Monday, December 20, 2010

Gawker CTO's Memo To Company Staff: Security Breach Aftermath

This is a copy of Thomas Plunkett's memo to Gawker Staff regarding the security breach that happened to its databases containing commenter's passwords.  I am posting it to my blog because it reveals a lot about the current security implementation in Web 2.0 sites.  I have highlighted some parts which I think are important.  Except for the highlights, I have not modified it.


From: Thomas Plunkett
Subject: The Gawker Media security breach — status and moving forward
To: [Gawker staff]
Date: Friday, December 17, 2010, 4:43 PM
Everyone -
As you know, this has been the Gawker tech team’s most difficult week ever. This note has been too long coming, but the following is meant to communicate several things: what happened, our current activities, and our plans for moving forward. I suggest you read all of this as I am making several recommendations below, and we are implementing some changes that will affect all of you.
What Happened
Gawker Media servers and some company email accounts were compromised by hackers at some time during the last few weeks; the compromise was made public to us (and everyone else) this past weekend. In recent weeks, intruders were able to gain access to our web servers by exploiting a vulnerability in our source code, allowing them to gain access to user data and passwords. With this information, they were able to gain access to the editor wiki, some Gawker Media email accounts, and other external resources.
It is clear that the Gawker tech team did not adequately secure our platform from an attack of this nature. We were also not prepared to respond when it was necessary. These things can be attributed to several factors.
First, we never planned for such an event, and therefore had no systems, or processes in place to adequately respond. Our focus as a team (and company) has been on moving forward. This put up blinders on several fronts. As a result, numerous wrong decisions were made by me this past weekend in responding to the security breach.
Further, attention to completed work is every bit as important as attention to upcoming work. Our development efforts have been focused on new product while committing relatively little time to reviewing past work. This is often a fatal mistake in software development and was central to this vulnerability.
Finally, we have not only seen tremendous growth as a company, we have never been afraid to take an unpopular or controversial stance with regard to individuals or organizations. Let’s face it: we draw the ire of many. This creates a unique set of demands to meet rapid growth as well as threats that often specifically target us. We did not establish standards and practices to handle growth and the fact that we have a target on our back.
On several fronts — technically, as well as customer support and communication — we found ourselves unprepared to handle this eventuality. The tech team should have been better prepared, committed more time to perform thorough audits, and grown our team’s technical expertise to meet our specific business needs. As a result of not having done these things, we have not adhered to standards expected of us, and our response was inadequate. The remedy to this situation will not be immediate, but it will be swift as possible.
Current Activity: Regaining Control
The tech team have moved our operation to the third floor of the Gawker Media office in order to focus on the work that needs to be done. We are currently in the process of performing a complete review of what happened with an independent security firm.
Here’s what we’ve done so far to regain control:
We have been able to establish a fairly complete timeline of intrusion activity, and have identified compromised assets within Gawker. We have re-established control of compromised systems including ourGoogle Apps accounts. As a result, you will have to reconfigure your Google Apps access (more on this below).
In addition, we have addressed all known vulnerabilities and will continue auditing our system for security flaws, and we have made appropriate changes to administrative accounts to our web and application infrastructure. There are many people reviewing our code base, and because of this, we will also reach out to members of the technical community to harness their expertise. This process will continue as we move to an entirely new, hardened web infrastructure.
We have introduced a help desk to address commenter concerns related to the breach. This will continue to exist as long as it is needed. Scott, Greg, Jeremy, Nick and a host of interns, and many of you, have been active in the threads, and communicating as much as possible as we work through this event.
Moving Forward
We’ve learned many lessons from this experience, both as a tech team, as a company, and as individuals. If there’s one lesson nearly all of us learned, it’s that we can and must be smarter with passwords. Lifehacker is a great resource for password advice (and there are many others). I suggest you start here: http://lifehacker.com/184773/geek-to-live–choose-and-remember-great-passwords.
Efffective immediately, we have enabled SSL, a more secure method of communicating over the internet, for all users with Gawker Media accounts on Google Apps (this does not affect your personal Gmail). Those of you not using web-based Gmail will have to reconfigure your clients (this includes any desktop mail client as well as other devices). The attached document provides instructions to make this easier, and includes information to configure different devices including iPhone, Android and Blackberry phones.
Also effective immediately: If you require access to sensitive materials (legal, financial, or accounting documents) on Google Docs, you must have two-factor authentication setup on your account. No documents will be shared with personal Gmail accounts. We are also strongly encouraging all staff to setup two-factor authorization even if you do not require access to sensitive material.
We will enforce a policy that sensitive information not be posted to the editor wiki. This policy will also apply to chat communications (e.g., Campfire, AIM).
On all of our sites, we will be introducing several new features to our commenting system to acknowledge the reality that we have lost the commenters’ trust and don’t deserve it back. We should not be in the business of collecting and storing personal information, and our objective is to migrate our platform away from any personal data dependencies (like email & password). We will push further integration of external account verification sources using OAuth (like Facebook, Twitter, and Google) for those that want to use them, and we’ll also be introducing disposable accounts. Disposable accounts are similar to the service a pre-paid phone offers to drug dealers (a disposable, untraceable communication device). Commenters seeking anonymity will be able to do so confident that when necessary they can simply toss out the account and there will be no connection to the individual. They will work like this:
- no password will be stored
- no email will be stored
- account can be used as long as you have the key code; lose or delete it, the account is abandoned.
In addition, we are establishing a public Gawker Tech & Product blog (a long time coming) from which we will communicate product information as well as product plans to our readers. You can expect to see it by early next week.
This has been a very unfortunate event in Gawker Media history, and we have learned much from it. Above all, this has been an enormous inconvenience for everyone affected, and for this I apologize. You can expect a much more responsive and proactive technology and product team for 2011. You can also expect a much more public me — if there is one critical thing that has been missing, it is a lack of consistent communication from me. That will change.
Regards,
Tom Plunkett

Saturday, December 18, 2010

A Summary of the 2009 Eclipse Survey (Open Source)

This item went passed me, I don't know how.  According to the April-May 2009 Eclipse Survey of mostly Java IDE programmers in that open source community, Ubuntu is the most used linux distro in their desktops.
Eclipse is an open source community of software developers originally created by IBM.  The survey they conducted May 2009 was completed by 1,365 respondents who identified themselves as programmers.
These are some of the highlights of the survey.
The respondents were asked what operating system their software are being deployed on.
It is interesting to note that Ubuntu accounts for clearly half of the linux developer desktops.  This just blows away the myth that Ubuntu is a distro for beginners in linux.  Another surprise is the fact that Red Hat and Ubuntu are sharing the server deployments equally.  

Sunday, November 14, 2010

Give To Wikipedia

Wikipedia is a free encyclopedia maintained by volunteers and used by one out three web citizens.  It is unique in that anyone can contribute to its knowledge and anyone can comment on its content in an open discussion.  It is free from advertisements and in order to keep it that way Wikipedia is asking you to donate and help out.

Give to Wikipedia here.

Thursday, September 30, 2010

Easy To Use Posterous

Posterous is a blog service that gets you.

I post via email and my favorite tool for that is my email client.  In fact even if my browser is open and I feel the urge to scratch I still have my desktop configured to send email through the desktop email client.

I use Ubuntu 10.04 and Evolution as the default email client.  Posterous integrates well with both. 

Saturday, September 18, 2010

Cute Girl Dances In Samsung Galaxy Ad

This video has viral written all over it. 
It has a cute little girl dancing at the start.  It has a beautiful danceable tune.
It opens to a bright neighborhood.  And people are dancing. 
Did I mention she's cute?

Tuesday, September 7, 2010

Jango:listen,learn and enjoy

I've never enjoyed myself better than listening to music at Jango.  I have three full music stations in the site.  All three were created two years ago and I have not changed the line up much since then.

What's amazing with Jango is that their music doesn't skip a beat or pause a micro second when I try to click anything in the web site.  I listen to my music and I get to play around with the links.  Wow.

Sunday, August 8, 2010

Do You Hear Bells Ringing?

