Thinking about getting a smart watch

Smart watches are obviously the cool thing right now. I took a look at few of them and I like some of the features, but so far I haven’t found the one that would be a perfect fit for me. What do I miss? I’ll write about that bellow with few examples of the watches that I kinda like for one reason or other. And if I missed the ultimate one, please let me know!

End-user features

One obvious feature that all of them have is displaying notifications from your cellphone. That is interesting by itself as cellphones got quite bit and getting it out all the time is a nuisance. But if I’m going to spend quite some money on watch, I want more. So what else do they offer? They are targeting people who sport a lot, so they have step meters, heart rate monitors and such. I don’t care about any of that. I don’t sport. The only sporty things I do is swimming and I might try to get back to flying. This brings me to the first requirement to filter by – they should be waterproof. Also barometer would be a nice plus so they could be used like a vario like my old smart watch. One other universal sporty feature that I would also appreciate is GPS. That comes handy even if you are not sporting. Really cool, but quite useless feature is that some of the watches can be used them as BT handsfree so you talk to you watches like Michael Knight did. This is one the coolest features ever, but totally impractical and as I do something like one unexpected call in a month, totally not important. So fom end user point of view, that’s it. No more features that I can think of and that would make any sense to me. The final list is waterproof with GPS, maybe barometer if it comes in cheap.

Geeky point of view

Now the hard part – my geeky requirements. Lets start with simpler one – SoC architecture. It makes no sense to have octa-core Cortex A76 watches running at over 2GHz and burning your wrist all fifteen minutes they can last on battery. I would prefer something simpler that can last longer on battery, produce less heat and suspend between screen redraws. There are few of those reasonably designed watches. One even from a well known brand. Xiaomi Amazfit Bip should be able to last a month on battery. They look interesting, but information about hardware and software are sparse. Another interesting platform is kinda no-name IMAXX, which uses Nordics nRF52 chip which itself is pretty cool and can do Zigbee, zWave and Thread apart from just Bluetooth. I have a devkit at home I want to play with once I’ll find a free afternoon. Unfortunately although both of those watches have quite some features, they are not waterproof. There are also some really simple notification bands that might be similar in terms of reasonable hardware design but usually lack some cool features 🙂 So this requirement although a little hard is kinda achievable.

Now the even harder to fulfill requirement. Openness. I’m not so hardcore to require full open-source firmware although it would be definitely nice. I would be Ok with just reasonable SDK so I can customize the watch and write my own applications. Unfortunately this requirement kinda goes against the previous geeky one. There are some watches with SDK, but all I found are the beefy ARM ones. On top of it most of it is because they are running android. While Android doesn’t make sense on cell phone, it makes even less sense on watch. That leaves me pretty much with one choice which is Samsung with it’s Tizen. Unfortunately those are watches with powerful CPU that can last only few days on battery and contradicts the first geeky requirement.

Desperate option

Ok, so you’ve seen that all smart watches sucks in one way or another. Is there any other way? Yep, there is. I can try to build watch I want by myself. ESP32 is cheap and easy to get, have plenty of IO options and both Bluetooth and WiFi. nRF52 is also not that hard to get and while loosing WiFi, I’ll get better battery life. OLED display is easy to get as well as GPS capable chip or barometer.

What are the downsides? Obviously it would take quite some time to develop. Software, hardware I don’t dare to and you can get quite some DIY modules online to just plug everything together. Case could be easily 3D printed nowadays. Other drawbacks are that making it waterproof is out of question. Also if I base it on ready to go modules, it will be big. Probably smaller than Leelas PDA, but still quite big.

Crazy idea II

If I would build it and if it’s going to be big anyway, wouldn’t it make sense to make it actually powerful and give it real keyboard and display and make Leelas ultimate PDA? As it would be big and I wouldn’t try to shave a millimeter of thickness at all cost as cell manufacturers do nowadays, I can probably put in enough batteries to make reasonable battery life and have all the needed peripherals like USB host, Ethernet, big storage, WiFi, you name it. Still, it would require months of prototyping to accomplish, but this one actually sound more realistic than just watch.


