Domain: freesoftware.com
Stories and comments across the archive that link to freesoftware.com.
Comments · 21
-
Mirrors for Xfree86
Here's a nicely formatted list of mirrors for you lazy bastards
;)
Let's make the slashdot effect on xfree86.org a little more bearable :)
ftp://ftp.calderasystems.com/pub/mirrors/xfree86
ftp://carroll.cac.psu.edu/pub/XFree86
ftp://ftp.cs.umn.edu/pub/XFree86
ftp://download.sourceforge.net/pub/mirrors/XFree86
ftp://ftp.freesoftware.com/pub/XFree86
ftp://ftp.infomagic.com/pub/mirrors/XFree86
ftp://mirror.sftw.com/pub/XFree86
ftp://phyppro1.phy.bnl.gov/pub/XFree86
ftp://ftp.rge.com/pub/X/XFree86
ftp://ftp.valinux.com/pub/mirrors/xfree86 -
�PNG!
What ever happened to the
... royalty-free alternative to GIF?It's called PNG now. Burn all GIFs; use PNG.
-
Re:Good show, Watson!
Along with this small ftp server that can only server 5000 simultaneous users.
-
Legal analysis that tries to be technical.
The article takes a legal perspective: the compatibility monopolies section fails to acknowlege the connector conspiracy principle that we all know from the famed JARGON file. It completely misses vital necessary points that are common knowledge among the technical elite, and in the bias the conclusion falls on the wrong side.
When I read things like
I am acutely aware of the writers' ignorance on the subject. The problem with this fantastic assumption is that Microsoft products are *not* the best, even on price/performance ratio. The rest of the article is suspended over the vaccum of what *wanted* to be a supporting pillar of truth. ... in the 20th century, certain monopolies focused on providing the best product and price to their customers. Microsoft did just that, and judging from their economic success, they accomplished this extremely well.What I am afraid this article may suggest (to the wrong people) is that the Microsofts and IBMs of the world deserve the right to "innovate" new interfaces, but they must be mediated by a central authority. I fear this authority who will guarantee nothing about the under the table licensing schemes and pre-release engineering samples, but *will* guarantee that software patents worm their way in like a liver fluke as a safeguard for the incentive MS and IBM had to create all that superior technology.
Then again, this is preaching to the choir of "Standards" people. Just remember: standards are created by consortiums of big corporations when and if their legal departments see fit. Also remember to use free software: it rules (and The Law just drools).
-
Just secure the machine
I always say, a properly secured linux installation will be much more secure than a half secured openbsd install. It only takes me about 5 minutes to completely secure a box, it would be worth your time to learn how to do it because it saves much time in cleaning up after a system compromise. It's so easy, that I'm going to list out all the steps that I use to secure a redhat 6.2 machine
1. nmap 127.0.0.1
2. /usr/sbin/ntsysv (turn off all un-needed services that show in the nmap scan)
3. shut down those services, ala /etc/rc.d/init.d/(service) stop
4. vi /etc/inetd.conf (remove un-needed services)
5. restart inetd, /etc/rc.d/init.d/inet restart
6. nmap 127.0.0.1 (make sure the services are shut down)
7. install all security updates from a updates.redhat.com mirror, my favorite is ftp://ftp.freesoftware.com/pub/linux/redhat/update s/
Redhat 7.0 is very similar to 6.2, except you do not need to edit /etc/inetd.conf because it does not exist, and you can use ntsysv to remove services from the new xinetd used in 7.0.
an even better solution for #7 is to use an auto update script or program. Personally I feel that most of the ones out there for the redhat distributions aren't so great, so I decided to write my own script to do it myself. Run it fron cron once a day, and forget about manual updates. I just wrote a web page for my script, and you can see it here http://www.bol.ucla.edu/~drewm/superupd/ -
Castles in the air
As for the other things they should have included: they HAVE 2.4 kernel RPMS. I ask again, have you even looked at RH7? I installed the RPMS and gave them a whirl. So what distrib are you using? ReiserFS is not in the distrib, but can easily be added to RedHat.
Do me a small favor. Look at the list of RPMS in 7.0. Do you see a 2.4 kernel? Neither do I. Obviously, what is not included in the distribution is not integrated into the installer.
The decision to support USB and X4, and not ReiserFS, was arbitrary. Red Hat did this before with KDE, but at that time they had good reason. This time they do not.
I have done more to advocate Red Hat than you could probably comprehend. Pardon me if I take your vitriol with a grain of salt.
-
Don't let those damn facts get in the way....
> As for Apache, there's always
> bugs/holes/orifices being found, and Apache has
> a new patch at least twice every month. To my
> knowledge, IIS5 has been patched ONCE (in Win2k)
> SP1).
Hmm, well let's see what bugtraq has to say...
