Re: Python's making my head hurt...
On Sat, Jan 05, 2008 at 03:00:27PM -0500, Star wrote: Okay, I'm not a python coder, nor do I really desire to be yet... I'm trying to run a system that uses Python pretty heavily, and while it's starting up, I'm getting an error just before it bombs... The error is ImportError: /usr/lib/python2.4/lib-dynload/cPickle.so: undefined symbol: PyUnicodeUCS4_DecodeRawUnicodeEscape I expect that this means that if you open python on the box in question and do the following: $ python import cPickle You'll get the same error. If that's the case, something is broken on your system. Since the version of Python in Sid has been in testing since 2007-06-09, it seems likely to be esoteric. Are you sure that this hasn't been modified by something? $ debsums -c python2.4 Would tell you if it had... When did you last apt-get update/upgrade? sid can be anything in the past n years :) (Though if 'python' is python2.4 means it's post-sarge, at least.) Can any python-guys/gals point me somewhere where I might find some more information? Or perhaps help me with some ideas on writing a short test script that can help me duplicate/confirm that it's an error with the debian packaging? Trying to import cPickle should confirm/deny this. Checking that the package is up to date first is a good plan: dpkg --list python2.4 should show version 2.4.4-6 if you're up to date. (2.4.4-3 on etch.) Also, I'd highly recommend not using sid on a machine that you want to be stable -- it's called 'unstable' for a reason... Regards, -- Christopher Schmidt Web Developer signature.asc Description: Digital signature ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: IRC (was: threadjacked a lot)
On Tue, Jul 10, 2007 at 02:30:02PM -0400, Chip Marshall wrote: On 7/10/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Threads like this one on the cent key - consisting of lots of short, curious, posts - really make me wish we had a #gnhlug on freenode or something. Not sure how many other GNHLUGers use IRC, but I'm regularly on EFnet and can be on freenode if it's preferred. Why not start a channel and see who shows up? We did. It was the same 6 people for 1.5 years, and then we all migrated away because there was never any conversation there. :) Out of curiosity, what do people use for IRC clients these days? I was hooked on orabidoo's sirc for a long time, then switched to irssi a few years back. Tried x-chat for a bit, but never got the hang of the whole GUI thing. irssi. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Package management
On Tue, May 15, 2007 at 12:00:16PM -0400, [EMAIL PROTECTED] wrote: In fact, # ls -dl /usr/lib/python* drwxr-xr-x 15 root root 17313 Mar 10 2006 /usr/lib/python2.3 drwxr-xr-x 19 root root 21465 Mar 14 2006 /usr/lib/python2.4 this system is already running 2.3 and 2.4 side-by-side. In the debian world, this is done by having multiple packages, so when you install 'python', it really goes under the hood and installs python2.3 -- you can then install Python2.1, 2.2, 2.3, 2.4, 2.5 alongside it. (I have all of these installed on my server because I like to know when I'm going to break compatibility with an old Python. I have a couple things I've released now that will actually work down to 2.1, which is kind of cool. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Package management
On Tue, May 15, 2007 at 01:40:50PM -0400, Paul Lussier wrote: [EMAIL PROTECTED] writes: From: Paul Lussier [EMAIL PROTECTED] Date: Tue, 15 May 2007 11:34:21 -0400 Cc: gnhlug-discuss@mail.gnhlug.org $ apt-get source foo=desired package number $ cd foo-version number $ dpkg-buildpackage -rfakeroot $ cd .. dpkg -i foo-version number I think you forgot to apt-get build-deps or whatever that OTHER debian magic command is. Perhaps, though I've never done that. # emerge =dev-lang/python-2.4.2 and find something to do for 1/2 an hour. Does that install the package for you, build a package you can then use elsewhere, or both? It is entirely possible/reasonable that I would want to build a package to install elsewhere without actually installing said package on the build system. In which case, a command which installs it for me but does not leave the package behind is useless to me. As is a system which both installs and builds the package. 'emerge' is similar to 'apt', in that it is a top level command which ties together lots of smaller commands, iirc. So, although that command will build+install, there are also commands to just build, and just install, if memory serves. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Really useful tool for people doing web development
On Fri, Apr 13, 2007 at 03:09:47PM -0400, Kent Johnson wrote: Ted Roche wrote: Kent Johnson wrote: If you are doing any JavaScript development and you're not using Firebug you should run, don't walk, to http://www.getfirebug.com/ Or HTML or CSS. FireBug helped me track down a problem with HTML and CSS which worked fine in good browsers but would fail to work in that ugly proprietary browser that the customer insists we support. Thanks for the tip, Kent! Does Firebug work in ugly proprietary browsers? I thought it was Firefox-only. Some useful pieces of it (console.log and the like) are available from http://www.getfirebug.com/lite.html . Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: mythtvfest
On Sun, Mar 25, 2007 at 08:59:13PM -0400, Ben Scott wrote: On 3/25/07, Seth Cohn [EMAIL PROTECTED] wrote: Ben, calm down. Calm? I'm calm! I'm wicked calm!! LOOK AT ME, I'M CALM!!! WHAT MAKES YOU THINK I'M NOT CALM??!one To quote the Big Lebowski: Calmer than you are. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Linux hosting options, pros and cons
On Fri, Mar 09, 2007 at 06:28:29AM -0500, Kent Johnson wrote: trying again, first time didn't seem to get through Ted Roche wrote: A client with a database-backed LAMP application is considering moving to a new hosting provider for their system. Surfing the web, they find all of these $6.95/month deals and can't figure out why anyone would pay more. I know there are a number of folks on the list who provide such services for themselves or their customers, and would welcome feedback, from what questions should be asked to what features we should be looking at. (I should explain we - I am the developer of the app, and an adequate sysadmin, and will likely end up installing, configuring and maintaining the system) In my new job I am hosting a web site at WebFactional. I thought you might be interested in some first impressions. I believe webfaction -- which it looks like is the same thing as webfactional -- is run by the same people as python-hosting/python-hosted. When hosting a project (trac + svn) there, at one point the machine we were hosting on failed, and we lost 5 days worth of wiki and SVN edits. (The nightly backups were corrupted or something similar.) This doesn't include the fact that before we found this out there was approximately 48 hours of downtime. Obviously, this is a rare circumstance. A number of different circumstances conspired to bring the situation to where it ended up. It was, however, enough for us to take on the responsibility and move our trac/SVN hosting in house, giving python hosting the boot. They were extremely apologetic and duly chastised by the experience, and I'm sure things have changed, and as I said, it did seem to be an isolated incident, but it was several man-days of work that was just gone. Just my personal experience with what I think is the same people. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: LaCie Ethernet Disk RAID
On Thu, Mar 01, 2007 at 06:58:01PM -0500, thinkliberty wrote: I just got a LaCie Ethernet Disk RAID which runs Linux. They even tell you that the OS is Linux in the product feature chart. See: http://www.lacie.com/products/product.htm?pid=10877 No where in the documentation (users manual, quick start guide, etc.. ) is a copy of the GPL or even a mention of it. I called their tech support line to see if they had a website or something where I could download the source code or if they could mail it to me and the tech support agent told me that I could not have it. That the OS is proprietary! How could a sane company use software in their product without agreeing or understanding the License? If I owned any Lacie stock I would sell it. Don't they only have to distribute the OS if they modify it? It may be entirely Linux underneath, but with no modifications to the Kernel, running a proprietary distribution on top of that, which doesn't touch the kernel. Although I don't think that gets them out from not including the GPL, I think it would mean they don't need to give you the code so long as they point to where they got it, no? Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: The Debian Flamewar Strikes Back! (was: ARTICLE - ESR gives up on Fedora)
On Mon, Feb 26, 2007 at 06:34:36PM -0500, Ben Scott wrote: On 2/26/07, Paul Lussier [EMAIL PROTECTED] wrote: and they don't make into testing without going through unstable for a while. I thought things only had to be in unstable for seven days, without any issues being filed against them, before being promoted to testing? I certainly saw quite a bit of package churn while running Etch. 10 days, yes. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Gentoo (was: ARTICLE - ESR gives up on Fedora)
On Mon, Feb 26, 2007 at 09:04:46PM -0500, Ben Scott wrote: On 2/26/07, Dan Miller [EMAIL PROTECTED] wrote: Whats scarier? vim /etc/config_file.config or kate /etc/config_file.config? Its not that scary, you don't need to edit many many config files. Scary from the point of view of P17T [1]. 1. PDOTLREBTWWLLAPACTT [2] 2. People doing ordinary tasks, like reading email, browsing the web, writing letters, looking at pictures, and calculating their taxes. Its not that scary. I've automated most commands I do. I have a nightly cron that syncs the portage, then runs emerge -upD world (check everything in my world file and its dependicies to see if there are any updates). The output of this and glsa-check -tv all (check to see if any install packages have security issues). The output of these are then emailed to me every morning. I also have a logwatch report that comes to me. ... Thanks for making my point for me. ;-) I have no idea what most of that means, and *I'm* a certified geek. Now, I'm sure I could figure it out, given time and manuals and Google. But I do this kind of crap for a living. P17T would be terrified by the above. :) I open up the CLI to run emerge, ssh, and various other commands. The CLI is faster in some ways than any gui. I agree. I'm a command-line junkie. But P17T insist on using GUIs. Partly because it's what they're used to. Partly because they do enable easy exploration of the unknown. Emerging OpenOffice took me about 3 hours, thats on a dual-core dual proc Opteron 2800SE with 4 gigs of ram. Yikes. I tremble to think of how long it would take on the 1200 MHz, 256 MB box I was running at home eight months ago. Still, that's useful as hard data; thanks for offering it. :) A full build, from the ground up, using no binary packages, of the things that I felt I needed to get *started* in Linux (no gnome, no openoffice -- evilwm, vim, xterm, firefox, gkrellm, and the things needed to support them) took about 2 days on my 1600Mhz p4 with 512MB of RAM. During most of that time, I had access to vim/irssi and some other console stuff I grabbed early, but no GUI. The biggest time was X, iirc, in the 4-6 hour range. OpenOffice compiles tended to take on the order of 8-12 hours, depending on what else I had going on on the machine. Eventually, I learned about the OO-bin packages (I think they were relatively new at the time) and started using them, along with firefox-bin packages. However, the Gentoo install CD has all of the binary packages you need, so if you do things right, you can install everything from binary packages the first time, get things to where you want to, and then start the painful compiles later. (This was difficult enough that I didn't know how to do it the first time I installed Gentoo.) http://bash.org/?464385 This is still an accurate represntation of my memory (4 years ago now, mind you) of installing Gentoo. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Embedded database recommendations?
On Wed, Feb 21, 2007 at 09:57:39AM -0500, Drew Van Zandt wrote: Hey guys... I'm shopping for an open-source database for embedded use, biggest expected install around 230 million records stored per month. From google research I think I've narrowed it down to SQLite or Firebird (postgre and mysql aren't embeddable enough, etc.) but I could really use some group discussion to help me make up my mind and make sure I haven't missed something better than those two. Must be able to run compiled in to another app or as DLL, as SQLite and Firebird can... anyone have experiences pro or con? I use sqlite on a daily basis. I like it. It works well. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Evolution sucks??
On Mon, Feb 12, 2007 at 04:06:13PM -0500, TARogue wrote: On Mon, 12 Feb 2007, Jeffry Smith wrote: Next question: What's people's favorite e-mail systems? Pine. Because I know all the commands. Except how to reply only to gnhlug, and not everyone else without editing the To: and Cc: lines. Oh, wait ... that's the way the list is configured. :-p Hm. It is? I just hit L in mutt... let's see who this ends up getting sent to ... :) If your mailer doesn't provide a 'reply to list' button, it's broken. Get a new one. Like mutt! /holywar Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: httpd lineage
On Thu, Feb 08, 2007 at 09:20:14AM -0500, Paul Lussier wrote: I'm a big fan of consistency. Call the package what the package is. httpd is not the name of the software, that would be apache. Er... I don't think I agree with you. The name of the software is Apache HTTP Server. Saying that the name of the software is Apache is ignoring the fact that there are about 40 other projects equally capable of taking the name 'Apache': Everything from 'Apache Jackrabbit' to 'Apache Xalan'. Apache is totally non-specific, and I've had people tell me they have 'Apache' running when what they really have running is Tomcat. This confusion obviously sucks, but I don't think someone can claim that either Debian or Red Hat is in the right here, since neither calls it apache-httpd :) Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: The new 'Linux Foundation'
On Thu, Feb 08, 2007 at 09:46:54AM -0500, Drew Van Zandt wrote:
I find the redhat httpd (and thus by extension the w3c naming)
Er, W3C? What relation does the W3C bear to Apache, or even webservers?
irritating, because despite popular belief, apache isn't the only
(*nix) http server around. Yes, it's the Cadillac, but thttpd (for
example) excels for things apache isn't good at (and won't be because
they require different design decisions.)
Now, which httpd is that in the process list, again?
Do you find bind ('named') irritating in the same way?
