Slashdot Mirror

he uses <A HREF="http://savannah.nongnu.org/projects/quilt" title="nongnu.org" rel="nofollow">his own scripts</a nongnu.org>

Also I think the criticism about portability is not warranted. At the time that article was written OpenNTPD already supported Solaris (it was the 2nd target I did) and HP-UX support has since been added. I don't think it's valid to criticise a project that's only existed for a couple of months for "only" running on Linuxes, 4 *BSD's including OSX, and Solaris which covers the 3 main *nix families in use today (Linux, BSD, SysV). The split between OpenBSD and Portable is quite clean and the differences in the common code are small (~50 lines, the diff is in the Portable tarball).

The comment about clock disciplining is a fair point. Right now OpenBSD doesn't permit changing of tickadj at the default securelevel so another mechanism is needed in the kernel. In the mean time I've been experimenting with clock disciplining via Linux's adjtimex syscall (implemented with *zero* changes to the common code).

The comment about crypto depends on what your threat profile is. Relying on large crypto libraries means that you're less vulnerable to active attacks of the "make your clock wrong" type, possibly at the expense of being more vulnerable to attacks of the "0wnd ur b0x" type. Admittedly, in some cases (time sensitive authentications like Kerberos) the former may lead to the latter, but in many cases it can't.

Anyway, decide for yourself. You now have another option (which is why I embarked on -Portable in the first place).

Also I think the criticism about portability is not warranted. At the time that article was written OpenNTPD already supported Solaris (it was the 2nd target I did) and HP-UX support has since been added. I don't think it's valid to criticise a project that's only existed for a couple of months for "only" running on Linuxes, 4 *BSD's including OSX, and Solaris which covers the 3 main *nix families in use today (Linux, BSD, SysV). The split between OpenBSD and Portable is quite clean and the differences in the common code are small (~50 lines, the diff is in the Portable tarball).

The comment about clock disciplining is a fair point. Right now OpenBSD doesn't permit changing of tickadj at the default securelevel so another mechanism is needed in the kernel. In the mean time I've been experimenting with clock disciplining via Linux's adjtimex syscall (implemented with *zero* changes to the common code).

The comment about crypto depends on what your threat profile is. Relying on large crypto libraries means that you're less vulnerable to active attacks of the "make your clock wrong" type, possibly at the expense of being more vulnerable to attacks of the "0wnd ur b0x" type. Admittedly, in some cases (time sensitive authentications like Kerberos) the former may lead to the latter, but in many cases it can't.

Anyway, decide for yourself. You now have another option (which is why I embarked on -Portable in the first place).

I used TeraTerm for years. An excellent product, and I like some parts better then PuTTY.

However I stopped using the product because, TeraTerm's SSH extension doesn't support SSH v2.

There are many security problems with SSH v1. Nobody should use it anymore.

Many people ask me whether or not TTSSH will support SSH protocol version 2. It does not and (unless someone else decides to try) it will not. Sorry, I don't have time to do it. Please don't ask me about it.

Is there anything TeraTerm Pro and TTSSH do that PuTTY doesn't do better?

are all y'all nuts? Reinstalling the OS once a month or even once a year? Holy shit! My current box is 4 years old and I've never reinstalled the OS and hope I never have to.

Once a month I consider rather excessive, but for a Windows box, reinstalling at least once a year greatly reduces the kruft. After a clean install, you can feel the improved responsiveness.

Anyway, my list of the first ten (+1 x2):

0) Turn off half of the default Windows crap (services, the recycle bin, CD autostart, etc), and perform assorted registry tweaks to stop Windows from acting like a crippled DOS-box-with-GUI (ala Win95) with only 64MB of RAM (such as LargeSystemCache, NtfsDisableLastAccessUpdate, CompletionChar, and DisablePagingExecutive).
1) PageDefrag, which keeps your registry and pagefile in a single contiguous file (though you should always have your min and max pagefile the same, so that doesn't get fragmented in the first place).
2) AntiVir. No sane person goes without an AV program, and IMO, this counts as the best of the free ones (for that matter, I consider it better than Norton as well - Slightly more awkward autoupdates, but it doesn't hog system resources). Best of all, as a non-USian program, it doesn't deliberately ignore "official" virii such as the FBI's Magic Lantern.
3) AdAware. We all know what it does.
4) SpyBot. Ditto, and it catches some things that AdAware doesn't (and vice-versa).
5) Mozilla, of course.
6) Winamp. I still prefer the v2.x series, but, gotta have at least one of them.
7) TeraTerm Pro and TeraTerm SSH. Technically two installs, but only a moron would use unencrypted telnet these days.
8) Calypso, a really nice (and free-as-in-beer) email program. Want the latest, greatest features in your email program, making it all but indistinguishable from a full-featured web browser and media player? Don't use this. Want a safe medium for text communication, with fairly powerful regexp filtering? You'll consider Calypso a godsend.
9) The GIMP. 'nuff said.
10) Finally, a compiler (or three... The next dozen installs after this one would include various other dev tools). Currently I still prefer Borland C 5.02, sadly not free. Although advancing technoology has already made it basically obsolete, it has what I consider the most straightforward IDE of any development suite out there.
0, part 2) Repeat step 0, since by this point Windows will have tried to undo half of my changes from the first time.

