


There is a steady stream of severity issues in all Linux kernel versions. As we don't want to prompt reboots too often, these won't necessarily result in an update every month; it depends on the severity of the issue(s). However, I triaged the current issues and committed the available fixes to version control.


The PGP signature validation in dpkg-source has a number of bugs, including CVE-2015-0840 which allows the validation to be completely subverted. I backported fixes for these from the 1.16 (wheezy) branch to the 1.15 (squeeze) branch. dpkg has a test suite and the fixes all came with new regression tests, so this was easy to verify.

As dpkg is a native package (i.e. there is little separation between the 'upstream' and Debian packaging), I preferred that the dpkg maintainers would turn this into an 'upstream' release that I could upload. Guillem Jover has now reviewed and (semi-)released my changes, so I will complete this update soon.


A large number of bugs have been found in the venerable tiff library and tools, mostly by 'fuzzing' them with afl. The bugs have been unhelpfully grouped into a smaller number of CVE IDs, although it's not clear that these groups were introduced at the same time and they certainly weren't fixed at the same time.

Most of the upstream bug reports come with samples to reproduce the bug (crash or memory corruption detectable with valgrind), but many of these did not turn out to be reproducible (either upstream or with the version in 'squeeze'). Where they were reproducible, I've verified that the patches fix the issue.

Unfortunately tiff does not have a test suite, so I made a call for testing on the debian-lts list. If I don't get any responses soon, I'll run my own basic tests with programs that use libtiff before uploading.

Catégories: Elsewhere

Drupal Watchdog: VIDEO: DrupalCon Amsterdam Interview: Tom Erickson

Planet Drupal - mer, 06/05/2015 - 18:17

In Drupal Watchdog’s proprietary corner, we have a lively chat with TOM ERICKSON (CEO, Acquia), who reveals himself as a pop-music maven, Napa oenophile, and passionate proponent of diversity in the technology field, particularly among women and millennials.

Tags:  DrupalCon Amsterdam DrupalCon Video Video: 
Catégories: Elsewhere

Annertech: Let the world know: #DrupalOpenDays Ireland is fast approaching (and we're sponsoring)

Planet Drupal - mer, 06/05/2015 - 14:37
Let the world know: #DrupalOpenDays Ireland is fast approaching (and we're sponsoring)

Drupal Open Days - the largest meeting of Drupal developers, users, and enthusiasts in Ireland - is fast approaching. This year is looking like it's going to be the biggest and best one yet.

Biggest - checkout who is coming

Best - checkout the great line up of speakers

Catégories: Elsewhere

Martin Pitt: autopkgtest 3.14 “now twice as rebooty”

Planet Debian - mer, 06/05/2015 - 12:15

Almost every new autopkgtest release brings some small improvements, but 3.14 got some reboot related changes worth pointing out.

First of all, I simplified and unified the implementation of rebooting across all runners that support it (ssh, lxc, and qemu). If you use a custom setup script for adt-virt-ssh you might have to update it: Previously, the setup script needed to respond to a reboot function to trigger a reboot, wait for the testbed to go down, and come back up. This got split into issuing the actual reboot system command directly by adt-run itself on the testbed, and the “wait for go down and back up” part. The latter now has a sensible default implementation: it simply waits for the ssh port to become unavailable, and then waits for ssh to respond again; most testbeds should be fine with that. You only need to provide the new wait-reboot function in your ssh setup script if you need to do anything else (such as re-enabling ssh after reboot). Please consult the manpage and the updated SKELETON for details.

The ssh runner gained a new --reboot option to indicate that the remote testbed can be rebooted. This will automatically declare the reboot testbed capability and thus you can now run rebooting tests without having to use a setup script. This is very useful for running tests on real iron.

Finally, in testbeds which support rebooting your tests will now find a new /tmp/autopkgtest-reboot-prepare command. Like /tmp/autopkgtest-reboot it takes an arbitrary “marker”, saves the current state, restores it after reboot and re-starts your test with the marker; however, it will not trigger the actual reboot but expects the test to do that. This is useful if you want to test a piece of software which does a reboot as part of its operation, such as a system-image upgrade. Another use case is testing kernel crashes, kexec or another “nonstandard” way of rebooting the testbed. README.package-tests shows an example how this looks like.

