Re: Flash as spyware
On 3/29/06, Bill Sconce <[EMAIL PROTECTED]> wrote: > On Wed, 29 Mar 2006 12:03:39 -0500 > "Ben Scott" <[EMAIL PROTECTED]> wrote: > Everything you say is true. This statement is false. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: perl and network addresses
On 3/28/06, Paul Lussier <[EMAIL PROTECTED]> wrote: > It's confusing. Sure is! Wow, that's one wacky setup. :) > The 10.0.32/19 is an interesting beast. The systems which live on it > have 2 NICs, the primary eth0, which *always* have a 10.0.32/19 > based address (currently restricted to 10.0.33/24 for some reason?!), As far as that restriction goes, I've read of crufty old code which assume everything follows the old classful model, with strict boundaries even for subnets. It might be that. As for the rest... wow... funky. I do hope all that multi-homing to the same network is for test/simulation procedures. :) Okay, in return for taking the time and effort to explain all that, I took the time to figure out how to get Perl to convert IP addresses. Hopefully the following sample code will help you out: !/usr/bin/perl -w use Socket qw(inet_aton inet_ntoa); # address and mask in ASCII decimal dotted-quad notation $addr = '10.0.32.42'; $mask = '255.255.224.0'; # 19 print ("addr: $addr/$mask\n"); # convert to "string" (which is really the four bytes of a 32-bit int) $addr = inet_aton($addr); $mask = inet_aton($mask); # convert to native integers # the 'N' tells unpack the string is 32-bit int, network order) $addr = unpack('N', $addr); $mask = unpack('N', $mask); # use binary math to mask out net and host parts $net = $addr & $mask; $host = $addr & ~$mask; # ~$m = complement of mask (binary NOT) # convert to "string" form $net = pack('N', $net); $host = pack('N', $host); # convert to ASCII dotted-quad notation $host = inet_ntoa($host); $net = inet_ntoa($net); # survey says... print ("net : $net\n"); print ("host: $host\n"); Is that even close to what you were thinking of? -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
LinkStation, CIFS and Fedora Core 5 - how to mount
Hi all, This week I got a Buffalo LinkStation Home Server, which is basically a NAS type device that exports a SMB mount point. I have a Fedora Core 3 system which is able to mount the device using smbmount but is unable to write more than 2G to it. At first I thought this was a LinkStation issue but I now suspect it is a FC3 issue. I also have FC5 on a laptop. FC5 doesn't include smbmount. However, I am able to use smbclient to attach to the LinkStation. FC5 uses CIFS as a file system type instead of SMB. I haven't set up any users on the LinkStation, so the proper command should be (as root): # mount -tcifs //data/share /mnt/data -o guest but I get this error: mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) After much trial and error (while I was composing this message) I found the proper command: # mount -tcifs //data/share /mnt/data -o guest,user=guest So this message is now more of a FYI type message as it started out as a HELP! message. :-) PS: I'm partially through a copy using Nautilis (just got passed the 2G limit), so at least the smb client library in gnome doesn't have a 2G limitation and this seems to prove that the LinkStation can handle > 2G file sizes. I'll report back on CIFS results. -- Jeff Macdonald Ayer, MA ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Flash as spyware
On Wed, 29 Mar 2006 12:03:39 -0500 "Ben Scott" <[EMAIL PROTECTED]> wrote: > ... Everything you say is true. -Bill ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
flash cards