Okay. Ego-post of the day done.

While I know that this is more of a compositing program--at least from what I read so far...as I have shamefully not RTFA

Obviously. If you had, you'd know that it's not intended to be used for composition.

I'm going to take this opportunity to bitch about the one thing that has been keeping me from making the switch to Linux for all these years: Audio Apps

I have no idea what your requirements are. I don't know when you last looked at the Linux music scene. To me, it seems like the pro audio applications available are progressing at a fantastic rate. But without knowing your needs, I don't know whether it's good enough for you.

I'm no industry elitist that demands ProTools. in fact, I hate protools. The interface leaves much to be desires...granted, i'll buffer that (admittedly harsh) opinion: I'm a huge fan of CoolEditPro.....("eww, PC audio"...I can hear it already),

The hot app for professional multitrack audio recording and editing in Linux is Ardour. But if you don't like ProTools, you may not like Ardour, since its interface is very derivative of ProTools.

The underlying audio subsystems are a far cry from what windows offers. And what I experienced with in my limiting dealings with aRTS leaves much to be desired. (Think: latency) And I'm sure that has a lot to do with it....(why hasn't ASIO or an equiv been implemented yet?)

I don't know any Linux audio folks using aRts for their pro-audio work. Instead, the fundamental infrastructure for pro-audio on Linux these days is JACK. JACK is good stuff, designed from the ground up for professional audio work.

Other people have given you info to look at about specific pro-audio applications: Ardour, JAMin, Hydrogen, Rosegarden, etc. -- all of which can interface through JACK. Regarding plugins, there are tons; take a look at the LADSPA website. These plugins can be manipulated in a rack-like GUI interface, if that's what you want.

Regarding latency, I routinely get sub-ms kernel/software latencies; I'm limited by the soundcard's capabilities at this point. Of course, to get good latency performance in Linux, you have to be willing to do things like patch your 2.4 kernel (see e.g. Robert Love's preemptable kernel patch and Andrew Morton's low-latency patch. The 2.6 kernels are supposed to provide low latency from the start; it's not yet clear whether they do.

Many of the apps above are still in development/pre-release stages. In other words, while they're completely useable (and many people are using them to make good music), you should expect bugs. For the most part, the big ones are gone; but still, saving your work frequently is a good idea.

To me, the biggest problem in Linux pro-audio right now isn't applications. They're not done yet, but they're there, and they're advancing at an amazing rate. To me, the biggest problem is the same one that afflicts a lot of open source projects: lack of good documentation. For one example, the Ardour manual is skeletal; many (most?) people figure out how to use it either from their previous experience with ProTools, or from actually looking at the ProTools manual instead. The situation is the same for other projects. Fortunately, there are lots of mailing lists that

I mean, once upon a time you could throw a rock from a moving car and not expect to hit an Apple ][ emulator.

It'd be an easy 83.

and with vsound you can turn the RA stream into something a little more convenient. I've spent a few weeks totally rediscovering the excellent commedy output on bbc radio 4.

The only good thing about Realplayer is that you could use it to play Sci-Fi.coms Seeing Ear Theater, and that it supported esd as an output format.

Because of the joy of Esound, you could then use esdmon to snag the stream as waveform data and then encode it to a more cromulent media format. Of course, then along came stuff like Vsound, now sadly discontinued.

