Wednesday, October 31, 2007

Google’s Response to Facebook: “Maka-Maka”

Google may have lost the bidding war to invest in Facebook, but it is preparing its own major assault on the social networking scene. It goes by the codename “Maka-Maka” inside the Googleplex (or, perhaps, “Makamaka”).

Maka-Maka encompasses Google’s grand plan to build a social layer across all of its applications. Some details about Maka-Maka have already leaked out, particularly how Google plans to use the feed engine that powers Google Reader (known internally as Reactor) to create “activity streams” for other applications akin to Facebook’s news and mini feeds. But Maka-Maka goes well beyond that.

Maka-Maka will be unveiled in stages. The first peek will come in early November. As we reported previously, Google is planning to “out open” Facebook with a new set of APIs that developers can use to build apps for its social network Orkut, iGoogle, and eventually other applications as well.

Via (Techcrunch.)

UK government: Schools shouldn't sign licensing agreements with Microsoft

Concerns over Microsoft's Office 2007 and Vista licensing terms have prompted a UK government agency to warn schools against signing licensing agreements. Becta, the UK's education technology branch, has also filed a complaint with the UK's Office of Fair Trading, alleging that Microsoft engages in anticompetitive practices in the academic software license marketplace.

Becta and Microsoft have been in talks over the issue, but they have yet to result in a solution acceptable to both parties. For the time being, Becta recommends that schools avoid Microsoft's School Agreement subscription licensing program. School Agreement covers all of the PCs at a school, which means that admins don't need to keep track of the licensing status for every PC. The program also provides participating schools with all application and OS updates made available during the term of the agreement.

There are a few downsides to the School Agreement program, according to Becta. Microsoft doesn't provide sufficient clarity into the buy-out costs should a school decide to get out of the program, says Becta. The agency is also concerned that Microsoft's academic subscription setup doesn't allow schools to obtain a perpetual license—unless they make a buy-out payment. Lastly, Becta would like to see Microsoft drop its all-or-nothing licensing requirement—all PCs on campus must be a part of the program, even if they're not capable of running Vista or Office 2007.

Becta also has some more specific concerns regarding Vista and Office 2007. It believes that Vista's feature set isn't enough to justify upgrades at this point. In the case of Office 2007, Becta would like to see stronger support for the ODF format used by and better interoperability with Microsoft Works.

Schools that have already signed up for Microsoft's School Agreement are encouraged to "consider their renewal and their buyout options," according to Becta.

Microsoft, like other software vendors, likes subscription licensing models because they provide a steady stream of revenue over a product's lifecycle instead of incremental revenues centered around major releases. Unfortunately for the software giant, the elongated release schedule for Windows—there was over five years between the releases of Windows XP and Windows Vista—have left some licensees doubting the value of Microsoft's licensing programs.

Via (Arstechnica.)

The Secret World of Bandwidth

Do you know how fast your Internet connection is? If you believe the hype on TV, DSL is a zillion times faster than dial-up and FiOS is a zillion times faster than DSL and Cable modems rock because of the triple play, blah, blah, blah.

But what do you really know about your broadband connection to the outside world? Does is take all night to upload a big flash memory card's worth of photos to Kodak Easy Share? Do you have a static IP address? Can you access the files on your desktop computer from off premises? How quickly can you upload your files to an online back-up service? Can you join a peer-to-peer (P2P) network and be a valuable node? Can you share a legally purchased movie file with yourself through a P2P service in the amount of time you would expect it to take based upon your ISP's specifications? Welcome to the secret world of bandwidth. It's a covert place where the dark arts of traffic shaping and bandwidth throttling are usually hidden from view.

But last week, the Associated Press reported that Comcast was "actively interfering with file sharing by some of its Internet subscribers." The report went on to say that, "The AP also found that Comcast's computers masqueraded as those of its users to interrupt file-sharing connections." Initially, Comcast denied everything. But just a few days ago, Mitch Bowling, senior vice president of Comcast Online Services, backtracked a little, saying: "During periods of heavy peer-to-peer congestion, which can degrade the experience for all customers, we use several network management technologies that, when necessary, enable us to delay - not block - some peer-to-peer traffic. However, the peer-to-peer transaction will eventually be completed as requested."

