Linux User Group of Mauritius Promoting open source software in our beautiful island


Infotech Innovtech 2018 is worth it!

Posted by Avinash Meetoo

01-2018_08_29-20_02_42 02-2018_08_29-20_09_54 03-2018_08_29-20_13_03 04-2018_08_29-20_16_05 05-2018_08_29-20_27_48 06-2018_08_29-20_32_16 07-2018_08_29-20_34_44 08-2018_08_29-20_36_30 09-2018_08_31-17_13_11 10-2018_08_31-17_15_11 11-2018_08_31-16_39_47 12-2018_08_31-17_19_54 13-2018_09_01-14_44_12 14-2018_08_30-10_34_03 15-2018_09_01-14_44_44 16-2018_09_01-13_28_31 17-2018_09_01-13_31_40 18-2018_09_01-14_44_30 jhdr sdr 21-2018_09_01-13_42_28 22-2018_09_01-13_45_04 23-2018_09_01-13_55_08 24-2018_09_01-14_01_03 25-2018_09_01-14_25_59 26-2018_09_01-14_26_22 27-2018_09_01-14_27_35

For the first time in my life, I went to Infotech four days in a row. Tomorrow is the last day and, if I were you, I would not miss it.

The first day, Wednesday 29 August, was the official opening of Infotech by the Minister of Technology, Communication and Innovation, Yogida Sawmynaden. As soon as Infotech opened, the Minister visited the various stands including the ones of the “normal” Infotech (i.e. the technology fair) as well as the ones in the Innovtech Demo Area (where individuals, associations, parastatals and other organisations showcased their innovative products).

On the second day, Thursday 30 August, I went to Infotech to participate in the official opening of the Innovtech Conferences. During my speech, I gave two messages to the audience: (1) Do not be afraid to interact with the speakers and ask them many questions and (2) that young people should really choose Science, Technology, Engineering and Maths subjects at school in order for the country to have more engineers in the future. The Mauritius of the future can only be built by engineers.

On the third day, Friday 31 August, I participated in the launching of the Startup Weekend. During my intervention, I told the participants that 20% is inspiration and 80% is perspiration and that they should perspire a lot during the three days in order to win the competition. I also was happy to hear that the Development Bank of Mauritius has an easier procedure now to lend money to startups with fewer collaterals needed. This is a good thing as access to finance is key in order to succeed as a startup founder.

On the fourth day, Saturday 1st September, Christina, Anya and Kyan accompanied me to visit both Infotech and the Innovtech Demo Area. And I am happy to say that all three found the exhibits in the Demo Area more interesting (in general) than what was shown in the product fair. For example, on the National Computer Board stand, NCB staff were happy to show us all kinds of programmes they had written to control microcontrollers, sensors and robots. On the MRC website, the star of the show was the upcoming MIR-SAT1 satellite. It’s amazing what our small country will achieve in 2019 — having our own Cube Satellite orbiting the earth and sending infrared photos to Mauritius for us to analyse. I also like how, for example, some people were so dedicated to make you people learn robotics. Some others were collaborating with Google to create original AR/VR Mauritian content.

All in all, since last year, the Innovtech component has gathered some momentum. Of course, there are so many other components that can be added and some existing features can be made better. But I have to offer big congratulations to everyone involved in the organisation of this event, with a particular mention to the National Computer Board staff.

Meantime, do not miss the last day of Infotech Innovtech 2018 tomorrow if you have not gone yet. It’s worth it.


OpenVPN: All TAP-Windows adapters on this system are currently in use

Posted by Jochen Kirstaetter

OpenVPN: All TAP-Windows adapters on this system are currently in use

Working with several clients or partners might be an interesting challenge sometimes. While adding a new connection to an existing OpenVPN infrastructure I came across the following error message in the client log file: All TAP-Windows adapters on this system are currently in use.

Depending on how you actually installed your VPN client software you might be facing this issue while adding an additional client configuration for another connection. Especially when you are using a client software by a third-party provider, ie. WatchGuard Mobile VPN or Sophos. Perhaps you might be struggling to resolve it.

Get the TAP-Windows driver

Check whether you have the full installation of OpenVPN software. If yes, you might like to skip this the following steps and directly move on to add another TAP adapter to your Windows system.

Otherwise, please navigate to the Community Downloads of OpenVPN and either get the latest OpenVPN package, or if you think that this might be an issue, scroll down a little bit on same page and get Tap-windows package for your system. After the download is complete, run the installation routine and make sure to select TAP Virtual Ethernet Adapter like so:

OpenVPN: All TAP-Windows adapters on this system are currently in use

OpenVPN: All TAP-Windows adapters on this system are currently in use

You might have to reboot Windows to complete the network driver installation.

Add a new TAP virtual ethernet adapter

Now, you should be able to add an additional TAP interface to your system, and make it available for your new OpenVPN connection. Hit the Start button or press the Win key, then type tap and wait for Windows to give you its matches found on the system. Here is how it looks like on my Windows 10:

OpenVPN: All TAP-Windows adapters on this system are currently in use

Click on the entry Add a new TAP virtual ethernet adapter and confirm the User Account Control (UAC) dialog with Yes. You then see an administrative command prompt that adds another network interface to your Windows.

C:\WINDOWS\system32>rem Add a new TAP virtual ethernet adapter

C:\WINDOWS\system32>"C:\Program Files\TAP-Windows\bin\tapinstall.exe" install "C:\Program Files\TAP-Windows\driver\OemVista.inf" tap0901
Device node created. Install is complete when drivers are installed...
Updating drivers for tap0901 from C:\Program Files\TAP-Windows\driver\OemVista.inf.
Drivers installed successfully.

Press any key to continue . . .

And your OpenVPN client is ready to roll.

The shortcut below the Windows Start menu is linked to a batch file which you can also access and launch directly from %ProgramFiles%\TAP-Windows\bin

OpenVPN: All TAP-Windows adapters on this system are currently in use

Note: Ensure to run the batch file with administrative permissions. Otherwise, the driver installation will fail.