• CygWin. The Linux-like environment for Windows.
  Mozilla. Use this for mail, news, and browsing if you like.
  Firebird. for FAST browsing.
  WS FTP Light. A FREE, FTP client that works great.
  Filezilla. which is TRULY free and does sftp as well.
  PuTTY. a free SSH client for Windows.
  TTSSH. is a much less clunky ssh client than PuTTY.
  iXplorer. freeware secure FTP client
  VNC hello!? remote controll software.
  Tight VNClike the original, only FAST.
  GNU-EMacs for Windows. just trust me ;).
  Dev-C++a free C++ compiler for those who can't afford VS.
  NetHack. as someone here said, you MUST have NetHack installed on everything...
  Free-AV.free Anti-Virus software for Windows, (mandatory these days). or
  AVG Free edition. another free Anti-Virus software for Windows.
  Zonealarm. my favorite Personal Firewall,, really!. or
  Kerio. another firewall that some seem to like. or
  Sygate. yet another firewall. whatever floats your boat.
  Boingo. to see where the closest hotspot is, hehe.
  OpenOffice 1.1 the Microsoft Office KILLER :) {really!}
  Winamp 2.x for audio/video usage in Windows, stay away from the new one :).
  Mark's Adding Machine is much better than the Windows calculator.
  SpyBot Search & Destroy The best Ad-ware / Spyware removal tool we've found, "IE is unusable without".
  Ad-Aware another spy-ware app "alas poor Windoze."
  Trillian a favorite IM, since we're all chatters @ heart. or
  GAIM since trillian hogs resources, "bad piggy!".
  Gimp image creation/editing. Who needs Photoshop anyway?
  EnZip freeware Zip Utility, Stop nagging you WinZip!!
  Iview is a great little image viewer. or
  Irfanviewone of the best image viewer out there for Windows.
  Audacity is a great little sound editor.
  Virtual Dub. a great video editor.
  cDex gotta rip those cd's for the RIAA!
  MAME for games, period. Free. You can buy some ROMs, or *ahem* ask around. and finally
  XPantiSPY since XP is E-V-I-L.

And FINALLY, don't trust me! Trust the experts;

Go to the Pricelessware site maintained by the alt.comp.freeware Usenet group.
The

• Instead of Mozilla, I prefer the leaner Firebird for browsing and Eudora for email. If you take the time to learn how to use the Filters feature, Eudora's pretty good at filtering spam. Especially if you crank up the size of the History of addresses you sent to and store your contacts in the address book. You can then filter messages whose sender "doesn't intersect" your address book or history into a spam folder.
• Instead of WS FTP, I prefer Filezilla, which is truly free (you have to pretend to be a student or a non-profit to use WS FTP for free) and does sftp as well.
• TTSSH is a much less clunky ssh client than PuTTY.

• If you use a Palm, PalmEudora Sync keeps your addressbooks synchronized (which will help with those Eudora spam filters).
• Mark's Adding Machine is much better than the Windows calculator for balancing checkbooks.

Yeah,

I'm using this right now.

I have about 4 other of the "Heart-Shaped" Logitech PS/2 mice in use. These are lower-rez than the Wingman. Comfy shape + 3-buttons for X-11. I dig 'em.

Other than that, I have the over-priced Logitech mobile-optical mouse attached to the ThinkPad.

My first was a Logitech C-7... This was the three-button, "workstation" serial mouse you found on pre-MIPS SGI equipment and CAD PC's in the mid-80's. I'd attach the ASCII picture of this as an appropriate addition, but the lameness filter would block it.

For a trip back see:
LINK
LINK
LINK
and
LINK!

In Doggiebox, I use routines from libsndfile(an LPGL library C library). Since Doggiebox is written in Objective-C, I've also written a bunch of wrapper code to make libsndfile more convenient to use. I'm bundling this wrapper code into ZygoatAudio, a Mac OS X framework which statically links libsndfile. ZygoatAudio itself is presented as LGPL, and dynamically loaded by Doggiebox at runtime.

I've done it this way because my understanding is that I can't just static link libsndfile into Doggiebox without opening the whole Doggiebox source. On the other hand, I am happy to disburse code for ZygoatAudio (there's no web page yet since it is still too much in flux), and my understanding is that this dynamic loading issue takes care of LGPL requirements. If someone wants to re-engineer ZygoatAudio and drop it into Doggiebox, as required per LGPL, they can.

Is my approach correct?

-ben

libsndfile works great on OS X; I use it in my drum machine application Doggiebox for file i/o.

-ben

Shortsighted

One of the reasons DRM is so insane is because it is incredibly short sighted. I have records that are over 50 years old. I can play those records on virtually any turntable out there. Imagine if those records had been made with some sort of primitive DRM that required them to be played on a specific machine or required a call into a company to input a code before they would play. The truth is that most of those record companies don't even exist today. A huge cultural legacy would be lost.