Regards,
--
Christopher Schmidt
Web Developer
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: httpd lineage [Was: The new 'Linux Foundation']
On Wed, Feb 07, 2007 at 06:16:18PM -0500, Bill McGonigle wrote: On Feb 7, 2007, at 13:20, Neil Joseph Schelly wrote: I think that was a Debian-based vs. RedHat-based distro joke/ reference. Over my head, I'm sure. :) Debian packages of Apache call it apache. In the process list or package name? Paul was talking 'ps'. I guess you could modify the apache build scripts to make a binary called 'apache'. In the process list. /usr/sbin/apache and /usr/sbin/apache2 are the binaries that Debian ships with the apache and apache2 packages. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Fw: linux newbie
On Mon, Jan 15, 2007 at 11:30:39AM -0500, Ben Scott wrote: [replying on-list to an off-list reply, with the author's permission) Sometimes, the package(s) you need will be mentioned in the installation instructions or release notes. More often, the developer assumes that every computer in the world has the exact same configuration as his own computer. Or that author doesn't have the resources to start 'clean' and find out what exactly installs all the pieces he's depending on. When I type import Cheetah in Python, I don't know what debian packages I'm depending on -- even if I were to look in obvious places, i'ts likely I'd miss something. Having a 'clean room' state for a machine is handy, but given the nature of open source, is often a bit more than you can expect from a casual developer. It makes life more difficult for everyone else, but oftentimes it's merely the result of an inability to find the information neccesary to describe a recreation process. Or sometimes they're just lazy. :) Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: impromptu web server using netcat
On Sun, Jan 14, 2007 at 04:31:54PM -0500, David J Berube wrote: Note that the netcat is considerably lighter weight than either the Python or Ruby intepreters. Also note that there is a nice degree of elegance in that the NetCat solution serves one file and only one file. On some Windows machines, and many Linux distributions, Python is installed by default these days -- it's often used for setup and configuration of the system, which means that you might have python in a situation where you don't already have netcat (I don't tend to install it on debian machines until I run into a need for it.) So, although netcat may be more lightweight, Python may still be lower setup cost wise. I've never found a machine with Ruby installed and not Python yet though :) Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: License finder?
On Fri, Dec 01, 2006 at 05:19:18PM -0500, Ben Scott wrote: On 12/1/06, Bill McGonigle [EMAIL PROTECTED] wrote: Any ideas? Neither apt nor dpkg seem to have --what-license option :( Did you get this figured out? I see the website has links like: http://packages.debian.org/changelogs/pool/main/liba/libalgorithm- annotate-perl/libalgorithm-annotate-perl_0.10-1/libalgorithm-annotate- perl.copyright that should be good enough to get your result. That gives you the full copyright file, which sometimes doesn't even include license terms (I've seen them reference other files). Paul's looking for a concise list, with package to license listed, one per line. It appears the only way to get the result desired, with a Debian system, is to check each package manually, and make a list. Or (and this sounded like the route Paul was going) pay someone else to do it. Just to add fuel to the fire: After we decided this last time, I did ask some friends of mine, and that was basically the answer I got from the most debian-knowledgable people I have around. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Balmer says Linux uses Microsoft 'property'
On Sat, Nov 18, 2006 at 04:05:19PM -0500, Ben Scott wrote: On 11/18/06, Jefferson Kirkland [EMAIL PROTECTED] wrote: Novell never once said, Ok, so show me the code in question that you say is yours and show me your patent of ownership. Then, we'll talk. Do we know that? I thought the deal was made in private. You also have to remember, Novell's top management most likely sees this as a way to sell move SuSE licenses. They might well regard this whole situation as a Good Thing. It's also possible, given the cost of patent legislation, that they looked at the cost and said If we fight, we're fucked. I can't say anything to the likelihood of this situation, but I did want to point it out as a possibility. I know that most small businesses, when faced with the possibility of patent legislation, are much more likely to be successful by simply folding or being bought than by fighting big lawyers with lots of money. However, Novell doesn't in the least qualify as 'small company', so I'm not sure (as I said) how likely that situation is. Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Apache as SSL front-end for lame web app
On Wed, Nov 08, 2006 at 10:22:07PM -0500, Ben Scott wrote: Hi list, Hoping someone who knows more about Apache than I do can answer this quickly and easily, or point me in the right direction. Say I've got a lame web application running on a lame OS. No real authentication in the app. No SSL. Can't touch the config of the app's host OS or web server for lame reasons. I want to put an Apache box in front of it, and have Apache turn plain old HTTP into HTTPS, and also add a separate username/password prompt system to protect the lame app from being touched by anyone who doesn't at least have *some* credentials. Basically, turning a lame application with a trusted LAN only mentality to something might actually be safe to put on teh Interwebs. Any suggestions on how I might go about doing this? I found http://3cx.org/item/46, which I think tells me how to use mod_proxy to do the forwarding and SSL encapsulation. That's kind of what I was thinking. But can I throw some HTTP authentication on top of that, too? Sure. Location /myredirectedurl AuthType Basic AuthName My Lame WebApp AuthUserFile /some/file/location/user.htpasswd Require valid-user /Location Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Wonderful world of new dists..
On Thu, Nov 02, 2006 at 05:54:54PM -0500, Thomas Charron wrote: Ok guys and gals, I'm looking at dists that are out there, and I'm really leaning twards Gentoo for my laptop dual boot/VMWare. This is a brandy spankin new laptop, Toshiba P105-9722, Intel Core 2 Duo 7400, 2 gigs ram, blahblah. My feelings on Gentoo, as summed up by bash.org: @insomnia it only takes three commands to install Gentoo @insomnia cfdisk /dev/hda mkfs.xfs /dev/hda1 mount /dev/hda1 /mnt/gentoo/ chroot /mnt/gentoo/ env-update . /etc/profile emerge sync cd /usr/portage scripts/bootsrap.sh emerge system emerge vim vi /etc/fstab emerge gentoo-dev-sources cd /usr/src/linux make menuconfig make install modules_install emerge gnome mozilla-firefox openoffice emerge grub cp /boot/grub/grub.conf.sample /boot/grub/grub.conf vi /boot/grub/grub.conf grub init 6 @insomnia that's the first one http://bash.org/?464385 -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: FOSS benefits the field of computer engineering
On Fri, Jul 28, 2006 at 02:19:18PM -0400, Jon maddog Hall wrote: [EMAIL PROTECTED] said: I'd be interested in seeing a presentation like that. Afterwards, we could discuss taking the GNHLUG public. From my viewpoint it is public, it is just not profitable. :-) Who says you have to be profitable for an IPO? or for VC money? C'mon now! ;) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: From a NY Times Bestseller
On Tue, Jul 11, 2006 at 12:00:58PM -0400, Christopher Chisholm wrote: I'm sure with a quick google I could easily find this out, but... the Intel processors that Macs are using; are they just a regular x86 pentium? or are they actually a different architecture? I guess what I'm really wondering, are modern Macs just PCs with fancy cases? Additionally, I remember when I was working for the Merrimack school district, they ordered a lab of apple iMacs for one of the elementary schools. I can't speak for other versions of the hardware but lots of those ended up having many problems; overheating, disk failures, etc. To me, Apple appears to be very good at marketing, and very average at building systems. Most people I know that use them seem to cite software as the primary reason to use one, and don't really know anything about the hardware. Am I wrong believing that pretty much any software you can get for Mac OS you can find equivalents (or even the same software) for in other operating systems? The only reason I have a Mac is a combination of hardware and kernel support for a specific purpose: Bluetooth Dial Up Networking. A mac is the only device I could buy 2.5 years ago that would let me trivially set up a connection to the internet via Bluetooth on my Nokia 3650 phone. I tried to do this for several weeks in Linux, and have only the loss of hours as a result to report. It's a small, fast, lightweight machine. It performs well, does everything I need, and doesn't do anything I don't expect of it. There are a number of things which tend to make Mac software more usable than other platforms: Because of the control over the hardware, it is easier to build software that exploits that hardware, and the Apple cartel has successfully built dozens of APIs around things that Linux simply doesn't have, making everything from Network Programming to GUI interfaces simple enough that far more developers can target the platform. Apple offers core access to the graphics capabilities on the machines through the OS (Which sounds strangely like another mega-corporation in the computer world) in a way that makes developing using those technologies more attractive. They have continually worked on making writing software as easy as it can be -- on their platform, and iwth their tools. They've done a good job with that: there is a lot of software out there whose functionality is replicated by the mac, but typically it's done in a way that's much less intuitive, much less friendly, and in many cases, much less useful. (Try doing cross-network interactive multiple-person editing on any other platform. I'm interested to see your results.) Apple can do this because they control the hardware. They can work with a limited subset of the graphics cards out there, and make sure everything works. That's not a bad place to be for Apple. Some people would say it's an unfair advantage that Apple has over its competitors. I don't disagree, but in the end, I don't care. The current generation of Mac hardware and software is easy to use, works well, and does things that I can't (or couldn't) get anywhere else. That's why my laptop is a Mac. (Of course, the reasons why I'm probably going to pay the $200 Black Tax to get the black macbook when I buy a new computer are harder to quantify. They're more along the lines of SHINY.) Regards, -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Bluetooth [was: Re: From a NY Times Bestseller]
On Tue, Jul 11, 2006 at 01:38:54PM -0400, Mark Komarinski wrote: Christopher Schmidt wrote: The only reason I have a Mac is a combination of hardware and kernel support for a specific purpose: Bluetooth Dial Up Networking. A mac is the only device I could buy 2.5 years ago that would let me trivially set up a connection to the internet via Bluetooth on my Nokia 3650 phone. I tried to do this for several weeks in Linux, and have only the loss of hours as a result to report. Takes a bit of configuring, but I have BT working on my FC5 system working just fine. In fact, it's working better than my wireless. The hardest part is figuring out the dial string, and that varies by wireless provider (if you have FC5, I might be able to get you the scripts I'm using). Getting it working these days is comparitively trivial. At the time, there was no kernel released by my distro which had support for Bluetooth, there were two competing standards for kernel-level bluetooth, there were few applications, and less documentation. For a while, I could have quoted you the relevant bits of every Bluetooth set up webpage out there -- becuase I'd read every single one Google could find. Setting up the same thing on my Ubuntu machine about 2 months ago was easy. As was grabbing data from my Bluetooth GPS. As was grabbing photos from my cell phone. But 2.5 years ago, there was no standards. There was no *anything*. Bluetooth was a mess, and none of the distros did anything with it. Patching kernels 8 months into my linux experience was not my favorite thing to do :) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: From a NY Times Bestseller
On Tue, Jul 11, 2006 at 02:48:26PM -0400, Christopher Chisholm wrote: Fair enough! All of that makes sense to me. Do you think that because the processors are now Intel perhaps more hardware will become available and thus damage the positive points that you've mentioned? Or do you think that they will continue to use very proprietary hardware overall to maintain the same benefits they've always had? Also, do you feel like cross-platform programming languages/APIs/etc could ever do as good a job at providing developers with an easy to work with solution across hardware and operating systems? Mac hardware has always won because it's tightly integrated and tested in the only possible configuration that's possible (for each model of hardware). No other organization will be able to offer the mix-and-match style of Linux/Windows, offer the same level of software support, and get the same capabilities that Apple is able to out of their platform that they've built, in my opinion, although I've been wrong many times before. Cross-platform programming APIs, Languages, etc. all suffer under the same problem: you're translating from a cross-platform level to a native level, at some cost. There is no API to say 'make the screen ripple like water is going over it' in Linux: implementing that at a level across all platforms such that it can be as simple as some of Apple's APIs have made similar actions is either hard or impossible. Apple has built tools (and most importantly, documentation) that allow for developers to easily access from a high level actions which would typically be considred to be done manually. Whether it's the graphics example mentioned above, or networking support, or any other of a number of things, Apple has done a good job. I don't think it will be possible in the near future to compete against that. The chip doesn't make that big of a difference. The software makes the difference. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Stupid ebay/amazon question
On Thu, Jun 29, 2006 at 10:31:20AM -0400, John Abreau wrote: Steven W. Orr wrote: Ok. I take it back. I thought this was a good explanation but I realize it's not. Let's try again: I go to ebay and I log in. Now ebay knows who I am. Then I browse around and look at a bunch of different items. In no case am I providing anyone with my email address. Then, after a finish with ebay, for a few weeks, the number of ebay spam messages goes up. Yes, I did not discriminate with the cookies; I let them all be set. Is that enough for them to know how to get my address? A lot of auction pages include images. If a page can use images hosted on a seller's server, and the img tag can be coded to include information such as your ebay login name, This would be the bad part, in my opinion -- when I'm logged into ebay, it should not be possible for other people to insert code which would have access to my ebay login name/user name/email address. If that is the case, eBay is either deliberately or through incompetence allowing advertisers to get access to your personal information in a way that is completely inappropriate. I don't know how likely that is, but there is no technical reason why this should ever be a requirement, which means that if this is happening, it would be either malicious or ignorant. I did take a quick look through the ebay HTML, and didn't see anything that would indicate that this is the case. No references to the username in ways that an external advertiser would be able to easily exploit. But that doesn't mean there aren't any. Just that I couldn't find 'em. ;) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Stupid ebay/amazon question