In the end I have no clue. Samsung and Xiaomi are both tempting, but it is hard to decide whether I want the one which can do all I want or the one that can last reasonable time on battery. I certainly don’t have time to develop my own watch :-/ Other option is to wait and hope that somebody will come up with revolutionary idea to create open smart watch that can last reasonable long on battery and will start selling them. Last option that I’m putting quite some hopes in is that I overlooked something 🙂 And that is the actual point of this blog post – rant about the state of things and ask if somebody knows any solution. Looking forward to some feedback 😉


Why I bought Turris MOX and why it is worth considering

Let’s start this with a little background. I work at CZ.NIC on Turris project. So I’m definitely biased. But this post is my own, written in my free time and express just my own opinions and it explicitly doesn’t represent opinions of the company I work for unless by chance.

So now you know the background, so let’s take a look at what Turris MOX actually is. It is marketed as modular open source router. Well Turris project is about secure routers, so it makes sense. But what I like about it is that it is actually quite nice and modular single board computer. If you are wondering what single board computers are, check Wikipedia or think Raspberry Pi which is the most well known example and probably one of the worst options you have.


If you heard just about Raspberry Pi, you heard about nothing interesting. What is wrong with Raspberry? Well it is not that bad, but it has a weird concept as it is mainly GPU and CPU is kinda afterthought and although it has USB ports and network card, it is in fact just USB HUB and USB attached network card connected to one USB port. And it is notoriously known for instabilities. Are there any better alternatives? Yes, definitely, plenty of those. I personally like Pine64, there is also Orange Pi, ODroid and plenty of others. They have various peripherals, various pricing, so you can pick up whatever HW fits your needs the best. One of those options might be Turris MOX nowadays.

One disadvantage those boards usually have in common is varying software support. Old Allwinners are mostly fine nowadays (and are going to get even better with Free electrons working on video decoder), the newer you get, the more troubles you face. Those devices mostly come with old heavily patched Android kernel. If it is popular board, it has few distribution images created by community ready. And if it is popular SoC, over the time some parts will get support in mainline kernel. So read a lot before you buy, otherwise you might get have to choose between being stuck with old kernel and having half of the hardware not working. Also with those half-baked old kernels, you have to pick the right set of features, otherwise it will blow up.

Turris MOX selling points

I already have Turris Omnia as my main router, so I would disregard the main selling point – using it as a router. That is what people seems to want the most according to the sold units on Indiegogo. People probably know what to expect there, so no point in talking about that.

What if you don’t need a router? There are cool selling points from both HW and SW point of view. HW wise the base module already has gigabit network and one USB3. So just the Start module is a perfect match for doing some home server. ARMv8 also has some crypto acceleration inside, so MOX can do quite well in terms of AES which means that encryption wouldn’t slow down your rotating disks if you want NAS. Modularity is nice, from home server point of view, probably the most interesting extension is more powered USB 3.0. This way you can easilly add a bunchbof additional drives. Yes, you could do it with USB hub, but then there is plenty of cables around, additional powersource etc. Also cheap hubs are often crap that cretes errors on the bus and dies quickly. Apart from that, PCIe might come in handy for various other devices – well mostly what I think of is SATA controller. But some IoT stuff has cards for either USB or mPCIe.

So HW is interesting, what about software? It comes with our own OpenWRT fork with nice webui which is great if your grandma wants to use it as a router. But I wouldn’t be running it on my MOX. My MOX will be pure home server, so I will be running my favorite distribution (openSUSE) on it. So why should I care about SW it comes with? It comes with latest OpenWRT with 4.14 LTS kernel, 2018.3 u-Boot (if not newer) and it will be fully supported there as the software is part of the deal. Even if I’m not going to use it, there will be source of up to date kernels and u-Boots. For Turris 1.X we migrated from 3.10 to 3.18 to 4.4 and 4.14 is work in progress. That kinda proves that there will be newer kernels provided by CZ.NIC. Which itself is nice. What is even better is that there is a work in progress to upstream all bits and pieces. It’s not there yet with Omnia, but I know that the main obstacles are few unusual bits of HW where kernel abstraction is not ready yet. In MOX case, there is no such thing, those were all avoided so there should be nothing stopping my colleagues from upstreaming everything and actually it is already being done. Therefor it shouldn’t give you any headaches to get it running.