3.14 is now available in Debian unstable and Ubuntu wily. As usual, for older releases you can just grab the deb and install it, it works on all supported Debian and Ubuntu releases.

Enjoy, and let me know if you run into troubles or have questions!

Catégories: Elsewhere

Michal Čihař: This was Sri Lanka

Planet Debian - mer, 06/05/2015 - 12:00

We've spent beautiful weeks on Sri Lanka in January and February. On the way we've seen many different places - ancient cities, mountains, natural parks or beaches. Here comes selection of photos which I like most.

Filed under: English Photography Travelling | 0 comments

Catégories: Elsewhere

Charles Plessy: Long life to Jessie!

Planet Debian - mer, 06/05/2015 - 07:57

Debian published Jessie last month. Big congratulations to the release team and all the contributors; quality is again at the rendez-vous!

This time, I could not contribute much, being busy with parental activities (hello my son, if you read me), apart from making sure that my packages are ready for the D Day. This work was made easy by the automated removals of buggy packages set up by the release team. Many thanks for that development.

I hope to use Jessie for a long time without the need of upgrading to Testing. At the moment, it provides everything I need, including the input of Japanese characters together with the possibility to switch between Japanese (or American) and multilingual Canadian keyboard layouts, which was not easy to do anymore in Wheezy.

Many thanks again.

Catégories: Elsewhere

LevelTen Interactive: Five Drupal Modules That Will Save You from Mobilegeddon

Planet Drupal - mer, 06/05/2015 - 07:00

Mobilegeddon has arrived. I hope your site was one of the survivors.... Read more

Catégories: Elsewhere

flink: Take your Maps to the Max

Planet Drupal - mer, 06/05/2015 - 05:40

We’ve always loved maps. Google, Openlayers, Leaflet... bring them on!

To date, those three are the most popular engines to fetch and assemble the tiles that make up your maps and deliver them to the browser.

We love all three, and through IP Geolocation Views & Maps, we support all three.

We have a penchant for Leaflet because its code is open-sourced, well-written and from the ground up made to suit mobile. It is also extended easily. This is witnessed by the great number of handy map widgets and plugins that float about on GitHub and as module add-ons on drupal.org.

With all of these rapidly gaining popularity, we thought it might inspire if we'd show-case a number of these goodies on a single interactive map page for you to play with.

As you hover and click around we hope you become just as convinced as we are, that maps not merely constitute stylish page elements, but also enhance content navigation and reporting, in ways that cannot be achieved through menus, search boxes and spreadsheets.

The best news is that you can now click all of this together in Drupal without any coding whatsoever. To make it totally easy for you to produce a map like the one below, we've made screenshots of the complete map configuration.

And that's enough from us. Time for you to PLAY !

Produced in collaboration with RegionBound.

div#node-91 img { max-width: 250px; } File under: Planet Drupal
Catégories: Elsewhere

Junichi Uekawa: Mail configuration.

Planet Debian - mer, 06/05/2015 - 02:30
Mail configuration. Sometimes I send mail to root@some-domain-I-don't-own from cron or sudo or whatever system and wonder why that happened.

Catégories: Elsewhere

Miriam Ruiz: SuperTuxKart 0.9: The other side of the story

Planet Debian - mer, 06/05/2015 - 01:15

I approached the SuperTuxKart community fearing some backslash due to last week’s discussion about their release 0.9, to find instead a nice, friendly and welcoming community. I have already had some very nice talks with them since then, and they have patiently explained to me the sequence of events that led to the situation that I mentioned and that, for the sake of fairness, I consider that I have to share here too. You can read the log of the first conversation I had with them (the log has been edited and cleared up for clarity and readability). I seriously recommend reading it, it’s a honest friendly conversation, and it’s first hand.