Review your existing Network Connections

Perhaps you would like to inspect the existing TAP-Windows Adapters? You find them in the Control Panel under Network Connections.

OpenVPN: All TAP-Windows adapters on this system are currently in use

The adapters are classified as TAP-Windows Adapter V9. Here you can enable, disable or even delete an existing network interface.

Some readers might prefer interaction with a command line interface (CLI). Well, even on Windows there is nothing to worry about this. The Network Shell (Netsh) of Windows has you covered, although it is recommended to use PowerShell to manage networking technologies:

PS C:\> Get-NetAdapter

Name                      InterfaceDescription                    ifIndex Status       
----                      --------------------                    ------- ------       
vEthernet (Default Swi... Hyper-V Virtual Ethernet Adapter             30 Up           
Wi-Fi                     Killer Wireless-n/a/ac 1535 Wireless...      28 Up           
Ethernet                  Killer E2500 Gigabit Ethernet Contro...      19 Disconnected 
Ethernet 4                TAP-Windows Adapter V9 #2                    15 Disconnected 
VMware Network Adapte...8 VMware Virtual Ethernet Adapter for ...      14 Up           
VMware Network Adapte...1 VMware Virtual Ethernet Adapter for ...      13 Up           
Ethernet 2                ThinkPad USB-C Dock Ethernet                  8 Disconnected 
Ethernet 5                TAP-Windows Adapter V9 #3                    52 Up           
VirtualBox Host-Only ...2 VirtualBox Host-Only Ethernet Adap...#2       6 Up           
Ethernet 3                TAP-Windows Adapter V9                        5 Up           

The information provided is identical to the visual representation in Windows Explorer.

Tagged as: No Comments

OpenVPN re-visited

Posted by Jochen Kirstaetter

OpenVPN re-visited

It's been a very long time since I set up the VPN infrastructure at the office using OpenVPN. Today, I came across an interesting log entry that I would like to document quickly.

OpenVPN re-visited

At the time of writing I have OpenVPN 2.4.6 running on my Windows 10 machine. The existing infrastructure though is on a different version, and this morning I observed the following entries in the log file:

Tue Aug 28 08:50:09 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Aug 28 08:50:09 2018 WARNING: INSECURE cipher with block size less than 128 bit (64 bit).  This allows attacks like SWEET32.  Mitigate by using a --cipher with a larger block size (e.g. AES-256-CBC).
Tue Aug 28 08:50:09 2018 WARNING: cipher with small block size in use, reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.

Curious about those entries I found Sweet32: Birthday attacks on 64-bit block ciphers in TLS and OpenVPN as an informative reference on the documented vulnerabilities CVE-2016-2183 and CVE-2016-6329. There I found the connection back to OpenVPN. Which is also described on the official wiki: OpenVPN and SWEET32

The default encryption for the transport protocol of OpenVPN is Blowfish – a 64-bit cipher – with the CBC mode.

Meaning, the default encryption of OpenVPN prior to version 2.4 is BF-CBC which doesn't provide enough security in recent times. Newer versions of OpenVPN though are using AES-256-CBC as default cipher.

Upgrade your cipher suite and block size

For your own sake and safety of your network(s) you should check and change your OpenVPN infrastructure right away, and if needed upgrade your defined cipher to a more secure encryption and larger block size.

OpenVPN users can change the cipher from the default Blowfish to AES

First, check which ciphers are available on your server and clients using the --show-ciphers option like so:

$ sudo openvpn --show-ciphers
The following ciphers and cipher modes are available
for use with OpenVPN.  Each cipher shown below may be
used as a parameter to the --cipher option.  The default
key size is shown as well as whether or not it can be
changed with the --keysize directive.  Using a CBC mode
is recommended.

DES-CBC 64 bit default key (fixed)
RC2-CBC 128 bit default key (variable)
DES-EDE-CBC 128 bit default key (fixed)
DES-EDE3-CBC 192 bit default key (fixed)
DESX-CBC 192 bit default key (fixed)
BF-CBC 128 bit default key (variable)
RC2-40-CBC 40 bit default key (variable)
CAST5-CBC 128 bit default key (variable)
RC2-64-CBC 64 bit default key (variable)
AES-128-CBC 128 bit default key (fixed)
AES-192-CBC 192 bit default key (fixed)
AES-256-CBC 256 bit default key (fixed)
CAMELLIA-128-CBC 128 bit default key (fixed)
CAMELLIA-192-CBC 192 bit default key (fixed)
CAMELLIA-256-CBC 256 bit default key (fixed)
SEED-CBC 128 bit default key (fixed)

Depending on your underlying Linux system the list might be more or less exhaustive. Have a look and then choose a key length of at least 128 bit.

OpenVPN currently recommends using AES-256-CBC or AES-128-CBC.

Following the article on OpenVPN and SWEET32 I chose to use AES-256-CBC cipher suite for my existing infrastructure. This seems to give me the largest compatibility between OpenVPN installations on various clients, including Raspberry Pi.

Change your OpenVPN configuration

Independent of the OpenVPN version installed, you can specify the cipher directive in your configuration files - server and client likewise. Usually that directive is either not present or commented, meaning it uses the compiled default value. Change it to your needs like so:

# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
cipher AES-256-CBC

This needs to be applied on the OpenVPN server first as well as on all OpenVPN clients. Save your configuration file and reload the new settings.

$ sudo service openvpn reload

Perhaps, you might like to publish your updated client configuration file(s) a bit earlier. With the newly set cipher any connecting client will be rejected now, if the cipher suites do not match. Monitor your syslog output on the OpenVPN server for that kind of entries:

Aug 28 07:33:26 smtp ovpn-server[18351]: WARNING: 'cipher' is used inconsistently, local='cipher AES-256-CBC', remote='cipher BF-CBC'
Aug 28 07:33:26 smtp ovpn-server[18351]: WARNING: 'keysize' is used inconsistently, local='keysize 256', remote='keysize 128'
Aug 28 07:34:08 smtp ovpn-server[18351]: client/ Authenticate/Decrypt packet error: cipher final failed

This way you are able to find out which clients are still running on the previous configuration and therefore would need a little bit of assistance.

