Re: [LUAU] How Does this Work?
On Thu, Apr 29, 2004 at 12:02:41PM -1000, R. Scott Belford wrote: Can anyone explain what is happening on a more technical level than what I have found so far? Phishing. The URL, disguised as pointing to an apparently legitimate source, actually takes you to a site that tries to collect your personal information. Observe: http://www.hawaii.edu:[EMAIL PROTECTED]/pn/ If you think that link will actually take you to UH's homepage, I must solicit your strictest confidence in a 100% safe overseas transaction! -Vince PS. Apologies in advance for potentially setting off your spam filters.
Re: [LUAU] How Does this Work?
MonMotha wrote: That link doesn't work for me in mozilla (brings up an error dialog), but the use of BVP= is probably a weirdo escape sequence that rewrites .com into some odd cctld that someone bought up. I've gotten a similar mail, but it was in HTML. Did we possibly lose something in the HTML to plaintext conversion? Double checking the email, I received text, and the address is the same. The link no longer works for me. It is interesting and ashame that someone else did not see it. When I first clicked the link, I was told that address was not available. I clicked okay, and after a dial-up kind of wait, ~15 sec, a citibank.com site appeared. I understand it is phishing, but what was deceiving is that the resulting page looked exactly like the citibank page. Maybe Vince could have done that with his phish, but to do it completely would have been illegal. I guess that I was also alarmed because I only thought that it happened with IE, but I clearly don't have a complete picture of the underlying protocols at play. --MonMotha --scott
[LUAU] Opensource PM Software
Alle, I've been looking around for opensource solutions to do Preventive Maintenance scheduling. I've checked things like MrProject, but they don't seem to be able to give be the granularity that I need (.25H), or allow you to specify a specific start time, just the beginning of the work day. Does anyone know of something that might fit the bill (*NIX platform is preferred)? Any suggestions would be most welcome. Best Regards, Camron Camron W. Fox Hilo Office High Performance Computing Group Fujitsu America, INC. E-mail: [EMAIL PROTECTED]
Re: [LUAU] How Does this Work?
From a more technical explaination, you can refer to rfc1738 among others, if that kind of thing excites you: http://www.faqs.org/rfcs/rfc1738.html . I can't explain that particular URL. The URL RFC explains that there are several special characters including @, :, that aren't considered normal text. Also, %HEXHEX represents the character of that numerical value. @ is a simple, yet somewhat obvious method. When a site asks for a password, you can either wait for it to ask, or you can type http://user:[EMAIL PROTECTED] You can leave the password out if you want. If the site doesn't actually require a user/password, it will ignore it. So you can use anything you want in the username. [EMAIL PROTECTED] will take you to google, and microsoft has no effect. Domain names don't have to be used. http://216.239.57.104 will take you to www.google.com just as well. However, even non-technical people know what an IP is, so that's too obvious in some cases. IP's can be written in other forms with hex or octal and in some cases the .'s can be omitted. The sign depends on the browser. Old versions of IE and other browsers used to read an as ignore everything before this, so www.microsoft.com/stuff/stuff/stuffwww.ijusthackedyou.com wouldn't get you to microsoft. The is much less obvious than the @, but doesn't seem to work anymore, or at least not on mozilla. http usernames and passwords don't really work with '/' marks. So www.microsoft.com/[EMAIL PROTECTED] would fail or get you to an error page within microsoft. %HEXHEX makes any charater, printable or not. %00 is NULL or \0. NULL is used to terminate a string in most programming languages. If you fill char[40] with abc\0def and leave the other 33 chars as the default, the 'string' in that array is abc. If you print www.microsoft.com/stuff/[EMAIL PROTECTED] shows up as www.microsoft.com/stuff in some cases. Otherwise you can print entire URL's in %xx%yy%zz format. You can easily abuse javascript for some purposes. A lot of URL's are of the form athis link/a but some are of the form awww.stuff.com/a. Although the second is the same as the first, and that text could be anything, people are convinced that if the link contains a url, it must point to that url. Javascript pseudo code something like: onMouseOver: statusBar.print(url) will print the url in the status bar when you point the mouse at it. This emulates the normal behavior when you point to a link in most web browsers. There are other tricks, but I don't know all of them offhand. -Eric Hattemer