The truth is obsolescence is already built in. Formats change computer file systems change, OSes change, our standards of quality change. My bet is that 50 years from now it will be just as rare to find someone playing mp3 files as it is tto find people playing old records now. You will have find a machine to read a certain kind of hard disk, find a way to read a particular file system, and then to interpret the format. Making those formats closed is virtually insuring the digital death of the music (or the video or whatever data they happen to contain).

I already see this problem with old software and data. I have a ton of programs from the apple ][ days. With some doing I can get that data off the old 5 1/2 inch disks and into an emulator under OS X. Most programs work and I can see the data (mainly high school book reports in appleworks), but it's a lot of effort. Luckily I was pretty good about keeping serial numbers around, but the programs that inevitably fail are the ones with anti-copy copy protection. Even back then the odd sector layout would cause problems on certain disk drives. Now the programs are essentially dead. With enough work I could probably revive them, but who has the time? We see the same problem now with certain cds with bad data written in on purpose to foil copying, but also foil playing on certain systems (actually in this case maybe it is a good thing to prevent Celine Dion from propagating her evil).

I have the same problem with my old Mac data circa 1984/85 even without copy protection. I have data in formats of programs that simply don't exist anymore (does anyone remember Fullwrite...so far ahead of it's time, but doomed by MS Word). My only hope for reading this data is finding an old machine or waiting until someone builds a good 68000 emulator (vmac has a ways to go)

Doing this to music (on purpose no less) is particularly insidious because music is one of the things that should live on as a cultural legacy. When I buy a CD I want it to last and I want to be able to play it whether I am here in LA or in a Kashgari taxi. I doubt that 2053 my grandkids will enjoy my Nada Surf mp3s the way I enjoy my grandfather's Vera Lynn and Tex Williams records, but I would like them to have the chance at listening to them in the first place.

The contest benchmark might be what you are looking for. It tests system responsiveness by running kernel compiles under different kinds of load.

Still based on kernel compiles, granted, but at least it tries to measure responsiveness. Been used heavily to benchmark recent kernels - check Kernel Trap for results.

The Linux scheduling latency page of Andrew Morton might be useful as well. Alas, kernel patches tend to work on x86 first before PPC..

According to Mad Max Chronology page, Max is born in 1975, and the events of beyond thunderdome happen in 2018. This makes Max 43 just when Thunderdome occured. Certainly, it shouldn't be too much of a stretch for Mel Gibson to play what would at least be a 43 year old Max, would it?

Personally, I'm looking forward to a new Mad Max. We can be cynical all we want about how hollywood is just rehashing an old franchise and how this new movie will be terrible, but I'm fairly certain that it will be worth $7.50 to watch a brand new Mad Max.

You must be pretty old if you hated it back in the 60s.

And all you can come up with for American animation is The Maxx (released to VHS 1996 - an excellent series, btw, animated or not), and Eightball (published 1988-1996, never animated)?

What about Invader Zim? What about _anything_ from CN (PPG, Sealab, Harvey Birdman, etc)? Asking whether you've ever been to an animation festival is probably pointless - all this 21st-century "moving picture" stuff is clearly too new-fangled for gram'pa here.

We already have this in Linux (*BSD, etc.). It allows you to rip RealAudio streams, et. al.

~/> dpkg -p vsound
Package: vsound
...
Description: Virtual loopback sound recorder and real audio converter
This program allows you to record the output of any standard OSS
program (one that uses /dev/dsp for sound) without having to modify or
recompile the program. It uses sox to convert and save the raw data
into the desired file format and can help to convert real audio files
to some other non-proprietary format.

The website for vsound is here.

Or for OSS-based systems: vsound.

Just viewing the site launched endless popup ad windows some of which resized themselves to fill the whole screen, popped more windows when you closed the old ones, etc.

Really? I have cookies turned off, and popup protections on in Mozilla. To top it all off, I'm running adzap under my squid proxy, so I didn't see a single popup (or any of the many banner ads they intended me to see).

It's too bad, really. Some of them sounded kinda interesting... ;-)

Follow this link. (I am way too lazy to do anything else but link today)

• PuTTY is an SSH1+SSH2 implementation. PSCP, an scp-style program for Windows, is also available.

  PuTTY is available under the MIT licence (BSD-like).

  "PuTTY is a free implementation of Telnet and SSH for Win32 platforms, written and maintained primarily by Simon Tatham, who lives in Great Britain."

• TTSSH (SSH1) is an SSH1-only implementation, by Robert O'Callahan.