As you can imagine, the blogosphere has exploded with pundits and commenters crying foul. Internet watchdog groups were up in arms denouncing Comcast's actions and conspiracy theorists everywhere were positing that other cable companies and Internet Service Providers (ISPs) were doing exactly the same thing.

Via (NewsYahoo.)

Sunday, October 28, 2007

Microsoft rebuts rogue WSUS reports

Microsoft Corp. today denied that its enterprise update service was forcing all Windows XP systems to install a new edition of Windows Desktop Search (WDS), and instead said that the new software hitting desktops had been previously approved by administrators.

Reports from users who claimed that WDS was installing without permission began hitting Internet message forums, including Microsoft-hosted support newsgroups, early today.

"WDS 3.01 downloaded and 'approved itself' on WSUS, then started installing on clients," said a user identified as Rob S. "This occurred despite [Windows Server Update Services] being set to only autoapprove updates to patches. My company has not deployed any version of WDS (until today, of course!) so the installation came as a complete surprise. Full versions, not updates have appeared on machines."

Another user was less politic. "What is going on?" asked someone tagged as VeryUnhappyCustomer. "The upgrade somehow got automatically approved for deployment in our WSUS server. This isn't a minor change to an existing patch, this is a major version upgrade! So far, most of the PCs have installed it fine, but some installations have failed silently [and] a few have cause profile corruption."

WDS -- desktop search functionality for Windows XP and Windows Server 2003 systems -- was updated to version 3.01 at the end of August, but was offered to machines managed by WSUS, Microsoft's enterprise-grade update manager, only this week.

Bobbie Harder, a WSUS program manager, denied that the WDS 3.01 update was unauthorized by users, but did admit that the situation had confused everyone. According to Harder, who posted on a Microsoft company blog, WDS 3.01 was applied only to PCs for which administrators had approved the February 2007 install of WDS 3.0.

"The initial update [February] would have only been installed if the update had been either [autoapprove] or manually approved, and if the applicability criteria was met on the client that WDS was installed," said Harder. In cases where WDS was not installed, however -- yet the update was preapproved earlier -- WSUS apparently "remembered" the update-approved setting.

Because the newest update, which Harder pegged as Revision 105, had its applicability logic expanded, it thought it was to be installed on all machines where the February update had been autoapproved or manually approved -- even to PCs that had never had WDS dropped onto their drives.

Harder tried to explain what happened. "WSUS by default is set to autoapprove update revisions to minimize administrative overhead and make sure distribution 'just works,'" said Harder. "With the expanded applicability rules, and the WSUS default setting to autoapprove new revisions. it may have appeared as if this update was deployed without approval."

By Harder's explanation, PCs that had been preapproved for the February update but had not had WDS installed would, in fact, have been instructed to add the desktop search tool to their drives. Thus, users who earlier reported that WDS had been installed on machines without it were, in fact, not seeing things.

That said, Harder acknowledged that the update had caused confusion, if not consternation, among users. "We appreciate the confusion this behavior caused," he said, and noted that criteria for revision updates -- which this month's WDS offering was -- would be tightened "so that autoapproval of revision behaviors are more predictable and of similar scope as the original approved update." Harder did not spell out what that "tightening" might involve, however.

Via (ComputerWorld.)

Faster USB 3.0 Is Coming

Intel and other companies have formed a group to promote the USB 3.0, which should deliver more than ten times the speed of the existing USB 2.0 standard.

The third-generation Universal Serial Bus interconnect will transfer data at speeds up to 4.8Gbit/s, ten times faster than USB 2.0's 480MBit/s. It will be backwards-compatible with USB 2.0, which is backwards-compatible with the first USB 1.1 definition.

Intel stated that the USB 3.0 specification would be optimized for low power and improved protocol efficiency. The USB 3.0 ports and cabling will be designed with both copper and optical cable capabilities, meaning even higher speeds will be possible in the future.

The USB Implementers Forum (USB-IF) will act as the trade association for the USB 3.0 specification.

There is also a Wireless USB (WUSB) transfer format and this operates at 480Mbit/s, the same as USB 2.0, in its 1.0 incarnation. Intel also revealed a WUSB 1.1 interconnect format, operating at a speed of up to 1Gbit/s.

Jeff Ravencraft, Intel's technology strategist, said: "The digital era requires high-speed performance and reliable connectivity to move the enormous amounts of digital content now present in everyday life. USB 3.0 will meet this challenge while maintaining (USB 2.0's) ease-of-use experience."