Other hardware firewall based on OpenVPN

Thanks to some of the clients of my company IOS Indian Ocean Software Ltd. it happens that I have to connect to their networks via VPN from time to time. Given the changed cipher of my own OpenVPN infrastructure I wanted to see what others are using.

According to my own article Connecting Linux to WatchGuard Firebox SSL (OpenVPN client) one of the client configuration reads like this:

cipher AES-256-CBC

Whereas for another client who is using a firewall from Sophos the chosen cipher suite looks like this:

cipher AES-128-CBC

Well, looks like I'm in good company with my new option.

Security is a process, not a state

Again, lesson learned. Although running services on Linux is mainly about setting them up properly at the beginning, it surely doesn't mean to forget about them in the long run. Regular reviews and audits help to mitigate newer issues and threats to your network infrastructure.

If you are an active OpenVPN user please use the comment section to share other security related configuration settings and hardening tips on OpenVPN. That would be much appreciated by myself and other readers. Thanks!

Tagged as: No Comments

The Deputy Prime Minister and Minister for Finance of Singapore explains the country’s success

Posted by Avinash Meetoo

A big thanks to Alwin Sungeelee who shared this video to Christina and I yesterday. It’s an investigative interview of Tharman Shanmugaratnam (SG), Deputy Prime Minister & Minister for Finance of Singapore by Stephen Sackur (GB), Presenter, BBC HARDtalk.

It was conducted during the 45th St. Gallen Symposium in 2015 and the theme was “Singapore: 50 years after independence”.

Here are some notes I made while watching the video which I would like to share with you:

(1) The most important decision made by the Government in Singapore was to have state-funded and state-built estates (i.e. apartment in blocks) for lower-class, middle-class and upper middle-class people with ethnic quotas imposed by Government. This was to make sure that different people (different backgrounds, different religions, different cultures…) mix and grow together so that they ultimately can work and create together.

(2) Immigration is essential for companies to get the best talents, expertise, network. One third (1/3) of the current workforce in Singapore is foreign.

(3) Singapore needs to be open but remain Singaporean to the core. This means that Government has to define as precisely as possible the values that need to be shared among all Singaporeans.

(4) Singapore never invents anything. All institutions are inspired by what works in other parts of the world. As a result, it’s easier to have successes than failures.

(5) Singapore has high-skill high-wage enterprises today and this is important for a country to progress.

(6) One should not forget the intangibles (i.e. values): being constant, keeping to your promises (which obviously means that everything should be strategically planned).

(7) A country needs to make its elected accountable. It is important to create a culture of accountability where electors can expect their politicians to actually do what they promised they would do while campaigning.

(8) A country never arrives — a country needs to constantly develop.

(9) One thing that Europe and the US have managed to do is to give respect to manual workers (blue collar workers) and allow them to contribute at all levels. This is not yet the case in Singapore.


We still have a lot of work to do here in Mauritius. And it all starts by Nation building. I wonder whether this should start by introducing kids to the contemporary history of Mauritius (say, since Independence in 1968). Most young people I have spoken to do not have a clue of what happened at the end of the 70s in the country and/or the kinds of social and economic transformation which happened during the 80s and the 90s. That’s a pity.

Then, of course, it’s all about strategic planning, methodical execution and careful auditing.


50 Fraz pou 50 an Lindepandans

Posted by Avinash Meetoo

“Mo video pou “50 Fraz pou 50 an Lindepandans” ki ti pas lor MBC le 10 fevrie. Mo met laksan lor linportans teknolozi ek inovasion pou ki Maurice vinn ankor meyer.”

In February, I was contacted by the Mauritius Broadcasting Corporation (MBC) to participate in their 50 Fraz pou 50 an Lindepandans (50 sentences for the 50th anniversary of the Independence of Mauritius) programme. I gladly accepted.

Here is a simplified transcript:

From a country which had no experience in computing and technology, Mauritius is today one of the most advanced countries in the region. All international indicators show that technology is used a lot in businesses and at home.

Today, there are different kinds of companies in Ébène Cybercity and, notably, Information and Communication Technology (ICT) companies. There are local and foreign ICT companies which employ about 25,000 people and have the potential to employ still more people, including Mauritians, provided they are trained properly. Young Mauritians are as good as any other young people from any other country and, if they get the proper training, Mauritius will be able to move up a level.

Technology is an enabler. It will allow us to better leverage, for example, our seas (thereby strengthening our ocean economy), to engage in modern agriculture and to allow our hotels to have more clients from more countries. Technology can also allow us to penetrate untapped industries such as the video gaming industry. 1-2% of this industry can have a very positive impact on our economy.

For this to become true, it is essential that we think big and we need to become innovative. For me, innovation is simply being able to do something today which we couldn’t do yesterday. It is necessary to inspire young people to become better than their parents for example. To do that, we could ask innovators in the island to show what they are doing to these young people. Similarly, it should be possible for young students to go throughout the island to discover what is being done.

An innovative Mauritius will also require more collaborative work. People will have to trust each other. People need to understand that it is possible for everyone to win. Winning does not forcibly entail someone else losing.

When this will become true, then Mauritius will become one of the best countries in the world or, maybe, the best one 🙂

What do you think?


Next stop: MCSA: Linux on Azure

Posted by Jochen Kirstaetter

Next stop: MCSA: Linux on Azure

Recently I decided to coordinate my work and learning activities a little bit. Turns out that while working with .NET Core, in particular developing an API project, I do quite some coding under Linux using Visual Studio Code.

During office hours I'm fully emerged into Visual Studio 2017 running on my Windows 10 machine but often I'm reviewing and tweaking some of my code during the evening hours on my secondary Xubuntu system.

Linux and me

The story about me using Linux goes back two decades. Actually, if I remember correctly it happened some time in summer of 1996 when I officially purchased a copy of S.u.S.E. Linux 4.2. At that time I was still studying Applied Chemistry at the University of Kaiserslautern and the Unix AG on the campus offered copies of Slackware among others for free; you only had to bring the empty CDs to get the software burned on.

