Monthly Archives: November 2006

Apple Safari 'safe' files bitten again

Posted on by
Reply

SANS Internet Storm Center, InfoCON: green is reporting “Mac OS X Apple UDIF Disk Image Kernel Memory Corruption, (Wed, Nov 22nd). A vulnerability has been reported in the way OS X handles corrupt DMG images…(more)”

Apple did pretty well with their proprietary apps on top of OS X, but one real bozo bit flipped was have the option to open 'safe' files enabled by default in Safari. That ASSuMEs that 'safe' files can't have a flaw that leads to… well, exactly what this exploit does. Remember, never open an untrusted attachment, whether on a web page or an email. And there are no trustworthy attachments. Test, confirm, verify, then install or run. If using Safari, turn off 'safe' files, because they are not.

Lessig: Net Neutrality and dependency

Posted on by
Reply

In “A Costly Addiction, ” Lawrence Lessig says the debate over Net Neutrality is a lot deeper than whether the telecoms/videocoms/internetcoms get to deliver whatever kind of service they choose by arbitrarily limiting competition to their monopolized wires:

“Of all the things that have not gone according to the framers' plan, perhaps this is the most significant. Practically everyone in Washington, DC, is now dependent in precisely the way our founders feared. All but a few members of Congress devote the majority of their time to raising money for reelection. Doing the job we've hired them to do – governing – takes a distant second place.”

New MythTV links and news

Posted on by
Reply

The GNHLUG-discuss mailing list has been abuzz for the last month with disucssions about MythTV. I've learned a lot I had not yet gleaned from the documentation:

I hadn't realized that it was possible to receive and record HDTV-level broadcasts from the analog cable feed for those “broadcast” channels in the local area.

One GNHLUG member posted his How-To on building a MythTV front-end with no noisy fans or hot hard drives. This little box would work well in the entertainment center.

A link to a great discussion of the Architecture of MythTV.

At the MerriLUG meeting on Thursday, the January topic was announced: we'll be meeting Jarod Wilson, author of the Fedora Core MythTV HowTo. That's a meeting not to miss!

Run a real partition as a VMWare session

Posted on by
Reply

There was an great session at the Merrimack Valley Linux User Group meeting on Thursday night. Shawn K. Shea presented VMWare and he had a lot of great pointers — hope to have a link to his slides soon. One that really caught my attention was a trick to run a dual-boot partition as a VMWare session, a great feature if you just need to run a transient app, so you can avoid the overhead of rebooting. The howto is here, but it's not for the faint of heart:

http://news.u32.net/articles/2006/07/18/running-vmware-on-a-physical-partition

Read the instructions carefully. There are several “this could destroy your parition if you're not careful” cautions along the way — I'd make a good Ghost / partimage backup before trying this.