a crank's progress

I’ll give up Newton

when you pry out of my cold dead hands . . .

On Sunday evening, Slapper had been in circulation for less than 40 hours and had infected over 6,000 servers, according to Mikko Hypponen, manager of antivirus research at F-Secure. By Monday morning, Slapper had infected 11,249 machines. "For reference, Code Red — which is known as the worst Web worm so far — managed to infect only a couple of hundred servers within a similar time frame," Hypponen said. "Code Red then went on to infect over 300,000 Web servers during its peak in July 2001 and is still alive today."

Check your OpenSSL version. And upgrade if you aren’t up to the right rev.

[/home/paul]# openssl version
OpenSSL 0.9.6g 9 Aug 2002

mozilla HTTP_REFERER workarounds

Bug 145579 – Website can see url of page visited after it (document referer used when loading images with javascript is incorrect while loading a new page)

Add the line

user_pref(“capability.policy.default.Window.onunload”, “noAccess”);

to your user.js file.

this:
user_pref(“network.http.sendRefererHeader”, 0);
also seems to be a valid workaround, though the first is preferred by content providers who track these things.

Not exactly Robin Hood’s legacy

The Seattle Times: Nation & World: Scandal-tainted corporate gifts create dilemma for charities

Some of the money appropriated from Enron and other unethical concerns has been donated to charities who now find themselves embarrassed, some would say incriminated, by well-publicized associations with tax cheats and corporate con artists.

Most damaging of all, I think, is the funding of Junior Acheivement programs ,which seek to instill business acumen and encourage ethical behavior in young people.

Peter Frumkin, an associate professor with Harvard University’s Hauser Center for Nonprofit Organizations, said Junior Achievement has found itself in a hypocritical position, given that the business leaders who support it are supposed to be role models for the children.

“Should an opera company lose sleep from taking contributions from these companies?” Frumkin asked. “I would say no. … Now when you talk about Junior Achievement, then you have this question of: ‘Is the mission being undermined?’ ”

Junior Achievement officials said they are teaching children about insider trading, accounting fraud and such so they understand these actions are not acceptable.

But how do you make that lesson hit home if you keep the essentially stolen money? I’m not sure they should return it: it would be a huge disappointment to the kids in the program, and I’m not sure that’s a lesson worth teaching. Lengthy jail terms for the perpetrators would be a useful example, of course . . . . . later JA program members could visit the rascals in prison to reinforce the message.

Mozilla HTTP_REFERER bug

Daily News – MozillaZine! Your Source for Mozilla News and Advocacy

Yesterday, ZDNet UK News reported that Mozilla has a privacy flaw involving HTTP referers. The flaw can be exploited using the onUnload JavaScript handler, which is triggered when a visitor leaves a page (for example, by clicking a link or using a bookmark). The problem is that the referer Mozilla sends is the URL of the page that the visitor is going to, not the page that he or she is exiting. This means that a site can discover where you are heading when you leave.

The security bug is present in the latest versions of Mozilla (including 1.0.1, 1.1 and 1.2 Alpha) as well as some Mozilla-based browsers, such as Netscape 6.x, Netscape 7.0, Galeon 1.2.x and Chimera 0.5. At the time of writing, no fix is available. A workaround is to disable JavaScript (Edit > Preferences > Advanced > Scripts & Plugins).

There is supposedly a fix for this, according to Slashdot but the page you need to see is suffering from the Slashdot Effect.

my first program

This was the first program I ever wrote, a www server log file parser/reporting tool, back in 1995/96.

Perhaps I’ll run it on my own stuff and see how it fares after all this time.

marklar lives?

If there was any doubt that OS X runs on other hardware, why would StartupItems need to check for the hardware it’s running on?

ARCH=$(uname -p)

SetBootCommand() { local BootCommand="$*"if [ $ARCH = "powerpc" ]; then if nvram "${BootArgsVar}"="${BootCommand}" then shutdown -r now else echo "Warning: Failed to set boot-command" echo "Warning: Continuing startup" fi fi }

uname -p returns “powerpc” on my OS X machine: on a FreeBSD system, it returns “i386.”

Yes, I know Darwin runs on x86 hardware. It only seems to be in the SystemTuning bundle which seems to deal with OS X server specific applications (QuickTimeStreaming Server, for example).

looks like my samba on OS X stuff was useful

[/Users/paul]:: fink info samba Reading package info… Information about 1457 packages read in 181 seconds. pkg samba version ### pkg samba version 2.2.5-1 samba-2.2.5-1: SMB and CIFS client and server for UNIX . Usage Notes: Samba settings are set in the configuration file ‘smb.conf’. A sample file called ‘smb.conf.default’ is installed in yourfinkdirectory/etc/samba. Also refer to the documentation installed in yourfinkdirectory/share/doc/ samba and yourfinkdirectory/share/samba/examples. To create a startup item that starts samba after reboot just run as root “daemonic enable samba”. To remove the samba startup item just run as root “daemonic remove samba”. For a set of quickstart instructions for setting up Samba under OSX checkout /movabletype/archives/000249.html#000249 thanks to Paul Beard. . Web site: http://www.samba.org . Maintainer: Matt Stephenson


I wonder if I shouldn’t find a more permanent place for that stuff. I haven’t yet figured out why Apple’s installation doesn’t work. I suspect it has a lot to do with the fact there is an entry for SMBSERVER in /etc/hostconfig but no matching StartUpItems bundle. How did that slip through the cracks?



	
		Author paulPosted on September 14, 2002Categories the value of X




	
		
		another Jaguar gotcha
	


	
	
	
		It’s nice that Jaguar includes Samba support, but if you already had it installed (via fink, for example), Jaguar seems to stop any but the official Samba release from running. 
As noted hereI added a line in /etc/hostconfig fo enable the samba daemons to start at boottime. For whatever reason, the fink managed versions don’t run and since Apple calls it SMBSERVER instead of SAMBA and it’s start value defaults to NO, samba just mysteriously stopped working.



SAMBA=-YES-

CUPS=-YES-

DNSSERVER=-NO-

IPV6=-YES-

SMBSERVER=-NO-


So I could change the SMBSERVER value to YES but I don’t see a StartupItem bundle for it. And why does the version I had installed and working no longer work?

 Continue reading “another Jaguar gotcha”
	


	
		Author paulPosted on September 13, 2002Categories the value of X			




	
		
		school uniforms create discipline problems??
	


	
	
	
		Plaid’s Out, Again, as Schools Give Up Requiring Uniforms
This is a simple case of parents and kids not buying into the program. Or more to the point, it’s the old pattern of affluent suburban parents thinking they don’t need to follow the same rules as everyone else and being unwilling or unable to tell their kids “no” when it comes to simple behavior rules. 
“But I think uniforms have peaked for now. If there are a couple of school shootings tomorrow, we may see it again. But my sense is that right now people are focused on larger issues.”
What’s a larger issue than safety or community or basic civics/citizenship? And why will take school shootings to bring that back into focus?
	


	
		Author paulPosted on September 13, 2002Categories education, observations			



	
		Posts pagination
		Previous page
Page 1
…
Page 560
Page 561
Page 562
…
Page 599
Next page