"Drew Van Zandt" <[EMAIL PROTECTED]> writes: >Well, CF shows up as Just Another IDE Drive (provided it's connected >with an IDE adapter... not sure what drivers are used when it's on a >USB adapter etc., but I think even then it doesn't get a special >driver. How about MMC (Multi Media Card)? It's almost the same as a Secure Digital card (and mostly interchangable). My camera uses either. I think the USB connector on that camera has failed, so I would like to get use of the MMC/SD card reader built into my Dell X-300. The slot is immediately below the PCMCIA slot, and apparently connected to it. I have not used pcmcia cards for the last three years, since the relevant functions were built-in to the X-300. Since then, apparently pcmcia-cs was replaced by pcmciautils and cardmgr was replaced by hotplug, which in turn was replaced by udev. I have a 2.6.16 kernel, and a Debian unstable system. I just removed hotplug in favor of udev. I have reached the point where, when I plug in a card, this gets printed: # pccard: PCMCIA card inserted into slot 0 pcmcia: registering new device pcmcia0.0 and /sys/bus/pcmcia/devices/0.0 appears I can display some info on the card: # pccardctl ident Socket 0: product info: "RICOH", "Bay1Controller", "", "" manfid: 0x, 0x function: 254 ((null)) Socket 1: no product info available Now, how do I access it? My regular hard disk is /dev/hda. I don't find any other IDE disks (/dev/hdb1, /dev/hdc1, etc.) or SCSI disks (/dev/sda1, /dev/sda2, /dev/sdb1, etc.). When I insert the MMC card, this device gets created: /dev/.udev/failed/[EMAIL PROTECTED]:[EMAIL PROTECTED]:00:[EMAIL PROTECTED]:02:[EMAIL PROTECTED] The "failed" in the filename is of course a clue that something is amiss. The file is a symlink to a directory in /sys: /sys/devices/pci:00/:00:1e.0/:02:03.0/0.0/ # ls -l /sys/devices/pci\:00/\:00\:1e.0/\:02\:03.0/0.0 total 0 --w--- 1 root root0 2006-03-29 18:21 allow_func_id_match lrwxrwxrwx 1 root root0 2006-03-29 18:21 bus -> ../../../../../bus/pcmcia -r--r--r-- 1 root root 4096 2006-03-29 18:26 card_id -r--r--r-- 1 root root 4096 2006-03-29 18:26 func_id -r--r--r-- 1 root root 4096 2006-03-29 18:26 function -r--r--r-- 1 root root 4096 2006-03-29 18:26 manf_id -r--r--r-- 1 root root 4096 2006-03-29 18:21 modalias -rw-r--r-- 1 root root 4096 2006-03-29 18:26 pm_state drwxr-xr-x 2 root root0 2006-03-29 18:21 power -r--r--r-- 1 root root 4096 2006-03-29 18:26 prod_id1 -r--r--r-- 1 root root 4096 2006-03-29 18:26 prod_id2 -r--r--r-- 1 root root 4096 2006-03-29 18:26 prod_id3 -r--r--r-- 1 root root 4096 2006-03-29 18:26 prod_id4 --w--- 1 root root 4096 2006-03-29 18:26 uevent The Debian pcmciautils package came with a mini-howto.txt that starts like this: Linux Kernel 2.6 PCMCIA - mini-HOWTO Last update: 08 November 2005. It mentioned the entries in /sys/bus/pcmcia/devices/0.0 and showed how to use pccardctl. It also suggested that udev rules might need some adaptation - but nothing specific. I compiled the mmc_core and mmc_block modules and can install them. Didn't seem to make a difference. Any suggestions? - Jim Van Zandt ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: car box
Christopher Chisholm wrote: what do you guys think? does anyone know anything about touchscreen LCDs or GPS software? Any comments on the idea in general? Would temperature extremes render an LCD useless in the winter? I'm confident with the right setup the CPU temps wouldn't be too much of a problem. I'd also want whatever OS I'd use to handle hard shutdowns fairly gracefully. Are there any linux file systems well-suited to this task as well as quick boot-ups? I actually built a rig like this... used it in my truck for a while... then got a better screen and I'm currently using it when I go flying... same idea.. just oriented for stuff I need while flying single engine planes. I'm also looking to sell this rig... =] It's an M1 mini-itx board.. 512 of memory.. 40G laptop drive... laptop dvd/cdrw... and a screen from NavAero... the way I use it.. either mounted to the yoke or strapped to my leg.. kneeboard style... it's a 7" transflective touch screen if anyone is interested. =] Jared ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Compact Flash sector load-balacing?