On Thu, Jun 29, 2006 at 10:52:17AM -0400, John Abreau wrote: Christopher Schmidt wrote: I did take a quick look through the ebay HTML, and didn't see anything that would indicate that this is the case. No references to the username in ways that an external advertiser would be able to easily exploit. But that doesn't mean there aren't any. Just that I couldn't find 'em. ;) If eBay allowed something like php or asp, you wouldn't necessarily see evidence of it in the generated html. That would be in the case of the information being delivered directly to the advertisers. The question here is Can advertisers, or those placing images/other content on eBay.com, get access to your personal information. I'm assuming that advertisers, or other persons able to place content on eBay.com, do not have access to ebay's servers, and the code they're running in the backend -- if they did, then eBay would already be giving them the keys. Given that, I'm not sure what your statement was relating to. It seems completely irrelevant to the discussion, which probably means I'm misunderstanding part of the discussion. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Stupid ebay/amazon question
On Thu, Jun 29, 2006 at 11:35:56AM -0400, Ben Scott wrote: On 6/29/06, Christopher Schmidt [EMAIL PROTECTED] wrote: I don't know how likely that is, but there is no technical reason why this should ever be a requirement, which means that if this is happening, it would be either malicious or ignorant. You forgot apathetic. A lot of organization know they play fast and loose with customer data, but just don't care. Or, at least, don't care enough to do something about it. Sometimes they feel a little bad, I guess. I was trying to give them the benefit of the doubt with 'ignorant' -- but I consider known issues exposing customer data to be malicious insofar as they are not holding up their end of customer expecations. Regardless of the reason for that being We would like to expose your data or we don't care if we expose your data, as a customer, the difference is null: if you know my data is being exposed, and you don't do anything about it, you're just as much at fault as if you do it on purpose. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Stupid ebay/amazon question
On Thu, Jun 29, 2006 at 11:51:06AM -0400, Fred wrote: ... A lot of auction pages include images. If a page can use images hosted on a seller's server, and the img tag can be coded to include information such as your ebay login name, This would be the bad part, in my opinion -- when I'm logged into ebay, it should not be possible for other people to insert code which would have access to my ebay login name/user name/email address. If that is the case, eBay is either deliberately or through incompetence allowing advertisers to get access to your personal information in a way that is completely inappropriate. I don't know how likely that is, but there is no technical reason why this should ever be a requirement, which means that if this is happening, it would be either malicious or ignorant. I did take a quick look through the ebay HTML, and didn't see anything that would indicate that this is the case. No references to the username in ways that an external advertiser would be able to easily exploit. But that doesn't mean there aren't any. Just that I couldn't find 'em. ;) I have heard of exploits involving image files that have been tainted to exploit vulnerabilities in the image decoding software. It is possible, say, if you were using browser X with vulnerability Y with JPEG images that someone could exploit, say, a buffer overrun to execute native code to eventually do whatever they want. Even though I'm sure the vulnerability I've heard about long ago has long since been taken care of, there is never the time to rest and be naive. Some new codec, Flash module, or anything may have some exploitable vulnerability in it. And usually you only discover this after the fact, after your system has been infected. And all of this is completely unrelated to the discussion at hand, which is a question of whether there is code inside of eBay's HTML, Javascript, etc. which external users placing content on eBay's servers can exploit to get access to your personal information as known by eBay. The fact that persons can steal your data via browser exploits is unrelated to eBay, and the discussion at hand. rant Most are not willing to go though such lengths, so I usually suggest the usual and obvious -- to us at least -- don't use IE or Outlook *at all*, and start from a known clean system. That alone will take care of 99.99% of the headaches. Alas, if you have kids in your home all bets are off there. My 8-year-old constantly begs me if she can use IE because some site she wants to visit won't allow any other browser. And *her* computer is so infected with malware it won't even boot anymore. Don't spread too much anti-IE FUD -- they're not the only people to be affected by this kind of crap. 90,000 LiveJournal users had their cookies stolen by an external agent at one point due to a choice Firefox has made to allow CSS to execute script in the current page context. (LiveJournal quickly moved to a different system for URLs, which contained the problem, and created and released a CSS Tokenizer which removes unsafe content.) Firefox has suffered similar image processing issues to IE with JPG processing around-a-bouts the time 1.0 came out. Internet Exploder, er, Explorer, may be more famous for these types of exploits, but that's in large part because it has the lion's portion of the market share. As FireFox has grown, it has proven repeatedly that it can be similarly exploited, and has been. The primary difference in the browsers is the amount of time to release a fix. Microsoft took something like 2 weeks to release a fix to 0-day-exploit in their image parsing library which has been around since Windows 95, and possibly Windows 3.11. (This was around January -- the WMF exploit.) In the end, someone came up with a modified version of the library which fixed the issue almost a week before Microsoft got around to releasing anything -- and Microsoft's schedule was only accelerated after days of exploits being reported by users and others around the world. The user in question had to use reverse engineering tools (probably violating his license agreement) in order to build the fix, but in the process, helped protect hundreds of thousands of users from possible exploits (of which there were many). Firefox, on the other hand, released a security release of their browser mere hours after the vulnerability in question was made public knowledge. Of course, many users are still running vulnerable versions because users never upgrade, but that's no less true of Windows and other proprietary software that is patched. All it really boils down to is that your computer is only really safe it's locked in a safe, disconnected from the internet... and preferably, turned off. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org
Re: Stupid ebay/amazon question
On Thu, Jun 29, 2006 at 01:22:43PM -0400, John Abreau wrote: Christopher Schmidt wrote: And all of this is completely unrelated to the discussion at hand, which is a question of whether there is code inside of eBay's HTML, Javascript, etc. which external users placing content on eBay's servers can exploit to get access to your personal information as known by eBay. I've seen some pretty fancy auction pages on eBay, some of which would be difficult for the seller to create without some sort of dynamic html capability such as php. There is no publicly identified way for users to run pages on *eBay's servers*. If you find evidence to the contrary, I would be very interested in seeing it. 'It looks dynamic' doesn't mean much to me. You could include an iframe in an ebay auction page, and have it load all the data from some other server, which would give you the look that you've described, without needing to run code on eBays's server. As I pointed out in an earlier reply in this thread, if a seller can use anything like php, asp, or jsp, then they potentially have access to any and all data your browser passes to eBay's web server. If you're logged into ebay at the time, I imagine that probabyl includes your ebay login name. It sounds like we are in agreement that running code on the server generating the auction page would mean something different from being able to include pages from another site. I've seen much evidence of the latter, and never seen any evidence of the former. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Fw: Recommendations for Hotspot managment software...
On Sun, Jun 18, 2006 at 08:53:33PM -0400, hewitt_tech wrote: I have a client for whom I want to setup a public hotspot. They are a medical facility so security is of paramount importance. By security I mean the hotspot can in no way interfere or allow access to their medical applications. So far the best looking application is something called Public IP ZoneCD which can be found on Sourceforge and the project web site at http://www.publicip.net/ . Has anyone used this software or otherwise have a recommendation for software that can be used to manage a hotspot? The two things that come to mind immediately are: * Wifidog, http://dev.wifidog.org/ * NocatSplash/NoCatAuth: http://nocat.net/ I've never used either. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Where 2.0 Wired Writeup
Where 2.0 Writeup in Wired: http://www.wired.com/news/technology/0,71170-0.html Including mention of OpenLayers, an Open Source (BSD licensed) javascript engine that is very similar to Google Maps in functionality. Also talks about OSGeo, the Open Source Geospatial Consortium, an attempt to provide a roof under which to put a variety of Open Source projects, started and hosted by Autodesk. It also mentions me, which is probably the only reason I know about it. :) Anybody end up going to the conference? -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: [xgk]dm hackery.
On Thu, Jun 01, 2006 at 09:59:21AM -0400, Steven W. Orr wrote: I have a security question that relates to how to get around xlock. There are 2 scenarios. scenario #1: In this case, the system is not configured to run a graphic login. User Freddy logs in in text mode and then runs startx. While running his session, he locks the monitor using xlock. He walks away and Boris Badinoff comes along. BB types Ctl-Alt-F1 and is taken to the text window that is running X. He then types Ctl-C and has commandeered the text login and can do anything that that account allows. Thank you xlock. This is a problem with Freddy's choices, not with xlock. He should have typed startx , and once it was started, logged out of the text mode term. scenario #2: In this case, the computer is configured to run at runlevel 5 and Freddy logs in on a graphic login (i.e., xdm, kdm, etc...). BB comes along and hits Ctl-Alt-F1 and gets taken to the mgetty prompt for screen1. BB (or is it me) is stuck. Is it possible for BB to be able to do anything with the machine (short of sticking a cd in and rebooting) in scenario 2 to get control of that user's account? Not that I'm aware of. No more so than he would at the GDM screen, in any case. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Free kernel memory
On Thu, Jun 01, 2006 at 06:12:10PM -0400, Ben Scott wrote: On 6/1/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: I am looking for a way to flush the cached memory from a system. Why? Serious question. Linux normally does a pretty good job of managing memory. If nothing else is using the memory, it gets used for caching. Why install all that RAM if you're not going to use it, after all. As soon as a process allocates more memory, the cache will be released for that. And if it doesn't, /proc/sys/vm/swapiness will let you tell it to be more aggressive in handing this cache over to applications, I believe. Although I can't remember exactly. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: One Laptop Per Child pledge
On Fri, May 26, 2006 at 10:01:52PM -0400, Fred wrote: Anyway, just to add my own $0.02, I don't see the $100 PC making much f a difference -- unless it can connect to the Internet. Otherwise the third world will be limited to whatever content and software their respective governments will allow to be installed on those PCs. Er. The machines are running Linux -- Fedora Core or some RedHat variant? -- and the machines are designed to create ad-hoc wireless networks. Oh, and unless these PCs can be run with a hand crank or solar cells, still pretty useless in many parts of the world. And with the typical power consumption of laptop CPUs, that's a lot of hand cranking. And I don't see how you can keep the costs down to $100 if you have to include solar cells. Hand cranks or other similar alternative power options have always been the plan for the $100 OLPC laptops. The earlier marketing materials have always included pictures including a hand crank. There's ongoing discussion within the project as to how to accomodate the power needs of the laptop without depending on people to have wall sockets. Note that the laptops have no hard drives (flash only), relatively small screens, and are designed to run in black and white mode most of the time for better power consumption. Also note that these aren't PCs... I think that either you or I is completely misunderstanding the purpose of the project, or suffering under some similarly constricting misunderstanding. Care to enlighten me as to which it might be? -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Chris Schmidt speaks at Where 2.0
On Fri, May 12, 2006 at 09:09:31AM -0400, Ted Roche wrote: On his home page [1], Chris Schmidt announces, I'm going to be giving a lightning talk called 'Geolocation with GSM Cells' at O'Reilly's Where 2.0 [2] conference, on June 14th, 2006. Yep. I'd advise people to go, then I realized that they're charging $1200 a head for entrance. I wouldn't ever insist that people actually pay that much to see a 5 minute lightning talk, although I do think it'll be a really great conference all in all. So, if you're in the geo field, and your boss will pay for it, go to this conference! :) Congratulations! Thanks! [1] http://www.crschmidt.net/ No www! http://crschmidt.net/ :) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: GNHLUG Nashua, Thr 20 Apr, Eric Eldred explains the CC copyright alternative
On Wed, Apr 19, 2006 at 05:45:34AM -0500, Jim Kuzdrall wrote: Who  : Eric Eldred What : Creative Commons copyright alternative Where: Martha's Exchange Day  : Thur 20 Apr (*Tomorrow*) Time : 6:00 PM for grub, 7:30 PM for presentation Is someone doing an RSVP to Martha's? (I'll be there, in any case.) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On Thu, Mar 23, 2006 at 06:41:52AM -0500, Cole Tuininga wrote: The problem is that the application has no control which interface it uses when opening a socket to a remote system. This is a function of the network stack within the kernel - not a system call. Hence, this is not something that can be controlled at the application level. I don't know much about networking, nor much about the topic being discussed here, but I'm almost positive this is wrong. Postfix has a configuration option -- smtp_bind_address -- that is designed to solve exactly this problem, as I understand it. That doesn't help the sendmail users, of course, but smtp_bind_address is An optional numerical network address that the SMTP client should bind to when making an IPv4 connection. So, it's possible in Postfix. It seems like. Unless I'm confused. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Comcast and mail header errors?
On Thu, Mar 23, 2006 at 08:56:00AM -0500, Cole Tuininga wrote: That said, my suspicion would be that this setting only dictates what interface(s) that postfix *listens* on. Not what interface(s) it sends mail *out* on. Nope. When one IP that my machine exists on was blocked by AOL (some moron had a broken webpage leaking spam), I modified this option, and mail was no longer blocked. The key in the previously-referenced documentation is SMTP client. The SMTP client is the client that sends mail, not the server that receives it. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Perl v. Python (was OO.o, was METRO, was...)
On Fri, Mar 17, 2006 at 12:56:13PM -0500, Drew Van Zandt wrote: Google: Python vs. Perl Well Python wins, of course. Google uses Python in way more places than it uses Perl... Oh, you probably were using Google as a verb, and not a noun... -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Firefox crashes on a bad .gif?
