Navigation

You are here: Home MSCD 2005

Archive | 2005

The web page you see might not be what the author wrote

By on February 21, 2005 in Home Page

Scripting News cites News.Com: “Google’s browser toolbar is raising eyebrows over a feature that inserts new hyperlinks in Web pages, giving the Internet search provider a powerful tool to funnel traffic to destinations of its choice.”

Scripting News goes on to quote John Robb quoting Anil Dash: “Google is pushing its ads into content it does not own.”

Like Microsoft’s Smart Tags, that is modifying content that they do not own. If the content happens to be your material, how do you feel about Google infringing on your right to present it as you have chosen? Is this copyright infringement?

LAMP course starts Tuesday at NHTI

By on February 20, 2005 in Home Page

I’m pleased to announce that I will again be one of the teachers at the LAMP course at the New Hampshire Technical Institute‘s Center for Training and Business Development. We start teaching on Tuesday night, and will be teaching ten evenings Tuesday and Thursday, 6 PM to 9:30 at the Concord campus. There’s till time to sign up and catch the first class — details are available at the CTBD site. We taught this class in the fall semester and it was a great success. At the end of the course, the students have a simple interactive database-backed web site running on Linux, Apache, MySQL and PHP.

Groupware Bad

By on February 19, 2005 in Home Page

Jeremy Zawodny waxes poetic on why the world does not need another Groupware “solution” (to what?) as Novell releases their NetMail product as Open Source and suggests some problems that could use another solution or two. JWZ shares a little insight into what killed Netscape.

WARNING: May not be suitable for some environments. Not suitable for those who think the F-word should never be used.

Delivering a commercial LAMP app

By on February 19, 2005 in Home Page

Friday was spent at the client’s delivering the final beta of the first phase of a five-phase LAMP (Linux-Apache-MySQL=PHP) project. Client was ecstatic! But, of course, I came home with a list of small adjustments to punch through. Hope to tell more as it unfolds. Briefly, it’s a simple data entry and reporting system: 20 tables, 40 web pages, used by an inhouse staff to manage their workflow. This first piece got rid of the worst of their manual labors. Later phases will produce documents to present in a customer-facing web site, and tighten up the workflow tracking. Phase I was 40 hours of analysis and design with customer interviews, document review and resulted in a design document of workflow, prototyped web forms and an ERD (data model). The model was dead-on, requiring just a couple adjustments. Eighty hours of coding produced the forms and got us through the beta testing and demonstrations. Client goes live with a pilot test next week.

LinuxWorld

By on February 19, 2005 in Home Page

Sorry for the light blogging. Spent Thursday at LinuxWorld in Boston; got to see lots of vendors big (IBM, Intel, AMD, Novell, Red Hat) and small (X.org, LTSP.org, GNHLUG.org) and hang out with some cool folks. [Update: fixed malformed link above.]

MySQL Launches MySQL Network

By on February 16, 2005 in Home Page

Latest Updates from MySQL AB, the PR department for MySQL AB via RSS announces: MySQL Launches ‘MySQL Network’ for Corporate Enterprises Looking to Fast-Track Open Source Database Deployment. Boston, LinuxWorld Conference & Expo — “MySQL AB, developer of the world’s most popular open source database, today launched a new way for corporate enterprises to acquire, deploy and support MySQL for their business-critical applications.
The new ‘MySQL Network’ offering is specifically designed for large IT departments looking to leverage the cost and performance benefits of MySQL — while addressing key business requirements for implementing open source software.”

Anyone up for a game of Buzzterm Bingo? Sheesh.

O’Reilly’s MAKE magazine, Dan Bricklin, and Linux innovation

By on February 13, 2005 in Home Page

Dan Bricklin’s Log says Get Make Magazine. “I started to read MAKE I got goose bumps. There’s real hope for the next generation.”

I have fond memories of building stuff with my Dad – crystal radio sets, adding a vernier dial to a shortwave set, building a couple of electronic sets, learning how gears and cams and pieces make ratchets and convert rotary power to linear and so forth. MAKE magazine seems to continue the tradition of taking things apart and (we hope) putting them back together, perhaps a little differently, perhaps a little better.

At my recent presentation to the Dartmouth-Lake Sunapee Linux User Group, I showed off the LinkSys WRT54G. As soon as we were done, I offered to pop the cover off my router so we could look inside. I was immediately surrounded. My fellow LUGgers could immediately identify the serial port solder pads on the circuit board, identify the RAM, EEPROM, radio transceiver, and so forth. I asked who was confortable using a soldering iron and better than half the hands went up. As the evening wore on, there was discussion of leasing a T-1 and turning yourself into the local community wireless ISP – several members had done that – and the 3 dB attentuation per meter of leaves when trying to reach more distant sites, how to get broadband to remote rural locations, and experiences with different DSL providers.

Innovation lives.

Microsoft MSN chat exploitable without the latest patches, code in the wild

By on February 12, 2005 in Home Page

InfoWorld: Top News reports “Microsoft warns customers about exploits for new flaws. BOSTON – Microsoftæwarned customers about computer code that exploits holes in the company’s software and blamed security researchers for publishing proof of concept code to trigger the vulnerabilities, which was then turned into working attacks.”

This isn’t about shooting the messengers. It’s common practice to notify vendors of a flaw when you find them and give a reasonable grace period before publicly releasing sufficient information to exploit the flaw, to give the vendor, Open Source or Closed, a chance to distribute a patch. In this case, the patches are already out there, as I blogged on Wednesday. It just takes a while for a few million people to patch. Most of us like to wait to hear if others discover problems with the patches.

However, it was Microsoft that publicized the vulnerabilities, and you can bet that others had already duplicated the exploits, based on the description Microsoft provided, as well as the binary patches that pointed to the affected code.

This still points back to Microsoft. Downloading and displaying a graphic should not allow remote code to be executed under any circumstances. A deep problem with the Microsoft operating system security model is exploited once again.

Older posts Newer posts

Powered by WordPress. Designed by Woo Themes

This work by Ted Roche is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 3.0 United States.