Satellite photos indicate an island of ice four times the size of Manhattan broke off from the Petermann Glacier.  This satellite image was taken last thursday.

Wednesday, August 4, 2010

Human Rights 101

The following video footage of the Indonesian military capturing a Papuan freedom fighter in the remote hills of Papua New Guinea gives us pause on what we mean by human rights.

It also gives us an opportunity to defend what we believe belongs to all of us and not just to some of us.

Warning: nsfw

Sunday, August 1, 2010

The Power Of Images

World Meets HIV AIDS

In this photo from left to right, David Kirby (lying in bed), Bill Kirby, his father, Kay Kirby, his mother. 

If you look closer near the bottom right corner you will see a Benetton ad logo.  This version of the photograph is colorized from the original by Benetton for their ad campaign in 1992.

The disembodied hand coming out of the left side is from Peta, a caregiver at Pater Noster House where David's family decided to care for him.  Peta is half-american, half-native american indian.  Peta was HIV-positive at that time but he would soon die of AIDS as his disease progressed.

As the world's debate raged over lifestyle, morality and this "gay disease", the absolute message of this image is that no one deserves to die alone.

Monday, July 12, 2010

It Came At The Very Last Moment

The lone goal made by Spain against the Netherlands happened at extra time.

The Lone Spanish Goal That Won The Cup


Andres Iniesta is undeniably the most popular spaniard today.  After kicking the ball passed the dutch goal keeper, Maarten Stekelenburg, he hoisted Spain into the select few countries which have won a football world cup.

Paul Says It's Spain

Paul the octopus oracle keeps his perfect record as Spain wins the world cup. 

Spain vs the Netherlands After Regular Time

After regular time the match between Spain and the Netherlands is scoreless.

Spain vs Netherlands Half-Time Score


world cup-netherlands spain
Originally uploaded by donatoroque2003

Scoreless at half-time. An exchange of yellow cards for fouls and that's all.

Saturday, July 10, 2010

Against The Odds

The World Cup finals will be played by Spain and the Netherlands.  Both teams have never won the cup.  The Netherlands are unbeaten in the qualifying rounds in fact they are one of only two teams to have 100% wins.  Brazil also have this record in 1970.  Spain on the other hand has the lowest number of goals scored for any finals team.   In order not to have this dubious record, if Spain wins they must score 4 goals against the Netherlands. 

The experts and fans are divided.  Most people have positive sentiments towards the Netherlands.  Spain wins however in most media polls.  In Germany, Paul the octopus oracle, picks Spain to win and Paul has picked all the winners in the last 6 games of this World Cup.  If the octopus can do it I can too.  I pick the Orange team.  :-)

Thursday, July 8, 2010

Oh Bull

The San Fermin festival in Pamplona, Spain is an annual celebration notorious for its running of the bulls.  It's a nine day festivity famous for scenes of amateurs and bystanders running infront of bulls as they make their way in fenced off sections of city streets. 
The practice is told to have originated in the 14th century.  If you're going to transport herds of bulls from their corrals to the market, you have to do it efficiently.  You don't want the bulls to do a "Ferdinand" and stop to smell the flowers.  The only way to do it is to get them excited.


Tuesday, July 6, 2010

Viggo Mortenson as Sigmund Freud

Hollywood make-up artists are really good. 
Take a look at how they made Viggo Mortenson (marked) look just like the character he is playing.  In this case it's a real life person, Sigmund Freud.

[tags hollywood,viggo mortenson,sigmund freud]
[end]

Friday, July 2, 2010

An Office? Are You Nuts?

On July 2, 1881, then President James A. Garfield of the United States was assassinated by Charles J. Guiteau.  Guiteau is a lawyer who believed himself entitled to an ambassadorship at least in Garfield's government.  He demanded that President Garfield give him an office in his government or else. 

Guiteau was found guilty and hanged.


Thursday, July 1, 2010

Photo Tagging Galore

This is not about Facebook.  This is not about the Glastonbury Festival.  This is about one of those moments when you just get the feeling something is about to explode but you don't know how big the bang is. 

An estimated 70,000 people attended the music and performance art festival.  Somebody took a panoramic picture of the audience.  Using Facebook Connect everyone started tagging the photo and so far 2,000 tags and counting.  This must be the most tagged photo in facebook so far.

Tuesday, June 29, 2010

The Tunguska Event

A very large explosion in the sky over the Krasnoyarsk Krai region, Siberia, Russia happened on 7:17 am (local) June 30, 1908.  Years later russian investigators found large areas of toppled trees and burnt forests plus eyewitness accounts of a glow bright enough to be mistaken for the sun. 

What we know...

A russian expedition found a zone of scorched trees around 8 km. across.  The same expedition found no impact crater.  Eyewitness accounts tell of a loud sound and a bright glow above the forest.  The zone of burnt forest is consistent with the effects of a nuclear explosion in the magnitude of 20 megatons (1 hiroshima) of TNT.

Theories...

The leading theory as to what happened in Tunguska is generally held by most scientists in the world.  There was a meteor penetration of our atmosphere.  The meteor which survived the heat of entry exploded above the surface causing the effects documented in Tunguska.

Other theories include methane or natural gas explosion, a black hole and a crash of an alien spaceship. 

Sunday, June 27, 2010

Feast of Our Lady of Perpetual Help

"You Can Come To Me"

The icon shows 4 characters namely: Mary, Mother of Jesus, the Child Jesus, Archangel Michael and Archangel Gabriel.  We see Jesus clinging to his mother alarmed by a vision of his Passion.  The angel Michael is carrying a lance and sponge.  The angel Gabriel is carrying a 3 bar cross and nails. 

If those two angels don't scare a 6 year old I don't know what will.

But the most striking impression to me is Mary's eyes.  Her hand is holding her child but her eyes are looking at the viewer. 

Image from Wikipedia.org.

Full Circle Magazine for May no.38

Full Circle Magazine is out. I download their pdf version. It's a beauty. After finishing a quick look, I got a tip on ScribeFire. ScribeFire is a Mozilla Firefox extension for easier blogging. It turns out it has a Google Chrome version too. To get it, head on to your Tools>Extension and type Scribefire in the search. It's a quick download.

Saturday, June 26, 2010

Ganito Kami Noon...

The american soldiers were holding down their prisoner while someone pours liquid into his mouth and nostrils.  The prisoner is a captured filipino soldier fighting for the Revolutionary Government which just proclaimed Philippine independence. 

Yes.  It's water boarding-1898 style.

Water torture. http://philippineamericanwar.webs.com/

Friday, June 25, 2010

Then Was Malacanang

Malacanang Palace is to the Philippine government as the White House is to the United States.  It is the architectural icon of the seat of government, well the executive branch at least.

Malacanang started out as a wooden house overlooking the Pasig river.  It was purchased by the Spanish government from a private individual with the intent to serve as a summer house for Spanish Governor Generals. 

After the 1863 earthquake in the Philippines, the newly built summer house became the residence of the representative of the Spanish crown.  It represents the highest authority of government and power.  It was said that Jose Rizal's mother went to Malacanang to plead the Governor General to pardon her son and save him from the death penalty.

Wednesday, June 23, 2010

Evolution: View By Conversation or Thread

I notice many Ubuntu forum members are asking about this.  If you're using Gmail you should be familiar with messages viewed as conversation.  When the same message is sent back and forth by the same parties then it's a conversation and it forms a thread.  Most Gmail users who would be using Evolution as a desktop client will look for this feature in Evolution.  It's a feature you will certainly miss.

To enable this in Evolution just go to your keyboard and hit cntrl+T.  If you want to use your mouse then just click View>Group by Threads. 

I don't know how many Evolution users are Gmail users.  I don't know how many Evolution users are going to agree with me if I suggest that Evolution enable this feature by default.  But I am sure the Evolution developers have heard this suggestion before. 

Linux being all about choice, should provide an opt-out when it makes something the default.

It's just that I am arguing that email isn't just electronic mail but a conversation.  The default behaviour should be group by thread and the feature doesn't belong under 2 layers of mouse commands.