Note: The Unix AG was founded and still is run by a group of students and assistants in the field of computer science. And at that time there was a nice fellow named Klaus Knopper, famously known for his Linux distribution Knoppix.

Apart from attending lectures and running experiments in the chemistry laboratory I spent a good amount of time in the university's computer labs, too. Over there you had access to graphical XTerminals running on AIX Unix compared to the regular ASCII terminals anywhere else on campus.

The two reasons I bought a copy of S.u.S.E were because I wanted to set up an internet gateway at home which I was not able to do so with Windows NT 4.0, and because the distribution was bundled with several books on installation, network configuration and Linux in general in German language. So, I started the initial installation on a Friday afternoon, worked through the whole night reading and configuring the system several times, and slept only a few hours over the whole weekend. Finally, on Monday morning after several attempts and lots of swearing/ranting over my own incapabilities I managed to run a working internet gateway. Dialup happened over ISDN on my freshly installed Linux computer while my parent's system running Windows 95 was attached to the 10base2 thin Ethernet network.

The rest is history...

Azure is running (on) Linux

Eventually you might be aware of the situation that Microsoft is actually using Linux technology to run its cloud solution named Azure.

Yes, they do... According to an article Whoa. Microsoft is using Linux to run its cloud published on Wired back in September 2015 it is referring to an official blog article by Microsoft. Get more details about the Azure Cloud Switch in Microsoft showcases the Azure Cloud Switch (ACS) by Kamala Subramaniam Principal Architect, Azure Networking.

It [note: The Azure Cloud Switch (ACS)] is a cross-platform modular operating system for data center networking built on Linux.

Nonetheless, I would assume that the main interest would be to run and operate Linux machines in Azure. According to Microsoft says 40 percent of all VMs in Azure now are running Linux we are in good company with like-minded system operators.

What better than combining two technology stacks? Although, I work on Windows systems during my day job, Linux plays a vital role. Our internet gateways are based on a designated Linux system which handles all internal traffic and provides access to the internet by providing essential services like DHCP, DNS, proxy and so forth. Services the standard router provided by a local ISP might not be capable of or with serious security concerns.

Using Azure to provision a Linux-based virtual machine takes less than 5 minutes and there are various options available.

Next stop: MCSA: Linux on Azure

I'm a big fan of Xubuntu but to prepare myself for MCSA: Linux on Azure I'm going to need a CentOS based system. So, instead of taking resources on my local machine using a virtualisation software like VirtualBox or VMware I'm going to entertain a Linux VM on Azure. It's more convenient after all.

MCSA: Linux on Azure

Combining both technology stacks into one sounds almost like a dream coming true for me. Using Linux has always been a passion and fun factor for me and being able to add it more and more to my professional services brought me to the decision to look into the benefits and requirements of Microsoft's MCSA: Linux on Azure certification.

Effectively, the exam requirements stipulate that one has to pass two independent certifications to achieve MCSA: Linux on Azure:

You might have noticed that it is not purely a Microsoft certification but integrates the work of the Linux Foundation. Interestingly Microsoft officially announced during the Connect(); 2016 that they joined the Linux Foundation as a Platinum Member. Which literally made the Linux on Azure certification possible.

Our membership to the Linux Foundation builds on our work with the foundation, including the creation of a Linux on Azure certification.

Exciting times, don't you think?

Exam formats

Both, Microsoft and the Linux Foundation, offer details about the skill sets being measured during the exams. The Microsoft exam 70-533 is based on the usual multiple choice format. Compared to that the LFCS is performance-based.

Candidates will need to perform tasks or solve problems using the command line interface in their chosen Linux distribution.

Meaning, you connect to an actual Linux system - running either CentOS 7 or Ubuntu 16 (as of writing) - and you have to get your "hands dirty" in order to qualify.

Learning resources

Check out the section Optional training and resources on the official LFCS website. The Linux Foundation provide free material like their Certification Candidate Handbook, their Certification Preparation Guide, and their LFSx01 courses online.

In similar fashion Microsoft lists multiple resources in the Preparation options of the exam 70-533. The online training is accessible for free through the edX platform and are part of the Microsoft Professional Program in Cloud Admin, too.
Using the same preparation material gives you the ability to achieve a second accreditation. Perhaps you are interested to read more about the Cloud Administration professional program.

Having an active, annual subscription with Pluralsight I browsed through their learning paths and discovered Pluralsight Path to MSCA: Linux on Azure. It's a combination of several courses provided by experts John Savill and Andrew Mallett.

More resources will be added regularly to my 100-days-of-exam repository on GitHub. You are hereby invited to fork it, to add more resources including other exam preparations, and to send me your pull requests (PRs).

Commitment to #100DaysOfExam

To keep myself accountable I am committed to the #100DaysOfExam challenge.

I will learn and prepare for an exam for at least an hour every day for the next 100 days.

Following the Rules section of #100DaysOfExam I will tweet about my progress using hashtag #100DaysOfExam and I will update my Log with the day's progress and provide a link every day, too.

Let's do it!

Tagged as: No Comments

ICT skills at primary school

Posted by Jochen Kirstaetter

ICT skills at primary school

Our children have computer lectures at their primary school since this year. In general, it's a great idea that students are exposed to computer literacy at an early stage. But sometimes it comes with small hiccups. Like in our case...

Curriculum, literature and exercise book

Although our children have access to computers at home since a while already it is the curriculum of their primary school in regards to IT literacy that lead to this blog article.

The title "Let's Learn ICT Skills" by the Mauritius Institute of Education (MIE) introduces Computer Fundamentals and Operations to young learners at primary school level. The textbook is divided into six units and covers first steps into the world of ICT.

Starting with an orientation in Windows the title discusses the essential use of typical desktop applications to handle word processing, to introduce simple graphics and presentation skills, to cover basic functionality in spreadsheets and to venture into the unknown areas of the interweb.