Common complaints

People often complained that it had just 512M RAM. Yep, it was a limitation, but nowadays you can get one gig upgrade. People are still asking for more – 4G or 8G or … Something like that is IMHO nonsense. I have VPS that is running Nextcloud, DNS server, mail server and few other little things and 1G RAM is fine for it. People need to realize, that they are not going to run Xorg on it and they are not going to browse the modern web on their MOX. So there is no need for such huge RAM. For NAS it is still perfect with just 512M unless you decide to run Nextcloud on it. Then you would have to tune it down a little to fit or preferably buy an RAM upgrade.

It also doesn’t have a GPU – surprise surprise, it’s a router! And at least it doesn’t eat your precious RAM. It could be better with SATA, more USB 3.0 ports etc. directly on CPU board. But it would make the basic price higher, not everybody needs it and you can put that into mPCIe so it’s still an option when you decide to enhance it. One can also always complain about the price, but in general, that is the tradeof you have to make – is modularity, extensibility and support worth those few extra bucks compared to all-built-in solution that best matches your needs? For me it is at least in some use-cases.


I believe that the device makes sense, is open and well supported. Support is something that you don’t see when browsing hardware stores. Yep, you can get this nice Chinese tablet for 99.99 and it comes with Android! But with Android 4.0, company is GPL violator and you will never get anything newer than 3.10 kernel on it unless you spend huge amount of work on it. I think MOX is on the other side of the spectrum. It’s not dirty cheap (but also not that expensive) but the support and things you can do with it is going to be much better. So if you like it, support it on Idiegogo before it is too late.


Honeypot as a service

HaaS logoI’m currently working at CZ.NIC, Czech domain registry on project Turris which are awesome open source WiFI (or WiFi free) routers. For those we developed quite some interesting features. One of them is honeypot that you don’t run on your own hardware (what if somebody managed to escape) but you basically do man in the middle on the attacker and forward him to the honeypot we are running behind many firewalls. We had this option for quite some time on our routers. But because plenty of people around the world found the idea really interesting and wanted to join, this part of our project got separated, has its own team of developers and maintainers and you can now join with your own server as well! And to make it super easy, packages are available in Tumbleweed already and also in security repo where they are being build for Leap as well.

How to get started, how it works and what will you get when you join? First step is register on HaaS website. You can also find there explanation what HaaS actually is. When you log in, you can create a new computer and generate a token for it. Once you have a token, it’s time to setup software on your server.

Second step would be obviously to install the software. Given you are using the cool Linux distribution openSUSE Tumbleweed it is pretty easy. Just zypper in haas-proxy.

Last step is configuration. You need to either disable or mive to different port your real ssh. You can do so easily in /etc/ssh/sshd_config, look for Port option and change it from 22 to some other fancy number. Don’t forget to open that port on firewall as well. After calling systemctl restart sshd you should be able to ssh on new port and your port 22 should be free.

Now do you still remember the token you generated on HaaS website? You need to enter it into /etc/haas-proxy, option TOKEN. And that’s all, call systemctl enable haas-proxy and systemctl start haas-proxy and the trap is set and all you need to do is wait for your victims to fall in.

Once they do (if you have public ipv4 than you should have plenty after just a day), you can go to HaaS website again and browse through the logs of trapped visitors or even view some statistics like which country attacks you the most!

HaaS mapSo enjoy the hunt and let’s trap a lot of bad guys 🙂 btw. Anonymized data from those honeypot sessions are later available to download and CZ.NIC has some security researchers from CSIRT team working on those, so you are having fun, don’t compromise your own security and helping the world at once! So win,win,win situation 🙂


Running for re-election

As you might have noticed, I’m running for re-election. I served my first term as openSUSE Board member, learned a lot and I think I could represent you well for another two years. Although this years elections will be tough as we have in the end quite some strong candidates. So honestly, I have no worries regarding result of the elections as it can’t end badly. Compare it to real world politics and elections where the results can be either bad or even worse… But even though our elections are quite friendly, it is still competition. So what would I do if I get elected? Why should you vote for me? I’ll try to answer it in this post.