  "TTSSH is a free SSH client for Windows. It is implemented as an extension DLL for Teraterm Pro. Teraterm Pro is a superb free terminal emulator/telnet client for Windows, and its source is available. TTSSH adds SSH capabilities to Teraterm Pro without sacrificing any of Teraterm's existing functionality. TTSSH is also free to download and use and its source is available too, with an open source license. Furthermore, TTSSH has been developed entirely in Australia [...]."

• Cygwin (POSIX software on top of Windows)

  OpenSSH (SSH1 and SSH2 protocol) with Cygwin can run on Windows using the portable version of OpenSSH.

• MSSH

  MSSH from the Metropolitan State College of Denver supports Windows 95 and Windows 98, supporting SSH1 protocol.

• OpenSSH for Windows

  Another OpenSSH running on top of Windows..

• Secure iXplorer

  Secure iXplorer is graphical front end to PuTTY's pscp.exe.

• WinSCP

  WinSCP is a scp(1) program for Windows, with PuTTY integrated into it.

• NiftyTelnet 1.1 SSH is an SSH1-only implementation which comes with a scp-style program. Written by Jonas Wallden.

  "NiftyTelnet 1.1 SSH r3 is an enhanced version of Chris Newman's NiftyTelnet 1.1 application which adds support for encrypted terminal sessions using the SSH (Secure Shell) protocol. Please read the included Readme file before distributing this version."

• MacSSH is an SSH2-only implementation.

  "MacSSH is a modified version of BetterTelnet with SSH2 support. [...] The only SSH2 client for MacOS that I could find is a commercial product thats costs more than $100, and it crashes my Mac when closing a session... Since it's best to do things by oneself, here's MacSSH."

For the server side use SSH from cygwin and for the client side I really like TTSSH as an extension to Teraterm. It also looks like there is now a TTX SSL and an SSL OTP available too. By the way, all of these have source available.

Both OpenSSH and SSH are industry proven and supported software. SSH is supported by the original author of the protocol, Tatu Ylonen, among others. OpenSSH is supported by acknowleged Open Source security experts including Markus Friedl, Dug Song, and Theo de Raadt.

The version of SSH that Sun is shipping with Solaris is in fact OpenSSH. Sun is not trying to hide this, they are proud of shipping it because it is an excellent program.

Most major insurance companies run SSH (if they are Microsoft shops) or OpenSSH (if they are not). Most hospitals run OpenSSH.

I use both products. Support is superb for both; but SSH.com has friendly, personable phone support while the OpenSSH support comes mostly from Usenet and Email (and can be fiery if you ask exceptionally stupid questions). OpenSSH fixes bugs faster than SSH.Com, but both products have had about the same number of problems, and all have been quickly and effectively resolved.

Popular clients for windows include putty and Teraterm SSH. Make sure you get a recent version, however, older versions of those programs use versions of SSH ( v 1.5) that have known bugs.

If you are dealing with a company that thinks commercial software is "better" than "freeware" you should be careful how you approach this project. If there is a single person who has created this mindset, that person is likely to be both powerful and not very analytical - a dangerous combination.

Because TeraTerm Pro w/ TTSSH is much better?

Teraterm is an excellent open-source terminal emulator for Windows machines, which Robert O'Callahan has extended to incorporate SSH.

The two problems with TeraTerm are:
1) the weird license prohibits distributing any fixes to the core code (you can only distribute add-ons, which it supports). Luckily the core is not buggy, it's just got some areas where improvements could be made.
2) it reportedly compiles best under Watcom C/C++, which was (until now) a rare beasty.

You'll need to write/steal/beg-someone-to write a small wrapper program which simply "records" whats going into /dev/dsp

I don't know if this would work with Win4Lin or VMWare, but there's a program called vsound that does pretty much what you're talking about. It wraps its own sound functions around the program, and records any audio output. It's worked with every program I've tried -- RealPlayer, mikmod, web browsers with plugins, and so forth.

squid plus ad-zap (my choice) ;

junkbuster ;

proxomitron.

There may be others. Some tweaking required (not for subscribing, obviously :)

Get a better client then. I personally use TTSSH on Windows. You could also use Cygwin's port of ssh.

I believe Mingo's patches are out of date now (or did I read somewhere that they've been taken over by Andrew Morton?) Either way, Andrew's page has current patches:

http://www.zip.com.au/~akpm/linux/schedlat.html#do wnloads

As for preempt, there's:

http://kernel.org/pub/linux/kernel/people/rml/pree mpt-kernel/v2.4/

I used preempt-kernel-rml-2.4.18-2.patch, and 2.4.18-rc1-low-latency.patch with kernel 2.4.18.