Stephen Ryan wrote: I think you just have to format as JFFS2. I haven't actually used this myself since my Zaurus died, so all the information I have comes from Google. http://sourceware.org/jffs2/jffs2-html/ Many thanks, Stephen, I think this is what I was looking for. Regards, Scott -- Scott Garman sgarman at iname dot com ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Flash as spyware
On 3/29/06, Bill Sconce <[EMAIL PROTECTED]> wrote: >> I also don't like sensationalizing problems that are really not all >> that new to the computer world, or unique to Flash. > > >>> I actually hear web designers say, "I can't wait until we don't have to >>> use HTML anymore and everything is all Flash". > > >> Must... not... kill... > > Q.E.D. (Gotcha. Flash IS unique.:) Er, no. I say the same things about web designers who use JavaScript instead of HREF, or animated GIFs, or the BLINK tag, or sounds, or crazy fonts and colors, or a navigation model like an M. C. Escher painting, or... I object to stupidity, not Flash. Flash can be used for stupidity. Hell, it usually is used for stupidity. So's the rest of the Internet, near as I can tell. :) > I see Web designers say, "users aren't smart enough to know which > cookies to allow, so we'll go around them and use Flash". Yup, another arms race. Stupid designers use cookies badly. People panic and disable all cookies. Stupid designers come up with a way around the cookie blocking. Next step will be to block all the Flash cookies. Then the web designers will come up with some other stupid thing. > That's not for animation, or for a better "Web experience". That's for > letting the website developer use your computer without your knowledge. Sure is. Nothing new there, either. Or did you actually desire banner ads as a feature when they first hit the scene? And, really, "without your knowledge" is perhaps a bit wrong in the phrasing. By that line of thinking, all web sites use my mom's computer without her knowledge, since she knows *nothing* about how it works. I think the key point here is the question of developer intent, not user knowledge. *Why* are they using cookies, and *why* Flash cookies as opposed to HTTP cookies. When they're doing it with the explicit goal of tracking customer behavior against the customer's wishes, that's naughty. Then there's the issue that even with full disclosure, many people will continue with known harmful behavior. I know someone who refused to stop using the Gator password manager because she feared change so much. *shrug* > "Without your knowledge" makes any distinction between shared local > objects and outright Bot technology a splitting of hairs. I can't say I'd agree with that. We're talking cookies here. Client-side saved state. There's a bit of a freaking difference between that and autonomous code running on your computer. :) I might point out that you can achieve much the same effect with nothing more then a long URL. So I guess URL's are evil, too. > Does "everything" suck *that* much? As near as I can tell, yes. > ... and of course "trust us and our secret code to do what the control panel > says" ... Or the not-so-secret code. There have been Trojan horses in Open Source before. Most people don't even stop and think about trust before installing software, let alone perform code review. More suckage. Interesting case-in-point: Someone yesterday posted a link on Slashdot to a Firefox extension designed to add useful features to Slashdot. I'd wager dollars to donuts that the vast majority of interested Slashdotters installed the extension with no code review at all. I sure did. Is that any different than the legions of clueless users who install spyware because "the computer told me to"? -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Compact Flash sector load-balacing?
On Wed, 2006-03-29 at 10:36 -0500, Drew Van Zandt wrote: > Well, CF shows up as Just Another IDE Drive (provided it's connected > with an IDE adapter... not sure what drivers are used when it's on a > USB adapter etc., but I thik even then it doesn't get a special > driver. > > No wear leveling is done in the card itself that I'm aware of, > either...there may be a block buffer or similar in the controller, but > that's minimal. > > Mount it noatime at the very least, sync would also make sense and > ext2, NOT ext3 (though I suppose you could use an external journal, > but what would be the point?) > > I've seen Linux tools for doing wear-leveling on flash over in > PDA-land, but haven't seen any of those drivers in use on the PC > side... and I boot my home system from a 512MB CF. > > --DTVZ I think you just have to format as JFFS2. I haven't actually used this myself since my Zaurus died, so all the information I have comes from Google. http://sourceware.org/jffs2/jffs2-html/ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Flash as spyware
On Wed, 29 Mar 2006 09:58:20 -0500 "Ben Scott" <[EMAIL PROTECTED]> wrote: > I also don't like sensationalizing problems that are really not all > that new to the computer world, or unique to Flash. [...] > > I actually hear web designers say, "I can't wait until we don't have to > > use HTML anymore and everything is all Flash". > Must... not... kill... Q.E.D. (Gotcha. Flash IS unique.:) I see Web designers say, "users aren't smart enough to know which cookies to allow, so we'll go around them and use Flash". That's not for animation, or for a better "Web experience". That's for letting the website developer use your computer without your knowledge. "Without your knowledge" makes any distinction between shared local objects and outright Bot technology a splitting of hairs. Does "everything" suck *that* much? -Bill (*) There are discussions about Flash control panels to allow user control of stored local objects. Sure, that's the solution: yet more user control panels, opt-outs,... and of course "trust us and our secret code to do what the control panel says". (AOL has contracted with Macromedia/Adobe to insert payloads in the "install Flash reader for free" downloads. Isn't it only a matter of time until another Sony BMG?) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Compact Flash sector load-balacing?