On Thu, Mar 16, 2006 at 12:38:56AM -0500, Bruce Dawson wrote: Bruce Dawson wrote: Has anyone been to http://www.wunderground.com/US/NH/Loudon.html? It seems that a .gif file somewhere on that page is crashing firefox, mozilla, galeon, ... Found it: http://icons.wunderground.com/graphics/360arrows-r-nogray.gif Neither loading the image (in another application) nor opening the page in Firefox crashes on my mac... ;) More seriously, it's either fixed, or it's a platform issue, I guess. And then how to report it to Firefox? I can't seem to find out how to report it... https://bugzilla.mozilla.org/ ? -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Postfix Guides
On Wed, Mar 15, 2006 at 01:49:11PM -0500, Martin Ekendahl wrote: After some googling, I have failed to find any guides that give a thorough explanation of configuring postfix from scratch. I have a couple domains on the same box and need to set up some virtual email accounts without giving everyone a system account (mainly because I am a minimalist). Perhaps some of you have a good guide to postfix (I'd be willing to entertain other smtp's) bookmarked somewhere that you'd be willing to share with the rest of the world? :-) http://workaround.org/articles/ispmail-sarge/ -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Acceptance of OpenOffice.org (was Re: Gov't , economics and technology (was Re: METROCAST BLOCKS RESIDENTIAL E-MAIL))
On Mon, Mar 13, 2006 at 02:47:59PM -0500, Dan Jenkins wrote: I was talking to someone (a middle-school teacher) at a party over the holidays who mentioned his school's computer science class. I was curious what programming languages they taught. He assured me that they didn't allow hacking at all. After a short discussion, I discovered he apparently did not know that computer software was written by people using programming languages. (I didn't try to find out where he thought it came from.) So, their computer science class doesn't teach, nor allow, programming at all. I just went to get another drink; it wasn't worth the effort to explain otherwise. As a counter to this: At the high school level, typically computer science is a prep course for the Computer Science A or AB test. When I took it (about 6 years ago), this was in C++ -- It's been changed now to be Java, after I finished the program in 2001, but the AP test itself is focused around concepts: Computer Science A [1] Computer Science A emphasizes object-oriented programming methodology with an emphasis on problem solving and algorithm development and is meant to be the equivalent of a first-semester course in computer science. It also includes the study of data structures and abstraction, but these topics are not covered to the extent that they are covered in Computer Science AB. Computer Science AB [2] Computer Science AB includes all the topics of Computer Science A, as well as a more formal and a more in-depth study of algorithms, data structures, and data abstraction. For example, binary trees are studied in Computer Science AB but not in Computer Science A. The use of recursive data structures and dynamically allocated structures is fundamental to Computer Science AB. Up until about 3 years before I took the class (98-99) all the AP materials and course materials were in Pascal. So, although most classes labelled computer science (*especially* before High School) may not be actually teaching said topic in the primary and secondary schools, there is definitely some teaching of these concepts. However, of the 20-30 kids in my class, I was the only one to actually take the AP test. (I scored a 5, the highest possible, primarily due to out of class learning.) Not a perfect world, by any means, but if you have the interest, and want to put forth the effort, you typically can get to a point where you have the knowledge neccesary to demonstrate some computer science knowledge at the high school level. This is true in any subject: primary and secondary education caters for the most part ot the bare minimum, but there are resources to go farther than that if you wish, and have the determination to do so. [1] http://www.collegeboard.com/student/testing/ap/sub_compscia.html?compscia [2] http://www.collegeboard.com/student/testing/ap/sub_compsciab.html?compscia (Apologies ahead of time for anyone I may have made to feel old due to the years listed in this post.) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Acceptance of OpenOffice.org (was Re: Gov't , economics and technology (was Re: METROCAST BLOCKS RESIDENTIAL E-MAIL))
On Mon, Mar 13, 2006 at 03:09:33PM -0500, Jerry Feldman wrote: About 10 years ago, home computers were pretty much beyond the reach of most public school teachers. It has only been since then that many have been able to afford them. Additionally, it is difficult for school systems to keep their equipment maintainable and reasonably up-to-date. Further to my previous email about computer science courses: The C++ machines we were working with were running Windows 3.1. Of course, we never logged into that OS: all of our work was done in Borland's Turbo C++ DOS IDE. The class did involve writing a scary amount of graphics code using Borland libraries of some kind that I was never able to reproduce outside that environment. The computers were supposedly bought originally in 1988 or something similar. The rest of the school was using Windows 98 (which later transitioned to Windows 2000 in the library), but they didn't have the ability (or didn't want to, with Java coming around the corner) to transition to new machines for the C++ development. This is probably related in part to the fact that the teacher of the course had been doing it for more than a dozen years, and didn't want to have the thing he knew (the machines) change, when he'd already changed languages on them. So, although most of the computer related classes - Desktop Publishing, Word Processing, etc. - were taught on relatively modern machines running a recent windows version, the Computer Science courses were taught on the oldest computers in the school (for student use anyway). -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: METROCAST BLOCKS RESIDENTIAL E-MAIL
On Sat, Mar 11, 2006 at 09:43:14AM -0500, Jeff Kinz wrote: On Sat, Mar 11, 2006 at 06:17:10AM -0500, Fred wrote: On Tuesday 07 March 2006 16:43, Ed Lawson wrote: Brian [EMAIL PROTECTED] wrote: Sending an email through your own/alternate server should not be prevented. I understand your sentiment, but should has nothing to do with it. Should is not a factor. There is an agreement which specifies the service to which you are entitled upon payment for that service. You are entitled to nothing more and nothing less. I send my mail out to my dedicated servers all the time over encrypted connections. SMTP has TLS and SSL options, and one of them goes across a port other than 25. Fred, I'm not sure I understand this. The thread is talking about sending mail out from our own systems which is getting port blocked by some ISP's. You seem to be talking about sending mail out to your alternate server (from which, I assume, it is further redistributed). Are these the same things? The quoted post that he replied to from Brian was talking about sending through an alternate server. (Both topics were covered in this thread.) Sending out mail over another port to your SMTP server is one solution to the problem at hand, assuming you have a server to send it to. If your only mail server is hosted on a home cable/dsl connection, I think that you're likely making a mistake anyway: the reliability of these connections is hardly guarenteed at the consumer level, so presumably anyone hosting mail from home does have *some* alternative. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Web-based Project
On Thu, Mar 09, 2006 at 02:11:57PM -0500, Paul Lussier wrote: So, clearly what's needed is a complete website written entirely in AJAX ;) crschmidt ought to be able whip something together for you fairly quickly in PHP ;) Hey, I'm still employed for another couple weeks. I don't have free time to be running off willy-nilly on your personal projects! :) -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: METROCAST BLOCKS RESIDENTIAL E-MAIL
On Wed, Mar 08, 2006 at 09:00:52AM -0500, Paul Lussier wrote: Ben Scott [EMAIL PROTECTED] writes: Technical solutions. Getting your mail to go through when your IP feed is blocking TCP port 25 outbound. You forgot to mention RFC-1149 (http://www.faqs.org/rfcs/rfc1149.html). SMTP to port 25 will almost[1] *definitely* work this way, since afaik, not a single ISP anywhere has figured out how to block this protocol yet. Using Avian Carrier signals, however, is equivilant to changing ISPs. If you're willing to switch from Metrocast to BirdNet, you are probably just as willing to change to another terrestrial provider. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: METROCAST BLOCKS RESIDENTIAL E-MAIL
On Wed, Mar 08, 2006 at 09:43:51AM -0500, Jeff Kinz wrote: Now all we need are $10 laptops for general distribution. :) Not quite there yet, but getting closer: http://laptop.media.mit.edu/ -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Job Hunt
So, after learning that verbal assurances are worth the paper they're written on, I'm going to be finishing up my current gig with Ning in a couple weeks. If you're looking to hire a PHP web developer, or a Python developer, and have something interesting to offer, I'm taking offers from people at the moment into next week. I'm mostly looking at things that I think I'd have the most fun with, but I live in Cambridge, so I also have to pay the rent :) I can't relocate, so it's probably got to be within 495 somewhere or allow working from home. I'm especially interested in geo-related stuff -- mapping and similar projects -- and have spent the last year working for a company that is often classified Web2.0. I'm basically trying to get all interested parties to at least start a conversation by the end of this week, since I've only got three weeks to get moving someplace new, so if you're looking for someone now, this is the time :) http://crschmidt.net/formal/ is the closest thing I have to a resume: http://crschmidt.net/formal/resume.pdf exists but is not something I'm particularly proud of :) And of course, my website is home to the tricks I've been pulling, which are more representative of the work I'd love to have than much else is. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: METROCAST BLOCKS RESIDENTIAL E-MAIL
On Tue, Mar 07, 2006 at 03:34:56PM -0500, Jeff Kinz wrote: If they are filtering for Spam on outbound packets whose dport is 25 then I think its probably a good thing. I would guess they are following the same path that Comcast and many other internet service providers have followed before, of blocking port 25. This is neither unusual, nor unexpected. And there's also the fact that even if you could send mail out before, you were somewhat likely to be blocked on the receiving end by things like RBLs that block dynamic or otherwise known-residential hosts. This is not technical incompetence. This is a decision that's being made, which has numerous reasonable reasons behind it -- the largest being that most mail going out to port 25 from residential connections *is* either spam or an exploited machine, as most users run Windows, and Windows does not use an smtpd running on localhost to send out mail (at least, not in most cases). -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: METROCAST BLOCKS RESIDENTIAL E-MAIL
On Tue, Mar 07, 2006 at 04:01:18PM -0500, Brian Karas wrote: -Original Message- -- the largest being that most mail going out to port 25 from residential connections *is* either spam or an exploited machine, as most users run Windows, and Windows does not use an smtpd running on localhost to send out mail (at least, not in most cases). Not at all. Anyone who has their own domain, or works from home and uses their employers email server for outgoing mail, is sending legitimate, non-spam email out on port 25. I didn't say that *all* mail going out to port 25 fit this pattern -- I said most. And I stand by that statement: The number of zombie windows boxes on any given network is likely higher than the number of persons working from home on the network. In any case, as Ed mentioned, this is most likely against the terms of service. Unless you're paying for business class DSL, most user agreements prohibit this type of behavior. If you got cuaght doing something you shouldn't have been, I don't see this as metrocast's problem. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: What the heck is a dbus?
On Mon, Mar 06, 2006 at 10:52:19AM -0500, Dan Coutu wrote:
On a new installation of Centos 4.2 (a RHEL clone from source) I'm
seeing the following error in the messages file:
Mar 3 15:55:06 hanka dbus: Can't send to audit system: USER_AVC
pid=2521 uid=81 loginuid=-1 message=avc: denied { send_msg } for
scontext=root:system_r:unconfined_t tcontext=user_u:system_r:initrc_t
tclass=dbus
I've never heard of a dbus. So first of all, what's a dbus, and
secondly, what does this error mean?
dbus is a messaging bus that allows processes on the desktop communicate
between each other. It is used in a lot of the new GNOME programs for
interprocess communication: for a while, Beagle (the desktop search
engine) used DBUS to pass messages between various parts of the program.
As a server-only Linux user, I unfortunately can't help you with why its
happening. Sorry 'bout that.
--
Christopher Schmidt
Web Developer
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Help build the new GNHLUG Internet server
On Fri, Feb 10, 2006 at 09:36:03AM -0500, Steven W. Orr wrote: On Thursday, Feb 9th 2006 at 20:28 -0500, quoth Ben Scott: =Hello GNHLUG! = = A project has been started to enhance GNHLUG's Internet presence. =The initial focus of this project will be to configure and deploy a =new server. The plan is the server will eventually host the GNHLUG web =and mailing list servers, as well as be home to future GNHLUG ideas. = ... = = Initially, things we will be using include: SSH, Apache, Sendmail, =TWiki, GNU Mailman. = = In the future, we may also use: Postfix, PHP, Python, Zope, Plone, =*SQL, and whatever else brings something useful to the table. May I strongly urge you to not use Mailman and to instead consider Majordomo2 (see: http://www.mj2.org) It is a better mailinglist manager. It suffers from not getting enough use compared to what Mailman was able to achieve with Red Hat having been the promoter. I use it here on syslang for the dozen odd lists I run. My biggest list is about 800 people and it works really well. Two reasons that I would recommend *against* this: * Inertia. Mailman is what has been used for the mailing list forever, there haven't been any major issues that I'm aware of, and there's therefore no reason to change (unless there are issues I'm unaware of). * Mailman being the preferred choice (which you list as a downside) is something that I consider an upside. I hate it when I have to use a non-mailman list becasue I know *how* to use mailman list, since that's the leading majority. But I'm guessing that mailing list software is almost as religious as distro choice, so I'm not going to argue it, just pointing out that without a significant impetuous to change, there's no reason to, imho. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: IT Documentation Engine for Non-Geeks?