Via (PCWorld.)

Saturday, October 27, 2007

YouTube getting a redesign, sunglasses needed

YouTube getting a redesign, sunglasses needed
The YouTube team has a surprise in store, a YouTube redesign is in the works. Please get your sunglasses ready though, it tends to be a little hard on the eyes.

YouTube will incorporate user feedback into the changes throughout the site. That's something that a lot of companies neglect to take into account when undertaking website changes. Over the next few months new additions will be rolled out, and will include improved categories, dropdown menus to get to where you want faster, and a new look and feel for tabs and video browsing pages.

All that new red seems a little too distracting for us, and the dropdowns can be a little distracting, but it does seem quicker to get around the redesign.

A preview of what YouTube will roll out is available live here. What are your thoughts on the redesign?

Via (DownloadSquad.)

Blogger adds comment email notification

Blogger email notificationGoogle's Blogger platform makes blogging about as simple as it gets. You can start writing your blog a few seconds after signing up for an account and choosing a template. But Blogger has long been a few steps behind other popular blog clients like WordPress and TypePad when it comes to enabling new features.

For example, Google has just added the ability to subscribe to post comments via email. Up until now, if you left a comment on a blog post and wanted to keep up on the conversation, you had to keep checking back with the page. While this might seem great if you're trying to generate more traffic for your site, the truth is most people will forget they ever left a comment and move on.

So it's great to see Google add this feature to Blogger. On the other hand, you can only subscribe to comments if you have a Google account. No Gmail? No e-mail notification for you.

Via (Googlified.)

Friday, October 26, 2007

Scammers get jail time for Microsoft software scheme

Four people have been sentenced to jail time and tens of millions of dollars in fines for buying discounted Microsoft software and then illegally reselling it at a profit.

Mirza Ali, 60, and Sameena Ali, 53, the husband-and-wife owners of Samtech Research, were sentenced Wednesday to five years in prison and ordered to pay more than $25 million in fines to Microsoft for their role in a software reselling scheme run between 1997 and 2001.

The Alis and their associates purchased more than $29 million worth of software at Microsoft’s academic-discount rates and then resold it to nonacademic entities, making more than $5 million in profits. The two were convicted on Nov. 28, 2006, and had been awaiting sentencing.

Via (NewsYahoo.)

Microsoft SyncToy 2.0 beta released

SyncToy 2.0Microsoft has released SyncToy 2.0 beta. Like its predecessor, SyncToy 2.0 is a free download that lets you synchronize files across multiple folders and/or computers.

But there are a few new features under the hood:
  • Dynamic drive letter assignment: change a drive letter and SyncToy will automatically pick up on the change
  • SyncToy now detects and synchronizes folder deletions, renamings, and creation
  • Exclude files based on names
  • Filter by file attributes like read-only, system, or hidden
  • Sync encrypted files
  • Rename folder pairs
This is still beta software, so if you crave stability, you might want to stay away. But SyncToy was already a pretty awesome tool for sharing or backing up data. And SyncToy 2.0 seems to offer some nice improvements.

Via (WinBeta.)

GIMP 2.4: First major update in three years

GIMP 2.4
If you've been thinking it's been a while since GIMP 2.2 was released, you're right. It's been three years since the GIMP team has pushed out a major update to the open source Photoshop alternative. This week, GIMP 2.4 was released, with a new icon set, and a whole slew of other features:
  • Redesigned crop, selection, and align tools
  • Scalable bitmap brushes
  • Reorganized menu layout
  • Improved display when zooming in or out
  • Support for more file formats
  • Full support for color profiles
  • Improved printing
  • Auto red eye removal tool
There are a ton of other new features and updates. You can read about them in the release notes.

Via (DownloadSquad.)

Even Microsoft doesn’t value Facebook at $15 billion


So there’s been a lot of junk written about Microsoft valuing Facebook at $15 billion dollars. That’s a really great story - the only problem is that it’s not even remotely true.

Tech Soapbox explains it. Yes, Microsoft spent $240 million and got 1.6% of Facebook - but what everyone seems to be missing is that in addition to that the ad relationship was expanded and extended to 2011.

Via (ForeverGeek.)