Well, CF shows up as Just Another IDE Drive (provided it's connected with an IDE adapter... not sure what drivers are used when it's on a USB adapter etc., but I thik even then it doesn't get a special driver. No wear leveling is done in the card itself that I'm aware of, either...there may be a block buffer or similar in the controller, but that's minimal. Mount it noatime at the very least, sync would also make sense and ext2, NOT ext3 (though I suppose you could use an external journal, but what would be the point?) I've seen Linux tools for doing wear-leveling on flash over in PDA-land, but haven't seen any of those drivers in use on the PC side... and I boot my home system from a 512MB CF. --DTVZ ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Flash as spyware
On 3/29/06, Bill McGonigle <[EMAIL PROTECTED]> wrote: > Hey, if you're a popular website you could use Flash to store an > offsite copy of your enterprise backup in your users' Flash cache! You could do that with HTTP cookies, too. > Just crypt the data and ship of a hundred K to each user. Flash cookies are limited in size. I'm not sure exactly what the limits are. I don't think you should send *that* much data. See also: Settings Panel (this brings up Flash's actual config UI for you) http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager02.html What is a local Shared Object? http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=tn_16194 What Are Third-Party Local Shared Objects? http://www.macromedia.com/software/flashplayer/articles/thirdpartylso/ How to manage and disable Local Shared Objects http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=52697ee8 > Flash has also been used to circumvent pop-up blockers ... Yup. Or just plain be obnoxious (big flashing ads). I recommend the FlashBlock and/or NoScript extensions to Firefox. > ... install spyware. I'm curious about this one. Source? > Just in case you haven't heard every version of Flash ever > released before last week or so has local exploits. Just like pretty much everything else. Not really defending Flash so much as pointing out that everything sucks. :-( I also don't like sensationalizing problems that are really not all that new to the computer world, or unique to Flash. > You're auto-updating Flash, right? What do you mean there's no auto-update? http://www.macromedia.com/cfusion/knowledgebase/index.cfm?id=16701594 > I actually hear web designers say, "I can't wait until we don't have to > use HTML anymore and everything is all Flash". Must... not... kill... > I'm interested in what happens to the SVG/Flash rivalry now that Adobe > owns Macromedia. As a guess, I'd say we could expect Adobe to sue people for reverse engineering Flash. :-( -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Compact Flash sector load-balacing?
I've been googling for the answer to this question but I'm not coming up with anything definitive. I recall there are some PDA linux hackers on this list so I figure someone here should know. Does Linux support load-balancing writes to a Compact Flash disk drive? Is this something that the CF driver has to support, or is this handled by the CF firmware? Thanks, Scott -- Scott Garman sgarman at iname dot com ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
Re: Flash as spyware
On Mar 28, 2006, at 22:33, Paul Lussier wrote: Websites have always had the ability to write to local disk, you're browser does that for them, how do you think your .[mozilla,galeon, whatever]/cache directory fills up with so much crap? Yeah, but the key difference Bill was getting at is with Flash they can ask for the data back. Hey, if you're a popular website you could use Flash to store an offsite copy of your enterprise backup in your users' Flash cache! Just crypt the data and ship of a hundred K to each user. :) A restore might take a few days but the price is right! Flash has also been used to circumvent pop-up blockers and install spyware. Just in case you haven't heard every version of Flash ever released before last week or so has local exploits. You're auto-updating Flash, right? What do you mean there's no auto-update? I actually hear web designers say, "I can't wait until we don't have to use HTML anymore and everything is all Flash". Try get get info on a new car lately? It seems, nearly universally, you need Flash to do so. Perhaps if there's an outcome with the Target section 508 suit some of this will come back to Earth. There's still no open source Flash2Something else converter that works. I'm interested in what happens to the SVG/Flash rivalry now that Adobe owns Macromedia. -Bill - Bill McGonigle, Owner Work: 603.448.4440 BFC Computing, LLC Home: 603.448.1668 [EMAIL PROTECTED] Cell: 603.252.2606 http://www.bfccomputing.com/Page: 603.442.1833 Blog: http://blog.bfccomputing.com/ VCard: http://bfccomputing.com/vcard/bill.vcf smime.p7s Description: S/MIME cryptographic signature
RE: People still interested in shared colo?
> -Original Message- > > Oh, that dodge also brings this to mind... > > http://www.servercase.com/miva/miva?/Merchant2/merchant.mv+Scr > een=PROD&Store_Code=SC&Product_Code=CK147&Category_Code=1UE > > Neat, eh? > > --DTVZ Yeah, almost makes me want to find a reason to buy one :) ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss
RE: People still interested in shared colo?
I've actually got a couple of Cisco 2511 Async servers. I didn't think about serial consoles, but I guess that can be provided as well if there is a need. In the 8 years I've had a server colo'd, I've never had a need for a serial console though. > -Original Message- > > Serial consoles in this setup I'd suggest maybe people > could "buddy up" and set up a serial crossover cable between > two systems... > this would require shell access and minicom, but would be > (aside from the security implications and cost of one serial > cable) essentially free. > > ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss