I installed openshot here (Ubuntu 9.10/AMD 64 quad) and it hangs at different points after start-up. Several times requiring restart of the X server. Off to post a bug report...
Part of putting a new episode up is adding a new item to the rss feed and uploading that also. You should be doing this locally - no service provider will do it for you.
When I started a podcast project last year, I used FeedForAll to manually generate the feed. I had no special access to the site, so I downloaded new episodes to get the mp3 tag info (time, length), added the episodes and uploaded the update.
Since then, I've written a quick perl script that runs every hour and grabs all the information including downloading the mp3 and checking the tags. I'd automate the whole thing but there is some massaging of descriptions that wouldn't work.
Check out cpan.org - feedburner seems to be the lastest thing and there's a perl module to integrate with it. One thing - I didn't see a lot of support there for the itunes namespace extensions.
Re:Podcasting Apps in Linux?
on
Podcasting
·
· Score: 1
And the SCO lawsuites have increased the price of the Linux kernel how much?
Let M$ gouge away... double.. triple their already inflated prices. It is the only way their business model will support declining sales.. and if the justification is based on monopoly defense costs, so much the better.
Everyone knows that the increased costs are due to scouring old code and rewriting security vunerabilities and bounties for malware authors.
the context of framework used in the article is beyond development tools.. think nagios, eclipse, xchat, gaim, xmms, etc.. an api that can be extended easily.
I really hope someone has tipped the SEC... there needs to supoeanas of the ISPs involved, server logs, etc. Issuing false press releases to manipulate stock price (or for any reason) is quite illegal.
Darl's motivation is centered around making SCO profitable. IBM has embraced OpenSource and is abandoning AIX and Unix. They have stated that on serveral occasions. All this boils down to SCO trying to force IBM's stated direction via the legal system.
At some point, the cultural differences between the commercial for-profit world and the open source technical community will have to be aired. This is one venue.. I'm sure there are others.
Always keep in mind that the for-profits appropriated GNU/Linux and Open Source for their own gain. These companies will have to accept the technology as well as the terms of license. Anything less is stealing.
It comes down to power and control. Some companies can adopt the Open Source culture without a problem and realize its benefits. It will threaten others like SCO who stand to lose licensing revenue.
Linus' views are appreciated - his clarification and intent is a welcome change from the bitter ramblings of a greedy man.
Considering no vendor seems to slipstream service packs or security fixes onto new XP systems (probably never will - too expensive): just what we need - another attack vector.
Not sure of your source - can you post a reference?
I find referces to smallpox blankets ... none of which involve Franklin. And it seems by most accounts, he championed Native American Rights as well as a key figure with negotiations ending the French-Indian war.
I work in Philadelphia.. in the historial area. Reminders and memorials of Franklin are everywhere. Sometime ago, I found myself interested in this man who seemed facinated and involved with seemingly every aspect of his time. He always had an opinion and as the article pointed out, was willing to change his mind. He was truly beloved by his contemporaries - when he died in 1790, his funeral was a testament to the regard he was held - in all diciplines of his day.
Of course we can focus on a single aspect of his interests and be impressed (they are after all of his time), but things like he was a prolific, practical inventor but never sought a patent.. he argued (unsucessfully) for an anti-slavery clause to the constitution.. he was a nerd with great social skills.. he was first and foremost a printer and communicator; I'm sure he would be quite pleased with OSS and the internet.
In the political/civic arena, his wisdom and participation was sought after. Yes, everyone loves to quote "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." but his contribution to the design of the great seal of the US included the motto "Rebellion to Tyrants is Obedience to God." Go figure. His son was Governor of New Jersey and a loyalist to King George.
Q. The buffer overrun flaw that made the Blaster worm possible was specifically targeted in your code reviews last year. Do you understand why the flaw that led to Blaster escaped your detection?
A. Understand there have actually been fixes for all of these things before the attack took place. The challenge is that we've got to get the fixes to be automatically applied without our customers having to make a special effort.