Thursday, October 25, 2007

Damn Small Linux 4.0 released

Damn Smal Linux 4.0
Sure, you can carry around a CD or flash drive with Ubuntu or Knoppix in case you need to do boot any PC you run across into Linux quickly. But Damn Small Linux has long been the king of tiny Linux distributions. Weighing in at under 50MB, you can keep this complete operating system on your flash drive or MP3 player and have plenty of room left over for music.

DSL version 4.0 is out this week. The kernel has been upgraded from 2.4.26 to 2.4.31. And there've been a boatload of updates to the GUI, libraries, options, and programs.

Oh, and if you just want to try DSL out, since it's so tiny it runs great in Virtual PC, VirtualBox, or other free virtualization applications.

Via (DownloadSquad.)

Evil PDF Exploiting Windows-IE Flaw in the Wild

A PDF Trojan horse is spreading malware by exploiting a URL-handling vulnerability in Windows XP and Windows Server 2003 running Internet Explorer 7, Symantec warned customers of its DeepSight Alert Services on Oct. 23.

On Oct. 10, Microsoft released Security Advisory 943521 about this vulnerability and public reports of remote code execution. At the time, it said a patch was in the works.

The vulnerability is caused by insufficient validation of URLs. Attackers can leverage the flaw to execute arbitrary commands via maliciously crated URLs.

Symantec noted in its advisory that the issue was originally disclosed in July but initially received scant attention. In light of new research, public exploits and Microsoft’s advisory, Symantec considers the problem to be more severe.

“With the ease of exploitation, the availability of public proof-of-concept code, and further attention that this vulnerability is receiving, we will likely begin to see more exploitation of this issue in the wild,” the company, based in Cupertino, Calif., said in its advisory.

Via (

Extending Vim with Python

If you're a user of the text editor Vim, chances are you are already impressed with the number and power of its inbuilt features. If you've ever tried to add your own functionality to the editor but been turned off by its arcane Vimscript language, then you'll be pleased to know that Vim now supports internal Python scripting.

The following commands only work if your version of Vim has been compiled with the -python flag set, pre-built versions of Vim later than version 7.0 have this flag set by default, older versions may not. You can check if your Vim program has Python support by typing the following command:

:python print "hi"

If the status bar displays hi, then you're in business.

You can use the Python command whenever you need a little Python right away, but as you might have noticed from the previous example, its standard output goes to the status line, not to the document.

To do more complicated Python code, you'll want to start embedding your code into functions. There are a few different ways to do this, either you can embed a Python block in a Vimscript function or use a map or a macro to call a Python function. We'll show you the first.

We'll be writing a function that uses the urllib and BeautifulSoup libraries to download a Web page and insert it into the current window. If you're unfamiliar with using BeautifulSoup, you may want to look back over our guide to Web parsing in Python.

Open up a new text file, and call it pyextend.vim -- we'll be writing our functions in here, and then sourcing this file in our editor to interpret it. Once you're comfortable with your code, you could include the code in your .vimrc (or _vimrc, in Windows) file so that it is always interpreted whenever you start a Vim or gVim session.

Via (builderau.)

Google Declares Jihad On Blog Link Farms

loser.jpgA major Google page rank update has punished large scale blog link farms and similar sites indulging in heavy cross linking by dramatically cutting their Google page rank scores.

There is some suggestion that the changes may be related to the sale of text link ads, but at this stage this is not backed by evidence, and a range of sites I checked that are selling text link ads were showing no change in page rank.

The only clear change appears to be among large scale blog networks and similar link farms, where each site in the network provides hundreds of outgoing links on each page of the blog to other blogs in the network, in some cases creating tens, even hundred of thousands of cross links. Previously such behavior has been rewarded by Google with high page rank, although it would now appear that this loop hole may now be shut.

Blogs in the TechCrunch network (we don’t link heavily on each page..nor do we have a particularly large network) and the Gawker Media network (who like us don’t go nuts with links) maintained their page rank whilst blogs across a range of other networks saw big decreases. The AOL owned Weblogs Inc was not immune, with leading Gadget blog Engadget dropping from PR 7 to PR5, Autoblog (6 to 4) and DownloadSquad (5 to 4).

The move by Google could well cause many smaller blog networks, including a number with funding, to close given their heavy reliance on text link ads and related sales that depend on strong Google page ranks for each site. Although traffic alone can and does sell ads on bigger sites, a drop from say PR7 to PR4 in one example makes the ad sell that much more difficult, particularly on blogs with little traffic. I’d suggest that the Deadpool will soon see a number of new entrants.