Sunday, June 20, 2010

Remember Jaws

If I remember anything about the 70's, it's Star Wars and Jaws.  Jaws was released this day in 1975.  I remember the terror of watching a predator, with open mouth and white endless teeth.  Steven Spielberg made these terrifying close shots.

The film has Roy Scheider, Richard Dreyfuss and Robert Shaw.  I was 8 when I saw the trailer and the movie.  It gave me a healthy respect for the sea and big watery expanses if you know what I mean. 

Jaws ushered in the kind of movies that are watched by millions of theater goer, helped by word of mouth.  It will earn 470 million dollars world wide until the end of its run.  It is the record holder at that time.  Star Wars will knock it off its position 2 years later.


My Wordpress Blog Is Down

Wordpress is experiencing down time today.  My two posts aren't showing up.


Record Use of Twitter

The trend in the twitter universe this past week is the FIFA world cup in South Aftrica and the NBA Finals between the LA Lakers and the Boston Celtics.  Every goal in the world cup soccer games being played in South Africa results in a spike in tweets all over the world.  But according to twitter the win by the Lakers produced the record number of tweets since the Obama inauguration. 

Another trivia for the twitter users out there is the use of this service in announcing the execution of a man convicted of murder in the United States.  Before that, Hillary Clinton and the State Department used twitter in announcing updates in diplomatic negotiations. 

Problem With A Samsung SyncMaster Monitor

I can't show you screenshots of the problem with my monitor because it doesn't show up in the screenshots.  I have a Samsung SyncMaster 920NW I purchased back in September 2008.  I like it.  Now it shows a long horizontal band of corruption in the dark pixels.  The band of erroneous color is about a third of the total screen.  Mostly it shows warm colors like white, yellow, red and I lose the blue and darker colors. 

This happened just after I downloaded updates which includes an nvidia driver update.  Coincidence?

It feels like a hardware problem than a software problem because it doesn't show in the screenshots.  That's bad news.  It means I have to replace it.  Good news.  That means I'll have a brand new LCD.

Wednesday, June 16, 2010

Aquaman Is Dead!

All right.  This is not funny.  When news like this goes out I worry about our chances to beat this oil spill disaster.  But Aquaman is dead?  I don't believe it.


Tuesday, June 15, 2010

Google Docs Updates

Yes everybody's encountering some problems nowadays.  If it isn't twitter, it's facebook or google.  Speaking of google, they just put out these new collaboration tools into google docs.  So I just had to type my blog post using google docs and use it to publish to my blog.  I figured that since google and blogger.com use the same authentication protocols (openid, and all that) that they would play well with each other.  No luck. 

I have better luck publishing it to Wordpress.  Just entered my username and password and after typing my post in google docs they will offer to post it to my Wordpress blog.  Ironic. 

They should work on this automatic posting/publishing bit though.  It is a big thing.  I mean imagine after using their docs tools I can then publish it to one or more blogs.  Presently that's not happening.


Monday, June 14, 2010

Does Tech Make Us Stupid?

Yes the technology that gives us a constant stream of information can be distracting and addictive but we should not blame the internet for that.  Knowledge is increasing and the internet is what enables us to keep up with the scale.  Human brain power needs these new technologies to cope with the increase demand for analysis, research and reasoning.  They do not make us stupid.  They are keeping our heads above the water, so we don't drown in the sheer volume of data around us.

Sunday, June 13, 2010

Raise Your Web Vocabulary

When I go to read a new blog, I can tell if it's written by a twenty-something.  When I check my niece's facebook posts, it feels like I'm in a foreign country.  Wait, I am in a different country but you get my point.  Sometimes it's just my age that's showing.  Most of the time, this is just too deliberate.  Teens are inventing ways to make it harder for their parents to check what they are doing online.

I do recommend talking to your son or daughter directly about it.  An honest question should be very helpful.  I also recommend that those of us being left behind should try to catch up.  So I have two websites that can be very instructive when it comes to difficult words and acronyms popping up everyday in the internet.  I wonder if they're still calling it that.

I have the Urban Dictionary included in the search engines inside Mozilla Firefox.  If you have the latest version of Firefox then it is easy to add search engines, just click the arrow icon in the search field.  This dictionary should also serve you well when you hear words thrown at you in anger. 

The second one is Teen Chat  Decoder.  If you own an iphone (and I'm talking to my sister) there's an app for it.  This website is simple like the google search.  You just type the search string and that's it.


Saturday, June 12, 2010

Twitter Is A Word

This is not turning into a debate about whether I can use tweet in Scrabble.  The New York Times editors do not think it belongs in standard english just yet.  The newspaper editors cautions its reporters and writers against using it too much.  Apparently, their average reader are complaining about using the word in reporting.

Tweet is a word which commonly refers to a message sent out using the Twitter service.    Users of the service are limited by a 140 character cap on each message.  All messages are public, and users can subscribe or follow other users.  When two users follow each other they can send private messages to each other, the only time a message is private.

With a growing army of twitter users around the globe, twitter has changed how we gather news.  You want to have confirmation of the earthquake in China, just type a search string to access the public stream of messages.  This is its real power-search.

Imagine you have a product and you want to know what your market is saying about it.  Go to twitter.  Say you are interested in the latest results in the World Cup in South Africa.  Before the regular news media comes out with their polished report, twitter users with barely standard english have informed you which team won.

Twitter just made all of us content creators.  Be the witness to something mundane or something historical, who knows.

Thursday, June 10, 2010

Twitter And Breaking News

It is seldom that I find a tweet even coming from Roger Ebert, sounding a social commentary.  We know now of course that the Chicago Blackhawks won the 2010 Stanley Cup.  This from Roger Ebert:

Working my way down Twitter, I find the Blackhawks won! I will press on until the Sun-Times makes it BREAKING NEWS!

And then several tweets later this:


RT @Suntimes: THE CHICAGO #BLACKHAWKSARE YOUR 2010 STANLEY CUP CHAMPIONS!!!!

Congratulations Sun-Times.

It's A Kernel Regression

There is no easy way to install drivers in Linux.  I for one try to avoid it.  It could really mess things up especially graphics card drivers.  I only use Nvidia supported cards.  Do the homework before you purchase your new hardware.  The happy news is there are many many hardware that are now supported by the Linux kernel out of the box.  I really am surprised when somebody still have to manually install a driver in Linux.

Also if you are planning to add a printer, use HP.  It very friendly with Linux.

I have been wondering about the kernel updates a couple of days back.  Now it all make sense.  The Ubuntu security team just released a post that the second kernel update in two days is a kernel regression.

A kernel regression happens when a later update breaks a previous patch.  Happens when you try drive too fast I guess.


Wednesday, June 9, 2010

Always Connected

I first notice one of my friends do this a few years back.  They would start an IM session in their PCs and after a few hours go to the malls and still have a presence in the chat rooms.  He is using his mobile phone to continue his IM activities after he closed his PC.

People developed an insatiable appetite to be always connected.  An individual is not only connected one-on-one but also connected to his network (twitter,IM chat rooms,facebook) and to his public.

We are all rockstars now.

We even crave for information that's unimportant!  We amaze ourselves with the trivial and laugh at the misfortunes of others because they have become commonplace.  We skim the surface of this sea of information but do little of deep analysis.  We are mystified at someone doing that.  We call them gurus.  As if it's a new religion.

Monday, June 7, 2010

Mobile Developments

HTC Evo is launched in the United States with Sprint as the service provider.  It is the first mobile handset capable of using the fourth generation mobile technologies.  It is faster and has improved screen and user interface.  Yes its better than the old iPhone.  But Apple is coming out with its own iPhone 4G. 

It used to be 3G services and GPRS.  GPRS is now being used by embedded devices usually in vehicles to serve as links for updates and requests for maintenance.  We don't see this very often nor notice it.  It's like an iceberg with a third of the ice underwater.  These embedded devices are in our cars, toys, appliances in the house, camera, and our lawnmower.  Each device has its own chip to control processes, connectivity and code.     

