Domain: sourceforge.net
Stories and comments across the archive that link to sourceforge.net.
Comments · 31,462
-
FSF Savannah Server Compromised
The FSF Savannah server has been hacked. The statement indicates a similar attack vector as the exploit against the Debian systems. However, it had been hacked nearly a month ago and was not detected until December 1st. For those that are not familar with it, Savannah is the FSF version of Sourceforge, hosting both GNU and non-GNU Free Software projects. It has not yet been determined whether any of the projects' source code has been modified. Read the full statement for details. One thing is certain though, with Debian, Gentoo and now the FSF being exploited in the same month, the open source/free software community is clearly under attack.
-
Knee-jerk that hurts M$:memory with bootable LinuxMicrosoft should have considered one further option which is also left to the manufacturers of "formatted blank media" such as USB/CompactFlash/etc. memory:
Of course, just as Microsoft may have assumed, manufacturers could either use FAT and pay up, or sell their media unformatted, in which case the customer needs a M$(-licensed) product to format it to FAT.
However manufacturers will probably want to test an initial write/read cycle, but if (for the sake of quality control) they simply format their media to something else (let's call it FOSFS, the hypothetical Free and Open Source File System ;-/, in order not to express any preference for one of the solutions in existence), most customers could not read it and/or would have to reformat it to FAT - with someone owing royalties to M$ as above.
If this has been Microsoft's reasoning, they have neglected to consider another possibility:
On current removable media of 256 megs and up, an entire Linux distribution takes up less than 10% of capacity:
Unless the boot process from USB memory requires more than a rudimentary, non-infringing "allusion to FAT", such media could not just be formatted in an empty FOSFS, but it might rather be sold with preinstalled software such as this (compiled without FAT support of course):"(...) tiny Linux (...) distributions containing all the software to boot (...) and play multimedia files through the MPlayer, the best multimedia player in the Unix world
Cameras etc. could switch to the new FOSFS immediately, for PCs would not need to support it "out of the box", as the removable media itself would actually "be its own driver" (and media viewer, and provide network connectivity, etc.).
(...)
MoviX is now able to boot also from (...) USB pen, CF card and from the net."
In this case, such "not-so-blank media" should certainly bear the penguin logo as a "seal of quality".
To justify adding a Creative Commons mark next to it, one could even fill the remaining space with some free and open (motion) pictures and/or audio to be played on first use.
Microsoft itself would have to catch up and release Windows support for the FOSFS before everyone sends and serves pictures from some sort of "USB Linux".
If only one major manufacturer of removable memory takes an approach like this, at M$ the employee who came up with that "bright idea" of a FAT license but failed to see this option may have a hard time explaining... -
Re: the future?
Why not just use CramFS?
-
Re: the future?
Ext2 (Linux) File System Driver for Windows NT 4.0 - Old. But still useful.
-
Re:Gnome v. KDE
Take a look at wxArt2D (which really should get merged into at least the contrib branch of wxWindows some day). It's a downright spiffy little library. I'm not sure if theres any Python bindings, though...
-
Re:Building a mod inside a level editor...
Not Ruby, but I'm working on a Python library for Doom called Omgifol in which I recently implemented a complete API for editing levels (the version on SF is quite outdated, though, nothing to see there).
I don't know how useful the level editing features of the thing will end up being, but I have some ideas of making a random level generator similar to Slige with it. Using a language as powerful as Python, it should hopefully be possible to create stuff more advanced than Slige's linearly arranged square sectors ;-) -
Re:Read AND write ext2 on wondpws
Ext2FSD - http://sourceforge.net/projects/ext2fsd/
That works nicely for me on both Win2k and XP if you're after a deeper implementation.:)
Last time I used it, it did read/write on ext2 and read only on ext3.
What I'd *really* like, however, is a JFS driver for windows. (IBM JFS, that is)
Robert. -
Re:Mods...
"Its been proven lots of times, heck, people still play QUAKE1 because of the mods!"
I couldn't agree with you more. However it's not just mods that keep people playing Quake I, it's ports. John Carmack unleashed a horde of ports to several of id's best games by releasing the source under GPL, which gives fans a chance to play games like Doom in OpenGL or on a cellphone, or even revamping Quake with today's graphics hardware support like per-pixel lighting and stencil shadows.