Ahh their position for everything. The RPC 026 vunerability was discovered by a 3rd party.. not Bill's code reviews. The vunerability was in OLD code that existed back on Win 95... carried forward to the current versions. Even for those that deployed the fix, unless you had 100% coverage, you suffered the effects (Blaster.D ping traffic). And of course you lay blame with the very people that support your defective products (it's THEIR fault the fix wasn't applied).
Great question, lame dodge.. and the 'solution' you propose will not fix the problem, but will only satisfy another agenda.
Understand this, Gates: MS products are riddled with vunerabilities by the nature of your very development process. Peer review process is either non existant or done by folks who wouldn't know a Buffer Overflow if it smaked them over the head. Your programmers can get away with writing crap and because of the development model and your tight release schedules are forced to use 'quick and dirty' rather than 'quality' and 'wide peer review'. Code is slapped together and tucked away in a vault never to see the light of day... and forgotten. That is the best you can do with your business model - and it is not good enough and never will be.
Give me open source any day: worldwide peer review.. garbarge code is rejected and sent back, fast. A developer learns very quickly in this development model to use best practices or face rejection. Can't get away with 'quick and dirty'. And the funny thing is this cannot be bought. IBM realizes this.
We're taking a 2 pronged approach. IDS (snort) as well as actively scanning and reporting port 707/tcp open.
The muck begins with identifying those systems which are managed (patched by us) and those which aren't. They can break down to 1) assets which were deployed incorrectly, 2) assets which the update process is 'broken' for whatever reason. 3) mobile assets (notebooks) which appear on different segments.. their 'home' location gets lost and 4) untrusted systems (unmanaged systems).
The impact of Welchia/Blaster.D infected systems was an internal DoS attack, a very small percentage of the above issues caused major problems.
Among other things, it's an asset management issue. Tighter controls and processes - and retrofitting an existing deployment is difficult at best. All infrastructure functions (network, systems, etc) must be co-ordinated to accomplish this.
Tracking down 'broken' systems where the update process isn't functional should be a priority. When they are mobile assets, it becomes difficult because the customer/user doesn't perceive a problem - why should they have to bring in the machine?
The last is a development of policy toward unmanaged systems on the network. At an.edu these would include dorms,.biz, conference rooms, etc. These should be treated as wireless segments with only defined port access via firewall where traffic is monitored: untrusted. Treat it like the internet.
This whole episode points to major weaknesses in infrastructure design and policies/procedures. Hopefully some things will be implemented before the pain is forgotton.
The above applies to any implementation, not just MS WIN infrastructures...
Call me crazy but if I were writing exploits, I'd pick one underated that's under the radar of the media, etc. More potential hits.
'Important' rated alerts, in my experience, generally get rolled up in a patch cycle or slip through the cracks altogether rather than an emergency security deployment. Folks making the call have to use keywords or an independent rating rather than the MS spin.
This is what grabs me: a new vunerability with MDAC announced on 8/20 is rated as 'Important'. Same buffer overflow problem as 026.. same potential for damage.. most/all corporate customers have MDAC running.. but it doesn't rate a 'Critical'. Are they waiting for exploit code to appear or are they waiting for the sh!tstorm to die down?
g-cpan.pl is part of portage.. on every gentoo system. It dynamically generates ebuild scripts, downloads the source, builds the package in sandbox, merges them, putting entries in the world file, etc.
It does not do updates - it doesn't 'sync' with anything. It's a mechanism to merge (and unmerge) anything that's available on CPAN.
Slashdot Mirror
I installed openshot here (Ubuntu 9.10/AMD 64 quad) and it hangs at different points after start-up. Several times requiring restart of the X server. Off to post a bug report...
When I started a podcast project last year, I used FeedForAll to manually generate the feed. I had no special access to the site, so I downloaded new episodes to get the mp3 tag info (time, length), added the episodes and uploaded the update.
Since then, I've written a quick perl script that runs every hour and grabs all the information including downloading the mp3 and checking the tags. I'd automate the whole thing but there is some massaging of descriptions that wouldn't work.