Each chapter has different learning objectives and introduces elementary skills in various applications. To keep matters easy the textbook is focused on Windows operating system and the Microsoft Office suite. Which in general and most commonly okay for the majority of primary school students.
Not sure whether it classifies as a tutorial. You are most welcome to comment and assist. #BlogMore about modern parenting obstacles...
Well, most students... ;-)

Our start situation - Linux

As a parent it is not easy to trust a full-fledged computer into the hands of your youngster(s) without fearing the whole system might be infested by viruses, malware and ransomware in shortest time. Especially given recent reports on various problems.

Following my decision to provide our kids with family-friendly and security-enhanced tablets running on Amazon's Fire OS compared to regular Android, it was only right to provide them a similar experience on the desktop. At least in my point of view.

Personally, it was important for me to have peace of mind knowing our children are using Linux based system. Don't get me wrong Microsoft has done a tremendous job to improve security over the last decade. It's just that I didn't want to purchase a new laptop for them and Linux runs just fine on older hardware.

Instead of upgrading the available HP laptop from Windows Vista Business to latest Windows 10 I decided to install Xubuntu 17.04 originally. Some weeks back, I then upgraded their machine to Bionic Beaver (version 18.04) already, and they can "beta-test" the upcoming Ubuntu LTS version.

After all, as more and more software is moved towards web applications it really doesn't matter anymore whether Firefox is run under Windows or Linux, does it? Additionally, they have access to LibreOffice, GIMP and other educational software packages like GCompris, and so forth.

Well, the children's exercise book is explicitly covering Windows, some applications of the Microsoft Office suite as well as - software that isn't available on Linux out of the box.

Various approaches possible

Of course, there is no golden solution to this situation and multiple possibilities are given. All depending on circumstances, personal taste and eventual hardware constraints. Following, I would like to give you an overview of options - all of which I already used successfully in the past.


This might come first in someone's mind and I have to agree with that. Installing a virtualisation software like Oracle VirtualBox, VMware Workstation or even qemu can be done easily and the the actual experience can be seamless. In our situation though is the existing hardware with a previous generation CPU and 2 GB RAM only the limiting factor to this approach.

Using wine or CodeWeavers CrossOver

Emulation software like wine or CodeWeavers CrossOver eliminate the necessity to install and run a complete virtualisation solution. The software provides an abstraction layer of native Windows API functionality and allows to install and run Windows software like the Microsoft Office suite among others directly on a Linux machine. Luckily, the hardware wouldn't be the limiting factor but I have to confess that it is my laziness to opt-in for this viable approach. Also, the first chapter in the kids' literature - Getting familiar with Windows - wouldn't be possible for them using this approach.

Remote access

Last but not least, providing remote access to an existing instance of a Windows system seems to be one of the easiest options. Here, the kids get to experience Windows directly and it doesn't need any resources on their Linux system. Using a software package like rdesktop or remmina enables a Linux user to connect to a Windows system via Remote Desktop Protocol (RDP). So far so good, but I'm not interested to provision a dedicated machine for this purpose at home. The system would be idle most of the time and consume a good chunk of electricity instead.

As mentioned earlier I have used all those approaches successfully, and it is good fun to tinker around with them. But those are most likely options for an adult and not really suitable for a child attending primary school.

A solution - Cloud-based virtual machine

Taking the pro aspects of each of the approaches earlier I decided to provision a virtual machine running Windows 10 Professional in the cloud. Access to that machine is available using RDP and in regards to hardware constraints it requires an internet connection only.

Actually, this suits me very well as it gives me control on various levels:

  • Local network: I can control at any time whether the kids' laptop gets access to our WiFi network or the internet based on simple authentication and routing configuration.
  • Operating times: A virtual machine in Azure is fully controlled through the Azure portal. I can decide when the VM is running and when not.
  • Hardware on demand: Provisioning hardware to the VM on Azure is just a few clicks and a reboot away.
  • Data exchange: Synchronisation of files between the local Linux laptop and the Windows machine in Azure is based on cloud storage providers like OneDrive, Google Drive, Dropbox, etc. Meaning backup of files is integrated and additional devices like their tablets can be added easily.

Later on, if the VM isn't needed anymore or in case the children totally messed it up I don't have to worry about anything. The VM gets decommissioned and can be provisioned again within minutes if needed.

Azure configuration and fine-tuning

To start with this educational system for my children I went into the Azure Portal and created a new virtual machine using the Windows 10 Pro image. To keep nice and smooth I also created a new resource group to isolate it from other business-related activities.Given

Size of the VM

ICT skills at primary school
I chose a (hopefully) decent hardware setup running the virtual machine on a Standard B4MS (4 cores with 16 GB RAM) tier. This should be sufficient enough for Microsoft Office, and Firefox.


Also, I activated the Auto-shutdown feature which restricts the use of the system until a specified time, and helps me to save a heap of money, too.
ICT skills at primary school
The main purpose of that VM is to allow the children to follow the exercises and steps in their school book. At the given time the system simply shuts down, and it's dinner time in the off-line world.

Starting the VM

Now that we know how to stop the VM we should have a look about how to start it. There are multiple choices available. Most obvious you can launch the virtual machine via the Azure Portal itself. Nothing surprising here.

Next, Microsoft offers the free Azure mobile app for Android and iOS to stay connected to your Azure resources. This is quite neat to manage, monitor and operate Azure on the go.

And then there is azure-cli - the Command-line tools for Azure - which gives you the next generation multi-platform command line experience for Azure.

$ az 

    /  \    _____   _ _  ___ _
   / /\ \  |_  / | | | \'__/ _\
  / ____ \  / /| |_| | | |  __/
 /_/    \_\/___|\__,_|_|  \___|

Welcome to the cool new Azure CLI!

Usually, I have Visual Studio Code open almost the whole day and starting the kids' virtual machine is done using the Azure CLI Tools extension.
ICT skills at primary school

I'm currently using the following .azcli file to manage that VM:

# Logging into Azure
az login

# Starting kids' VM on Azure
az vm start -g Personal -n windows4kids

# Stopping kids' VM
az vm stop -g Personal -n windows4kids --no-wait

The az login triggers the device login on Azure and after entering a generated code to authenticate your machine you get access to your resources on Azure, like this:
ICT skills at primary school

Accessing the VM

Windows machines on Azure are accessed via RDP and Linux has a variety of client applications for that protocol. In the portal you should assign a static domain name to your VM as the public IP address is most likely to change between daily uses. The portal allows you to download the Connect parameters as a .rdp file that you can open in any text editor on Linux.