(I was willing to go all adventurous and throw in the O(1) scheduler too, but that didn't patch without errors so I skipped it.)

Good hacking.

Give this little robot a few jet packs and guns and you'll have Astroboy.

http://www.zip.com.au/~astroboy/

On a similar note, I'd like to mention vsound. This is a handy utility that wraps itself around a program when you run it, intercepting the sound calls and recording them to a .wav file. This way you can snag those undownloadable streams, or grab music from a Flash video playing in your browser, etc. Very handy :)

The Ad-Zapper for squid works also fine, and if you're what the slashdot users usually pretend to be, you should run squid, not junkbuster. ;)

Also, for spam in general, or rather against it, SpamMotel and especially SneakEmail work like a charm; SneakEmail even lets you reply to (suspected) spammers without revealing your real address.

Of course, if you have your own domain/MX and mail server, you can generate these "one-time" email addresses yourself - but using sneakemail is just too easy and convenient.

First, for those that didn't get it from the parent post, HZ is a system wide timing value. It has nothing directly to do with the mouse.

What it does deal with is how many times a second the system's interrupt timer fires. The problem with increasing the interrupt timer frequency is that you waste more time servicing interrupts than doing real work. It may improve interactive "feel" because the timer interrupt will trigger higher priority tasks to be rescheduled more often, but at the price of higher system time and lower "throughput".

Compared to the preemptible kernel patch, increasing HZ is actually harder on throughput, especially on slower systems. Much work has been done on finding and killing long held locks not covered by the preempt patch (thanks to Andrew Morton and RML), an approach which has been shown to be quite effective. Increasing timer interrupt frequency means you're creating more pointless interrupt load, which goes against the approach and advances of the other low-latency patches.

There is an interesting discussion of the HZ value and how it effects Linux in a VM at Linux Weekly News and for more arcana check out the high resolution timers project.

Regards

If you are absolutely sure that you are getting popunders from msnbc, then why the hell am I not getting them! I hate feeling left-out.

MSNBC does random popup ads, in that not every time you load the page will an ad be displayed, but if you browse around on the site enough, or just get unlucky, you'll get a pop-up. I'm not sure I've ever seen a pop-under ad on MSNBC, but then I use a combination of Adzap with my Squid proxy and NoPopIE with Internet Explorer to banish most advertisements and popups. You may be using similar things, if you're never seeing popups on MSNBC

While I agree that it is vitial that people contact their representatives with their concerns and support organizations like the ACLU and the EFF, another thing you can do to defy mass survailance efforts like Carnivore is to use encryption whenever possible online. I'm sure there are other /.ers out there who know a lot more about the subject (please speak up!), but I wanted to add what information I can for those who might not already know. Here are a few suggestions of ways I know to use encryption:

• Email

• You can encrypt your email communications with others who are also willing to get the right tools. Probably the easies tool is PGP (there's also an international page), or for the free software crowd GPG. PGP makes this pretty easy to use under windows with almost any program with its encrypt clipboard contents feature, but there are also plugins for verious email programs.

• Terminal Sessions/Telent

• Most people probably know about it, but there's ssh, openssh, and if you're using Windows check out Tera Term and its ssh extension.

• Instant Messaging

• My appologies to the *nix crowd, but I don't yet know much about instant messaging on those platforms (soon); however, if you use windows I have seen several instant messaging clients that support encrypted chatting. I suggest Trillian, which is awsome anyway, free, and has encryption features. As far as *nix goes, I'd check out the big ones (e.g. Jabber) and if it isn't in there by default, look for plugins.

This certainly doesn't solve all the problems. The biggest is web browsing. You can use anonymous web browsing tools such as Anonymizer, but that is admittedly kind of a pain. I don't have any good suggestions there. I'd be interested in any other ways others have found to incorperate encryption into their online communications.

Dunny why not.

ttssh

Its good enough....

You need to get the latest e2fsprogs (1.22) and the latest util-linux (2.11). Don't install the
login utils if you're installing from a source tarball instead of an rpm.

When done, type "tune2fs -j /dev/hdwhatever". Done! A journal will be created automatically. Remember to only run this on a clean ext2 partition (make sure you're not running 2.4.15! :) ). If you're going to convert over the boot volume, make sure ext3 is built into the kernel and not a module. You shouldn't have to set any particular LILO flags (I didn't & I'm typing this
on ext3/2.4.16pre1). Update your /etc/fstab to show the new filesystem type.