Re: [LUAU] FC2T3
It appears that Fedora Core uses 4K stacks (instead of 8K stacks), and nVidia has not created drivers that work with 4K stacks yet. (FC2T1 was based on the 2.6.3 kernel; it did not have this problem.) Of course there are ways to patch up around this problem. But it appears that vNidia is getting the message. wayne
Re: [LUAU] hosef luau subscription page
Charles Lockhart wrote: Just an fyi, http://www.hosef.org/pn/index.php?module=Static_Docstype=userfunc=viewf=luau.html which is the main luau subscription page (pointed to by the main hosef.org page) was broken and wouldn't let me subscribe a couple of weeks ago (kept giving me the message that luau wasn't a valid option), and now the page seems broken, repeatedly informing me that I need to enter a valid email (which I did). Thanks for the info, Charles. This got fixed last weekend after it was called to our attention. Sorry for the trouble. It was part of the otherwise invisible migration of the list from videl to hosef's new server. Let us know if you see anything else that seems off. --scott
Re: [LUAU] VC and Linux
Hawaii Linux Institute wrote: I am sure most have heard the news that Google has set a date to go IPO. What differentiates Google from essentially all the internet bubbles of the late '90s is that it already has almost $500M in cash. I know Google is probably profitable. But $500M in cash? I don't think anyone has any idea that Google has been so successful, cash-wise. Five years ago, Google comprised of no more than two PhD students, one of them from the former USSR, who built a search engine on a number of cheap-to-free Linux boxes. Plse excuse me for doing a little bit Monday morning quarterbacking. But I believe all the financial analysts have missed a key element in Google's success. As I mentioned in my previous thread, before the two Google founders thought about their ideas, there was already a massive Linux community at Stanford University's ComSci dept. This is what we should do: Build a massive Linux user community in Hawaii. And hopefully some of us will become very big (so that the rest of us can have enough crumbs to pick). We may not have the technical edge, but we should have some geographical/geopolltical/geosocial advantages that make us unique among the 50 states. wayne Each year the University of Hawaii's School of Business has a Business Plan Competition. http://www.cba.hawaii.edu/bpc/ From a field of 60, one of the five finalists was a VOIP provider using linux hardware for the PBX. They did not win, but the Venture Capitalists in attendance, and they were each pretty special, were impressed. Comtel is already combining OSS with a business solution, as is Pau Spam, Tiki Technologies, etc. HONTECH Provides unique IP telephony services and solutions using a combination of proprietary and open-source software --scott
Re: [LUAU] VC and Linux
R. Scott Belford wrote: Each year the University of Hawaii's School of Business has a Business Plan Competition. http://www.cba.hawaii.edu/bpc/ From a field of 60, one of the five finalists was a VOIP provider using linux hardware for the PBX. They did not win, but the Venture Capitalists in attendance, and they were each pretty special, were impressed. Comtel is already combining OSS with a business solution, as is Pau Spam, Tiki Technologies, etc. HONTECH Provides unique IP telephony services and solutions using a combination of proprietary and open-source software --scott Nowadays, it is almost impossible to start a tech company without touching upon Linux (now even Sun Microsoft is trying to turn itself into a major Linux shop). I am more interested in infrastructural changes which could take advantage of our unique (this word should be capitalized) social/cultural mixes. Of couse, this is just my own thought, which is not worth even two cents. wayne
[LUAU] While we Were Sleeping