On Thu, Feb 09, 2006 at 11:09:21AM -0500, Larry Cook wrote: Bill, As much as I like the GNHLUG Twiki, that's not it, it scares people from _this_ group away. I'm curious, what about it scares people. Is it just the text formatting syntax? TWiki 4.0 now includes a beta version of a WYSIWYG editor. Basic Auth can't be saved by my browser, so I lose my credentials and am too lazy to look them up, so I can no longer edit the Wiki. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Photos
I've posted a few of the photos I've taken over the past couple weeks of Linux stuff to Flickr: http://flickr.com/photos/crschmidt/sets/72057594059709467/ If you're in any pictures and would like the picture removed, feel free to contact me off list. Summary: Bill Sconce wearing his new Red Fedora courtesy Red Hat, the MerriLUG meeting featuring the ripping apart and analysis of a WRT54G, and some pictures of the HB1197 committee meeting. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Do-Over a mangled sudo password?
On Fri, Feb 03, 2006 at 11:58:38AM -0500, Stephen Ryan wrote: On Fri, 2006-02-03 at 11:54 -0500, Ted Roche wrote: I suspect this is one of those Everyone knows it's Ctrl-K but I must have dozed off in class. Ctrl-U? Yep. and it works almost everywhere: [1 [EMAIL PROTECTED] ~]$ telnet crschmidt.net 80 Trying 64.92.170.181... Connected to crschmidt.net. Escape character is '^]'. GET / HT^UGET / HTTP/1.0 will work as you would expect. I find it useful in Python interactive shell stuff too. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Do-Over a mangled sudo password?
On Fri, Feb 03, 2006 at 02:51:59PM -0500, Bill McGonigle wrote: On Feb 3, 2006, at 11:54, Ted Roche wrote: Everyone knows it's Ctrl-K Everyone knows it's Ctrl-W (rub to beginning of region) Pretty soon you'll start using it on the shell, and then even in emacs. Watch out! I thought ^W was 'Back word' -- works like that in vim, but ^U does what I thought he wanted... -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: HTML question (nbst)
On Thu, Feb 02, 2006 at 08:23:27AM -0500, Travis Roy wrote: My manager is making a new contact DB for our company, and it's great. The problem is that for spaces he's using nbsp and it shows up in my firefox, but not in his IE. I'm positive it's that he's doing it wrong, but searching for it in google is hard because I get a ton of other pages that are using it wrong rather then a result explaining how to use it. Anyway, can anybody show me a proper example of using nbsp? nbsp; Of course, there is no 'proper' way of creating webpages with nbsp; all over them: he should be using CSS to space things out, not non-breaking spaces. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Information security, recycling and irony
On Thu, Feb 02, 2006 at 10:08:08AM -0500, Fred wrote: On Thursday 02 February 2006 09:21, Jeff Kinz wrote: ... The Lesson: Its clear that one never really knows how recycled materials are going to be used so confidential materials must always be destroyed rather than recycled. (duh) Also, if you do *test* runs, use *test* data if at all possible. In a big organization, I wouldn't trust every employee with sensitive, confidential information unless there is an explicit *need to know*. In the Boston Globe case, there is an element of professionalism amiss here. It seems to me pretty darn tacky to use test printouts for wrapping paper. It shows no one cares a hoot about their image there. Speaking as a paperboy for 4 years -- these printouts are not designed to be seen by the customers. In my case, they were never printed on recycled paper, but they were shoddily printed, hard to read dot-matrixy paper with alternating green/white color bars across them. The 'toppers' basically just had number of papers, and any complaints/adds/drops from the customers. They're not meant for the general population, so they have nothing to do with image. Do warehouses complain if the boxes that their products arrive from China in have odd markings on them? Do the customers care? -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Information security, recycling and irony
On Thu, Feb 02, 2006 at 10:26:59AM -0500, Jeff Kinz wrote: Chris, yes, the toppers ordinarily don't have confidential info on them. They are usually just a delivery list, nothing wrong with having toppers. In this case, the toppers were printed on recycled paper which had the confidential info on the previously used side of the paper. I understand that, but the problem is not in using recycled paper for toppers -- that is neither an image problem nor any other kind of issue, and assuming proper treatment of confidential material (which is definitely *not* the case here) is actually good business. My point was that using recycled paper for these kind of things is not a bad thing. The problem is only in the fact that a list of credit card numbers was recycled at all: heck, I try not to do that without at least ripping the stuff up in my *home* recycling, much less when I've got a list of thousands of them. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Man, they'll try anything to hack your system...
On Fri, Jan 27, 2006 at 01:13:46PM -0500, Ben Scott wrote: In the vein of Strange things seen on the Internet, I'm noticing a few domains have MXes pointing to hosts with addresses in RFC-1918 private IP address space. I noticed this because our mail server was trying to send DSN bounce messages to the domains, and so was trying to connect to some hosts with bogon IP addresses. Our firewall caught it and dropped it, and since it was from our server, it was highlighted in a log report. Perhaps the domains use mail only internally? So I could set up mail for crschmidt.net to point to a local mail host and only people at 'home' could deliver to that address usefully? -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: NH OSS.
On Thu, Jan 26, 2006 at 08:14:25AM -0500, Ken D'Ambrosio wrote: Many of state's applications are mainframe based, most likely no similar packages. Which makes me wonder if: a) The vendors are even kinda-sorta competent, and b) if there may not be mainframe-side stuff that OSS could offload onto Linux boxen at huge savings... IF the OSS vendor could actually -- successfully -- replicate the mainframe application's functionality. In the meeting, this was discussed: the above note was not There is no way that it could be replaced with open source, but rather, There is most likely no complete solution to the problem already available. The former is almost certainly untrue (barring patents/proprietary interactions which can not be duplicated without consent of the vendor), but the latter is almost certainly true: I highly doubt that there are many people out there who have built high-capacity Health and Human Services transaction storage mechanisms, or what have you. The problems that a state needs to solve are oftentimes niche problems with no information on the solution required available to the public at large that is open source hackers. However, I am sure that given a list of requirements, most solutions could be duplicated in the open source world, especially if there was an incentive of cash to throw at it. So, the next step for evaluating that is the next step that the HB will be taking: Get the IT people in there to explain 1. What htey have and 2. What they need. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: NH OSS.
On Thu, Jan 26, 2006 at 08:41:55AM -0500, Travis Roy wrote: One thing I've noticed.. Government employees HATE change and will fight it tooth and nail. s/Government employees/People/ Especially as it relates to technology. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Cohosting around Lebanon - suggestions?
On Thu, Jan 26, 2006 at 04:26:07PM -0500, William Stearns wrote: Good afternoon, all, As many of you know, I have two cohosted rackmount machines (2U each and possibly an external drive cage), one in Pennsylvania, and one at my office in Hanover. For different reasons, I'm hoping to get those to a new cohosting facility within driving distance of Lebanon/Hanover (I'm really tired of driving 9.5 hours for maintenance :-). In a perfect world, that would be less than an hour away, but I'd be open to Manchester or Burlington. Boston's a little far. I'm paying about $100/month already. I do need access to 64 IP addresses because of the virtual machines on the systems, and a non-trivial amount of bandwidth. Can anyone offer thumbs up/thumbs down to any local cohosting sites (price, techical strength, ease of physical access, availability of IP's, and available bandwidth)? - G4 We had a full rack from them at my previous employer: They always treated us well. They only ever had network issues when Verizon upstream completely blew up due to a 12 hour transformer downtime in downtown Manch. (Our hardware, on the other hand, failed daily. Hooray for crappy setups tossed together on a budget.) Also, at the post GNHLUG meeting dinner, someone mentioned that there might be a cohost site in Manchester that offered half-racks (24U) for around $300? Does that ring a bell? The half-racks I heard being discussed were from Ben, by Colospace. Travis may be able to comment on that more in general. I mentioned 4U spaces available from Boston Data Centers for $100 just as a datapoint -- I don't know anything about them, but that's what they offered me. (Again, just a ddatapoint.) If that turned out to be a reasonable approach, does anyone else have rackmount systems and interest in splitting part of a rack with me? I don't personally have any needs at the moment, but it might be an interesting experiment to do this with GNHLUG: I know that we've had a lot of stuff offered to us from various places (like the hosting of this mailing list) but it might be nice to have a GNHLUG server, that could be used for other projects as well. (Of course, all things require money and time, but at least this way it could be more centralized.) I'd be willing to throw in a few bucks a month to support such a thing, especially if it would allow for running projects off it that might otherwise not be associated with GNHLUG: The PySig wiki, for example, which is currently hosted by me, could move to a centralized gnhlug location... Just an idea. Might even be able to get some hardware donated by a local mom and pop of some kind ... (Am I still allowed to participate in GNHLUG now that I live in Cambridge? ;)) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Cell phone built in GPS - not (Was: Open Source vs. Closed Source)
On Wed, Jan 25, 2006 at 01:07:29PM -0500, Travis Roy wrote: Ben, since you have a GPS enabled nextel you should give http://mologogo.com/ a try. For the record, as part of a (not yet public) venture in cellid location finding (more on that later, maybe), I already o this myself via a python script I hacked up: http://crschmidt.net/cell/gps shows my last 24 hours of locations+cellids, and there's a map button at the top. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Man, they'll try anything to hack your system...
On Wed, Jan 25, 2006 at 07:39:16PM -0500, Paul Lussier wrote: Oy. I almost never look at my apache logs. I probably should, but I don't. Tonight I was perusing them and noticing the activity in the access.log and was amazed at the things these people try: 84.58.131.234 - - POST /drupal/xmlrpc.php HTTP/1.1 404 364 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 84.58.131.234 - - POST /phpgroupware/xmlrpc.php HTTP/1.1 404 370 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 84.58.131.234 - - POST /wordpress/xmlrpc.php HTTP/1.1 404 367 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 84.58.131.234 - - POST /xmlrpc.php HTTP/1.1 404 357 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 84.58.131.234 - - POST /xmlrpc/xmlrpc.php HTTP/1.1 404 364 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 84.58.131.234 - - POST /xmlsrv/xmlrpc.php HTTP/1.1 404 364 - Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;) 24.60.72.162 - - GET / HTTP/1.0 302 370 - - 82.96.96.3 - - POST http://82.96.96.3:802/ HTTP/1.0 302 369 - - 82.96.96.3 - - CONNECT 82.96.96.3:802 HTTP/1.0 302 369 - - 211.74.10.80 - - CONNECT smtp.rol.ru:25 HTTP/1.0 302 369 - - So, from these, I conclude I should probably not be running drupal (whatever that is), wordpress, or anything with xmlrpc.php. The vulnerable version of the XMLRPC library was patched long ago: in the Wordpress 1.2/early 1.5 era, which is probably more than a year ago now. Drupal corrected it in the same timeframe. All these apps do/did use the exact same XML RPC library, but the patch was out long before the 'sploits were in force. The bug, for the record, was eval()ing stuff received over XML-RPC. How someone didn't catch that as a security hole in the *first* 3 years of the XMLRPC lib, I'll never know. The thing I find most amusing is that according to these logs, the majority of attempts are from systems running ancient versions of IE on NT 5.1. *IF* that is to be believed, then what I should *really* be doing is mapping those URLs in apache to something which will provide them a virus to download and install :) I highly doubt that's the case. There's absolutely no reason to believe that these are actual browsers at all. Additionally, the placement of the ; after 5.1 is not typical in MSIE browser strings: I'm pretty sure that's an indicator of a bad UA set by a robot. Isn't NT5.1 some kind of version that is what XP actually is? or 2000... or something like that. Dunno. That's beyond my knowledge. But I wouldn't expect that these people are actually running browsers at the other end. (This could be more obvious if the timestamps were available from the logs: oftentimes you'll see a dozen of these 'sploits in a couple seconds, which is obviously an indicator of a non-human at the other end. I'm tempted to try it :) First step would be to just write something that checks Javascript DOM capabilities and fires off an XMLHttpRequest with the requesting IP if it finds any. That way you could save yourself the trouble of finding/writing a decent virus if it never sets off any bells. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Blogging software
On Tue, Jan 24, 2006 at 09:04:49AM -0500, Fred wrote: On Monday 16 January 2006 09:01, Cole Tuininga wrote: Hi all, I'm looking for another software suggestion. ... - Web based (no having to ssh in to update a blog entry or anything) - Simple to use - Lightweight (not looking for a *nuke type application) - Usable by low bandwidth connections Any suggestions? Check out Drupal: One thing that you should keep in mind with both Drupal and Wordpress is that they require an arcane level of knowledge of their internals in order to get anything done codewise. Don't expect to open either of them up and hack in them without spending a decent amount of time figuring out how they work. Drupal takes the take everything out, make it all work via hooks method, whereas Wordpress takes the We don't care about the readability or usability of the code: just make it work tack. Neither of them work that well for creating easy-to-hack code, imho. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Open Source vs. Closed Source
On Tue, Jan 24, 2006 at 09:19:38AM -0500, Fred wrote: On Saturday 14 January 2006 16:33, Christopher Schmidt wrote: The other languages that run on the phone -- Java and C++ -- would allow this to be an option, but both make coding much more difficult, and it's way out of my realm of possibilities for this reason :) I don't know either Java or C++, and the idea of doing bluetooth socket programming in either scares me. I know Java, C++, and Python (and a score of other languages to boot), but I would prefer using only one language and API that would work across *all* PDAs. Python is very appealing, but is there a consistent API to work on Palm, Blackberry, and (ugh) Windows CE-based PDAs? There doesn't exist any existing language, API, or anything similar. However, Symbian's APIs will work across all the Symbian platform phones, and those are all the ones I care about. Java (MIDP?) is probably the closest you'll get to what you want, but what you want is nowhere near what I want: I want hacks that work on *my* phone, that I can share with other people. And while we are on the subject -- some PDA smart phones come equipped with their own GPS chip, but it seems this is never made use of by mapping software, forcing one to buy a separate GPS device anyway. Is there a way to access the built-in GPS chip for application use? Or are the manufactures deliberately closing off or restricting access to it? You've already got some responses on this, the basic summary of which is: There's no chip. Yes, I would prefer not to have to drop another $500 or so for a separate GPS device and the associated software. Besides, kinda bulky to have to carry all that mess around everywhere, and defeats my push to have *one* device do everything. Part of the reason I wrote this program is to kill the $500 myth: There are quite nice bluetooth GPSes available for sub-$100 (In the $70-$80 range at the moment) which is much more affordable. With a display hooked up to my cell phone (wirelessly, naturally) I don't need another display, and it also gives me the ability to hack in whatever I want to as far as a display goes, something that most GPS devices wouldn't let me do. I don't believe in one device doing everything, or even nearly everything: I don't leave the house without a backpack, which typically has: * 60GB iPod -- this is music, but also (one of) my remote backup(s) of my laptop. (This was a Christmas gift from my employer. Gotta love Silicon Valley.) * Canon Digital Rebel XT * Nokia 6600 * GPS Device * Sometimes my laptop All in all, if someone were to mug me, I'd be out about 3 grand in hardware if I was fully loaded. Makes carrying around cash seem like chump change. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Verizon (FiOS) (Off Topic?) I have it!