Check out cpan.org - feedburner seems to be the lastest thing and there's a perl module to integrate with it. One thing - I didn't see a lot of support there for the itunes namespace extensions.
Actually, complete and utter irony would include an excise tax on all MS products to cover government legal fees, enforcement, etc.
Not suing MS because they will raise prices is akin to paying the mob shakedown money to be left alone.
What will happen when they start being sued for product defects?
And the SCO lawsuites have increased the price of the Linux kernel how much?
Let M$ gouge away... double.. triple their already inflated prices. It is the only way their business model will support declining sales.. and if the justification is based on monopoly defense costs, so much the better.
Everyone knows that the increased costs are due to scouring old code and rewriting security vunerabilities and bounties for malware authors.
The script is in perl.. it will run on just about any platform
LDAP?
o n.html
Check MS's own docs for LDAP-AD integration or google.
Example: http://www.afp548.com/Articles/Jaguar/adintegrati
the context of framework used in the article is beyond development tools.. think nagios, eclipse, xchat, gaim, xmms, etc.. an api that can be extended easily.
Found them!
. rpm
yast2-2.6.40-6.src.rpm
yast2-core-2.6.56-3.src
Seems I was curious if SCO was distributing SuSE's IP.. Interesting these aren't even GPL.. License: YaST License
I followed the link when I saw it here originally and managed to download a few RPMs.. It was suse's vsersion 8 distribution.
I really hope someone has tipped the SEC... there needs to supoeanas of the ISPs involved, server logs, etc. Issuing false press releases to manipulate stock price (or for any reason) is quite illegal.
Darl's motivation is centered around making SCO profitable. IBM has embraced OpenSource and is abandoning AIX and Unix. They have stated that on serveral occasions. All this boils down to SCO trying to force IBM's stated direction via the legal system.
At some point, the cultural differences between the commercial for-profit world and the open source technical community will have to be aired. This is one venue.. I'm sure there are others.
Always keep in mind that the for-profits appropriated GNU/Linux and Open Source for their own gain. These companies will have to accept the technology as well as the terms of license. Anything less is stealing.
It comes down to power and control. Some companies can adopt the Open Source culture without a problem and realize its benefits. It will threaten others like SCO who stand to lose licensing revenue.
Linus' views are appreciated - his clarification and intent is a welcome change from the bitter ramblings of a greedy man.
Considering no vendor seems to slipstream service packs or security fixes onto new XP systems (probably never will - too expensive): just what we need - another attack vector.
Several open source projects are gaining steam: propolice for stack protection inserted by the compiler PaX for address space randomization, page executable protection, etc . It doesn't matter how sloppy the userspace code is - if the stack is comprimised, the process is killed before it can do damage. It won't catch every possible comprimise but it's a great start. Check out the Hardened Gentoo Project for a working implementation.
..about how Diebold cash dispensers were infected with the Nachi worm I think they were left with no choice.
Not sure of your source - can you post a reference?
... none of which involve Franklin. And it seems by most accounts, he championed Native American Rights as well as a key figure with negotiations ending the French-Indian war.
I find referces to smallpox blankets
I work in Philadelphia.. in the historial area. Reminders and memorials of Franklin are everywhere. Sometime ago, I found myself interested in this man who seemed facinated and involved with seemingly every aspect of his time. He always had an opinion and as the article pointed out, was willing to change his mind. He was truly beloved by his contemporaries - when he died in 1790, his funeral was a testament to the regard he was held - in all diciplines of his day.
Of course we can focus on a single aspect of his interests and be impressed (they are after all of his time), but things like he was a prolific, practical inventor but never sought a patent.. he argued (unsucessfully) for an anti-slavery clause to the constitution.. he was a nerd with great social skills.. he was first and foremost a printer and communicator; I'm sure he would be quite pleased with OSS and the internet.
In the political/civic arena, his wisdom and participation was sought after. Yes, everyone loves to quote "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." but his contribution to the design of the great seal of the US included the motto "Rebellion to Tyrants is Obedience to God." Go figure. His son was Governor of New Jersey and a loyalist to King George.