Via (techcrunch.)

Wednesday, October 24, 2007

Mobile Is Key to Microsoft Strategy, Ballmer Says

Mobile phones play an important role in Microsoft's software plus services vision, CEO Steve Ballmer said Tuesday.

Microsoft Corp.'s software strategy a few years ago revolved around software that was either embedded on devices or burned onto CDs and shipped to users, he said. Today, however, software works in tandem with the Internet, which can back up and update the software.

"There's no better way then the cell networks of the world to make this model happen," he said, speaking during the opening presentation at the CTIA Wireless I.T. and Entertainment conference in San Francisco. He envisions a time when software is wirelessly updated and works in tandem with services hosted on the Internet.

But the software plus services concept won't be different for the PC and the mobile phone, he said. At the top of Microsoft's innovation agenda is unifying a variety of devices and applications. Microsoft is focused on enabling developers to create single applications that take advantage of phones, desktop computers, the enterprise environment and the online environment, he said.

Microsoft is enabling that in part by offering a consistent platform that developers can use to create applications for the PC and mobile phones. For example, a developer can write a thin client for mobile phones using HTML, Ajax and in the future Silverlight. Microsoft's .Net and Visual Studio can be used to write rich applications for mobile phones. Microsoft also offers a compact version of SQL so that developers can write applications for Windows Mobile phones for database manipulation.

The phone is particularly important in achieving Microsoft's unified view, he said. "The PC is the most powerful device, but the phone is the most popular," he said. Particularly in the developing world where PC's may be cost prohibitive, cell phones may be more widespread.

Microsoft is focused on providing software for partners to use and it is working carefully not to compete with them, he said. Unlike Google Inc., Microsoft won't be participating in the upcoming 700MHz spectrum auction. "What would it buy us to own a piece of spectrum?" he said. "It would probably do a lot to alienate the telecom industry. It does not do a lot to advance our goal which is to take some exciting technology and spread it."

Via (pcworld.)

Microsoft moves on F# functional language

Microsoft plans to integrate F#, a functional programming language developed by the Microsoft Research group, into its Visual Studio application development platform, said S. “Soma” Somasegar, corporate vice president of the Microsoft Developer Division, in his blog.

The company, however, has not laid out a formal release schedule, although Somasegar pledged to both integrate F# into Visual Studio and continue evolving it.

Pronounced “F sharp,” F# is based on the concepts of functional programming, Somasegar said. Functional languages treat computation as the evaluation of mathematical functions. The mathematical slant of functional programming is appealing to professionals in domains described with mathematical notation, including financial, scientific, and technical computing, said Somasegar.

F# combines type safety, performance, and scripting with the advantages of running on a on a modern runtime, Microsoft Research said. It supports interactive scripting like Python and the strong type inference and safety of ML. F# can access.Net libraries and database tools.

Via (

Tuesday, October 23, 2007

Hacker uses public APIs to breach eBay

eBay has begun an audit of its IT systems after a hacker managed to access and disable user accounts.

The company said last week that the hacker exploited public application programming interfaces (APIs) that enable merchants to build e-commerce sites on top of eBay.

"This fraudster found very old administrative interfaces into the eBay system that had not been deactivated when we changed the security of our internal systems several years ago," a member of the company's trust and safety division said in a posting on an eBay blog. "We immediately identified the functions that were accessed and deactivated, and we are undergoing an audit to ensure obsolete code that may still exist for other reasons is secure."

Via (computerweekly.)

MySpaceTV unveils first original drama

MySpaceTV, the video wing of the online community network, late on Sunday unveiled its first original Web series to give its users a television-like experience with the interactive benefits of the Internet.

“Roommates” will track the lives of four women in their 20s who have recently graduated from college and are living together in Los Angeles.

The Web show debuts on Monday, October 22, and runs through December 21 for a total of 45 episodes. A new, three-minute segment will play each day, Monday through Friday at 4 p.m. EDT. Fans are expected to engage characters online and influence the plot.

“There is an opportunity to interact with a show in different ways than have been done before,” said Jeff Berman, general manager of MySpaceTV.

“Roommates” will utilize a real-time “polling tool” in which viewers’ opinions on characters and plot developments will be sought. Fans can chat online, as well as post comments on the characters’ individual Web profiles. The information will be scrutinized and the plot changed, accordingly.

Via (reuters.)

Sunday, October 21, 2007

Wal-Mart tries to stop early Black Friday ad posts

Wal-Mart’s lawyers have an early holiday message for Web sites that post “Black Friday” ads ahead of their official release date: Don’t do it.

Wal-Mart Stores Inc said on Friday that its lawyers have sent letters to the Web sites, saying publishing the ads before their official November 19 release date violates Wal-Mart’s copyrights and other rights.

“Such violations can give rise to liabilities and severe legal penalties,” said the letter, posted on the Web site. “To the extent that the methods of acquisition or use include criminal activity, criminal penalties may also apply.”

November 19 is just four days before “Black Friday,” the day after the Thanksgiving Day holiday when shoppers throng to stores looking for deep discounts that retailers use as a lure to get the key holiday sales season off to a strong start.

But more and more of the advertising circulars retailers put out a few days ahead of “Black Friday” have found their way to Web sites weeks in advance instead.

“When that sort of thing happens, it’s hard for our customers to tell whether (the ads) are accurate or not,” said Gail Lavielle, a spokeswoman for Sears Holdings Corp. “We can’t vouch for them if we haven’t actually placed them.”

Wal-Mart has asked these web sites not to post the ads in the past, but the ads have still been posted, said John Simley, a spokesman for the world’s largest retailer.

Via (aviran'splace.)

Ubuntu 7.10 officially released

When I say officially in the topic, I don’t mean to say that it hasn’t been available earlier for those who like to interact with the whole Ubuntu community, similar to when people, such as me, were downloading new Firefox versions a day or two before any public statement was made.


This new version comes with Gnome 2.2.0, and you can read more about that here, but at it’s core, Ubuntu brings a new and very Spotlight-like search system which displays search results very quickly, the ability to instantly switch between users and better plugin/extension support for Firefox.

On the more technical side, the new Ubuntu now allows you to write to NTFS formated disks or partitions, which means that you no longer have to make an extra Fat32 partition to exchange files between the two systems, a graphical configuration tool for X, which allows you to change the screen resolution and refresh rate without having to go through the dos-like interface, and better security, less power consumption, etc etc.

You can read the whole list of changes here. As for me, I’ll be busy throughout most of the day tomorrow installing this new version since most of the things it includes eliminate the reasons that made me uninstall it.

Via (forevergeek.)

Wednesday, October 17, 2007

The RIAA Attacks Usenet

Basking in glory after orchestrating a record punishment for a petty file-sharer in the US, the RIAA takes its legal campaign to the next level. Many may want newsgroups to stay under the radar but it’s too late - major labels have filed a copyright infringement lawsuit against and it won’t be going away.

In an ideal world, people would not talk about Usenet. In an ideal world there would be no such things as copyright infringement lawsuits. Sadly, we do not live in an ideal world.

Today we simply have to talk about Usenet and we have to talk about lawsuits.

Via (torrentfreak.)

Tuesday, October 16, 2007


The best way to explain this is with an example:

You may want to write a simple script that launches an xterm window with different color
options. Pseudo hash tables in bourne shell.

$ xwindow MidnightBlue

An easy way to this is by first listing the supported colors in the script (pseudo hash table):


Next, simply grab the hex color code by using the following command:

BGColor=`eval echo $"$(echo $1)"`

"$(echo $1)" evaluates to "MidnightBlue" and
`eval echo $MidnightBlue evaluates to "#191970".

Simply launch the xterm window using $BGColor as the background color:

xterm -bg="$BGColor" &

This method for extracting pseudo hash values may be used for NIS map files, file date stamps, GUI colors, etc.

Monday, October 15, 2007

Upgrade any version of Ubuntu Desktop

I often hear about people who want to upgrade their version of Ubuntu with tools like apt-get, but if you run a desktop version of Ubuntu, there is a much better tool called update-manager. There are a lot of ways to upgrade Ubuntu. But this one is the best.

Almost every upgrade will go just fine nowadays. But still it's generally a good idea to be prepared for the worst, so besides backing up your data I wrote down some other notes that may help your upgrade.

So no rocket science this time, just a few tips from my own experience that will help you on your way once Gutsy's released.

5 Ground Rules for upgrading Ubuntu Desktop Edition

  1. Never use apt-get or aptitude.
    Use update-manager instead (see how to below). Update-manager fixes common errors, removes old artwork, etc.
  2. Don't use any critical applications when upgrading.
    Of course you can browse and such, but the system can't upgrade all the packages at the same time so if you're running packages that have dependencies you might get version conflicts and in the worst case a program can crash and you lose work.
  3. Take your time.
    • Upgrading can easily take up to 2 hours depending on your internet connection and computer performance.
    • Take into account that some programs might need some extra attention after the upgrade.
  4. Preferably have another PC with internet close by.
    It's no must but this way you can always search the internet to find solutions for any problems that you might encounter. A live CD is also an option.
  5. Read guides.
    For common installations this is not really necessary, but if you have custom drivers and 3rd party packages it really helps. They will show you common pitfalls. Learn from other people's mistakes.

How to upgrade Ubuntu Desktop Edition:

Press ALT+F2, a dialog will pop up. Type:

gksudo "update-manager -c"

And press run, like this:

-c means: Check for new distribution releases (upgrades).

Some people will tell you to use -d as well.
-d means: Development release. So it will look for distribution releases that aren't stable yet, and offer to upgrade to it. Don't use it unless you're into beta testing.

Via (kevin.vanzonneveld.)

The GNU hurd

Most Linux users out there, think that their whole system is named just “Linux” (or perhaps the distribution name). For a large number of reasons, which I do not intend to analyze in this post, this is not, and should not be the case. The actual name is GNU/Linux since only the Linux Kernel is “Linux” and the rest of the system (including some vital parts such as glibc or GCC) are parts of the GNU Operating System. Linux was chosen as the kernel for the GNU system at a time when the GNU project had a nearly working operating system, which however lacked a working kernel (although an initial implementation of the Hurd existed).

The GNU Hurd, is a kernel designed and maintained by the GNU project. According to the GNU website, the kernel is “not ready for production use”, it is however a very interesting attempt to replace the Unix kernel and may soon provide an alternative to the Linux kernel for the GNU Operating System. The word HURD is an acronym that stands for “HIRD of Unix-Replacing Daemons”, and HIRD is also an acronym that stands for “HURD of Interfaces Representing Depth”, making it a co-recursive acronym. As Thomas Bushnell, BSG, comments at the official Hurd website “We have here, to my knowledge, the first software to be named by a pair of mutually recursive acronyms”.

A main difference between the Linux Kernel and the GNU Hurd, is that while Linux is a monolithic kernel, the Hurd is a microkernel (actually it uses the GNU Mach microkernel). This might seem like a little and unimportant detail to the average user but someone with enough knowledge and experience can understand the fundamental differences of these kernel implementations. Both architectures have advantages and disadvantages and for the time being the only truly well-tested implementation is the Linux kernel, but if the Hurd finally manages to reach a stable level, we might experience a growth similar to the one that made Linux the mature, stable kernel it is.

Not being stable and fast enough (yet), makes Hurd unsuitable for use in production systems. This is mainly the reason why there are very limited distributions that use Hurd as their kernel (actually there are only two, the Bee GNU/Hurd and the Debian GNU/Hurd). This lack of distributions has kept Hurd outside the “OS wars” and thus limited its target group to developers and very experienced *nix users.

Via (linux4coffee.)

Saturday, October 13, 2007

Windows update brings down TV newscast

A Pittsburgh, Pennsylvania television station was forced to broadcast its noon newscast from its parking lot on Wednesday because this month’s Windows update wasn’t installed in time. The “major meltdown” occurred during a ribbon-cutting ceremony to celebrate Channel 11’s new facility, attended by executives from Cox Broadcasting, the station’s parent company.

The glitch, discovered 30 minutes before the show was due to air, forced an impromptu appearance by an on-air reporter, who stood in front of a chain-link fence and read the news from a script, rather than a Teleprompter. The station’s meteorologist gave a forecast devoid of maps and graphics.

Via (theregister.)

Tip for the day: FINDING DISKS W/O ROOT

On a Solaris system, ever want to know how many disks are attached but do not have root access?

% ls -al /dev/dsk/*s2 | grep -v c0t6

However you won't know the size of the disk space?