What does the board do?

I was a board member for two years. During that time, I learned more about what board actually does and would like to describe it at the beginning. Even if you decide not to vote for me, it can help you pick the best candidates. I believe that the following roles are the main responsibilities that board has.


Board is the last resort when there is some conflict. And there are some conflicts from time to time. Our task is to listen to the both sides of the story and help them to achieve some solution, peacefully if possible and deescalate things. Sometimes, there are quite some emotions and you might even know one or both parties of the argument. It could be sometimes hard staying objective and resolving stuff in a way that is defendable and if there are some consequences, it has to be be plainly visible what the cause was.

Budget keeper

We have a power to influence how SUSE spends money on openSUSE. Our responsibility is to help decide what to support and how. When there is a need for money, board asks SUSE and SUSE gives us money. Part of this role is being reasonable, if we start asking for Lamborghinis for everybody, they might start saying no. Also we need to be kinda predictable so SUSE can plan the budget for openSUSE. But lately part of that job was out given to Andrew – to keep our books.

Point of contact

We are single point of contact for people from outside of the project or for companies. Our task is to tell them how our community works. Also whenever they have interesting proposal to our community, put them in contact with the right people from our community. We are also in charge of our trademark – openSUSE name and logo. From time to time, somebody wants to do something with openSUSE label on top of it. Mostly it is producing merchandising, new cool spin-off, port openSUSE to some exotic architecture… In these cases, our task is to decide whether this would benefit openSUSE community or if it is an attempt to exploit it. Mostly, these requests are good ideas thought, and we just say yes.

Yes man

Last but one of the most import tasks that board has is to encourage people to do stuff. Board itself has no power over technical decisions. In openSUSE, who does the work, decides. But sometimes people still ask whether they can do something. Our job is to tell them that they can do it. Sometime people ask us to change something or implement something. Our job in that case is again to tell them that they can do it. We don’t have a pack of code monkeys to implement whatever whoever wishes. But we have power to encourage people to scratch their own itch and we can help to promote the idea and try to find more people to help.

How do I fit the board

So why should you vote for me in upcoming elections? I’m by nature calm person. It is really hard to upset or angry me. So if you ever get into conflict with somebody, you want me to be part of your jury as I will try to be as objective as possible. If you are a villain, you probably don’t want me there thought. Regarding budget, I’m quite frugal. I was a student for a long time and I learned to think twice before spending money. But I’m working on it and learning how to spend money. Instinctively I’m always thinking whether the goal justifies the expenses. So don’t expect those Lamborghinis for release parties.

Regarding communication, I worked in two big companies (one of them being SUSE) and I learned what is troublesome for those companies and what is easy. Quite often it is counterintuitive. Understanding how this works can help find a better deal for both sides. Regarding encouraging people to do stuff, I try to do it whenever I speak somewhere about openSUSE.

I think I would fit into board nicely but so would the others running for the board. Your task is to choose who do you think fits the best and who matches your our world view the most.

About me

For those who don’t know me, I’ll sum up who am I. As you probably noticed, I was openSUSE Board member last two years. Apart from that, I try to promote openSUSE whenever possible so you might have met me on some conferences and with Tomas Chvatal, we have lessons in local school teching kids Linux (on openSUSE). What I’m lately most known for is that I wrote a bot that tried to kick almost every eligible voter from openSUSE members. But even that bot was just and tried to kick people regardless whether I consider them my friends or whether I never heard about them. There was a bug, I found it and you can look forward to next round after the election. The goal is to know who is still around. It will help us to interpret how are people interested in elections. But in the future there might be some even more important things to decide. And if there ever will be need for some community wide decision that should be taken by majority of our contributors, we should know whether people just don’t care or whether the votes we got are representing roughly the people we still have and we just have too many late members. It can also help to decide whether package is still actively maintained – if it’s maintainer got kicked out, he probably is not around anymore to fix your issues and it’s time to step up. So it can be useful, but I’m sorry for all those falsely accusing mails. And it will be finished after elections regardless whether I get elected or not, so not voting for me will not stop it 🙂

What would I do if I get elected? Will I try to kick out more people? Probably not. I will represent you the best I can and given the power board has, I will encourage you to do whatever crazy projects you like. But I’m not going to promise to solve all the bugs or make you rich. That is not in boards powers.