Imagine you buying a brand new car with one of these devices and a finger print scanner in the steering wheel.  Your 18 year old asked you if he could borrow the car and you said yes.  Only the car would not start when your son sat to drive the vehicle.  I think the technology is 3 to 4 years in the future.  But who knows?

HTC Evo with its 4.3 inches of screen is gigantic as far as mobile screens go.  My opinion is that in order for mobile web to really take off, the browser experience must mimic as close as possible, the one in the desktop.  How that is going to be accomplished is a designer's holy grail. 

Saturday, June 5, 2010

Reblogged: UpWords with Max Lucado

I have no permission and did not attempt to contact the rights holder regarding this article.  I am posting this in my blog because it is inspiring and just maybe i can bring the light and warmth of the fire to those who want it.


The Cave People
by Max Lucado


He came to the world that was his own, but his own people did not accept him.
John 1:11




LONG AGO, OR maybe not so long ago, there was a tribe in a dark, cold cavern.


The cave dwellers would huddle together and cry against the chill. Loud and long they wailed. It was all they did. It was all they knew to do. The sounds in the cave were mournful, but the people didn't know it, for they had never known joy. The spirit in the cave was death, but the people didn't know it, for they had never known life.


But then, one day, they heard a different voice. "I have heard your cries," it announced. "I have felt your chill and seen your darkness. I have come to help."


The cave people grew quiet. They had never heard this voice. Hope sounded strange to their ears. "How can we know you have come to help?"


"Trust me," he answered. "I have what you need."


The cave people peered through the darkness at the figure of the stranger. He was stacking something, then stooping and stacking more.


"What are you doing?" one cried, nervous.


The stranger didn't answer.


"What are you making?" one shouted even louder.


Still no response.


"Tell us!" demanded a third.


The visitor stood and spoke in the direction of the voices. "I have what you need." With that he turned to the pile at his feet and lit it. Wood ignited, flames erupted, and light filled the cavern.


The cave people turned away in fear. "Put it out!" they cried. "It hurts to see it."


"Light always hurts before it helps," he answered. "Step closer. The pain will soon pass."


"Not I," declared a voice.


"Nor I," agreed a second.


"Only a fool would risk exposing his eyes to such light."


The stranger stood next to the fire. "Would you prefer the darkness? Would you prefer the cold? Don't consult your fears. Take a step of faith."


For a long time no one spoke. The people hovered in groups covering their eyes. The fire builder stood next to the fire. "It's warm here," he invited.


"He's right," one from behind him announced. "It's warmer." The stranger turned and saw a figure slowly stepping toward the fire. "I can open my eyes now," she proclaimed. "I can see."


"Come closer," invited the fire builder.


She did. She stepped into the ring of light. "It's so warm!" She extended her hands and sighed as her chill began to pass.


"Come, everyone! Feel the warmth," she invited.


"Silence, woman!" cried one of the cave dwellers. "Dare you lead us into your folly? Leave us. Leave us and take your light with you."


She turned to the stranger. "Why won't they come?"


"They choose the chill, for though it's cold, it's what they know. They'd rather be cold than change."


"And live in the dark?"


"And live in the dark."


The now-warm woman stood silent. Looking first at the dark, then at the man.


"Will you leave the fire?" he asked.


She paused, then answered, "I cannot. I cannot bear the cold." Then she spoke again. "But nor can I bear the thought of my people in darkness."


"You don't have to," he responded, reaching into the fire and removing a stick. "Carry this to your people. Tell them the light is here, and the light is warm. Tell them the light is for all who desire it."


And so she took the small flame and stepped into the shadows.


From A Gentle Thunder

Copyright (Thomas Nelson, 1995) Max Lucado

A Personal Perspective on Computer Security

Computer security is a tug-of-war.  It isn't about discovering a bullet-proof product out there.  It isn't something you can buy in a box or download online.  Forget the marketing releases of security products.

Read and learn the basics of computer security.  Strong passwords, basic firewall configuration, privacy and cookies, history and memory caches, browser security and extensions.  In other words computer security is really personal responsibility.  Begin with informing yourself. 

Let me go back to my opening sentence.  The foundation of computer security stands on how you value usability and security.  If you disconnect your computer from the internet and lock it inside a vault, you will have a totally secure machine.  But can you use it?

You can also do a set-up where anything and everything goes, and within 5 minutes the computer is already hacked.

When making your personal decisions about usability and security, do read up on current computer security threats.  After updating your vulnerability to the current threats, make changes to your set-up accordingly. 




Friday, June 4, 2010

Is It True That Linux is Virus Proof?

The short answer is No.  No existing operating system is malware proof.  But there is no significant threat of a Linux virus so far and there are a lot of people watching out for that. 

Whenever somebody hear Linux for the first time, this particular question is going to come up.  Invariably, this person is using Windows and their eyes go wide when they hear that a Linux machine is not affected by the latest Windows virus.  I also add of course that a Mac is also not affected by a Windows virus. 

Then comes the secondary question:  what sort of anti-virus do you use?  I don't know about other linux users but I don't use an anti-virus.  I don't use an anti-virus because the threat of a linux virus infecting my machine is insignificant. 

It is possible to infect a linux machine.  Maybe this light hearted article can show you.

Thursday, June 3, 2010

Sound Decision To Me

After the security breach a couple of months back which involved China and Google, a lot of the computer forensic details have been posted and analyzed.  Many believe that this is the cause of Google choosing to drop Windows and offer Mac or Linux to its employees.  The Official company blog offer the most plausible reason to me, and in a word it's efficiency. 

Using Windows results in increase in costs because of lost productivity and lingering security worries.  Google employees do not want to be the next one to fall victim to hacks.  Believe it or not a lot of Google employees use Apple Macs, so letting them continue to use them is just common sense. 

The use of Linux does not require huge resource since Linux is free.  Linux can be downloaded and installed on existing PCs. 

Mac and Linux are good operating systems but they are not bullet proof.  But shifting their system to both is just practical and efficient.

Wednesday, June 2, 2010

A Plan B

Don't put all your eggs in one basket.

Relying on just one service for all your requirements isn't a good idea.  I've kept all my old email addresses since yahoo to gmail.  In the process I enjoy the new services those email providers give to their users. 

When your One and Only email account fails, it's like writing with your left hand.  It helps if your a lefty or better yet ambidextrous.  Use an email client that can pull all your email no matter what email service it is. 

I keep two blogs and when I post, I post to both.  Almost.  I don't know.  Redundancy is at the heart of managing critical systems.  Meaning if it's something very important to you, then better have a plan B. 

Good Morning Via Mobile

Tuesday, June 1, 2010

Benchmarking Meego

Meego is a netbook operating system drawing from Intel's Moblin and Nokia's Maemo.  Meego's performance were tested by Phoronix against other linux distros such as Ubuntu Netbook Remix, Fedora and Chromium OS.  It's performance in the Phoronix test suite outshines the others.

It has the fastest boot time at under 10 seconds.  Meego is the only one clocking below 10 seconds.  It's using the btrfs file system.  Canonical also wants to switch Ubuntu to btrfs by 2011, maybe even sooner when it comes out with version 10.10.  This should be interesting.  Will Fedora 14 follow suit?

The only speck in Meego's test is the OpenGL performance.  This means anyone playing accelerated games in Meego will pay the price in speed. 

Meego is being developed for devices with small screens.  Meego and the other linux distros mentioned here should find their way into your netbooks, tablets, smartphones and even your everyday laptops. 

The Aid Flotilla Fiasco

The US policy of supporting Israel, right or wrong, should be abandoned.  An aid flotilla should enjoy the same respect as a red cross painted ship, and in any case these group of vessels were running international waters when the israelis launched their operation. 

Mr. Ehud Barak's statement that Israel is only defending itself is, in this case, getting very thin.  If this reasoning even applies here, the natural course of action is to impose a naval blockade and announce it publicly. 

The Israelis chose to do it covertly and this has become a fiasco resulting in 10 deaths. 