Number of security holes listed for apache: 10
http://www.securityfocus.com/frames/?content=/vd b/middle.html%3Fvendor%3DApache%2520Group %26title%3DApache%26version%3Dany
Number for IIS: 59
http://www.securityfocus.com/frames/?content=/vd b/middle.html%3Fvendor%3DMicrosoft%2 6title%3DIIS%26version%3Dany
(Links done like this because the posting engine kept inserting spaces in the URL)
Note that some vulnerabilites for both are actually caused by 3rd party add-ons, not Apache or IIS. But, this sure tells me alot about which one I would trust.
> One more funny thing: All the manhole covers in
> Boston say "BSD". Kinda reminds me of BSD's
> place in the computer world. :-)
Yeah, BSD only runs the highest volume web server in the world, the highest volume FTP server
in the world, and Microsft even borrowed from their TCP/IP stack for Win2K. But yeah, you're right, it sucks.
-Wintermute -
Leverage Frameworks - Post Only Subversive PartsI suggest that you minimize the amount of explicitly subversive code (and also your development workload) by making use of readily available frameworks.
It's preferable if these are open source, but they don't have to be to suit your purpose; for example Metrowerks PowerPlant is the most popular application framework for the MacOS, and although it is a commercial product it is inexpensively available and when you do buy the Codewarrior development system you get the PowerPlant source code on the installation disk.
You can even develop an open source framework yourself and publish it openly, and invite in contributors publicly, and distribute non-subversive demo and test programs. Alternatively, you can add functionality to frameworks that almost suit the purpose and submit your patches back to the original maintainers.
This will save you work, although you may have to write "adapters" to be able to use someone else's library for your own purposes, it will increase reliability of your product, because the framework will have already been debugged by someone else and also tested under a wider variety of circumstances than it will encounter in your code, and you can concentrate your work on the particularly subversive parts.
Then you post only the "interesting" parts of your source code, and provide hyperlinks to the needed application frameworks in your build instructions. Be sure to include the version numbers needed for this build of your program, and if the sources to any of the frameworks are signed with a public key, include the key which those sources were signed with when you got them. That way you can be sure future programmers can rebuild the same program as you did.
It may well be that you have a large application but only a few source files and some build instructions to upload, which could be done off a floppy disk at a public access terminal. If you upload these to a few free webhosting service pages, then email the URL to a bunch of warez site maintainers, your code will be looked after.
Note: to find lots of warez sites (and even more serialz sites) go to Altavista, click on "Advanced Search" and enter:
download and warez and photoshop and illustrator and crack
Probably only 10% of the sites you find will actually have live warez (they get taken down quickly) but some patient hunting will find you any software title you want - but of course your objective here is to contact the warez site maintainers so they can introduce your program into their archive system.Note that if you want to build a Windows application you can build it with Cygwin (a GNU shell environment for Windows including gcc) so you can be sure Microsoft doesn't embed Globally Unique Identifiers in your code. I'd also suggest that when you make a windows build, you buy a brand-new copy of windows 98 (pay cash), install it on a freshy formatted hard drive, build your binary, upload it, low-level format the hard disk you built it on and throw away the Windows 98 installation disk and all the materials that came with it. It's probably hard to get away with installing a development system on a public access terminal.
If you don't want to use a public access terminal (after all, you might be recorded on a surveillance camera, or the coffee shop waiters might remember you skulking around), then use Zero Knowledge Systems' Freedom to anonymize your web access.
Note that the way Freedom works is your HTTP packets are multiply encrypted with the public keys of the Freedom Network's servers, then "unwrapped" one by one as they pass through up to three servers until they are passed unencrypted to the public net at a faraway place.
Freedom provides both anonymous web browsing and anonymous email send and receive.
Some sources for open source libraries:
- Available C++ Libraries FAQ
- The Apache XML Project
- The Free Software Foundation software page
- Walnut Creek CDROM Free Software Archive
- SourceForge
- Freshmeat
- Gnome
On the other hand, when you write new code, it is definitely worth while to snip out little bits and make sure that they will compile and run on their own, or depend only on other readily available libraries. That way you can create a library yourself.
The book More C++ Gems has some articles on Large-Scale Software Architecture that discusses reducing cyclic dependencies in software projects, in part so that the projects can be rebuilt faster but also so that they can be unit tested in smaller parts and the parts can be extracted out and reused in other programs - although the claim is often made that object-oriented software is more reusable, this claim is baseless unless good engineering practices are observed.
-
PNG transparency in browsers
I do love using the transparent Gif and will continue using them. PNG is cool too.
PNG supports both GIF-style binary and alpha-blended transparency. If you care about browser support, IE 4.02 and later support binary transparency in indexed images, and Mozilla supports full alpha transparency (falling back to dithered alpha on platforms such as X without alpha channels).
-
Re:sort of off-topic but..