Not sure about the Slackware stuff, but I doubt if there are any config file changes.

Andrew Morton's EXT3 page has all the details.

The reality is that the differences are really minor, and, now that RSA is legal, openssh can be setup to act almost exactly the same as closedssh.

The only signicant difference between them for most peole is the price.

There used to be a fair bit of difference, but at least for unix, this is no longer true. Since 2.5 openssh has supported sftp. Since 3.0 it supports rekeying a session. With external PAM modules you can support smart cards and securid logins.

The one advantage that ssh has over openssh is that this is all integrated into one package. The smartcard support is built in, you don't have to go looking for support.

If you are not planning on using smartcards or tokens, then openssh wins based on price alone. You can get it pre-compiled for most platforms, so the compilation is not so much the issue. Otherwise you have to weigh the choices a little more carefully. Check to see if your required token/card is supported by both. If not, then it is likely to be easier to add support into openssh, having the source and all.

In terms of windows clients...that is one big differentiator. Again, mostly money! We use tera-term and that works quite well, but does not do ssh V2 protocols.

In either case, you are buying a big whack of security, but don't forget, passwords can be extremely weak! Don't let up on the other security policies just because you now have SSH. (And yes, I know that the poster is not responsible for this, this is just a general admonition :-)

Whatever you get, I wish you the best of luck.

Now for the gratuitous links: :-)

securid and openssh

some preliminary smartcard itegration with openssh

another smartcard and openssh link

I forgot to mention the project page of avifile can be found here on SourceForge.

A really nice application of aviplay is the ability to rip WMA to wav and mp3files, thanks to the vsound tool (though recompressing a WMA to MP3 hurts the sound quality considerably).

DZM

I'd like to address the "just view the damned ads, you freeloading hippies" crowd.

Personally, the reason I started blocking banner ads (a little over a year ago) was because of one very specific ad--that stupid "punch the monkey ad".

It managed to crap more web no-nos into an ad than I ever though possible:

1. I froze my browser, as my browser had to load the Java runtime to display it. This is nontrivial time under Netscape, and used to be a lengthy wait under IE, as well.
2. It moved. Quickly. Very distracting when you're trying to use Altavista to look up a particular bit of LaTeX wizardry.
3. If my mouse cursor hovered over the ad, the ad captured mouse focus, and caused my mouse cursor to not always move as it normally would (largely due to the overhead by the Java runtime, I'm sure--I was using a SPARC LX at the time).
4. It would frequently cause Netscape to dump core, and would occasionally cause IE to just freeze-up completely.

At the time, it was a very popular ad. I don't know what I was typing to into Altavista to make it trigger (LaTeX->latex? Monkeys? WTF?), but I seemed to get it every five pages, and Netscape dumping core every five pages was not conducive to my finding out this LaTeX technique, which I needed right then to finish a CS paper (I'd have used Fondren Library, but this was before the Rice campus library stayed open 24 hours daily).

So, as a temporary fix, I disabled Java (I didn't need it at the time), used a different search engine (Google), got what I needed, and then installed Squid+Cameron Simpson's Ad Zapper (once I'd turned-in my paper), and the problem went away. I could have Java as I needed it (Rice's CS departmnet loves Java. Turning it off in a web browser meant not being able to do certain coursework), and my browser didn't crash because of stupid monkeys.

The clear message I'd like to deliver is I don't mind non-intrusive advertising. In fact, most banner ads are very interesting, so long as they don't flash or titter about annoyingly, and don't stupidly try (and fail) to look like dialog boxes (looks really stupid under OpenWin). Occasionally, I click one. However, if it pops up in a separate window, if it spawns things in other windows, if it creates offscreen windows, if it crashed my browser, if it litters my hard drives with cookies, if it prevents me from clicking on your page, or if it dances around like a stupid monkey, I will disable it, and I will go elsewhere.

There are probably a lot of technically-minded users that feel the same way. I don't want to steal content--I don't have this need to remove all adverts from the pages I'm viewing (although, I will strip them out, if need to print the page). But, my computer is my computer, and if your website can't sit in its window and behave itself, you've just lost a viewer.

I'd like to address the "just view the damned ads, you freeloading hippies" crowd.

Personally, the reason I started blocking banner ads (a little over a year ago) was because of one very specific ad--that stupid "punch the monkey ad".