Real world politics usually mention which famous artists are supporting them. I don’t have any and I think those doesn’t matter. What I would like to do instead is to endorse one of my competitors. Well, I could easily endorse all of them, but then you wouldn’t vote for me. With one endorsement, there is still the other seat 🙂 I would like to endorse Sarah. I know her for some time. During conferences you can find her on openSUSE booth promoting our awesome project. Between conferences helping with Leap releases and openSUSE infrastructure. I know she would represent openSUSE well (she already does) and I believe that as a board member she will always act in openSUSEs best interest.


Turris Omnia and openSUSE

About two weeks ago I was on the annual openSUSE Board face to face meeting. It was great and you can read reports of what was going on in there on openSUSE project mailing list. In this post I would like to focus on my other agenda I had while coming to Nuremberg. Nuremberg is among other things SUSE HQ and therefore there is a high concentration of skilled engineers and I wanted to take an advantage of that…

Little bit of my personal history. I recently join Turris team at CZ.NIC, partly because Omnia is so cool and I wanted to help to make it happen. And being long term openSUSE contributor I really wanted to see some way how to help both projects. I discussed it with my bosses at CZ.NIC and got in contact with Andreas Färber who you might know as one of the guys playing with ARMs within openSUSE project. The result was that I got an approval to bring Omnia prototype during the weekend to him and let him play with it.

My point was to give him a head start, so when Omnias will start shipping, there will be already some research done and maybe even howto for openSUSE so you could replace OpenWRT with openSUSE if you wanted. On the other hand, we will also get some preliminary feedback we can still try to incorporate.

Andreas Färber with Omnia

Andreas Färber with Omnia

Why testing whether you can install openSUSE on Omnia? And do you want to do that? As a typical end user probably not. Here are few arguments that speaks against it. OpenWRT is great for routers – it has nice interface and anything you want to do regarding the network setup is really easy to do. You are able to setup even complicated network using simple web UI. Apart from that, by throwing away OpenWRT you would throw away quite some of the perks of Omnia – like parental control or mobile application. You might think that it is worth it to sacrifice those to get full-fledged server OS you are familiar with and where you can install everything in non-stripped down version. Actually, you don’t have to sacrifice anything – OpenWRT in Omnia will support LXC, so you can install your OS of choice inside LXC container and have both – easily manageable router with all the bells and whistles and also virtual server with very little overhead doing complicated stuff. Or even two or three of them. So most probably, you want to keep OpenWRT and install openSUSE or some other Linux distribution inside a container.

But if you still do want to replace OpenWRT, can you? And how difficult would it be? Long story short, the answer is yes. Andreas was able to get openSUSE running on Omnia and even wrote instructions how to do that! One little comment, Turris Omnia is still under heavy development. What Andreas played with was one of the prototypes we have. Software is still being worked on and even hardware is being polished a little bit from time to time. But still, HW will not change drastically and therefor howto probably wouldn’t change as well. It is nice to see that it is possible and quite easy to install your average Linux distribution.

Why is having this option so important given all the arguments I stated against doing so? Because of freedom. I consider it great advantage when buying a piece of hardware knowing that I can do whatever I want with it and I’m not locked in and depending on the vendor with everything. Being able to install openSUSE on Omnia basically proves that Omnia is really open and even in the unlikely situation in which hell freezes over and CZ.NIC will disappear or turn evil, you will still be able to install latest kernel 66.6 and continue to do whatever you want with your router.

This post was originally posted on CZ.NIC blog, re-posted here to make it available on Planet openSUSE.

Older posts «