While we were sleeping, the following has come onto the horizon http://www.iipi.org/activities/softwareconference.htm Developing countries and aid agencies have thus invested heavily in support of building domestic software industries, particularly by investing in education and technology adoption. More recently, many developing countries have also begun programs supporting the domestic development and acquisition of open source software as a means to technologically leap-frog ahead in this field. While the various measures and programs developing countries have instituted are meant to promote the growth of domestic software companies, they may also have long-term negative effects upon the competitiveness of their software industry. Without careful and enlightened policies, the well-intentioned efforts of some developing country governments may stunt the growth of their software companies and in the end do more harm than good. As we sit and ponder the global potential of Hawaii as host to OSS conferences and as a presence in the OSS community, others have done more than sit. Attending the conference include the following What is Open Source?: A Survey of Open Source Licenses Larry Rosen, Counsel Open Source Initiative The Role of Intellectual Property in Open Source Software Dr. Lee Hollaar, Professor University of Utah Case Studies – Bridging the Open Source and Proprietary Divide – Successfully Working With Both Platforms Stephen Hill, President and CEO Linux NetworX and a lot more. Why do we know about it? Well, I received an email from a professor in France who is an OSS developer supporting French Schools. As his email pasted below mentions, they have been very responsible in their fight to protect OSS from potentially devastating revisions to European IP law. In order to keep this email from growing any longer, I will let him speak for himself. He found my contact from the HOSEF site, so the beginnning addresses some potential synergies. Bonjour M. Belford, I was searching for a LUG in Hawaii and fortunately discovered a page on HOSEF, naming you as one of the main volunteers of it. I am Francois PELLEGRINI, associate professor in computer science at ENSEIRB (engineering school at the University of Bordeaux), and also vice-president of abul.org , the LUG of Bordeaux and of the Aquitaine region. Just to end with the HOSEF track: Abul started several years ago, and now goes on sponsoring, a full libre software distribution for schools, ranging from primary to secondary, called AbulEdu. Version 1.1 was based on Mandrake, and version 1.4 is based on Debian. This distribution comprises many tools for children to write text (OpenOffice), handle images (Gimp),... plus adminsitration tools for the teachers and principals to manage classes, automatically print certificates of scholarship, etc. It has been designed to be fully multilingual, and is available in many languages. In its current form, only version 1.1 is downloadable from the abuledu.org website at : ftp://ftp.free.fr/pub/Distributions_Linux/Abuledu/1.1/abuledu-1.1.1.iso and requires a (very old) Mandrake 7.2 available from here : ftp://ftp.abuledu.org/Mandrake/Mandrake72-inst.iso Version 1.4 of AbulEdu is at the time being not downloadable, and available only through certified retailers. It is described in www.abuledu.com . The idea is to sell servers along with installed AbulEdu software (which is still GPLed, of course) to reimburse for development costs. Maybe AbulEdu could be useful to HOSEF, as the deshtop have been bettered for teachers and children during several years... But this is not the point why I was looking for a LUG in Hawaii. The point is that many LUG members across the world have been committed to fighting an awful regulation called software patentability. If you never heard about the issues, please just read the following article, and I hope that you will be convinced : http://www.forbes.com/asap/2002/0624/044.html See also the statement of R. Jordan Greenhall, CEO of DivxNetworks, dated 27 februrary 2002, from the FTC hearing here : http://www.ftc.gov/opp/intellect/020227trans.pdf The point with Hawaii is that an awful conference will be held there : http://www.iipi.org/activities/softwareconference.htm By browsing through the description of the conference, you will notice how it will be biased towards proprietary software and such that developing countries should adopt strong intellectual property regimes that will indeed ban libre/free software, thanks to the software patents that giants such as MicroSoft have stockpiled : http://www.advogato.org/article/453.html Therefore, we would like to be able to distribute leaflets to the attendants of this conference. As we do not have the wide pockets of Microsoft 8^) , we would like to know if somebody from the Hawaii LUG could print, copy, and distribute these leaflets to the attendents of the
[LUAU] Strategic Guidance for IP Conference and Inspiration for a HOSEF Conference