ICT skills at primary school
Using the details from the .rdp it is possible to set up a new connection in remmina for future use. I'm storing the password to keep it simple for the children to access their new Windows machine.

Now, remmina is configured to start automatically after they logged into their account and the Windows VM on Azure is easy accessible via shortcut from the system tray area.

Give it a try - Azure free credit

Microsoft gives new sign-ups on Azure an initial credit that allows you to explore the various options and get yourself familiar with the available resources. Why don't you give it a try?

Tagged as: No Comments

An interview with Vint Cerf in Mauritius

Posted by Avinash Meetoo

Engineering is the art of turning science fiction into reality says Dr Vinton (Vint) Cerf, one of the inventors of the Internet and Chief Internet Evangelist at Google.

In September 2013, Christina and Avinash Meetoo of Knowledge Seven (at that time) did an interview with Vint Cerf. He talks about the importance of the Internet, creativity, entrepreneurship and what young Mauritians should aspire to. He puts a lot of emphasis on good education and the need to really master science, mathematics and, specifically, engineering.

He strongly believes that competent Mauritian engineers can make a difference.

Here is a full transcript of the interview:

Avinash Meetoo, Founder and CEO of Knowledge Seven:

Thank you Dr Cerf for accepting this interview.

I know you have been quite hectic those few days with the conference going on and, for us at Knowledge Seven, it was important to be able to talk to you. Specially given that there are a lot of young people in Mauritius and, for many reasons, maybe they won’t have the opportunity to hear from you. So we want to give you the possibility to talk to those young people because at the end of the day, those young people are going to rule the world one of these days.

So we asked a few of our employees, our young employees, for some questions and one of them asked us “What did you want to become when you were a kid?”

Dr Vinton (Vint) Cerf, one of the inventors of the Internet and Chief Internet Evangelist at Google:

When I was a young child, about ten years old, I knew I wanted to be a scientist. There was no question about that. I read books about science and I got a chemistry set. And so I had an opportunity to experiment with all kinds of interesting chemicals. And I can tell you in 1953, you got a lot more interesting chemicals in a chemistry set than you get today. Things that would blow up. It was great. So I was always interested in mathematics, I liked chemistry, I liked physics. I would read Scientific American. I always knew I was gonna be a scientist. I just didn’t know what kind.


And then a few years afterwards, you invented TCP/IP together with Bob Kahn. The question is: how come you came across this so wonderful suite of protocols called TCP/IP? How come you came up with something which is so resilient, so good that, until now, it’s working so well?


So, first of all, we were faced with solving a particular problem. We had multiple computer networks that we needed to interconnect to each other and make it look like one big uniform network and to suppress all the differences. So we were really focused on the engineering problem. And in a sense, the solution just comes out of the problem itself. If you’re lucky to express the problem in a way that exposes the solution, then you just go and build it and make it work, which is basically what we did. Now, to be honest, it took ten years between 1973 and 1983 to refine the answer, to the point where we could turn the network on, which we did in 1983. So what you’re running today is a solution that started literally 30 years ago.


But did you expect the Internet to become so massive as it is today?


Absolutely. I mean our entire design was built around the idea that if someone could build a piece of Internet according to our design and find someone to connect you, that it would work and so the network really grew in an organic way with people building pieces of it, finding someone to connect you and then allowing the system to expand. So, it’s been growing ever since it is turned on.

Christina Meetoo, Senior Lecturer at the University of Mauritius:

I would just like to ask you a naive question. We’ve learned that you are Chief Evangelist at Google. So, what does a Chief Evangelist do? What’s the typical day of a Chief Evangelist?


So, it’s very interesting: the title was Chief Internet Evangelist. So, I only evangelize about the Internet. My primary job is to find a way to get more Internet built all around the world.

That’s one reason why I’m here in Mauritius. We spoke with the President yesterday. There’s no question that communications, networking, education and electrical power, and reliable environments are necessary for taking advantage of the Internet.

A typical day for me involves a speech or two. It might mean meeting with a few scientists or engineers who have ideas that they would like to discuss, some people who aspire to buy a company or to license the latest patent or design. I spend time on university campuses talking to young people about the problems that still remain with the Internet that need to be solved. Some of them are really hard. You would get a PhD dissertation by solving those problems. The idea is to get those problems in front of people who want to try finding hard things to solve. So I spend good deal of time doing that.

I spend time with policy makers in government, trying to help shape the policy that will allow more Internet to be built, to allow for competition, to allow openness, so that anyone with a new idea to build an application, puts it on the net, and lets someone else get access to it, which is where Google came from: an idea from two students at Stanford who just put it up on the net and it just grew.


And how do you see things evolving in small countries like Mauritius? Africa? Compared to what is happening in the US?


Well, first of all, remember that the US started in the same kind of way that you’re starting. Everyone starts small and then you grow. So, Mauritius is no different. You need to have reliable power. You need to have not only engineers but you need to have business people, sales people, marketing people, you have to have people who know how to run a business. You have to have people thinking about marketing to the rest of the world as well as the domestic economy in order to take advantage of the bigger economy. After all there’s only about 1.3 million people. So you need to be thinking outside as well.

The universities have to be very diverse in terms of what they can produce. You have to have these policies that will invite people to come into the country to participate with you in growing these capabilities. Some people worry that, oh, we’re too late. The Internet’s been around for forty years and we’re too late. You’re never too late. You’re always starting with everybody else with the next thing that happens, the next design, the next invention, the next information technologies.

So, just get on the wagon, keep going with everybody else.


There are a number of people who say (and sometimes I’m among them) that our education system in Mauritius tends to create people who are really really passive. Do you think that, because of the Internet, things are going to change quickly? People are going to become more and more active, will discover what their passion really is?