I'm currently playing Tenebrae Quake, and it looks amazing on my GeforceFX 5900 Pro. -
Re:Selling unformatted
-
Spambayes
Check out SpamBayes - Outlook plugin. Bayesian filtering for Outlook 2000/XP/2003 - written in Python...
-
Fluxbox (or Blackbox)
-
Fluxbox (or Blackbox)
-
Re:My Mozilla bounty
You may already have seen this. It works like a charm for me.
hotwayd is a hotmail-to-pop3 gateway that runs through xinetd. I'm actually piping my mail through hotwayd *and* popfile without any problem.
And, much as I'd like the money, I think this advice should be free. :) -
GPL'ed Qt on Windows
Here.
I hear you can get a native, Trolltech-provided Qt 3.2 Windows free edition on the CD-ROM that comes with the upcoming re-edition of the Qt book, too, if you can't want for the above project to reach completion.
Otherwise, a decent alternative is wxWindows (not as clean and elegant as Qt, and thus requires a bit more code for a given task, but still very decent, don't worry).
Thank you. -
Tripwire / AIDE
From the Gentoo Altert:- "However, the compromised system had both an IDS and a file integrity checker installed"
Gentoo realized that they got hacked after one day.
GNU Savannah realized that they got hacked after one month.
It's time to propagate the use of file integrity checkers! They can detect the effects of any new exploit and can't be circumvented (when properly used!).
AIDE
Tripwire -
Tripwire / AIDE
From the Gentoo Altert:- "However, the compromised system had both an IDS and a file integrity checker installed"
Gentoo realized that they got hacked after one day.
GNU Savannah realized that they got hacked after one month.
It's time to propagate the use of file integrity checkers! They can detect the effects of any new exploit and can't be circumvented (when properly used!).
AIDE
Tripwire -
Lets give the RIAA what they want...
Lets give the RIAA what they want.
Don't download commercial music that you are not allowed to possess.
Instead, try iRATE and get free, legal mp3s.
You don't have to pirate music, and you can still kick the RIAA where it hurts (mindshare).
-
Re:My Mozilla bounty
Yup on the POP3 thing - check out:
YahooPops
Mr. Postman -
Re:My Mozilla bounty
Yup on the POP3 thing - check out:
YahooPops
Mr. Postman -
Re:Intelligent filteringWhat it sounds like he wants to do is integrate the functionality of PopFile inside firebird.
And I don't see why it'd be too hard to modify the current bayesian filter that identifies messages matching "spam" and have some parallel ones identifying any old kind of mail.
-
Fluxbox
-
Fluxbox
-
Ratpoison
Ratpoison
Alternatively you can get wmakerconf to remove the dock, workspace applet, etc. Also would recommend editing ~/GNUstep/Default/WMWindowAttributes to remove titlebars, resizebars, and window borders. -
Fluxbox? or any other *Box? XFce?
Give fluxbox a shot, it uses almost no space at all except for a little slit. And the app menu appears by right clicking on the desktop.. Although iBooks only have one mouse button don't they.. WELL Then, NEVERMIND..
Perhaps XFce would suit you better. The panel can auto-hide and everything.
Klowner -
Evil WM
Not sure if you're requiring icons or don't mind being a console jockey, but give evil windowmanager a try. Guaranteed the only thing on your screen will be the windows themselves.
-
What else...You can flood their websites with garbage data.
Project Web Form Flooder may be of some interest to you.
-
Revenge?I got some revenge for ya...
As promised, there's a new tool in town. Project Web Form Flooder is still in beta, but it's functional in flooding spammer's websites with plausible data. Java source code only right now, but I'd imagine the
./ crowd can deal with that.If we flood spammer's websites with garbage data, maybe, just maybe we'll do a little to remove the profit motive in spamming, and once there's no money in it it'll end.
Isn't it time we stopped crying and started doing something?
-
whine you wheenies
I have little patience from people who complaint about stuff that is easily resolved. If you are not motivated about security at work fine but you should have some level of motivation for your personal email and other information. Try password safe it works really well and its free. For those too lazy to find it on their own
-
Re:Definitely
Use pwgen. It creates random passwords of arbitrary length that are easy to memorize due to sounding like english, but that are actually total gibberish and so can't be guessed through dictionary attacks. It really works. I haven't managed to forget a pwgen-generated password yet. (And I am notorious for forgetting details) Also, it tends to generate passwords that pass the inane password rules some sysadmins dictate (whereas the password shall have at least one number, whereas it will be at least 8 characters in length, whereas it shall use at least one uppercase letter,
...).