Nothing to add to this. Bonjour Scott, and bonjour everyone on your lists (local forwarding of this message welcome), R. Scott Belford wrote: We are on it. I cannot thank you enough for calling this to our attention. I am embarrassed that this was going on under our noses and we had no idea. No problem, this happens to us all the time. The pro-patent lobby has much money to spend, and they set-up so many events that it is hard for us to track and to have people present at a significant number of them, not to tell about dissuasive registration fees. This answers our question as to whether or not we should start hosting our own OSS conference in Hawaii each year. I encourage you to, although transportation costs may be a real travel for invited speakers, whether you pay for them or they pay for themselves. In Bordeaux, from 6-10 July 2004, the Libre Software Meeting will once again take place : http://lsm.abul.org/ . Just in case some of you would like to come and visit Europe at this time... 8^) At LSM 2002, for instance, we could give libre software to a representative of UNESCO, as reported in : http://www.fsfeurope.org/projects/mankind/lsm2002/index.en.html http://www.fsfeurope.org/projects/mankind/mankind.en.html and it yielded some results : http://portal.unesco.org/ci/ev?URL_ID=7548URL_DO=DO_TOPICURL_SECTION=201reload=1044355008 http://www.fwtunesco.org/atmlist/freesoftware.html More to the point: after a night of thinking, I think there is a real opportunity for you : at the LSM, we had trouble having people from Asia and Oceania come, because of transportation fees. Having a conference located in the Pacific would make it possible to have Asians come, in particular the Japanese, who have a surprisingly low number of LUGs (and of motivated software professionals in general) compared to the size of their population, so that they can be willing to have new perspectives. I have some addresses to provide you in case you start the project. The first ALSM (African Libre Software Meeting) will take place this november. I think there is room and need for a PLSM (Pacific LSM). The philosophy of the LSM is here : http://lsm2002.abul.org/philosophy/ I have forwarded this information to our hosef-managers list http://lists.hosef.org/cgi-bin/mailman/listinfo Great. Thank you very much indeed. After everyone wakes up and we kick around the idea of flyers, I will post the info to our LUAU mailing list that has nearly 300 members. I registered for the conference, and I am sure that many of the hosef-managers will register. Several are UH professors. Send my best wishes to these colleagues from the other side of Earth... 8^) My only concern with the flyers that has to be hashed out is the following: HOSEF itself may not be able to pass them out because the University of Hawaii is kind enough to host the HOSEF server and mailing lists. With the Chancellor of UH speaking at the conference, we have to be very careful about maintaining the aloha and respect for privacy that he will expect. I fully understand. Getting and keeping support is essential at the local level. Maybe you can just leave them on a table, and make sure they are not thrown away by members of the pro-patent lobby. That said, we have to do our part to make certain the the conference is balanced. It seems as if there is potential for it to be a good discussion. However, I fear that it will be a discussion set up to lead attendees to believe that OSS is inferior. Yes, this is the original aim of the conference, but as having been a lobbyist for more that 3 years now I can assure you that even the best trained and biased chairs may be overflooded when the audience is willing to hear different arguments from quiet people. Getting a hand on the list of attendants and sending them arguments afterwards is also a winning strategy, as I did for : http://www.abul.org/brevets/articles/icrt_20031124.php3 If I remember well your pages, you have several local companies that have successfully migrated towards libre software. It would be great that representatives of these bodies could come and give their figures, for the enlightenment of the audience. In particular, there are several documents of interest for easing migration : http://europa.eu.int/ISPO/ida/export/files/en/1618.pdf (available from http://europa.eu.int/ISPO/ida/jsps/index.jsp?fuseAction=showDocumentdocumentID=1743parent=chapterpreChapterID=0-452-471) http://www.ibm.com/linux/RFG-LinuxTCO-vFINAL-Jul2002.pdf http://www.dwheeler.com/oss_fs_why.html Moreover, if you do not want to look too aggressive with respect to UH, you can also make things happen outside of the UH, that is, find a slot in the schedule which is left unoccupied, and set-up an alternate demo of libre software products in a nearby place, where all the documents could be available on tables. Then, you would just have to publicize the event as something like in the