Monday, May 31, 2010

Tests, Preparedness and the Boy Scouts

"Be prepared" is the motto of the Boy Scouts and I agree.  So I tested how my network of messaging works.  I have a mobile phone that can send mms, sms and connect to the internet.  It can send email.  SMS and voice calls are pretty much one on one.  What you have to check here is the ubiquity and security of your contact list.  Is the addressbook backed up?  You may want to check if you can access this contact file in multiple locations.  To accomplish this you can save it in your cloud service.  I have been using Dropbox and Ubuntu One for that. 

The previous post is a test sent from my mobile phone to my blogs.  I first sent an MMS.  I have Smart as my mobile service provider.  After several minutes later, I sent an email post with attachment to the blogs using my mobile phone.  These latter action delivered first and appeared on my blogs right away.  My blogs are using dlvr.it which is a service that dellivers new posts to destinations like Twitter and Facebook. 

And so well within the 15 minute threshold, my Twitter account received the tweet of the new posts.  My facebook account received the updates also within the 15 minutes promised by the service. 

What about the MMS I sent before the emails? 

They too posted although several minutes later than the ones done through the emails.  The explanation is that Smart, my mobile service, actually puts MMS sent to a service que if you like.  They charge 10 pesos for the email connection and 2.50 pesos each MMS sent in my mobile phone.  So because MMS service is "shared" it is cheaper. 

A room with a view


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Sunday, May 30, 2010

Hey Do Blogs

Blogging now has never been easier and mobile.  With Facebook you are dependent on other people keeping your personal data away from bad people.  There is even an assertion that privacy has never been Facebook's responsibility.  If you think you can't live in the digital world without Facebook then I offer you blogs.

Blogs give you complete control over your website.  Delete abusive comments, you can.  Block comments you can.  Keep the website private, check.  You can go the other way and automatically announce new posts in Twitter and ironically, Facebook.

You can use Bloggers or you can use Wordpress.  I have both.  Blogger is older and Wordpress is open source.  You can create two blogs.  One is public and the other private.  Both Bloggers and Wordpress have free accounts and premium services.

You can use your mobile phone to send posts.  I love sending photos taken by the cell camera as posts with the subject appearing as title in the blog post.  It's very spontaneous.

This is the production side of it, what about the end user side of this?

Isn't is a pain to open a browser for each of your friends' blog when all you will read is a one-line update to your friends' status?

Use Google Reader or use a desktop feed reader application like me.  A feed reader polls each feed from your friends blogs and checks for updates automatically when the application is open. 

One more thing, blogs do not limit your posts to a set number of words or characters.  You want to do a Stephen King go ahead.  Go write your novel now.

Saturday, May 29, 2010

Attack Profile: How Big Is The Vulnerability

It's important to also pay attention to the attack profile or how much is this vulnerability exposing user to attacks.  Central to the issue is how much time the user is being exposed to the attacks.  If you reduce the attack profile then you'll be safer.  No, I don't think disconnecting from the internet is an option anymore. 

In this regard, the browser is a big blip in the horizon.  Every time the computer is turned on nowadays, the user is also opening a browser (or several tabs).  Any small vulnerability in the browser translates to a huge attack profile.  Adding to the discussion is the security problems of browser plugins like flash and java but that is an entire post in itself. 

The less you use the browser the smaller the attack profile is. 

Use desktop clients instead. 

Thursday, May 27, 2010

The Blog Lives Again

How do I do publishing?  Sometimes I feel like Dorothy after the twister thing but here goes.  I usually type my draft using my email client (Evolution) and save it as drafts (duh?).  It sits there for a while or I decide to just feed it to the trash which is most of the time.  I send the email post to my blogger's account.  They have this email posting feature where you can send images as attachments to email and the blog formats the images automatically.  You can set image properties in your account administration tab.

For people like me who find the 160 character cap of Twitter and the 240 characters update feed of Facebook too limiting, I recommend we try blogging once again. 

There is this beta called dlvr.it which offers to deliver your content to destinations in the internet.  My posts are automatically trumpeted in Facebook and Twitter within minutes. 

Wednesday, May 26, 2010

Becoming Twitter, Becoming Facebook

Some people are using their facebook news feed like twitter.  They are posting short one liners 50 times a day.  Purists are saying that the two services are different modes of the social network.  They should be used differently.

How are you going to enforce that?  If it looks and feels like a hammer I'm going to hit the nail with it.  People will use their facebook account the way they see fit and easy. 

Originally facebook does not have their news feed.  Twitter is just telling somebody what your doing.  Now they're big and heavy.  They even confuse old timers. 

M. mycoides, Oil spills, iPad and Lady Gaga

Last May 20, 2010 american scientists led by Craig Venter announced the creation of a self-replicating synthetic life in the form of a bacteria, M. mycoides JCVI-syn1.0.  That's Mycoplasma mycoides JCVI-syn1.0.  This is the first time that man designed something than can self-replicate, a genome sequence made in a computer, complete with watermarks and codes to identify IT as truly unmistakeably man-made.  When it was implanted into a Mycoplasma capricolum, a natural bacteria, the sythetic began producing enzymes that destroyed the M. capricolum's original genome very much like the Borg assimilating humans. 

So what we have here is a synthetic cell able to reproduce, has a unique genome sequence, and is able to defend its own existence. 

I think when we look back to the first half of 2010, we will agree that it is a watershed moment.  Apple just came out with iPad, selling a million in just a month, eclipsing its iPhone and iPod products.  The United States is still suffering from the economic recession that began in September 2008.  The world economic giant is relinquishing its role to China, Germany and South Korea.  The biggest environmental disaster since Chernobyl is growing in the Gulf of Mexico.  BP is yet to cap that bleeding pipe.  NASA is doing the last of its shuttle missions.  They plan to outsouce their manned missions in the future to private companies. 

And based on her Youtube views, Lady Gaga's popularity is soaring.  Her gender might be questionable but not her impact on the pop culture. 


Tuesday, May 25, 2010

Too Much Connectivity

People are already up in arms regarding Facebook's new privacy policies.  (Facebook's CEO Mark Zuckerberg promises to roll back some of these changes, but we shall see.) These new policies doesn't scare the average Facebook user because its implications are too distant to most people. 

I connected my blog to my facebook account and my twitter account today.  I found this beta service that promises to deliver my posts from the blog url to facebook and twitter.  I just want to see exactly how dlvr.it is going to accomplish that.

I also have my tweets (the most recent ones) appear in widgets at the sides of my blogs.  This completes the circle I guess.


Monday, May 24, 2010

Google Wave: Goes Public

    I think it's wonderful that Google just opened the doors for the public into their Google Wave service.  I'm still trying wrap my head around it though.  I know it's like an IM tool on stereoids but I really don't know what to tell friends.  But the UI is really nice.


Tuesday, May 18, 2010

A Person Being Photographed

The Lower Merion School District scandal over the inappropriate use of laptop webcam issued to students is evil period.  Some people see this as Sesame Street Ernie fooling around with Bert kind of evil but it's evil pure and simple.

We have to define personal space here and especially in this case of kids who are being spied on.  We have to teach kids we don't do this to other people even in the age of George Bush Jr. and Jack Bauer.

The grownups who first saw this happening should have turned it off and realize that this is plain voyeurism.  Oh and this is not a security feature, you can drop that line of defense.

Monday, May 17, 2010

A Wise Way To Pray (revisited)

I have saved this golden nugget for sometime now.  I just have to read it again.  And after reading it, I had to publish it again.


A WISE WAY TO PRAY


Plato, the Greek philosopher, borrowed from an ancient poet a prayer that he said best expresses the way we shortsighted mortals should pray. Although the prayer was to a pagan deity, it has a lesson for us. It goes like this: “Give us those things which are best, whether we pray for them or not; but command evil things to remain at a distance from us, even though we implore them.”


The insight of that philosopher is also seen in the Bible, only with a clearer and more specific focus. Centuries before Plato, Agur fully understood that wise praying must be based on truth and a desire to bring glory to the Almighty. He asked God to grant him two things before he died: “Remove falsehood and lies far from me; give me neither poverty nor riches” (Prov.30:8).


Agur longed for integrity and contentment. That desire included his willingness to have God veto anything that might cause him to become self-sufficient and forget the Lord, or to make him a thief and thus profane God’s name (v.9).