It managed to crap more web no-nos into an ad than I ever though possible:

1. I froze my browser, as my browser had to load the Java runtime to display it. This is nontrivial time under Netscape, and used to be a lengthy wait under IE, as well.
2. It moved. Quickly. Very distracting when you're trying to use Altavista to look up a particular bit of LaTeX wizardry.
3. If my mouse cursor hovered over the ad, the ad captured mouse focus, and caused my mouse cursor to not always move as it normally would (largely due to the overhead by the Java runtime, I'm sure--I was using a SPARC LX at the time).
4. It would frequently cause Netscape to dump core, and would occasionally cause IE to just freeze-up completely.

At the time, it was a very popular ad. I don't know what I was typing to into Altavista to make it trigger (LaTeX->latex? Monkeys? WTF?), but I seemed to get it every five pages, and Netscape dumping core every five pages was not conducive to my finding out this LaTeX technique, which I needed right then to finish a CS paper (I'd have used Fondren Library, but this was before the Rice campus library stayed open 24 hours daily).

So, as a temporary fix, I disabled Java (I didn't need it at the time), used a different search engine (Google), got what I needed, and then installed Squid+Cameron Simpson's Ad Zapper (once I'd turned-in my paper), and the problem went away. I could have Java as I needed it (Rice's CS departmnet loves Java. Turning it off in a web browser meant not being able to do certain coursework), and my browser didn't crash because of stupid monkeys.

The clear message I'd like to deliver is I don't mind non-intrusive advertising. In fact, most banner ads are very interesting, so long as they don't flash or titter about annoyingly, and don't stupidly try (and fail) to look like dialog boxes (looks really stupid under OpenWin). Occasionally, I click one. However, if it pops up in a separate window, if it spawns things in other windows, if it creates offscreen windows, if it crashed my browser, if it litters my hard drives with cookies, if it prevents me from clicking on your page, or if it dances around like a stupid monkey, I will disable it, and I will go elsewhere.

There are probably a lot of technically-minded users that feel the same way. I don't want to steal content--I don't have this need to remove all adverts from the pages I'm viewing (although, I will strip them out, if need to print the page). But, my computer is my computer, and if your website can't sit in its window and behave itself, you've just lost a viewer.

This is cool news (the accompanying art is a nice touch with this Dr. Who presentation), but it would be nice if they would put the episodes into more audio formats as well.

"VSound is a sort of like a `virtual audio loopback cable'. That is, it allows you to record the output audio stream of a program (similar to connecting a loopback cable to the line in and line out jacks on the sound card, and recording the sound from the line in jack, but without the DA/AD conversion losses). One possible use for this application is as part of a RealAudio to wav file converter."

If you have a Debian system, here's all you need to do:

root@localhost:~# apt-get install vsound

If you're on another system, you'll need to download the a href="http://www.zip.com.au/~erikd/vsound/vsound-0 .5.tar.gz">source and also make sure that you have sox installed. (vsound uses sox to convert the raw .au into wav format, which you can then compress however you'd like.)

When I connect to a remote box from Windows, I use the free ttssh extension to the freeware terminal program Tera Term. When it asks you for a password, it captures everything in a dialog box, and sends the password as one chunk.

For those using a command-line version, who are really paranoid, you can just vary the rhythm of your strokes (type along with your music!). Or use RSA authentication. :D

But in general, I don't think anyone needs to worry about this unless they've got a bulls-eye on their backs.

First, Let me say that I have an agenda: I've had a war on, since 1998, with the authors of a crappy little program for Linux called linuxcad. This is a several hundred dollar (yes it _does_ cost more than $99 to get all the stuff, trust me) piece of junk that, in addition to not being worth anything like the price (can you say "rip-off"), they are constant newsgroup spammers.

Now it amazes me that, for as long as I can remember visiting linuxapps, this program has been in the #6 "Most popular today" position. I notice that kind of thing. Now a quick search around and you'll only find this program at one other site, SAL, which may not know any better. I've written to linuxapps.com suggesting they remove it to keep Linuxers from getting ripped off (I've got a number of emails to back that), but it's still there. It sure is suspicious to me.

Ok, maybe the list isn't updated, but then again, I have seen it change. So it seems to me, that they're playing a similar game here (the game of deception) to make you think lcad is a popular program, probably for pay from the lcad authors (I emphasize probably), and get you ripped-off, too.

I don't know about the stability/memory leakage though.. I use ipsec for my vpn with windows/linux/freebsd/etc.

Yes... one such program is vsound. I've sucessfully used it to save a realaudio stream.


-----