This is a cultural question. And it’s very hard for me to answer that. I can say that the more you know, the more curiosity you have, the more your curiosity is satisfied by being able to get answers on the net. Perhaps that will be an incitement, even to see what other young people are doing around the world. Watching YouTube and things like that may cause our younger people to feel empowered and to do something. But in terms of being, you know, aggressive about pursuing ideas, as part of your cultural setup, you need to reinforce the feasibility of exploring new ideas.


Do you think that in the coming years, countries where creativity is valued are going to have an advantage other those countries…


Let me explain this to you. The incidence of smart and creative people is constant per thousand in population everywhere in the world. So, the distribution is the same everywhere. Whether they get an opportunity to explore that creativity and inventiveness is a different question. What is the environment like? Are they encouraged? Do they have resources to explore? But the actual native capability to invent and create is the same everywhere. So, you should not lose track of the fact that you have your share of inventive and creative people.


We know, because we have been reading on the net, that you’re working right now on Interplanetary Internet, the Internet between Earth and Mars. Can you tell us a few words about it?


Well, first of all, we concluded some fifteen years ago that we should have rich communication capability for exploring the solar system with robotic spacecraft and manned spacecraft. And so our intent is to provide networking capability that will allow these various devices to communicate with each other the same way we communicate across the Internet on Earth. So that system is actually in operation now between Earth and Mars. We have orbiters, satellites in orbit around Mars, talking to the robots on the ground; all that data is getting back to Earth. They stay in communication with devices sitting on the international space station. Then there is a spacecraft in orbit around the sun called EPOXI which has visited two comets in the last ten years. And it too has been outfitted with interplanetary capability.

So, what we intend to do is to keep launching satellites with these new communication protocols. And as time goes on, we’ll build an interplanetary backbone to support manned and robotic space exploration.


Do you think that people are going to go on Mars in the coming years or is it going to take…


You know. There’s a lot that has to happen in order to support a manned mission to Mars. We have to support life for nine months to get there. Then some six months to be on the planet. And then to come back, that’s another nine months. It’s a three year mission. There’s a lot still to be learned until we know how to keep people safe.

So, for my money, I’d rather send robots out there for now to learn as much as possible about what the environment is like before we try to send people.


How do you see the Internet evolving in the future? When you were working on TCP/IP, I imagine you didn’t think about how it would be so far-reaching. What you’re working on right now, do you think it’s going to be the same?


Well, first of all, we did know what was going to happen. We had a pretty good idea. I won’t have time to give you all the background but a lot of the applications that you see today, we were doing thirty years ago, just not so much.

And it is capacity that has allowed everyone to take advantage of things like email which was invented in 1971. Laptops were actually thought in 1972. Workstations, desktop machines were in use in 1973; it’s just that they cost 50,000 dollars each.

So speed and cost, higher speed, lower cost have contributed to what you see today.

Mobiles are the natural result of reduced size, reduced power requirements, reduced cost. So, looking towards the future, there’s no question that every appliance that we have around the house, in the office, in the car, that we’re carrying with us, will be Internet-capable and be communicating with each other and will be responsive to the questions that we ask and to control, commands that we give.

Our computers will be part of our sensory environment. We’ll allow our computer to be with us, seeing what we’re seeing, hearing what we’re hearing, being our partner in our interactions with the world. Virtual reality and augmented reality will be part of the normal thing. Google glasses will let you see information when you’re looking at some real thing. All that’s absolutely clear.

Medical instrumentation will be everywhere. We’ll be very instrumented. Our bodies will be examined and monitored 24 hours a day. In which case, if there are any problems, you’ll become more aware much earlier than if you had to wait till you get sick to go to the doctor and find out you have a problem.


There’s this initiative: the quantified self…


That’s exactly the quantified self. So we have a lot to look forward to neural electronics, cochlear implants, ocular implants, spinal implants to recover the use of arms and organs that we are looking into because of spinal injury. All that is absolutely clearly in the future and not all that many years.


So, speaking of Google, which is quite different from other technological companies because instead of focusing on technology for the sake of technology, you do technology as a means for people to have a better life, for instance self-driven cars, etc. Do you know if Google has plans for Mauritius right now?


We don’t have specific plans for Mauritius. We have an interest in general in Africa. We have incited some businesses to start in Kenya. For example, there’s activities in TV white spaces which is a new way of getting access to the Internet and that’s happening in South Africa. So we have a real interest.

One of the reasons of coming here is to find out more about Mauritius, what the conditions are, how trained are the people, what is the connectivity, communications capability, availability of power. So all those things are part of the story of figuring out what are the things to do here.

But we believe that access to the Internet gives you access to everything Google has available and you can build on top of that platform as many other people have. You know it’s a way for us to show what’s already there if you can get good access to the Internet.


And a last question: do you have any specific message for young people in Mauritius who are going to watch this video later?


Yes I do. First of all, I want you to take the time to learn about science, mathematics, engineering. You have an opportunity to make a difference in the world. I happen to be an engineer. The secret to engineering is turning science fiction into reality. That’s what engineering does. You can do that too. But you have to stay in school and you have to learn and you have to apply what you’ve learned.

Maybe you’ll change the world too.


My interactive session on Innovation during Infotech / Innovtech 2017

Posted by Avinash Meetoo

On 2 December 2017, I did something cool. I gave the microphone to others.

I was supposed to make (yet another) presentation on Innovation as a major enabler in the transformation of Mauritius during Infotech / Innovtech 2017. During the past few months, I have realised that, sitting in our tour d’ivoire, it is impossible for us to have all the answers concerning on how to create a culture of innovation in Mauritius.

Inspired by a similar session by Prof Chinapah during eLearning Africa 2017, I decided to simply ask a few questions during my talk and let the members of the public give answers. My job was then simply to collate everything and share with you all, including the Minister of Technology, Communication and Innovation as well as the administrative staff of the Ministry.

Question 1: How can we inspire (young) people of Mauritius?