Plato focused on what is best for us. Agur went a step further. He wanted what was best for him, but only if it would reflect God’s glory. That’s the wise way to pray,


Dennis J De Haan

Saturday, May 15, 2010

Speed Is Success

The successful use of computers, optical scanners and transmission of data from the remotest precints made a profound impact in the way this country conduct elections.  These new technology is already embraced by the young voters (in their 18's and twenty-something).  It was not alien to them and certainly they speak its language.

Our leaders who are in their 60's, have expressed concerns but also said that they will use electronic means to count the vote in the official canvassing to take place before the month is out.  The country and its people are slowly putting its trust on this new technology because they are seeing its speed and broadcasting capability.  Sure machines are still only machines.  They break down.  Poor planning and management can render all the high technology for nothing.

Everyone is surprised at the speed of vote transmission.  Cheating plans were abandoned because they could not keep up with that speed.  As soon as I fed my ballot into the optical scanner, I just have to wait for the confimation that my vote is already transmitted. 

Friday, May 14, 2010

Delay and Postpone

We are hearing from the election lawyers once again.  They are throwing all kinds of accusations just to delay the proclamation of their principals.  From where I sit, the more we delay and postpone the announcement and proclamation of obvious winners in the concluded elections, the more we open the door to poll manipulation and post-election cheating.

What do I want?  I want the votes counted as soon as possible.  I want the results transmitted and totalled accurately.  I want it announced and the winners proclaimed.  Let's move on.  Anything else is self-serving.  Elections are an act of patriotism.  You ask yourself what you want and who you want to represent you.  Then you drop it because the greater good is important.

Wednesday, May 12, 2010

The 2010 Philippine Election

There were a lot of apprehensions and some candidates formally requested that it be postponed but the May 10, 2010 elections pushed through as scheduled with the automated counting and the now famous PCOS.

The Commission on Elections COMELEC, implemented the automation of vote counting for the first time.  This will speed up the tallying of votes and reduce the tensions whenever votes are being counted in the precint level.

At the heart of this automation is the precint count optical scan machines by Smartmatic.  This machine  is run by uclinux, an embedded linux using the 2.6 kernel.  This operating system runs in ROM and helped in reducing the cost of automating the count.  It is expected that the counting will be over within 48 hours of the precints closing.

Saturday, May 8, 2010

An Alternative To Facebook

A lot of people who know the implications of the changes that facebook is implementing regarding its privacy settings, are upset and are ready to close their accounts.  Most are public figures and tech blog figures.  If you're worried about your privacy settings and are thinking that your personal data might find their way into the public space, then an alternative way of opening communications to your family and friends are available. 

Take a second look at blogs.  Wordpress and Bloggers are two solutions you should explore.  Open a free account and features like posting by mobile phones and email are available.  But the most important feature with blogging sites is the RSS feeds.  Once your post is published your family/friends' aggregators or feed readers are automatically updated in seconds. 

Like facebook only more private.

Termina Humor

Who said that using the terminal and the command line interface is dull? 

I was updating my system and I got this response from the servers at Ubuntu security.

Friday, May 7, 2010

Election 2010

The Philippine election for the President, Vice-President, Senators, House of Representatives and local executives down to the municipalities is underway.  What it brings is a new automated voting system that if done right will bring the age of computers and optical scans to casting votes and counting them in this country.  The Filipinos already embrace the latest in mobile technology.  They are most at home with text, sms and mobile internet.  Although internet penetration in this country is a low 5.6 million, those that do have internet connection tend to be very savvy in cyberspace.  The Philippines rank 42nd in the number of internet users.

There was a last minute issue with the compact flash cards used in the optical scanning machines. 

The media has been covering the election using social media tools like Twitter and Facebook.  Filipinos are very well acquainted with Facebook and local users are surging in numbers in the last 6 months.  Most candidates use facebook to spread their message and to sense what is in the mind of their audience.

Thursday, May 6, 2010

Embedding Tweets in Blogs

The best way to embed a conversation or tweets in your blog is to capture it using a screenshot tool in the desktop.  And then just post the jpg with captions to explain what it is.

Wednesday, May 5, 2010

After Installing Lucid Lynx, Now What

There are so many things to do with your default Lucid Lynx installation, but how to do it?

For all of you Lucid Lynx fans who are itching to customize what you have then go and read Danny Piccirillo's blog The Silent Number for the most complete guide on how to do exactly what you want.


Sunday, May 2, 2010

Solved: CD/DVD Drive Mystery

Something there is in fences...

I should have checked the cables.  The simplest explanation should be the first thing to be ruled out.  I know now.  Ok start flogging me because its my fault.  I started to blame the software, then the operating system and then the hardware.  I never checked the cables.  The cables came loose.  Start flogging.  Ouuch!

I have a good ISO image of Ubuntu 10.04 i386 desktop on a cd-r.  It's a live cd.  I don't go the 6 month cycle without it.


A Note If The Upgrade Goes Bad

I wrote this note because I was concerned my upgrade will result in something unsatisfactory.  So I'm publishing this to embarrass people like me who are sceptical.  Also I want to explain what pushed me from a clean install to an update-manager route.


Sun May. 02, 2010

I ran update-manager yesterday but the download got interrupted so I resumed the upgrade this morning.  I called Smartbro last night and their call center is being swamped by calls.  Well, they have problems being a weekend and all.  People are going to need their computers to connect.

Anyway, update-manager just finished downloading the packages for the new Ubuntu version.  It is now in the installation phase.  I am doing the distribution upgrade because I can't move my cd/dvd drive to work.  My operating system is unable to detect it, or just freezes when burning the image to a perfectly ok blank cd.  I even bought a brand new cd/dvd rewritable drive to replace what might turn out to be a perfectly ok Asus drive for all I know.

The upgrade took 1,494 packages from the Ubuntu servers.  It is now installing them.  It tells me it will take an hour and 5 minutes.  Let's see.

Initial Impressions On Lucid

Change of plans.  I'll tell you about why the change later.

I have to go through the update-manager to upgrade to lucid 10.04 from karmic 9.10.  It gave me some concerns which later turned out to be unfounded.  The upgrade went smoothly and quick once my isp got its act together. 

Thursday, April 29, 2010

Lucid Lynx Final Release: -10 Hours

Ubuntu Karmic just updated to kernel 2.6.31.21 today of all day.  It's the final release of Lucid.  I plan to use Karmic beyond the final release date of Lucid.  Maybe 3 to 4 weeks past the availability of Lucid.  But I'm downloading (via bittorrent) Lucid today and burning the image to a cd-r now lying in my desk.

I've downloaded the brand new Ubuntu Manual pdf file from this link:  Ubuntu Manual.  It's gorgeous and it came from the community as a free service.  Printed version is available for a fee.

Thursday, April 22, 2010

Reminder: 7 Days To Lucid Lynx

I plan to download the long term support version of Ubuntu when the final release is out on April 29.  Another milestone and triumph of this community based distro is coming along nicely from what I can read from reviews. Since switching to Linux (ubuntu) I have not encountered any show stopper when installing the latest version on my hard drive.  I am however concerned about the new open source nvidia driver nouveu included in Lucid Lynx.

Any new driver especially a graphics driver is going to be difficult to fix if it doesn't land on its feet the first time it boots.  I've modifed my plan to download the final release but delay a while about installing this on my hard drive.  I just want to make sure I'm doing this with the least hassle on my part.

Wednesday, April 21, 2010

Filipino Interrupted

The Laguna Copperplate Inscription (LCI) is evidence and tangible document of our economic and historical link to India, Indonesia and the rest of Asia before the arrival of Magellan.  It is the oldest proof of writing in the Philippines preserved in the National Museum.  It is hard evidence that our ancients were writing their laws and recording important events in their little corner of the world.

LCI contained a date in Hindu astronomy  corresponding to April 21, 900AD.  Someone by the name of Namwaran was released of his debts by the Datu of Tondo.  Probably a slave freed after faithful service.

