Over at Scripting News, Dave Winer points to “My WSJ debate with Scoble about innovation & Microsoft.” He and Scoble are friends, and I enjoyed the friendly tone.
Apple releases 7th major security update of 2006.
Over at InfoWorld, Robert McMillan is reporting that Apple patches AirPort wireless bug. “Apple Computer Inc. has fixed a number of flaws in the software that ships with its personal computers, including a bug in its AirPort wireless drivers that was disclosed earlier this month… Apple's Tuesday update also fixes several issues in products that ship with OS X, including flaws in the ClamAV antivirus software, Perl, PHP (PHP Hypertext Preprocessor) and Samba… In total, 22 patches were released in this update, named 2007-007 by Apple.” Double-oh-seven, eh? Get patching!
CentraLUG: Asterisk and TrixBox
The monthly meeting of CentraLUG, the Concord/Central NH GNHLUG chapter, happens the first Monday of most months on the New Hampshire Institute Campus starting at 7 PM.
Directions and maps are available on the NHTI site at http://www.nhti.edu/welcome/directions.htm. This month, we’ll be meeting in the Library/Learning Center/Bookstore, room 146, marked as “I” on that map. The main meeting starts at 7 PM, and we finish by 9 PM. Open to the public. Tell your friends.
For December’s meeting, Tim Lind of Computerborough will present TrixBox, the CentOS-based distribution for running the Asterisk PBX software, formerly known as “Asterisk @ Home.” Trixbox (http://www.trixbox.org) is an open source PBX product that allows one to setup a full featured telephone system with extensions, personal voice mail, auto attendant and many, many more features within their home or office. Tim Lind of Computerborough has installed it many times and is using it on a daily basis within his company. Tim will show us around the configuration, and show some of the nifty things that can be done with it. Tim is a Red Hat Certified Engineer, A+ Certified Technician, Microsoft Certified Professional and is also Network+ certified. Tim has been using Linux since 1997 when he got bored with Windows and runs his business almost exclusively on open source products.”
January’s meeting falls on the first, so we’ll likely skip the month’s meeting. However, stay tuned for some exciting meetings coming up in 2007! Tentatively, we hope to have Andy Bair present Digital File Carving Forensics and Matt Brodeur talk about PGP and help us with a key-signing early in the year.
More details on the group and directions to the meeting at http://www.gnhlug.org.
Happy Holiday Hardware Hacking
Columbus Day holiday gave me the chance to set up a MythTV back end. It was a good chance to see how complicated it was to set it up (not hard). But sitting around the office to watch TV was no fun. So, the trick was to cobble together another machine to run the front end in the entertainment center in the living room. Thanksgiving Day weekend gave me the time to work on it.
A ThinkPad A31p served as the front-end machine. “Lucky” is over four years old and has fried USB connections, a dead wireless card and a dead backlight — perfect for repurposing. The display was a Samsung 23″ LCD via a VGA connection. A remote control made by Phillips and a USB-based IR receiver was included with the WinTV PCR-150mce thats in the backend digitizing the videos. Like the back end, I followed Jarod Wilson's Fedora Core MythTV HOWTO. only installing mythfrontend rather than the entire mythtv-suite. Installation was a piece of cake.
The gotcha (and the good reason this was saved for a weekend) was configuring the video. The ThinkPad A31p has a built-in ATI Radeon FireGL Mobility 7800 M7 with VGA, S-Video-In and TV-Out. While ATI supplies proprietary drivers, there are several Open Source projects that support many of the features. The trick was working out the combination of them that produced the optimal video. Laura and I watched “Gentlemen Prefer Blondes” last night, it was a bit like a stop-action flick, probably about 10 frames per second. Today's hacking involved learning more than I wanted about xorg.conf, the radeon driver, X, DRI, DRM, Xv
Some other neat links that helped me along: unlike many Open Source (and proprietary!) underdocumented applications, MythTV has a remarkable User Manual
The remote control has good pointers for configuring here
here, and here.
Things still left to do: configuring ACPI to leave the laptop running while closed.
MythTV review
A review of the MythTV-enabled distribution KnoppMyth in the article “Linux as a Media Centre:”
“First impressions… Wow… I have played with Windows Media Centre before, concluding that it was an overpriced clunky frontend for Windows Media Player aimed at no market in particular and ultimately doomed for failure. This was another kettle of fish altogether.”
Apple Safari 'safe' files bitten again
SANS Internet Storm Center, InfoCON: green is reporting “Mac OS X Apple UDIF Disk Image Kernel Memory Corruption, (Wed, Nov 22nd). A vulnerability has been reported in the way OS X handles corrupt DMG images…(more)”
Apple did pretty well with their proprietary apps on top of OS X, but one real bozo bit flipped was have the option to open 'safe' files enabled by default in Safari. That ASSuMEs that 'safe' files can't have a flaw that leads to… well, exactly what this exploit does. Remember, never open an untrusted attachment, whether on a web page or an email. And there are no trustworthy attachments. Test, confirm, verify, then install or run. If using Safari, turn off 'safe' files, because they are not.
Lessig: Net Neutrality and dependency
In “A Costly Addiction, ” Lawrence Lessig says the debate over Net Neutrality is a lot deeper than whether the telecoms/videocoms/internetcoms get to deliver whatever kind of service they choose by arbitrarily limiting competition to their monopolized wires:
“Of all the things that have not gone according to the framers' plan, perhaps this is the most significant. Practically everyone in Washington, DC, is now dependent in precisely the way our founders feared. All but a few members of Congress devote the majority of their time to raising money for reelection. Doing the job we've hired them to do – governing – takes a distant second place.”
New MythTV links and news
The GNHLUG-discuss mailing list has been abuzz for the last month with disucssions about MythTV. I've learned a lot I had not yet gleaned from the documentation:
I hadn't realized that it was possible to receive and record HDTV-level broadcasts from the analog cable feed for those “broadcast” channels in the local area.
One GNHLUG member posted his How-To on building a MythTV front-end with no noisy fans or hot hard drives. This little box would work well in the entertainment center.
A link to a great discussion of the Architecture of MythTV.
At the MerriLUG meeting on Thursday, the January topic was announced: we'll be meeting Jarod Wilson, author of the Fedora Core MythTV HowTo. That's a meeting not to miss!
Run a real partition as a VMWare session
There was an great session at the Merrimack Valley Linux User Group meeting on Thursday night. Shawn K. Shea presented VMWare and he had a lot of great pointers — hope to have a link to his slides soon. One that really caught my attention was a trick to run a dual-boot partition as a VMWare session, a great feature if you just need to run a transient app, so you can avoid the overhead of rebooting. The howto is here, but it's not for the faint of heart:
http://news.u32.net/articles/2006/07/18/running-vmware-on-a-physical-partition
Read the instructions carefully. There are several “this could destroy your parition if you're not careful” cautions along the way — I'd make a good Ghost / partimage backup before trying this.
Microsoft Patch Tuesday
The SANS Internet Storm Center lists 6 patches released by Microsoft today, with two earning the “PATCH NOW” status: one for multiple exploits of Internet Explorer and the second an exploit of XML Core Services with exploits known to be out in public. Get patching!