The liberty bell is being moved on Oct 9th!
Their worst enemy is within. Their resources go to lawyers and marketing with what little is left going to technical excellence.
Ahh their position for everything. The RPC 026 vunerability was discovered by a 3rd party.. not Bill's code reviews. The vunerability was in OLD code that existed back on Win 95... carried forward to the current versions. Even for those that deployed the fix, unless you had 100% coverage, you suffered the effects (Blaster.D ping traffic). And of course you lay blame with the very people that support your defective products (it's THEIR fault the fix wasn't applied).
Great question, lame dodge.. and the 'solution' you propose will not fix the problem, but will only satisfy another agenda.
Understand this, Gates: MS products are riddled with vunerabilities by the nature of your very development process. Peer review process is either non existant or done by folks who wouldn't know a Buffer Overflow if it smaked them over the head. Your programmers can get away with writing crap and because of the development model and your tight release schedules are forced to use 'quick and dirty' rather than 'quality' and 'wide peer review'. Code is slapped together and tucked away in a vault never to see the light of day... and forgotten. That is the best you can do with your business model - and it is not good enough and never will be.
Give me open source any day: worldwide peer review.. garbarge code is rejected and sent back, fast. A developer learns very quickly in this development model to use best practices or face rejection. Can't get away with 'quick and dirty'. And the funny thing is this cannot be bought. IBM realizes this.
Lawsuits won't fix this.. Marketing slogans won't, either. Insecure by design.
We're taking a 2 pronged approach. IDS (snort) as well as actively scanning and reporting port 707/tcp open.
.edu these would include dorms, .biz, conference rooms, etc. These should be treated as wireless segments with only defined port access via firewall where traffic is monitored: untrusted. Treat it like the internet.
The muck begins with identifying those systems which are managed (patched by us) and those which aren't. They can break down to 1) assets which were deployed incorrectly, 2) assets which the update process is 'broken' for whatever reason. 3) mobile assets (notebooks) which appear on different segments.. their 'home' location gets lost and 4) untrusted systems (unmanaged systems).
The impact of Welchia/Blaster.D infected systems was an internal DoS attack, a very small percentage of the above issues caused major problems.
Among other things, it's an asset management issue. Tighter controls and processes - and retrofitting an existing deployment is difficult at best. All infrastructure functions (network, systems, etc) must be co-ordinated to accomplish this.
Tracking down 'broken' systems where the update process isn't functional should be a priority. When they are mobile assets, it becomes difficult because the customer/user doesn't perceive a problem - why should they have to bring in the machine?
The last is a development of policy toward unmanaged systems on the network. At an
This whole episode points to major weaknesses in infrastructure design and policies/procedures. Hopefully some things will be implemented before the pain is forgotton.
The above applies to any implementation, not just MS WIN infrastructures...
Call me crazy but if I were writing exploits, I'd pick one underated that's under the radar of the media, etc. More potential hits.
'Important' rated alerts, in my experience, generally get rolled up in a patch cycle or slip through the cracks altogether rather than an emergency security deployment. Folks making the call have to use keywords or an independent rating rather than the MS spin.
This is what grabs me: a new vunerability with MDAC announced on 8/20 is rated as 'Important'. Same buffer overflow problem as 026.. same potential for damage.. most/all corporate customers have MDAC running.. but it doesn't rate a 'Critical'. Are they waiting for exploit code to appear or are they waiting for the sh!tstorm to die down?
g-cpan.pl is part of portage.. on every gentoo system. It dynamically generates ebuild scripts, downloads the source, builds the package in sandbox, merges them, putting entries in the world file, etc.
It does not do updates - it doesn't 'sync' with anything. It's a mechanism to merge (and unmerge) anything that's available on CPAN.
Overall it's pretty sweet.. and needs exposure.
/usr/bin/g-cpan.pl Module::Name
wonder if they applied the ms rpc critical update ... their webserver could be vunerable via a back door! :)