On Tue, Jan 24, 2006 at 10:51:54AM -0500, Bill McGonigle wrote: On Jan 24, 2006, at 09:23, Ben Scott wrote: Ummm yah. Email. Using encryption on the Internet is the equivalent of arranging an armored car to deliver credit card information from someone living in a cardboard box to someone living on a park bench. -- Gene spaf Spafford So, I routinely exchange mail with folks whose MTA's do opportunistic encryption (especially those who work for military contractors). Postfix makes this easy. So, if we both do IMAPS, and SMTPS, where's the cardboard box? Do they use Windows? Do they keep their systems up to date with the latest patches (Windows, Linux, or Mac?) There's a number of other points of entry once the data is on their hard drives. SMTPS and IMAPS are both still the armored car: the end destination is the cardboard box. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Postfix/Cyrus/etc help
On Tue, Jan 24, 2006 at 11:25:47PM -0500, Bill McGonigle wrote: On Jan 24, 2006, at 13:37, Neil Schelly wrote: It could be that I'm a little dense sometimes, but it seems a lot of this documentation is very example-based, but if the example doesn't match your goal, it's not very helpful. I find myself jumping from one how-to to another in the documentation for each rather than finding a good single resource for reference information on each. One of us might have setup what you want already. Substitute MailScanner for Amavisd and that's pretty much what the major installs I've done look like. I am going to try Dovecot on the next one though. http://workaround.org/articles/ispmail-sarge/ is what I use. Works extremely great, and I highly recommend it. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Today's Rough Notes
After driving about 150 miles today, combined with 1.5 hours of formal tech discussion, 1.5 hours of presentation, and 2 hours of high level geekery, I'm way too tired to do any of the things that I'm supposed to be doing. However, I was able to dump the notes that I took today from both the HB1197 meeting[1], and Tim Burke's presentation on productizing the FC community project into the RHEL product. Feel free to edit: When they're more cleaned up/readable (made that way by me or others) I'll dump them to the main GNHLUG wiki. Short short summaries: HB1197 had an additional amendment added at last executive council meeting. The amendment was declared non-germane and stricken. Additionally, it was determined that the 5 person committee does not have the resources to adequately evaluate open source on their own. As a result, the committee will be amending HB1197 in order to make it a mandate to the state IT department(s?) to provide information about using open source in the state infrastructure. This amendment will be voted upon by the full executive council, probably in the next 3-4 weeks. Tim Burke gave an excellent presentation, with about 40 in attendance, some being students required to be there by professors. A number of special prizes were given out, including fancy Red Fedoras. One of these was given to our wonderfully color coordinated Bill Sconce, which I'll upload a picture of to flickr later. Post Quarterly Meeting we gathered first at pappy's (11 people) and retreated to Dunkin Donuts 30 minutes after they closed (5 people). Now, sleep. [1] http://crschmidt.net/projects/gnhlug/HB1197 [2] http://crschmidt.net/projects/gnhlug/redhat -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
MerriLUG Recap
Last night at MerriLUG, we met at Marthas, as per our usual. We accidentally ended up split into two groups to start, but shortly after I arrived at 7:20, adjourned upstairs. It was one of the larger meetings I've been too, with about 15-20 people in attendance all told. The informal discussion was centered around the WRT54G, and OpenWRT. Our friend from the Great White North (That's Maine, right?) showed off his WRT router, which he had hacked to bits and back again. Hardware changes include: * Addition of two serial ports, one for the console, one for standard serial comms. * Addition of SD Memory card * Modification of USB GPS to work as serial GPS * Modification of power input to work from cigarette lighter. The router software was then modified to work as a wardriver-in-a-box: GPS and wifi hotspot locations are recorded and stored to the SD card. There was then some discussion about geo stuff: GPSes, how to work with them under Linux, how the GPS system works, and more. Some stuff which were tossed around: * gpsd, the gps daemon that makes communicating with GPS devices easier under Linux. This software basically turns a GPS device into something you can telnet to and ask for a current position. * GPSDrive. This is mapping software, which downloads free maps from the web, and displays your current location on the map. * Kismet, a wardriving program. * The increase of macs in the Linux users culture. * Open Guide to Boston (http://boston.openguides.org/) * Lots of hardware mumbo jumbo I didn't understand * Some software stuff about the WRT54G, a la discussion of NVRAM. Afterwards, we adjourned for dessert, and discussed the incompetencies of the Mass RMV (http://crschmidt.livejournal.com/311494.html), the interesting ways of escaping West Berlin without a passport, and more geo geekery. I think that's a good summary of what was discussed: I had a few pictures that I'll put on Flickr of the hacked device and the flock of geeks adoring it. ;) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Web Hosting Provider
On Fri, Jan 20, 2006 at 09:26:36AM -0500, Drew Van Zandt wrote: I second the SagoNet anti-vote. They've gotten better recently, but I still don't trust them, and they block some outbound ports, AND won't tell me which they block. WTF? My most recent escapade with them is a kernel panic which they refuse to investigate without a minimum of $100 support fees. I understand that this is not a managed server, but there's a bare minimum of hardware maintenance that I would consider to be included in any dedicated server setup. It's your hardware. If it goes bad, you're responsible for it, because I'm 1000 miles away. I finally made the decision last week to switch, and am looking forward to getting away from Sagonet as quickly as possible. Sadly, this means changing dozens of DNS records that are not in my control, belonging to other users pointing at that server. What a PITA. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Web Hosting Provider
On Fri, Jan 20, 2006 at 02:01:16PM +, Neal Richardson wrote: I have been asked to find a new web hosting provider. Management has no interest in hosting the sites on site. Are you looking for managed hosting, a dedicated server? What type of functionality do you need? I require a dedicated server for my needs, and there's lots out there -- but relatively few which offer Debian. I found someone who seems to be good thus far -- Crucial Paradigm. I can only offer that I would never, ever, ever advise anyone purchase a Sagonet server. I can write up my experiences if people so desire, but it's a sad tale. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Why I Dislike Sagonet
On Fri, Jan 20, 2006 at 09:19:30AM -0500, Christopher Schmidt wrote: I can only offer that I would never, ever, ever advise anyone purchase a Sagonet server. I can write up my experiences if people so desire, but it's a sad tale. I'm feeling prolific today, so I've written up my complaints to the WebHostingTalk forum, who I highly recommend for relatively accurate (if occasionally slanted) feedback from the people in the trenches: a lot of the support staff for the webhosts reads these forums and responds. http://www.webhostingtalk.com/showthread.php?t=479355 What finally pushed me over the edge. http://forums.sagonet.com/showthread.php?p=15756#post15756 Remote reboot ports, lies, and Support tickets. (Which is similar to, but not the same as, sex, lies and videotape.) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Why I Dislike Sagonet
On Fri, Jan 20, 2006 at 10:37:34AM -0500, Christopher Schmidt wrote: http://www.webhostingtalk.com/showthread.php?t=479355 What finally pushed me over the edge. And if I wasn't pushed before, I am now. After posting this (about an hour later), my server was turned off. I called the billing department, and after being shunted to voicemail twice, I got a manager on the phone. She told me that the reason my server had been turned off was because I had posted that rant in the WHT forums. Access to my server would not be restored under any circumstances, including to retrieve my data that they were hosting, because You should have had backups. (As it happened, I did have backups, but they were about 2 weeks old: lots of people store big files there temporarily, so backing up is an ardurous process.) Now you'll learn that these actions have consequences, I was told. After two hours of the server being down, as I was trying to move things over to my home linux box to act as *some* kind of buffer against the server which hosts a number of people's email being completely down... The server came back up. Checked the billing page -- my bandwidth allotment has been increased. I still have no information from Sago about the situation, and am currently just doing my best to get the data *off* the server so I can set up with the new Crucial Paradigm server ASAP. I don't know if someone realized that they screwed up bigtime, or what, but I will never ever use Sago again, and as soon as my data is safe, I'll be posting as far as I can to as many people as I can to not touch Sago with a 10 foot pole. Hopefully the server will stay up long enough to get the data off. -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Verizon (FiOS) (Off Topic?)
