Macintalk is running an interesting story comparing the four popular browsers on the Mac: Safari, FireFox, OmniWeb and Camino. The results surprised me.
Tag Archives | PHP
Microsoft Monthly Patch: 7 Patches, 5 Critical, Remote Code Execution – patch now!
OSNews also notes Microsoft Patches Seven Vulnerabilities. “Microsoft alerted us this time about seven vulnerabilities of which five were rated critical and two important. There are vulnerabilities in the Server service, the DHCP Client service, Excel and Office that could allow remote code execution.”
Seven patches, 5 Critical with Remote Code Execution possibilities, 2 Important, which includes Remote Code Execution within IIS. Bulletins MS06-033 through MS06-039 issued on the 28th week of the year. It looks like this kind of velocity, more than one per week, has been steady at Microsoft for nearly three years now. I would have expected the more secure IIS6 and Windows Server 2003 to stem the flow a bit. But these product continue to be listed in the affected systems list. Hmm.
MS06-033: Vulnerability in ASP.NET Could Allow Information Disclosure (917283)
MS06-035: Vulnerability in Server Service Could Allow Remote Code Execution (917159)
MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914388)
MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285)
MS06-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (917284)
MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384)
Security is not a feature, it's a process. Patch now to avoid more problems later.
Parallels virtualization software for Macs reviewed
OSNews points out that “Ars reviews Parallels Desktop for MacOS X, and concludes: “People pondering the switch to a MacBook can rest assured that with the exception of USB device support and hardware accelerated 3-D applications, their needs will be well met by this little workhorse of a program. Between the networking that just works, the impressive speed and the inability of the client operating systems to know they are running within a 'virtual machine', I think you'll be hard-pressed to find software for any x86 OS that doesn't work within a Parallels VM.”
It's hard to imagine a more desirable machine than a laptop or desktop with dual-core processors and the ability to run Windows, OS X and Linux in separate virtual machines.
New front-end tool to manage SELinux
OSNews reports SELinux Policy Editor 2.0 Released. “In the past, SELinux has been critized for being too dificult to configure. To solve this, the SELinux policy editor was created: A GUI-oriented editor with a simplified policy description language (ala Apparmor). According to the announcement, this new version includes a much improved user interface and some improvements to the “Policy description language”.
Very cool. Security-Enhanced Linux is the next-generation security implementation beyond UNIX users and groups, individual file permissions and general security policies of firewalling unwanted traffic and requiring logins. However, I've found it difficult to grasp at first, and surely difficult to master. A friendly front-end GUI tool to manage SELinux is welcomed.
Is Desktop Linux going the wrong way?
Via OSNews, Jem Matson asks “Is Desktop Linux Distros Headed in the Wrong Direction?.” “The impending release of Windows Vista with its fancy Aero Glass special effects, along with the hasty addition of the similar XGL and Compiz technologies to the latest SUSE Linux release makes me think that programmers have a warped idea of what desktop computing is about. For some reason, many GNU/Linux users are concerned about competing feature-for-feature with Vista, while Apple and Microsoft struggle to add more graphical extras to their already graphics-intensive desktop OSes. It's gotten so that you need a serious 3D video card (with proprietary drivers) and a fairly fast computer just to keep up with desktop environments. Whatever happened to being productive and having fun?”
Many of us dissed Windows XP when it shipped with the Candyland theme and the Teletubbies hill as a background. A little 3d shading and a shiny thing or two is fine, but eating up half your processing power creating a glittering frame for your black-and-white text is pretty silly.
I've recently installed the Xubuntu desktop package onto a couple of older machines running Kubuntu and I'm delighted with the snappy performance I'm getting out of 5 year-old hardware. The Xfce desktop is plain, clean simple and fast. While I'll ooh and ah as much as the next person over glassy transparent effects, they don;t do a lot for my day to day coding (in text), email (in text) and blogging (in text). Hmmm. Maybe someone should consider better looking… text.
WinSCP updated
A WinSCP security flaw that would allow remote command execution on Windows machines where the WinSCP program had been installed as the protocol handler for sftp:// or scp:// links has been fixed in the new version 3.8.2. All users are encourage to update.
Macs are expensive. So are Windows PCs.
OSNews report 'The Misconception Macs Are Too Expensive'. “When one takes the seamless integration, stability, ease of use, quality engineering, the TCO, and the ability to boot Windows, one can easily conclude that a Mac is not necessarily a more expensive proposition. The argument that Mac's are too expensive no longer applies. Although you can spend between $600 and several thousand for a Mac, stay within your means and purchase a system that meets your computing demands.”
A friend at a recent LUG meeting observed that, even if this is true, he's been listening to this so long from Mac advocates, even when it was a far more tenuous position, that he's tired of hearing it and he's not inclined to believe it, even though he suspects it's a lot truer now than it ever was.
I just know the laptop I really want will cost $4000. It has cost that much for over a decade, and it still does.
When is a Notebook not a Laptop
OSNews posts Apple Hypocrisy: “MacBook NOT a Laptop”. “Many people who have called Apple to complain about excessive heat coming from their newly purchased computers have been told that the MacBook and the MacBook Pro are in fact Notebook computers and not Laptop computers. This article details why they are totally full of it.” Well, details is a bit generous. Rants is more like it. Apple pictures people with MacBooks on their laps. But reports seem to indicate the MacBooks are too hot to leave there for long. That's not a good thing.
XAMPP
I've been involved for a couple of years in developing Linux-Apache-MySQL-PHP/Perl/Python apps for various clients. During most of that time, I've used in-house Linux servers for prototype, development and testing, and Linux servers deployed at the client site or a hosting provider for production work. Recently, I wanted to spin off a second copy of an application on a local Windows laptop to test some radical changes while the rest of the development team continued to work away on the dev server. Ideally, I wanted to install the entire LAMP set on my local workstation without a lot of work, configuration, downloads, HowTos, and so forth. XAMPP offers free, prepackaged installation modules for Linux, Windows, OS X and Solaris, bundled with a dozen handy utilities like PEAR and phpMyAdmin. Installation was a click, click, click, done! process. Reading a few READMEs got a few non-standard settings like enabling InnoDB data storage. Slick!
If you need a quickly set up XAMPP stack, you'll want to check this out.
MonadLUG meeting last night
Tim Lind put on a great presentation of TrixBox 1.0 (the renamed and renumbered successor to Asterisk@Home 2.8) to ten attendees at tonights MonadLUG meeting. Tim brought nearly the entire system from his Computerborough offices: a salvaged PIII-700, a Digium card card with two daughterboards: FXS and FXO, a couple of cordless phones, an IP phone, and his laptop, and showed us the entire setup. Tim uses the machine to take incoming POTS calls and route it through a digital attendant to one of several phones, ring groups or voice mail boxes. Day and nighttime setups have different rules. In addition, he can route to his cell phone, process faxes, send voicemail messages via email, and a mind-boggling combination of the above and more. With graphs. Wow! Very impressive presentation. Asterisk could be a great solution for nearly any size business, and an inexpensive way to bring a PBX to the small business world.
Next month, July 13th Charlie Farinella will show us how he works with the ‘screen‘ command – a utility for supporting multiple remote terminal sessions on a single connection. Sessions started within a screen session can be backgrounded, suspended, and recovered after a disconnection.
On August 10, Mark and Tim from Computerborough will return again and show us around SugarCRM.
Thanks to Tim for a great presentation, Guy for MC’ing the meeting, and Ken for the facilities!