You don't need to use a for loop, I use Info-ZIP's portable unzip/zip (comes with most Linux distributions, and/or are available as packages) in both Linux and Windows and you can just as easily do unzip *.zip.
-
Penguin Sandbox/Signing systemThat's what the perl module Penguin does. You can find it on any CPAN mirror in the modules/by-module/Penguin directory. Eg., at ftp.freesoftwar e.com in the
/pub/perl/CPAN/modules/by-module/Penguin/ directory. Here's a snippet of the FAQ in its tarball explaning how it works:'Saaaay, what _is_ the design of Penguin?'
Glad you asked.
Consider two machines, foo and bar. A user on foo (or perhaps a program on foo) wishes to execute a program on machine bar. However, imagine that the people running bar don't want just anyone running code on their machine for security reasons. This is the normal case on the Internet, and one which the World Wide Web attempts to emulate with HTTP and CGI.
Normally, there is no well-known channel for foo to transmit code to bar. Further, there is no provision for the code to undergo verification after transmission. Too, there is no well-defined way for bar to ensure that foo's code does not attempt to perform insecure or damaging operations.
Penguin attempts to solve these issues while making sure the code language maintains some acceptable degree of sufficiency and power. Using Penguin, the user/program on foo 'digitally signs' the code that's earmarked for delivery to bar. The signature encodes the code in such a way that it is impossible to alter the code or deny that the signer signed it.
The code is then wrapped up into a packet and transmitted through a 'channel' to a Penguin process running on machine bar. The channel's protocol layer is abstracted away enough that it becomes unimportant; Penguin code can just as easily be delivered through SMTP or AOL Mail as through TCP/IP, DECNet, AppleTalk, whatever.
The Penguin process on bar unwraps the packet, which contains further verification and checksum information, and then 'digitally unsigns' the code, a process which provides the code in 'clear' form while telling the receiver who digitally signed it.
The receiver then cross-references the signer's identity with a list of rights that the receiver associates with the signer, reverting to a set of default rights if the signer is unknown or unlisted.
A safe compartment is then created, populated with the functions allowed to the signer, and told to limit the operations it can perform to only those permitted to the signer.
The code is then compiled within that safe compartment. If it attempts to do something which the signer is not allowed to do, or if it attempts to call a function not permitted to the signer, the compartment immediately traps the operation and throws the code away before it can execute. If the code uses no unsafe or illegal operations, then it executes and produces a result.
The code executing side then becomes the master in the transaction, and can send code to the original sender, send the return value back in a data packet, and so forth. The process repeats as necessary until both parties are done; the channel then closes, and the Penguin transaction is complete. The basic sentiment behind the idea of 'identity' being correlated to 'rights' in the receiver is that in signing the code, the signer commits her identity and her reputation on the correct operation of the code. 'highly trustable' signers (as one might imagine Larry Wall, Randal Schwartz, and Tom Christiansen to be) might be assigned very high levels of trust and equivalent degrees of 'rights', so that programs they sign can perform very complex and interesting operations on your computer. By the same token, paranoid sites or those wishing isolation could assign zero rights to everyone except for a select (perhaps internal) few.
Part of the 'rights' given to signers include possibly specialized functions that encapsulate the functionality of extremely dangerous operations. For instance, a store opening up on the Internet might put up a Penguin server which put functions called 'list_items' and 'buy_item()' into the limited compartments all users get. 'list_items' might open up a file on the store's machine, read the contents, and spit them out -- an operation which, if allowed in the general case, would clearly breach security. However, by creating a specialized function, the security concern is removed, and by letting potential customers know of the function, the power and ease of use are kept high.
Niggling but important technical issues currently being wrestled with include the way that foreign functions are registered into the namespace, the construction of a foreign function framework so that the names and function of the functions are well-known, and a superior-than-current 'digital signature' method.
-
OOPS! fixed link
s/cdrom.com/freesoftware.com/; I forgot Walnut Creek/BSDi moved cdrom.com hosted projects to a new domain, freesoftware.com.
-
ARC was doomed anywayARC was LZW based, at least its better compression schemes were, and its header format was limited to 12 character filenames. Hence ARC was doomed anyway.
One can still find source code for a version of ARC, and it compiles under my Linux installation.
--
So many "first post" idjits...so few moderator points... -
Re:infozip web site moved from cdrom to freesoftwaThe PNG and MNG sites have not moved (yet); we're discussing that right now, in fact. It looks like it will be possible to move them over (i.e., freesoftware.com's contract does not appear to prohibit them from hosting the trees), and it's probably a good thing to do, but there are a number of questions and uncertainties that need to be worked out first--timing not least among them.