On Wed, Jan 18, 2006 at 02:35:03PM -0500, Bill McGonigle wrote: But I digress - if you cannot run any type of server, they're banning FTP, X, SIP, all P2P apps, NTP, Instant Messengers, video conferencing - need we go on? Who would want to buy that? It's not much of an option. Almost every ISP out there has those kind of limits: Comcast, Verizon DSL, etc. The two options that I've heard of that don't have this limitation are: * Speakeasy * MV Communications. So, it doesn't really matter who would *want* to buy that - 90% of consumers buy it, whether they want to or not. Some of them knowingly buy it, aware they won't need those features. Some of them buy it, then ignore or avoid the restrictions. But almost no one pays the extra (Speakeasy comes at a premium over Verizon DSL, at least down in Cambridge) to be able to run servers unless they're a higher end user or like to support The Cause. (I choose to run an open Wireless network, something which only Speakeasy's ToS allows me to do.) -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
HB1197 Public Meeting
I was talking to my father-in-law-to-be this past weekend, and mentioned the bill in the house on Open Source. He mentioned (and invited me to attend) the following public subcommittee work session: http://www.gencourt.state.nh.us/hcaljourns/calendars/2006/houcal2006_6.html Tuesday, Jan 24th: 2:00 p.m. Subcommittee work session on HB 1197, establishing a committee to study requiring state government to consider using open source software when acquiring new software. (He's the Clerk for the Executive Departments and Administration Committee which the bill is currently assigned to: http://gencourt.state.nh.us/ns/billstatus/commdetails.asp?txtcommcode=H07 , if anyone is interested.) Not sure if I'll be going, but I'm thinking about it. (I'm also not 100% sure if it's open to the public, but am 95% sure on it.) If others are interested, I can confirm details. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: Blogging software
On Mon, Jan 16, 2006 at 09:01:57AM -0500, Cole Tuininga wrote: Hi all, I'm looking for another software suggestion. I have a friend that's going on a several month trip through Central America and would like to have a fairly simple blog set up for them so they can keep us folks back home up to date with what's going on. Any suggestions? I'd recommend Wordpress. It's treated me well. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Open Source vs. Closed Source
I write a lot of small programs for my cell phone, in Python. In the past, I've always released these applications as completely open source, since I have relatively few expectations that anyone would have trouble duplicating my effort. However, as time goes on, I'm realizing more and more that the things I'm writing are things that people may have a need for, but there exists no current solution for - that is, I'm providing a product with some non-zero value to people. In some cases, this is coming at a non-zero cost to me - development, support, and so on can be quite expensive, as far as time goes, and these days, my time is relatively stretched even without additional projects on my back. With this in mind, and some new tools making it easier for me to package Python files for the phone in a way that is more than just providing a .py file, I am going to be experimenting with providing a for-pay version of applications that I'm writing. My current development project is one that easily lends itself to this: I am working on GPSDisplay[1], which is a tool which allows you to display your location, according to a Bluetooth GPS, on your phone. There exist relatively few Bluetooth GPS devices with built in displays, so this is a tool which can provide a way for users of these devices to get a location fix without pulling out a computer. I've released a basic, initial version (to which I plan to release the source, under an MIT license). This version will always remain free. It handles GPGGA NMEA sentences only: this means it will display your location, but no velocity data, for example. I plan to create a much more complete application which fixes this shortcoming in the next week or two. However, I plan to keep this app closed source, and not openly licensed. The program will only be available to those who are willing to pay a nominal, one time fee for the application. (Think $10 or less.) The hope is that given a large enough featureset, someone will actually want to pay for the application. Given that this is a relatively simple program (The original version is less than 100 lines of code properly spaced), is there a better, more open way to attempt to make money off the application? To be honest, I'm not entirely convinced that the path I've chosen will work, but I also know that providing the source to applications has never gotten me a dime, so a single person with enough interest in what I've done can not only make my day, but increase my return on investment. [1] http://crschmidt.net/symbian/locative/gpsdisplay/ -- Christopher Schmidt Mobile Application Developer signature.asc Description: Digital signature
Re: Open Source vs. Closed Source
On Sat, Jan 14, 2006 at 03:39:41PM -0500, Bruce Dawson wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Christopher Schmidt wrote: |... |Given that this is a relatively simple program (The original version is |less than 100 lines of code properly spaced), is there a better, more |open way to attempt to make money off the application? To be honest, I'm |not entirely convinced that the path I've chosen will work, but I also |know that providing the source to applications has never gotten me a |dime, so a single person with enough interest in what I've done can not |only make my day, but increase my return on investment. Have you thought of providing the source for free, but charge for an installable binary (perhaps as an installation package)? A lot of software for PDA's is a pain to build and download to the device. I'm willing to pay for a service/product that gives me that convenience (and the original source). Not an option in this case, since the source code can be shipped over to the phone and run just as easily: if you have a .py (which is the heart of this code), you can send it to the phone, and opening the message in which its recieved automatically installs it as a program choice in the Python interpreter (where all the Python apps run). So, although that would be a good idea, it's not one that I can follow up on in this situation. The other languages that run on the phone -- Java and C++ -- would allow this to be an option, but both make coding much more difficult, and it's way out of my realm of possibilities for this reason :) I don't know either Java or C++, and the idea of doing bluetooth socket programming in either scares me. -- Christopher Schmidt Mobile Application Developer signature.asc Description: Digital signature
Re: Homework problems (was: extract string)
On Tue, Jan 10, 2006 at 07:56:46PM -0500, Thomas Charron wrote: A programmer that doesn't know how to grep and split text strings.. Well.. Isn't.. I know of several ways to do it, but none of them would have worked as well as the cut solution presented here. I've been working on Linux as my primary platform for 2.5 years, I've been coding in various languages for 5. I'm relatively intelligent, know how to use awk, grep, and sed. Considering the huge number of programmers who are doomed to forever live and work in a GUI-only MSVC++ (or whatever it's called) without the tools such as sed, grep and awk, I'd say I'm in the top 50% as far as knowledge goes for programmers -- and I think I'm probably being relatively modest. The lack of knowledge of a simple command line tool to do what you want it to does not indicate whether someone is a programmer or not. It simply indicates one thing -- their level of experience with core *nix tools. Lack of that is not an indication of deficiencies in their ability to program. I'm assuming that your post was made with tongue in cheek, but I think it's a ridiculous statement and decided to do what all good people on the internet do: blow it out of proportion in a rant on a mailing list that few will ever care about. (I think I'm supposed to call you Hitler now or something. Godwin told me that once.) -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: One more bites the dust
On Sun, Jan 08, 2006 at 10:54:40PM -0500, Fred wrote: Now, if someone can give me some helpful pointers about getting it to sink with Konsole via BlueTooth, my joy will be complete. I could get it working eventually, but just don't have the time right now. I hate having to sync with Windoze -- never works quite right. For the record (and probably somewhat off topic for this list), this is the primary reason I have a mac: Bluetooth integration. Using bluetooth, I want to perform several tasks: * Sync Contacts from computer to phone and back * Sync calendar events from computer to phone and back * Use Dial-up networking to use my phone as a modem over bluetooth (GPRS) * Less importantly then (but more so now), I'd like to be able to send files from the phone to the computer (camera images) * Least importantly, I'd like to be able to send files from the computer to the phone. (Python scripts, mostly.) When I last tried these tasks (around January 2k4), none of them were easy -- and when I say not easy, I mean, I spent several weeks of free time compiling various underdocumented bluetooth stacks in an attempt to get any of them working. I was eventually able to achieve the last two items on my list with a lot of hard work, using command line tools and scripts that I wrote myself. With my Mac, I just open iSync, and it lets me add my phone, and sync up the first two just by pressing a button. Dial up networking requires stepping through some prompts to set it up, and knowing the *99# code to use a dial out number. Sending files to the computer simply pops up a dialog asking me to receive it, and sending files to the phone just uses a simple GUI tool called Bluetooth File Transfer. If there's one thing Linux could do better for integration with mobile devices, it would be a well documented, highly functional bluetooth integration attempt. It may be that this has changed in the time since: I was running a 2.4.20 kernel when doing this, and there was no clear winner among the bluetooth stacks at the time, which I think there may be now. But I can tell you that even getting the limited amount of things done that I did was very difficult, and the 3rd option on my list above was something I was simply never able to do, and wanted to quite badly. So, I bought a Mac instead. And I've been happy with it ever since. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: Hamachi (was: Server Security)
On Tue, Dec 20, 2005 at 09:55:57AM -0500, Adam Helbling wrote: On 12/20/05, Ben Scott [EMAIL PROTECTED] wrote: On 12/20/05, Adam Helbling [EMAIL PROTECTED] wrote: Ya I recommended Hamachi to him. http://www.hamachi.cc/ Interesting. Is there any particular reason one would choose that over other technologies (such as OpenVPN or even IPsec)? Has it been subject to any kind of peer review of it's security? After listening to the podcast and about all the tests that were run and the features available, I was quite impressed. It seems like the developer has really done a superb job. I don't know anything about Steve Gibson or what him liking it means, but I'm listening to Steve's podcast now (since I got a 60GB iPod as a Christmas present from work...) and he is *very* glowing about the program. I don't know how much I trust someone who says Alex is up in Vancouver, so he has a .cc address. though. I'm not sure what .cc - Cocos (Keeling) Islands [1] has to do with Vancouver. (Yes, this is a jab. No, the comment in the podcast has nothing to do with security. However, it still slightly worries me when that kind of comment is made...) [1] http://www.iana.org/root-whois/cc.htm -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: Any Opinions on SuSE 10.0 vs other Distros
On Wed, Dec 21, 2005 at 02:09:10PM -0500, Michael ODonnell wrote: FVWM rules! ;-) CTWM ! http://ctwm.free.lp.se/ evilwm! http://www.6809.org.uk/evilwm/ -- Christopher Schmidt Web Developer ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
[EMAIL PROTECTED]: DenyHosts Report]
With all this talk about DenyHosts, I looked in my ssh log and saw several thousands of attempts at root logins from some Taiwanese IP last week. As a result, I took the time to install DenyHosts: I figured it'd be worth it, and right off the bat it blocked an attacking IP. Great idea, until about 15 minutes ago, when I got this email: From: DenyHosts [EMAIL PROTECTED] To: [EMAIL PROTECTED] Date: Tue, 20 Dec 2005 00:32:16 -0500 Subject: DenyHosts Report Added the following hosts to /etc/hosts.deny: commune.crschmidt.net Okay, so chances are extremely good that I could fix this with better settings, but for now I've shut down the denyhosts daemon until I can figure out what I did wrong. I do see 3 failed password attempts in the last 1000 lines of auth.log, but with 3 of us at the house regularly using SSH, that's not out of the question. And I certainly don't want to wake up in the morning and find out that my ssh access is blocked :) -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Debian Log Rotation
I use Debian for a web and mail server, hosted in a colocation facility. I'm running Debian Sarge, and have set up virtual domains using the tutorial at http://workaround.org/articles/ispmail-sarge/ . Everything works pretty nicely. However, I'm now trying to run lire to get log analysis, and my mail logs are currently rotated daily. I can't figure out where this is done. It seems to be happening by some call to `savelog` somewhere. However, I've looked through my /etc/cron.daily/, and can't find anything regarding it there. There is a sysklogd entry, which rotates all files in `syslogd-listfiles` -- but that does *not* list /var/log/mail.log (only /var/log/syslog). I can find why it would be rotated weekly (/etc/cron.weekly/sysklogd entry runs syslogd-listfiles --weekly, which does include the mail log). There is nothing in /etc/logrotate.d/ regarding postfix. /etc/logrotate.conf specifies weekly as the default. Can anyone tell me why my mail logs are being rotated daily? (#debian couldn't. http://crschmidt.net/tmp/debian.log) -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: Debian Log Rotation
On Sun, Dec 18, 2005 at 11:55:48AM -0500, Tom Faska wrote: Good question, I didn't know at first but googled and found this: If you look in /etc/cron.daily/sysklogd you'll find where it runs those rotates... if you add -s mail.* to the end of the syslogd-listfiles command you *should* find that it will stop messing with things. So, in summary, change: for LOG in `syslogd-listfiles` to: for LOG in `syslogd-listfiles -s mail.*` in /etc/cron.daily/sysklogd It isn't being rotated by the sysklogd cron entry, as best I can tell. I added debug output to the sysklogd file, and ran it - and the mail.log files weren't output. I did find out by reading hte source for syslogd-listfiles that it only shows logs that haven't been rotated in the past 5 hours, but --weekly is now showing the mail files, so that's not the issue at this point. Also, there's the fact that most people on Debian tell me that their mail logs aren't rotated weekly, so presumably it's something odd that I'm doing somewhere. I'd also settle for a way to determine the parent process of `savelog`, since it seems that that's the program being used to rotate the logs (rather than logrotate). Is there a way to spit out the process tree up through the parent to see where it's being called from? would that help, since it seems to be being called from some weird cron entry I can't locate? (For the record, grep -rn mail\.log /etc/ doesn't provide any interesting entries: just my lire config.) Any thoughts or advice on how to track it down? -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: December MerriLUG meeting [12/15/2005]
On Mon, Dec 12, 2005 at 10:40:54AM -0500, Ken D'Ambrosio wrote: Please feel free to RSVP, or to wait until I send out my morning-of reminder. I plan on being there, with bells on. (More likely, with cell phone and laptop in hand.) Mark me down for dinner for one. For the record, I'd love to do some GPG key exchanging - if anyone is willing to, I'd love to get more deeply involved in the GPG web of trust. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Re: Non-linux servers
On Mon, Dec 12, 2005 at 10:34:40AM -0500, Bill McGonigle wrote: A great counterexample is Bizgres - a version of PostgreSQL that can distribute subqueries among a cluster of cheap machines and seems to beat the pants off of Oracle RAC and similar products. And they get ~$80K for it. But PostgreSQL has a BSD-ish license so they're not giving back those enhancements therefore the open PostgreSQL community is slowly reinventing that wheel. By time they're done, Oracle will be another step ahead. If PostgreSQL was GPL'ed we'd have a FLOSS product that could compete with Oracle today ... I'm not sure who the they in this sentence is. My limited googling points me to bizgres.org for the website, but that's not responding. But http://pgfoundry.org/projects/bizgres/ seems to be an open source project that claims to be a distribution of Postgres as you describe it. Am I missing something or misunderstanding something? I've never been convinced that MIT/BSDish licenses lead to lack of contribution back to the core. Apple, although not the happiest in the world about it, I'm sure, has put a lot of effort into making sure many of their changes to BSD get into the core BSDs they take from, no? Their graphical interface isn't contributed back, but that's not built on anything BSD, as far as I'm aware, so that doesn't count as a counter in my opinion. In general, companies which get something from Open Source code typically also give something back, in my experience. Another important question is how much the projects in question participate in the open source aspect of their code. For a long time, WebKit/WebCore, the tech that powers Safari, released sources every time there was an update. The KHTML team complained that this was *more* of a pain for them than to not have that happen - it led people to question why KHTML couldn't just take Apple's changes and integrate them. Recently, Apple took the WebKit/WebCore team completely open source - involving non-Apple employees in the development of the Safari web browser, as well as completely opening their CVS tree. This decision was heralded as a great day - not because the software had switched licenses from LGPL to something more open, but because the *process* had become more open. LiveJournal is an open source project. The code is freely available, and licensed under the GPL. LiveJournal is not an open *community* project, and this has often led to rifts between the developers who work for LiveJournal and the volunteer developers who work *on* LiveJournal. LiveJournal has not, for several years, made a significant effort to involve their volunteer developer community in their project, and as a result, the active developer base has atrophied and dwindled to practically nothing. (Proof of this is available in the fact that the bug tracking system, a slightly customized version of Bugzilla, has been completely offline for 6 weeks, with no major effort to get it back online.) WebKit/WebCore used to be open source, but not open community/open development. Changing led to greatly increased participation by the open source community. LiveJournal has gone the other way, and lost that participation. I maintain that for the most part, the license the code is under isn't what makes a difference - it's the attitude of the company that's behind the code. If you've got people friendly to open source, they'll do the right thing. If they don't, I don't think that they're going to be stopped by the fact that the code is GPL, or BSD, or anything else - in the end, proving that someone took open code and did something with it becomes really hard, (Isn't this kind of the problem with Linksys for a long time? They didn't open their code by choice, iirc) and forcing people to open up is hard too. Look at the motive and heart behind the effort, not the license of the code they choose to use, to find the motivation and liklihood of contributions back, regardless of license. -- Christopher Schmidt Web Developer signature.asc Description: Digital signature
Last Night's Meeting
Had fun with all the MerriLUG folks last night. I also got to experience driving out of the Boston area during rush hour last night for the first time, which was significantly less fun. Some things which were discussed: * Results of the recent quarterly meeting, and location of the next one * General questions on Linux: * Why won't my screen turn off when the computer goes into standby? * How can I do load testing of MySQL and network traffic? * Raffling off of books from Ken * How Vendor/Client relationships are like teenage sex: They're hormone driven and have no basis whatsoever in reality. I also brought up my current employer: Ning, Inc., a web startup that's offering a playground for open code and open data to be shared between people. The reason I brought it up was in part because it is following the model of the open source world so much more closely than many other services out there: * Ning provides a hosted PHP framework * All code, by default, is open source -- can be viewed by anyone with an account. * Users can clone applications: take the current application and customize it to their own liking from the same code * Data is stored in a universal content store, and data is (by default) accessible to all applications across the server. So, my application gnhlugbookshelf can also read from the restaurantreviewswithmaps application * Income comes in via advertisements sold on the sidebar of the applications, as well as premium services (more space, removal of view source links, and the like) Most of the time when this is described, it's described as an experiment - can a company make money solely off ads to run their servers? Can premium services pay for all this? My experience with LiveJournal says yes: LiveJournal makes all its money off premium services (no ads), and they gross several million a year. However, their employees are paid much less than Ning's are, so who knows ;) If people are interest in PHP, I think this is a great thing to play with. If you're not interested in PHP, but want to see what's possible with it, you can take a glance at: http://bookshelf.ning.com/ Then, look at http://gnhlugbookshelf.ning.com/ I'd love to see people adding the books they think are absolutely essential for any LUG member to own to the bookshelf. The comment feature lets discussion happen, and the books can be rated and tagged for later organization. All in all, a fun evening for me, and hopefuloly for others as well. -- Christopher Schmidt Ning Developer signature.asc Description: Digital signature
Re: Reminder: MerriLUG meeting tonight!