The LCI must be a very valuable item in Namwaran's house.  Debts for the ancients are passed on to their sons and daughters.  So if he earned this (in battle or civil service) it is redemption indeed.

Monday, April 12, 2010

Update: Smartbro is Fine Now

The sun rose up as my phone rang.  My brother is making a phone call--making small talk but really wants to know about Skype.  He wants to set up his web cam.  I was worried about my internet connection for ages now.

I boot up and open Empathy, downloaded Pidgin, opened the browser to google something up.  Hey it works.  Did the Smartbro fairy visited me in the night?  Have my wishes been granted? 

I took it for a spin in Speedtest.net.  It gave me 1.67 Mbps and Smartbro's signature 0.22 Mbps upload speed.  But it's working. 

Smartbro's back. 

Sunday, April 11, 2010

Update:Smartbro

The thing is I can call their customer service and generally they want to help me.  The problem remains the same.  They are suppose to be upgrading us to 2 Mbps but instead I am suffering random drop in connection.  I am fed up with the capricious nature of Smart broadband and I am really in the market for a new internet service provider.  The only alternative is Globe.  I also hate Globe.  Their connection is also as poor and their customer service worse. 

Techs and installers alike know that 'matakpan lang ng puno ang antena' the signal is lost and you have to restart, reset the connection which inevitably drops once again and you go through the same dance again. 

Thursday, April 1, 2010

A Dreamer Proposes A Change In the Desktop

Beyond the big debate about moving the window buttons (max,min,close) from the right to the left side, Izo from Design By Izo, is proposing a workflow and upload button where the window buttons were formerly located.  He proposes two new button concepts for Ubuntu that to me make real sense, productively and logically.

The workflow button bypasses the action of opening up another application and opening an active file.  The workflow button enables jumping from one application to another bringing the active file with you as you go along. 

Monday, March 29, 2010

Update-March-29


I've been suffering through a 5 day problem with my Smartbro
connection.  The service is on for 15 minutes and turns
itself off.  I've been calling customer service everyday,
sometimes twice a day thinking if I persist I could will
a resolution. 

So this agent tells me that Smart is doing upgrades to its
bandwidth.  He tells me the network is being upgraded from
the old 1 mbps to 2 mbps.  Wow that's great.  Now if they
can only accomplish that without taking my connection away.

Gwibber is great.  I downloaded this microblogging tool
last week and it's the first application I open everytime
I boot up.  It manages my Twitter and Facebook accounts in
one UI.  I can send and receive my messages for those two
accounts in a compact and simple manner.  It strips away
the ads and the sideshows.  Just my friends and family
member's updates. 

I'm using Ubuntu 9.10 Karmic.  It doesn't have the Memenu
panel thingy to encapsulate Empathy, Evolution and Gwibber.
Using Synaptic, the package manager, I downloaded the new
Light and Ambiance themes created for Ubuntu 10.04 Lucid.
I added the indicator-applet to pretty much do the job of
Memenu and clone the functionality on my Ubuntu 9.10 Karmic.
Ubuntu Linux is truly so extensible and customizable that
I don't have to wait until Lucid is available.




Friday, March 26, 2010

Leaving Windows

Not happy with Windows?  Concerned about Microsoft security or the lack of it?  Consider migrating to another operating system. 

If you have the money then Apple is for you.  If you're the kind of user who does not mind the hardware lock in, Apple is a beautiful buy. 

If you like looking under the hood, getting your hands dirty and don't mind the occasional forum posts, then Linux is for you.  Ubuntu has gained popularity for its user-friendliness and hardware compatibility. 

No operating system is without its learning curve.  Each one has its myths, positive or otherwise.  I say try one, test it in your system.  With many Linux distros, this is as easy as downloading an ISO image from its website.  If you see an option to download the live cd, I advice you download that.  The live cd lets you try the distro without installing anything in the hard drive.

After downloading the ISO, you burn it to a cd/dvd disc. 

Thursday, March 25, 2010

Lucid Lynx Beta 1

The alpha phase of development for Lucid (Ubuntu 10.04, Lucid Lynx) is finished.  This was when various design ideas are put out and tested.  Usually there are a lot of changes in what packages to include.  If you want your ideas included,  here in the alpha stage, is where you make a lot of noise.  At the close of the alpha testing, developers issue a freeze on any more design ideas.  Any changes to Ubuntu will have to go through the bugs process.  If it's not a bug then most likely it will be part of the final release version. 

If you want to help in testing the beta version you might want to read the notes here.

If you want to download Ubuntu Lucid 10.04 beta, click here.

Do not use your production machines in testing a beta. 

Wednesday, March 17, 2010

Social Networking Integrated In Lucid

Ubuntu is transforming the desktop.  In Lucid which will come out April 29th, social networking will be integrated into the desktop interface.  (away from the browser) Using a messaging menu ubuntu users can send twits and facebook posts through a dropdown menu.  That does not mean we can't approximate the same experience now with Karmic.  So with the trusted Synaptic Applications Manager (I can't get used to using the Software Center), I downloaded Gwibber

Gwibber is the microblogging application of choice in Lucid. 


[tags gwibber,social networking]
[end]

Monday, March 15, 2010

Updates

Secunia, a security think-tank group, published a study regarding the topic of updates.  According to the study the average computer needs a patch every 4.9 days.  The study adds that on average the pc user has 22 different vendors of applications to consider when updating.  This means that different vendors have their own system of updating their various software.  Secunia proposed on a single way of updating pc's which did not receive support from anyone.  Proprietary software wont share period.

[tags secunia,updates]
[end]

Saturday, March 13, 2010

Here Comes Pinta!

Since the very first version of Ubuntu came out, users have voiced out how they missed a light weight image editor in the tradition of Paint in Windows.  Gimp has always taken the slack when it comes to editing any photo the user feeds it.

But now here come Pinta, a light weight image editor in the tradition of Paint. 



Pinta can be downloaded into Linux and Mac.
[tags pinta]
[end]

Saturday, March 6, 2010

Ubuntu Plays With the iPhone

Threads began popping out of the Ubuntu Forums yesterday about iPhone users able to use their phones with Rhythmbox and Ubuntu.  iPhone owners charge their devices and Ubuntu automatically recognize the contents as photos or music/audio files. 

Is this something that came with the kernel upgrade?  So shall Linux?  So will Ubuntu...but I'm pretty sure Apple won't.

If this becomes a permanent feature then the devs should be congratulated for solving a major hurdle.  Newbies always ask if they can sync their ipods and iphones with Ubuntu.  Answering "yes" to that seems strange for now. 

[tags iphone,rhythmbox]
[end]

Sunday, February 28, 2010

OpenOffice.org-3.1(patched) vs. OpenOffice-3.2

Ubuntu put out a patch for OpenOffice.org-3.1 while the rest of the world downloaded OO-3.2. I choose to take the Ubuntu route because its the one with the most minimal impact. Ubuntu gave the security patch needed but no new features. I'll wait for Lucid thank you. I feel that any additional speed added by OO-3.2 isn't enough to move me to install the new OO and go through all the trouble.

What are Drive-by Download Exploits

What are drive-by download exploits?
The mere act of visiting a website results in the download of malicious software without user consent. This is drive-by download exploits. Of course you can choose not to visit questionable web sites and also those that have been tagged by other users as laden with malware.
In the drive-by exploit world, the most targeted application is the Adobe pdf reader accounting for more than half of exploits. The other applications in the study that are most exploited are Internet Explorer, Sun Java and Flash.
[tags malware,exploits]
[end]

Saturday, February 27, 2010

A Brave New World

It used to be that private e-mail accounts are a no-no in the workplace.  You use the e-mail account the company gave you. 

Now that everybody (arguably) has an account in Facebook and Twitter,  some of my co-workers are calling them work tools with very good reasons. 

Monday, February 22, 2010

Phoronix Tests Linux File System

Phoronix did benchmark testing using their Phoronix Test Suite on EXT3, EXT4 and Btrfs file systems.  These are the most popular file system in Linux so its very interesting to see which file systems the current Linux kernel versions like best.  For the test they used the Samsung NC10 netbook using the Intel Atom N270 cpu at 1.60GHz, with an Intel Mobo and 2GB RAM.