For those who don’t already know the game:

All this story seems to start with the complain of a 6 yo girl, close relative of one of the developers and STK user, who explained that she always felt that Mario Kart was better because there was a princess in it. I’m not particularly happy with princesses as role models for girls, but one thing I have always said is that we have to listen to kids and take their opinions into accounts, and I know that if I had such a request from one of the kids closer to me, I probably would have fulfilled it too. In any case, Free Software projects based on volunteer work are essentially a do-ocracy and it is assumed that whoever does the work, gets to decide about it.

So that is how Princess Sara was added to the game. While developing it, I was assured that they took extra care that her proportions were somehow realistic, and not as distorted as we’re used to see in Barbie or many Disney films. Sara is inspired on an OpenGameArt’s wizard and is not supposed to be a weak damsel in distress, but in fact a powerful character in the world’s universe.

Sara is not the only female character playable. There are a few others: Suzanne (a monkey, Blender’s mascot), Xue (XFCE’s mouse) and Amanda (a panda, the mascot of windows maker). Sara happens to be the only human character playable, male or female. While it has been argued that by adding that character, a player might have the impression that the rest of the characters would be male by default, I have been told that the intention is exactly the opposite,and that the fact that the only human playable character in the game is female should make it more attractive to girls. To some, at least.

Here are some images of Sara:

So the fact is that they have invested a lot of time in developing Sara’s model. I’m not an artist myself, so I don’t know first hand how much time and effort it takes to make such a model, but in any case it seems that quite a lot. When they designed the beach track Gran Paradiso, they wanted to add people to the beach. That track is, in fact, inspired on a real existing place: Princess Juliana Airport. Time was over and they wanted to publish a version with what they already had, so they used Sara’s model in a bikini on the beach, with the intention of adding more people, male and female, later. The overall view of the beach would be:

This is how that track shows when the players are driving in it:

Now, about the poster of version 0.9, it is supposed to be inspired in the previous poster of version 0.8.1, only this time inspired in Carnival (which is, in fact, a celebration in which sexualization of both genders is a core part). I know that there are accusations of cultural apropriation, but I couldn’t know, as my white privilege probably shields me from seeing that. Up to now, no one has said anything about that, only Gunnar explaining his point of view as a non-native mexican: “While the poster does not strike as the most cautious possible, I do not see it as culturally offensive. It does not attempt to set a scene portraiting what were the cultures really like; the portrait it paints is similar to so many fantasy recreations”. In my opinion, even when the model is done in good taste, with no superbig breasts and no unrealistic waist, it’s still depicting a girl without much clothes as the main element of the scene, with an attire, a posture and an attitude that clearly resembles carnival and, thus, inevitably conveys a message of sexualization. Even though I can’t deny that it’s a cute poster, it’s one I wouldn’t be happy to see for example in a school, if someone wanted to promote the game there.

The author of the poster, anyway, tells me that he had a totally different intention when doing it, and he wanted to depict a powerful princess, in the center of SuperTuxKart’s universe, celebrating the new engine.


About the panties showing every now and then, I’ve been told that it’s something so hard to see that in fact you would really have to open the model itself to view them. I’m not saying that I like them though, I think it would have been better if Sara would have had short pants under the skirt, if she was going to drive the snowmobile with a dress, but I’m not sure if that’s something important enough to condemn the game. The original girl mentioned at the beginning of this post seems to have found the animation funny, started laughing, and said that Sara is very silly, and that was all. It’s probably something more silly than naughty, I guess. Even though, as I said, it’s something I don’t like too much. I don’t have to agree with STK developers in everything. I guess.

There’s one thing I would like to highlight about my conversations with the developers of SuperTuxKart, though. I like them. They seem to be as concerned about the wellbeing of kids as I am, they have their own ethic norms of what’s acceptable and what’s not, and they want to do something to be proud of. Sometimes, many of these conflicts arise from a lack of trust. When I first saw the screenshots with the girl in bikini and the panties showing, I was honestly concerned about the direction the project was taking. After having talked with the developers, I am more calmed about it, because they seem to have their heart in the right place, they care, they are motivated and they work hard. I don’t know if a princess would be my first choice for a main female character, but at least their intention seems to be to give some girls a sensible role model in the game with who they can identify.


Catégories: Elsewhere


Subscribe to jfhovinne agrégateur - Elsewhere