On Thu, Nov 17, 2005 at 11:09:38AM -0500, Ken D'Ambrosio wrote: Just a friendly reminder; if you intend on eating, please RSVP so I can make the reservation accurate to within at least an order of magnitude. I know I'm way too late to have any effect on the most-likely already completed reservation, but just wanted to toss out that I will be there. -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
OpenGuides
Recently, in the b0st0n LiveJournal community [1], a request was made for a wiki to annotate the common questions asked by the community. In general, I find wikis as content management systems to be overrated, especially without a very dedicated user base of contributors. They are not the pancea that so many people seem to think they should be. However, I think that for structred storage of user-editable metadata, a wiki solution can sometimes be useful in a way that others can't. For this reason, I had previously set up the Open Guide to Boston [2], using the OpenGuides [3] software. OpenGuides is a project dedicated to free and open collaboration on data which is similar to CitySearch or other directory type applications. All data is stored in a local database, but also exported in RDF/XML, offering processing oppourtunities for other extran applications which may wish to take advantage of the data. This open source directory is similar in intention to Wikipedia, with its free documentation license designed to allow other people to use the information as they see fit, including full reproduction if that is neccesary for some use. Of special note over more general packages is the structured metadata stored with each object. Information like address and zip code are stored with each node, and this information can be edited by the user.. My additions to the OpenGuides codebase for the purpose of serving Boston specifically are: * Addition of geocoding addresses to Lat/Long automatically, using Geocoder [4], a free US address mapping service. * Addition of Google Maps views of several aspects of the data, including: * Map display on node pages, such as the Full Moon page [5] * Maps of all Nodes in a given category [6] * Maps of all nodes in the guide, in a Google Local like format. [7] * Adding links to the header (most guides don't do this) I think this is an example of what can be done with relatively limited information -- simply put in a street address and a town, and the map is generated for you, using public domain data and free for non-commercial use services. I would love to see anyone who knows about things going on or places in Boston to add them to the wiki, or other sources of information that locals or visitors to the town or surrounding towns might find interesting or useful. I think an open source, open data alternative to Citysearch would be a cool thing to have, and I'd love to have some help in making it. [1] http://www.livejournal.com/community/b0st0n/ [2] http://boston.openguides.org/ [3] http://openguides.org/ [4] http://geocoder.us/ [5] http://boston.openguides.org/?Full_Moon [6] http://boston.openguides.org/?action=index;index_type=category;index_value=Restaurants [7] http://boston.openguides.org/?action=index;format=map -- Christopher SChmidt signature.asc Description: Digital signature
Re: CACert?
On Wed, Oct 26, 2005 at 09:18:36AM -0400, Paul Lussier wrote: [EMAIL PROTECTED] (Christopher Schmidt) writes: After this thread, I joined the mailing lists for CACert, and that, if nothing else, convinced me that putting effort into the CACert process is a wonderful goal in theory, but difficult, confusing, and troubling in practice. [...] The established procedures do not instill in me any sense of trust of the process or the system under which CACert is proceeding. [...] at this point I have much more trust in companies like Verisign and Thwate than I do in CACert, largely for technical reasons more than anything else. I don't feel that the administrators of the project have established that they have the neccesary technical skills to take the precautions neccesary to ensure the safety of their certificate signing procedure given what I have seen. Perhaps GNHLUG, or some interested member could start a parallel project whichhh works better? Although in spirit this might be the right thing, I think that it would be better for people to get involved in CACert. Anyone with a strong hand to lead discussions and work through the existing beuracracy in CACert would probably be welcomed. The people are not unfriendly, or unkind towards new people trying to help, it's simply more difficult than joining into a 1-2 man project: it's a project with dozens of contributors, of everything from support to technical know how to Web of Trust coordinators. I have enough energy to lead an effort like that, if I came in at the beginning, but not enough effort to find my way into the woodwork that would be required to participate in any meaningful way. This is true of a large number of open source projects, too: Things like Mozilla (or Debian) become so huge that there is a beuracracy to contributing to them. CACert is the same idea. Smaller projects tend to attract more contributors, as do projects with less legacy to deal with. Changing CACert's website in one language would be a relatively easy task, but changing it in the 17 different languages it's offered in is difficult and requires significantly more effort. CACert is the head of the game. I don't think that starting a parallel project is best for the aim -- that of creating a web of trust network for signing server certificates. I think that what could be useful, if someone was interested, would be to create a small, dedicated team which created a plan to change the way in which CACert presents itself, pull in the neccesary people for translations and so on, and get things done. It has repeatedly been my experience that a small group of people working together can achieve far more in a far shorter period of time than a worldwide network of people can. Enough eyes make every bug shallow, but they also make bikeshedding far too common. (I'm guilty of this as well.) When you have hundreds of people trying to get their say in, you just get a cacophony of noise rather than a usable result, and that's no good for anyone. Unfortunately, I'm being critical in a situation I hate to do so in: I don't currently have the free time to contribute to such a group, so anything I say is just blabber coming out of my mouth rather than a dedication to help. I hate doing that, so I realize that my comments may be taken with slightly less importance. My suggestion stands though: create a small knowledgable team, get the information that people need to know, and get it out there with a professional look. That's what CACert needs more than anything else. -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Speaking of Subversion
On Wed, Oct 26, 2005 at 02:26:44PM +, [EMAIL PROTECTED] wrote: Hi All, I'm looking for a couple of things related to Subversion: The first is an integrated build system. Someone suggested Tinderbox, but it was built for CVS, and the Bugzilla integration for Subversion doesn't seem to really exist. Any ideas on this? Being a sysadmin and not a developer, I'm not too familiar with the integrated build process. The second is a web-based front end like the CVSweb stuff. Is this built into SVN? I don't know anything about build process, but something that many Subversion users are using is Trac (http://www.edgewall.com/trac/). This is an integrated wiki, bug tracking, repository browsing tool (each componentized, so they can be turned off) written in Python. It's pretty nice, although when I set it up it was kind of a PITA (requires setting environment vars in Apache config), so I'm not sure if it really fits any of the needs you're looking for. I personally wrote a really simple subversion repository display script: it let you specify a list of projects, and for each project, it would show the most recent commits and let you click through to see a diff -u view of it. This was basically so that I could quickly see what I'd been working on that day for hour tracking -- however, it required the use of a mac-only subversion-interaction python module, so I never did anything with it. I'm not sure what else there is in the same field. -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Optaros
I received an email today from a recruiter mentioning Optaros (http://www.optaros.com/). I've never heard of the company before, but they look pretty slick: It's the first instance I've seen of a company basically doing what I think is a great idea: taking open source solutions, finding the best solution for a particular problem, and acting as support staff for that solution. At my previous employer (wedu, inc.) we did something similar, but it was simply done as it was the most cost efficient way of managing our goals. For example, when setting up a calendar for people, we wouldn't generate the calendar display by hand: we used phpicalendar (http://phpicalendar.net/) for the display, and simply wrote an administration tool for creating the icalendar files that it needed via a web interface. However, we did not use this as a selling point to the customer (in part because the bill reflected amount of time to develop such an application internally, despite the fact that we were using a prebuilt solution). I'm not sure whether this would have made a difference in our client base: as it was, many of our clients came to us first for print or marketing services, and received advice or a requested a website design or tool as part of that marketing plan. Are there lots of open source consulting firms around? Do they do good things for the community? In web applications, GPL compatibility requirements are pretty slim: since in many cases, you're not redistributing the software (you're running it yourself) there's no need to contribute back changes. Do some people take the time to push changes upstream? What do people think about this type of business (consulting on open source) in general? Has anyone ever heard of Optaros? Are they good people? I'm honestly not sure I'm looking for a new position in the short term -- I'm working for Ning (the new PHP development framework/playground) atm, and loving that, but I'm still interested in seeing what's out there. -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: CACert?
On Tue, Oct 25, 2005 at 03:39:01PM -0400, John Abreau wrote: Bill McGonigle wrote: Are there others here who use or are interested in using CACert certificates? I'm a 150-point notary now, and if we get two others we can churn out more notaries. We also have the option of having a keysigning event where CACert will lend temporary points. Did anything ever come of this thread? I'd be interested in becoming a notary, and I imagine a number of my members would be, too. After this thread, I joined the mailing lists for CACert, and that, if nothing else, convinced me that putting effort into the CACert process is a wonderful goal in theory, but difficult, confusing, and troubling in practice. The documentation for the certificates generated (especially for users who don't really know what they're getting) is poor. It's unclear to most users on the support lists that using a CACert certificate will still result in the browser asking for confirmation. All changes in the way things are done are done by committee, using the wiki to prep changes first. As in all projects which use this method, this simply means that everything boils down to a series of arguments over trivial facts and nothing is ever done. I already discussed the number of issues I had with finding the information on the website, but the mailing lists are even less helpful (although this may be in part due to language barrier: there are a number of translators on the project, but I've seen very few posts that seem to speak English fluently, judging by their responses). Oftentimes, a simple issue takes a 5 email thread to get to any resolution, and even when it does happen, it often seems incomplete. The established procedures do not instill in me any sense of trust of the process or the system under which CACert is proceeding. As such, I have chosen to, for the time being, participate only as a lurker, since I have relatively little to add to the process. I speak as an outsider, but at this point I have much more trust in companies like Verisign and Thwate than I do in CACert, largely for technical reasons more than anything else. I don't feel that the administrators of the project have established that they have the neccesary technical skills to take the precautions neccesary to ensure the safety of their certificate signing procedure given what I have seen. (This is very harsh to the entire project, so I would like to state that this is my own opinion from the past 2-3 weeks of watching conversations on the more active mailing lists for the project, and may be wrong or slanted by my personal biases, such as being only an English speaker, or other experiences which may slant my opinions.) -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: 11 dedicated servers
On Thu, Oct 20, 2005 at 03:52:09PM -0400, Drew Van Zandt wrote: Anyone have any personal experiences (good or bad) with 11 Internet Inc. ? I'm shopping and they look decent... http://www.livejournal.com/users/atrustheotaku/tag/1%261+internet The three entries there have made me not want to tocuh them. (Reverse chronological, and it doesn't apply to dedicated servers as much, I suppose, but I'm just not happy with what I've heard from him.) -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: jabber?
On Tue, Oct 18, 2005 at 06:58:26PM -0400, Ben Scott wrote: On 10/17/05, Paul Lussier [EMAIL PROTECTED] wrote: I seem to remember at one point that someone in the group was quite familiar with jabber, but can't remember who. On 10/18/05, Thomas Charron [EMAIL PROTECTED] wrote: That'd be me.. ;-) I sense a future GNHLUG meeting presentation topic here ;-) IIRC, Tom is now in Arizona, which may make a meeting slightly more difficult. ;) -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: jabber?
On Tue, Oct 18, 2005 at 07:09:16PM -0400, Thomas Charron wrote: Shweet! I am? It rains an aweful lot for Arizona here. And there are alot of trees.. ;-) *looks up, and low and behold, there is no Lyndeborough, NH* ;-) Curses! Foiled! (I swear *someone* moved to AZ around the time we started the IRC channel... Can't remember who it was. Ah well.) -- Christopher Schmidt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