In addition, the link you posted for Info-ZIP is incorrect. Right now, most of http://www.freesoftware.com/ either redirects to http://www.cdrom.com/ or mirrors it; either way, the Info-ZIP tree on the latter is a 10-month-old broken mirror, and therefore so is anything that mirrors or redirects to it. The correct URLs for Info-ZIP and zlib are:
ftp://ftp.freesoftware.com/pub
/infozip/Info-ZIP.html
ftp://ftp.freesoftware.com/pu b/infozip/zlib/zlib.html
There is no local HTTP access to this tree currently. There are, however, mirrors overseas that provide HTTP service. Check the respective home pages, and if they don't mention "freesoftware.com" somewhere on them, they are not up to date!
-- -
Re:infozip web site moved from cdrom to freesoftwaThe PNG and MNG sites have not moved (yet); we're discussing that right now, in fact. It looks like it will be possible to move them over (i.e., freesoftware.com's contract does not appear to prohibit them from hosting the trees), and it's probably a good thing to do, but there are a number of questions and uncertainties that need to be worked out first--timing not least among them.
In addition, the link you posted for Info-ZIP is incorrect. Right now, most of http://www.freesoftware.com/ either redirects to http://www.cdrom.com/ or mirrors it; either way, the Info-ZIP tree on the latter is a 10-month-old broken mirror, and therefore so is anything that mirrors or redirects to it. The correct URLs for Info-ZIP and zlib are:
ftp://ftp.freesoftware.com/pub
/infozip/Info-ZIP.html
ftp://ftp.freesoftware.com/pu b/infozip/zlib/zlib.html
There is no local HTTP access to this tree currently. There are, however, mirrors overseas that provide HTTP service. Check the respective home pages, and if they don't mention "freesoftware.com" somewhere on them, they are not up to date!
-- -
Re:infozip web site moved from cdrom to freesoftwaThe PNG and MNG sites have not moved (yet); we're discussing that right now, in fact. It looks like it will be possible to move them over (i.e., freesoftware.com's contract does not appear to prohibit them from hosting the trees), and it's probably a good thing to do, but there are a number of questions and uncertainties that need to be worked out first--timing not least among them.
In addition, the link you posted for Info-ZIP is incorrect. Right now, most of http://www.freesoftware.com/ either redirects to http://www.cdrom.com/ or mirrors it; either way, the Info-ZIP tree on the latter is a 10-month-old broken mirror, and therefore so is anything that mirrors or redirects to it. The correct URLs for Info-ZIP and zlib are:
ftp://ftp.freesoftware.com/pub
/infozip/Info-ZIP.html
ftp://ftp.freesoftware.com/pu b/infozip/zlib/zlib.html
There is no local HTTP access to this tree currently. There are, however, mirrors overseas that provide HTTP service. Check the respective home pages, and if they don't mention "freesoftware.com" somewhere on them, they are not up to date!
-- -
Re:does anyone know where I can...?Sure, go to ftp://ftp.freesoftware.c om/pub/slackware/slackware-current and look for the
.iso (There should be 2, an install and a source.)May the Source be with you... --Unix Wars
-
Re:New Distribution Site?
I believe Walnut Creek has moved all Linux related distros and software to ftp.freesoftware.com. They are indeed the official site for Slackware Linux, and for FreeBSD. I think this is a great merger, but I wonder what effects it will have for Mac OSX, which runs off of a mini BSDI 4.4 me thinks..
EraseMe -
infozip web site moved from cdrom to freesoftwarecdrom.com has been hosting the infozip and PNG web sites since November 1997 when we were booted off our previous host due to a sudden increase in traffic when Netscape started supporting PNG. Several days ago the infozip (zlib, zip) home pages were unceremoniously moved by CDROM from cdrom.com to
http://www.freesoftware.com/pub/infozip/
which came as somewhat of a surprise to the infozip people; we've still got a lot of broken links to clean up. The PNG site has also moved, to
http://www.freesoftware.com/pub/png/
but the cdrom.com PNG site is still there for now. At least it was last night...yup, still there. -
infozip web site moved from cdrom to freesoftwarecdrom.com has been hosting the infozip and PNG web sites since November 1997 when we were booted off our previous host due to a sudden increase in traffic when Netscape started supporting PNG. Several days ago the infozip (zlib, zip) home pages were unceremoniously moved by CDROM from cdrom.com to
http://www.freesoftware.com/pub/infozip/
which came as somewhat of a surprise to the infozip people; we've still got a lot of broken links to clean up. The PNG site has also moved, to
http://www.freesoftware.com/pub/png/
but the cdrom.com PNG site is still there for now. At least it was last night...yup, still there. -
next-generation zlib?Will we ever see a zlib 2.0? I'll buy you dinner if it happens this year.
:-)(And for those who don't track Freshmeat, the zlib home page is now ftp://ftp.freesoftware.com/pu b/infozip/zlib/zlib.html. Please check that first before reporting bad links on other copies.)