In general, the EXT4 file system provided performance boosts both on Karmic and Lucid (development).  In some tests the speeds are almost twice the rest of the pack.

I guess it is safe to say that EXT4 will remain the Linux default file system for now.
[tags phoronix,ext4,ext3,btrfs,linux,file system]
[end]

Saturday, February 20, 2010

Use No Script

Do you use No Script?

I was using it in Firefox in Windows XP.  In 2005 at the height of browser hijacks, the only friend I have was No Script.  Changing from Internet Explorer to Firefox then was a bit maverick.  That is not the case now.  Today I am using No Script in Firefox in Ubuntu Linux.  Things are a lot more secure, my exposure to risks from the internet is down, and I disable Flash and Javascripts unless I absolutely need it. 

A security firm has reported that 80% of malware attacks used Flash vulnerabilities.

Their numbers are from the last 3 months of 2009.  The attacks also used Adobe's pdf reader and its installer.  Adobe has been blamed for being too slow to act on their software weaknesses. 

Apple has been critical of this situation with Adobe and Steve Jobs decided to not use Flash in the iPad.  This is what is needed.  A big player like Apple rejecting a technology that is not up to the challenges of the wild web, should be the wake up call for Adobe.

Friday, February 19, 2010

Tray Icons In Lucid

Lucid is the next upgrade to Ubuntu, the most popular Linux distro out there.  Tray icons will undergo a radical makeover in Lucid. 

Tray icons will not only look good, they will blend with the desktop theme.  They will not only look good but actually do something when clicked.  Right and left click menus will be standardized.  I am interested about these changes because I actually use tray icons even now in their pre-Lucid implementation. 

It would be nice to see tray icons work to their full promise.

[tag tray icons,lucid]
[end]

Thursday, February 18, 2010

Sun is Out, Oracle is In

The end users and customers of Sun are up in the air.  No word yet on what will happen to the products and services being handed over by Sun to Oracle.  What are these?

I can only name a few, uhm, OpenOffice, MySQL and OpenSolaris.  Perhaps to me and to the average computer user, OpenOffice is the most familiar of these.  OpenOffice is MSOffice counterpart in the open source world. 

Friday, February 12, 2010

Kitten Neuroscience

    Why is it that the tinier things get the cuter they are?  It seems that to make it look like we comprehend it, we shrink it to manageable sizes?

  Here is an illustration from the staff of boingboing.  Cats anyone?
[tags cats,boingboing]
[end]

Iran Will Offer A National E-mail Service

Like the boy who is desperately trying to plug the water leaks with his fingers, Iran has decided to block Google services and has decided to launch a national e-mail service.

  One reply to this post from boingboing says:   "I hear Iran's national email service has a really great spam filter.  NOTHING GET'S THROUGH."
[tags iran,boingboing,spam,email]
[end]

Sunday, February 7, 2010

Yet Another IE Bug

Yep, there's another bug in Internet Explorer and this one turns your system into a public file server.  This bug gives access to your hard drive if you're running Internet Explorer.  I run a different browser, I should be safe, right? 

Unfortunately, IE comes with all Windows and you need it if you want to get updated.  It's the only browser that the MSN website permits.  Plus any application in Windows (Outlook, for example) that has to connect to the web uses at least a component of IE.  So you have to wonder what else is vulnerable in Windows/Vista. 

Windows is like a nasty habit, you want to stop and the only advice I have for you is do that.  Stop.

[tags IE,bugs,security]
[end]

Friday, January 29, 2010

Apple, Oranges And Linux

   Steve Jobs just presented Apple's newest toy to the masses.  The iPad is suppose to be a game changer in mobile computing and a lot of tech writers are still giving mixed reviews.  Apple also decided to stick with AT&T as sole carrier.  They are also selling the iPad in the price range of the iPhone.  Apple once again demonstrates its power in innovation.

   what does Apple has that Linux lacks?  The most basic seems to that Apple absolutely knows their hardware.  Linux has to learn to master the art of computer hardware.  Mastery of hardware comes control.  Apple is able to push the envelope with the least negative impact because it is master of the hardware.

Wednesday, January 27, 2010

Lucid's Default Search Engine Is

Yahoo.

   Canonical and Yahoo made a deal to make Yahoo the default search engine in Firefox when Lucid Lynx comes out.  Canonical gets revenues from the deal to support operations.  It is finally a relief to see the company that supported Ubuntu all these years earn from it.

   A company in the black means continuity.  Canonical is still a private commercial company that intends to put Linux in the desktop and commercial deals helps it move towards that goal.

Monday, January 25, 2010

Restless With Apt-Get


I typed alt-f2 to open the gui terminal. I want to download Win-FFmpeg, a video format converter. I was wondering about an alternative to Transmission bittorrent client too. This is an addiction for me. Once I finished with setting up the desktop, I download secondary applications. These are applications that I can do without or applications that do the same thing as already installed software.

My fingers get the itch to fire up apt-get or synaptic, well, because it is very easy. No googeling involved. If the software is in the repository everything is ready for your desktop. Of course in some cases people will point to a new release of firefox an an exception to these cases.

Mozilla just released Firefox 3.6. It's not yet listed in the official repository nor is it available as a deb file or even a bin file. Mozilla just can't bother with us folks in the Linux community. If Ubuntu users want to install the newest firefox they'll have to modify their software sources file and add mozilla's ppa. Even this method doesn't give you the firefox logo nor it's name.

Google beat Mozilla here because Ubuntu and Fedora users can download the latest releases of Google Chrome browser through the distro repository. That simple. Why not make Google Chrome browser the default browser? From where I am sitting Linux is receiving more support from Google Chrome browser than Mozilla's Firefox.

Friday, January 22, 2010

A Questionable Security Update

Microsoft wants to release a patch for the zero-day exploit in Internet Explorer.  I have a problem with solving a zero-day exploit with a patch or a security update.  Certainly, a security bug, which is a flaw in the code, can be patched.  A zero-day exploit is using an applications' standard functionality against the system.

Patches have to tested first and this takes time.  Zero-day exploits precisely use that window of opportunity to do its thing.  Patches are not going to work.   

Thursday, January 21, 2010

Another Microsoft Headache

After the German and French government advised their citizens not to use Internet Explorer, Google security researchers found a security bug in Windows that can potentially enable attackers to gain power to execute code at system level.  That is bad news. 

This is an exploit with no patch and affects Microsoft products from Windows NT up to Windows 7.  The exploit opens a command prompt with super user privileges. 
[windows,bug,security]
[end]

Tuesday, January 19, 2010

Safety Is Not Using IE Anymore

Yesterday the government of Germany warned its citizens not to use Internet Explorer because the browser is the focus of zero-day attacks and no solution is offered to defend against it by security experts.  Today the government of France issued the same advisory to its citizens. 

[tags internet explorer,browser]

Last month, popular technology blogs espoused the use of clean machines to secure banking.  At least one security blog advise the use of Linux instead of Windows operating system when conducting banking transactions.  These is in the wake of phishing attacks and trojans to get login information. 

Some however are cautioning that merely switching browsers will not solve the problems of phishing and malware.  They likened this to driving the herd to a corral.

[end]

Wednesday, January 13, 2010

The Yearning Masses

    Ubuntu Linux is the port of call for most Windows immigrants. 

    Beside being the most popular linux distribution, it has the liveliest forum for newcomers to Linux.  This which come first, chicken or egg thing, basically feeds on each other.  I received a lot of help from what I feel are just forum visitors.  I can't explain what motivates most people to help other people but I would venture to say that most encounters are accidental.

   I confess that my personal motive in following particular threads results in me answering a few questions here and there.  I have an Ubuntu forum feed (rss) and I like to think of each item as a pop up quiz.  It refreshes what I know about Ubuntu and Linux and computing in general. 

I Don't Stand With Racists, I Won't Walk With Bigots

It should be easy to tell which is bad and which is good. They want to exterminate a group of human beings based on race. Anyone who saw th...