  • It is important to explain what innovation is and why Mauritius needs to be innovative.
  • Role models need to be identified and they should come to school to show what they do.
  • Puzzles, kits, robots, etc. need to be given to kids at school so that they can experiment, collaborate and play.
  • Kids need to have more activities and games at school instead of just listening and writing.
  • Kids need to be able to travel to discover new countries, people and cultures (e.g. exchange programmes).
  • Focus at school need be on collaboration and sharing, not competition.
  • There is a need to recognise that there are different kinds of intelligence, not only academic.
  • STEM (science, technology, engineering and maths) need to be introduced early and in an interesting way.
  • Proper and sincere recognition need to be given whenever a kid succeeds (in any way).
  • Teachers should impose less on kids, they should even ask kids what they would like to know.
  • The teacher to student ratio need to be as high as possible.

Question 2: How to make the population focus on end results?

This question proved a bit harder for me to explain: my point is that a lot of energy is wasted focusing on details which are not important. I mentioned that we should, as a nation, understand what benefits a project can bring in the medium- and long- term and, if sacrifices need to be made in the short-term, so be it. I got the following answers:

  • Whoever initiates (big) projects need to communicate its intent and benefits as clearly as possible (“good marketing”).
  • The projects need to be explained in the context of the common good and common space that we all share.
  • Success criteria need to be properly identified (someone mentioned that, until the population stops thinking that owning a BMW or a massive house is real success, then this is going to be difficult).
  • Projects need to address issues that are important (e.g. leveraging our territorial waters, solving traffic problems, making our lives better).

Question 3: How to develop reciprocal trust among Mauritians?

It is clear that we, Mauritians, do not trust each other. We love to criticise (la critique est facile, l’art est difficile…) without trying to empathise (i.e. understanding the point of view of the other).

  • We need to be honest (and, dare I say, stop bullshitting each other).
  • We need to learn to say “Bonjour” when we meet others.
  • Mauritians need to collaborate with others and create synergies.
  • Our collaborations should not only be about getting more money.
  • Our mentality should change about “the other” and this needs to start at school.
  • We should introduce a happiness metric (as Bhutan did in the past): are we really happy?

Question 4: How can we challenge the status quo?

Aha. Since I’ve returned to Mauritius 20 years ago after spending five years in France, I have noticed that we love repeating things that don’t work over and over again. I’ve seen that as a consultant (recruit young people, make them miserable, allow them to leave and repeat), in education (recruit bad teachers and unguided students, teach irrelevance, have easy exams, create generations of badly-trained people and repeat) and now in ministries (organise numerous workshops in posh hotels, write reports which no one will ever read, only few recommendation taken into account and repeat).

  • Mauritius is suffering from a massive brain drain and, consequently, the number of remaining people of sufficient caliber is not enough for everything that needs to be done. We need to find ways to encourage the diaspora to come back (better scope, more transparency, better salaries, etc.)
  • We need to favour and better encourage risk takers: they are the ones who challenge the status quo by being leaders, others are just followers.
  • We need to change our mindset towards the success of others: we should stop hating others for their success.
  • We need to have platforms to share ideas and opportunities: it is difficult to innovate alone.


Thank you to all those who have contributed their thoughts about how to make Mauritius better. I always tell pretty much anyone that Mauritius can be the best country in the world if we address some fundamental issues. While writing this post, I realised that these issues are obvious and, in some ways, easy to address provided:

  • We stop bullshitting ourselves.
  • We stop hating others for their success.
  • We start working together.

Right now, I am in between two minds about this happening soon. On one hand, we need to or else other countries will quickly overtake us. But, deep inside us, we still have this tendency to hate others for their success. How can this be addressed? How can our mentality change so that we understand that we are all in the same boat and, without collaboration, nothing will happen?

In my opinion, this can only happen at the very top level: the Prime Minister need to make us want to work together for the common good.


Informative and Restrained as opposed to Superficial and Flashy

Posted by Avinash Meetoo

Infotech 2017 has started.

And I am happy to notice that, except for one or two stands, things are much more “Informative and Restrained” compared to previous editions where things tended to be “Superficial and Flashy”.

Allow me to explain.

In Mauritius, for the past few years, we have become a nation of seminars, workshops, conferences and exhibitions and, unfortunately, many of them are quite superficial and very very flashy indeed. For the past six months, I have been to many such events where the venue was beautiful (a nice hotel with a beautiful view of the lagoon), the food was excellent, the hostesses out of this world but where, personally, I felt that there was not much to listen to and learn from, except from a minority of the speakers. This is what I call “Superficial and Flashy”.

What I would prefer to have, from a personal point of view, is the kind of chaotic geekish meetup as pictured above. An event where intelligent people of all horizons can meet, exchange views, share ideas and move forward together. Of course, there is a need for a venue and some food but nothing ostentatious. This is what I call “Informative and Restrained”.

The thing is that it is easier to do “Superficial and Flashy” than “Informative and Restrained”. The reason for that is that to be informative, the speakers need to be of high-caliber and need to be properly prepared.

This is your typical Googler. Similar people are changing our worlds everyday at Google, Facebook, Amazon, Apple, etc. but also in the IT division of most of the companies in the world. And, before you laugh, let me remind you that they run the world.

Pictured above are some of the people who have basically built the world as it is known today. Without them, we would still be waiting for The A-Team to be shown on TV on Saturday night. They are Steve Jobs (Apple), Sergey Brin (Google), Bill Gates (Microsoft), Larry Page (Google), Mark Zuckerberg (Facebook) and Jeff Bezos (Amazon). The missing ones being Linus Torvalds (Linux) and Richard Stallman (Free Software Foundation).

Of course, we won’t have Steve (RIP), Sergey, Bill, Larry, Mark, Jeff, Linus or Richard at Infotech. Maybe next year…

But we’ll have the 2nd best thing: the (real) innovators of Mauritius, each on his/her respective “Informative and Restrained” stand and willing to share his/her passion with you.

You just have to put aside your tendency to value the “Superficial and Flashy”, walk toward them and talk to them.

Enjoy 🙂

(First photo, courtesy of Le Méridien. Second photo, courtesy of Concept7. Third photo, courtesy of Business Insider. Fourth photo, courtesy of Youth Connect. Fifth photo, courtesy of PC Risk).