Every machine I own has a unique root password, and I have a shared user password for all machines that are inside my home, and a unique user password for machines that are "out there".
I've even noticed I can not use a password at all for months at a time, and come back to the machine and remember it (because I remember what it sounds like). -
Re:Linux image stitching tools
For the really adventuresome...
There's pnmstitch (as either part of the netpbm package, or as a standalone utility).
Command line image stitching. Yeah!
/* ---- */ -
Re:Linux image stitching tools
For the really adventuresome...
There's pnmstitch (as either part of the netpbm package, or as a standalone utility).
Command line image stitching. Yeah!
/* ---- */ -
Re:Linux image stitching tools
For the really adventuresome...
There's pnmstitch (as either part of the netpbm package, or as a standalone utility).
Command line image stitching. Yeah!
/* ---- */ -
Re:Call me crazy but...
Do you know of anything equivalent in quality and/or speed to TMPGEnc? As an alternative, do you know how to get TMPGEnc working under Wine? The last time I tried (maybe a year or so ago), I didn't get very far with it.
You could use MEncoder to encode the video (no GUI, but very high quality and extremely fast), or transcode as mentioned before, or you can even use FFMPEG directly (it has very good documentation, and it is the codec library that most other GNU/Linux video tools use). You could also try Kino (old GNOME 1 GUI, but very user-friendly). MJPEG tools provides some low-level encoding utilities for MPEG2, but I don't know about quality or speed as I haven't tried them. Once you have your MPEG2, you might try DVDAuthor to create a DVD structure (including menus if you need them). -
my experiences
Star Control 2 (now GPL) (I always win)
xpuyopuyo (she always wins)
Chu Chu Rocket for dreamcast (anybody's guess)
-
And I thought it was like open-source software.My first big shock of disillusionment came while I was in college, when I discovered (by reading the fine print on the box) that my favorite brand of blueberry muffin mix contained no blueberries, just little chunks of apple dyed purple with food coloring.
After reading Philip Greenspun's Dec 1st blog rant, that is pretty much the way I feel about MIT's OpenCourseware. Who could have imagined that the same institution that gave us X, Project Athena, Kerberos, the AI Lab, the Media Lab, Nicholas Negroponte, and of all people Richard Stallman, would turn their back on all this tradition? Call me naive, but I actually believed that OpenCourseware was built upon open-source philosophy, that MIT had undertaken a plan similar to the Chalk Dust portion of my Open Slate project. How sobering that even at MIT, IT decisions are made the easy way -- read something in a magazine, hear something at a vendorama, buy Microsoft and hire contractors to build it.
Okay, so Philip Greenspun is a Harvard man. Hardly a disinterested party. This may explain the motivation for writing the piece, but I see no reason to discount his facts.
I am sooooo disappointed! Time to reach for a Bud. You know why I drink Bud? Because they still deliver it with those horse-drawn wagons. Sometime you have to brush a little manure off the edge of the can, but hey, that's life!
Visit the Open Slate Project featuring Chalk Dust.
-
Good methods
-
DocMGR looks like what you want...
Haven't tried it yet, but it looks like it fits the bill. Personally I just wish Google would open source what they use for their Catalogs site...but maybe DocMGR or something similar will do the trick...
It's at http://docmgr.sourceforge.net/ -
You might also want to check out..
Maximus for UNIX.
Hella cool, I say. I found this last night! -
Re:What about users/permissions?
This is part of the FAQ
The program uses Linux Userland File System (LUFS) which "moves the filesystem implementation to UNIX userland where the Microsoft Windows filesystem is completely unarmed by Captive jail of chroot(2), setuid(2) and setrlimit(2)."
I hope this answers the question.
JFMILLER -
Re:How stable?
Hmmm... You're right. I missed that part, and I assumed (wrongly) that the existence of TopologiLinux meant that the driver had solid write support.
-
Re:My Take on Things-
I doubt they will ever port to intel. But to answer your other question, yes a huge number of gnu/OS apps run under OSX. Checkout this site:
http://fink.sourceforge.net/ -
Re:How stable?
Have you tried this?
The authors claim the new driver works for read/write, and is stable. I don't dual boot myself, so I haven't tested it, but there seems to be a solution that's not a hack. -
Re:How about the other way around
-
Re:Linux File System?Linux still runs on FAT32 itself
No, it doesn't. Linux supports a wide range of journalling file systems: ext3, JFS, ReiserFS, XFS, in addition to almost any filesystem known to man, INCLUDING native NTFS
Shouldn't Linux be on something "better" than FAT32
It is. ...Or am I overlooking something (I'm not a Linux user...yet)?
You got your facts wrong, that's all.
-
Re:Linux File System?
You're overlooking something. Actually, quite a bit....
ext3
Resier/Resier4
JFS
XFS -
Re:That "removable cd feature"...
Gah, there goes one of the USP (Unique Selling Points) of Salvare - still, it's useful (to me at least) to have a small rescue/workstation CD supporting apt-get, removal of CD and a Debian installer.
Note to self: check in to CVS the Debian installer script
-
For a while, anyways..
I was 1:140/137 (I think 137
.. it's been 4 or 5 years now).
I'm surprised I can still find webpages for Fidonet and Binkley term, but they're there.
I makes me wish Maximus run under Linux. Then I could have it setup so that you could telnet in and register an account, and it'd be like a really cool version of the webforums -- more interactive, pretty, and less garbage. I've never really liked web forums, except for a few (Slashdot, Kuro5hin) which have decent layouts and threading of comments :)
Oh, what's this? Looks like someone did release it... it's Maximus, and Squish message format, and more.
Maybe we should organize a real, online BBS setup? Not the old Fidonet, but something new? -
WWIV BBS echo, eh?
Sounds remarkably like a tiny version of Fidonet. Fidonot had many zones, regions, nodes, and points. It standardized the serial interface via FOSSIL (Fido-Opus-Seadog-Serias-Interface-Layer), which many early BBS software used (such as the Maximus package I used), and the mail programs.
Through it, you could have message echoes, file echoes, you could offer files for remote login (I had BBSes from Texas dailing in to my Saskatoon BBS and requesting libraries I'd written, it was cool), and request files from remote BBSes. You could also send them via file echoes, so they'd be scheduled and sent between the nodes when the optimal time to call was (I used BinkleyTerm as my front end, it handled all that).
Towards the end, the technology was really advanced. Maximus version 3 ran on NT, OS/2, and DOS. It had a complete VM and language you compiled to byte code, as well as the MECCA display language. Using it, you'd make MECCA files that were like templates. It could insert anything, and would be tranlated on the fly to ASCII, ANSI, AVATAR, or (thanks to v3) RIP (remote image protocol) -- which was a very fast remote EGA-like display. Mecca itself was internally similar to Avatar.
The VM language (similar to Pascal and Basic) allowed you to automate it further. Naturally, none of the local teenaged sysops who barely understood computers used Maximus; they were all busy using Renegade with some ansi pack to be leet. I "tricked out" my BBS by having it send long and pretty ansis at the users as much as possible, since this noticably increased my callbacks. People always seemed surprised at what I could do with Maximus ;)
Anyways, that's my trip down memory lane for the day. -
Re:Use a digital camera for input
I forgot to mention Gphoto which runs on many flavors of Unix.
-
Re:BT Itself?
It'd only really be practical if you put together a massive collection of
.torrents (like the suprnova database) in a .zip file and then used BT to download that.
Good explanation, but it still wouldn't work. (This is an interesting problem that you'll run into in a lot of areas of computer science, though I don't know whether it has a name.) Basically, each .torrent points to a file. The contents of that file may not be changed without invalidating the .torrent link. Thus, the contents of the file must be known at the time of propagating the .torrent. Thus, the file may only reference older .torrents -- that is, .torrents that were already in existence at the time the file was created. So if the only reference someone has to obtain BitTorrent information is a .torrent file, they may only ever reach .torrents created at or before the creation time of that .torrent.
Your solution would reduce load over the existing system, but from the fact that the parent mentioned chicken/egg, I suspect that they want to use BitTorrent as a complete solution.
There are systems that allow providing forward references -- allowing one to reach newer files. These systems require the use of encryption, not just hashing, however. kast and freenet both use public key cryptography to provide exactly this service.