Friday, October 12, 2007

Adobe says Acrobat, Reader vulnerable to hacks

Adobe Systems Inc, whose software is used by millions of people to read documents sent over the Internet, said on Wednesday some of its programs contain yet-to-be-fixed flaws that make computers vulnerable to attack.

On October 5, Adobe posted a notice on its Web site that said it had unknowingly incorporated vulnerabilities into versions of Adobe Reader and Acrobat software that could allow malicious programs to get on to a PC without the user’s knowledge.

Such malicious software can take control of a machine and steal confidential data, send out tens of thousands of spam e-mails, or infiltrate government computer systems.

Adobe said it believes the flaws only affect computers running Microsoft Corp’s Windows XP operating system and Internet Explorer 7 Web browser. Adobe said it was working to rectify the problem but the fix might not be available until the end of October.

Via (

Blinkx challenges Google in video ad arena

Online video search service blinkx took on Google with the Wednesday launch of a video advertising platform to challenge one released by the Internet giant a day earlier.

The blinkx AdHoc platform lets people embed ad-laced videos in their websites and then share in advertising revenues in the same way that Google’s new AdSense “video units” does.

Blinkx promises website operators half the money taken in from advertising. Google has not disclosed the percentage of revenues going to publishers.

While Google provides the advertising option only with video from YouTube, which it bought last year in a 1.65-billion-dollar stock deal, blinkx offers content from varied sources including YouTube and Paris-based DailyMotion.

Blinkx has deals with more than 200 media companies to distribute copyrighted content and boasts an index of more than 14 million hours of video and audio.

On Monday, San Francisco-based blinkx added French, German and Spanish content to its index to win viewers in Western Europe and wrest the spotlight from YouTube.

Via (

Tip for the day: GEEK DECODER RING

Ever want to sneek some not quite politically correct witticism or other thought past the "non-technical"? Or maybe you just want to un[en|de]code bits, hex or uu text (boring, but more practical).

Here's some simple perl code you can use for a geek/nerd/dweeb "decoder ring":


perl -ne'$b=unpack("b*",$_);@l=$b=~/.{0,56}/g;
print(join("\n",@l))' <
Tron rules!

Just change the "b*" to "h*"
for hexidecimal or "u*" for


perl -ne'chomp;$a.=pack"b*",$_;END{print"\n$a\n\n"}'<

I include my favorite messages that I otherwise might not write out in clear text in my signature file along with the decoder code. It's enough to scare away most. But, I've found those technically superior types get more of a kick out of "decoding" (cut and paste to UNIX/LINUX
command line) the message during their more productive moments. ;-)

Thursday, October 11, 2007

Tip for the day: FIND AND EDIT STRINGS

Ever found a need to find for a particular string across the file system and edit all those files which contains that particular string??

Here is a simple way.

Suppose you want to search for a pattern "mphasis" across file system and edit those files..

Just type this at the command prompt:

vi `find . -name "*" -exec grep -l mphasis {} \; -print`

Tuesday, October 9, 2007

Facebook Email Lands Man in Jail

Social networking landed a British man in jail. Dylan Osborn, 37, had been ordered by magistrates not to contact his wife Claire Tarbox, after harassing her with phonecalls and text messages. He signed up for a Facebook account to look at a friend’s wedding photos, and as part of the signup process, the site sent an automatic “friend request” to everyone on his email list — yep, including his wife.

The next day his wife contacted authorities and Osborn ended up in jail for three days. He said: “I certainly hadn’t intended to contact my wife… I didn’t even know she had a Facebook account.

Via (aviran's place.)

Tip for the day: GRABBING THE HIDDEN

To easily select all hidden files, use the following:

.[^.]* ..?*

For example,
echo .[^.]* ..?*

will output a list of all hidden files in your current directory.

.[^.]* selects all files starting with a dot but NOT having a dot as their second character.

..?* selects all files starting with two dots and having at least one additional character

Together, they will retrieve ANY file starting with '.' except '.' and '..' (even tricky ones like '...hideme')

The ^ (caret) symbol can be used as the first character inside [ ] at any time to say "not one of the following" rather than the usual "any one of the following."

[^0-9a-fA-F] will match any character that is NOT a hex digit.

Monday, October 8, 2007

Turkish hackers target Swedish Web sites

Hackers in Turkey have attacked more than 5,000 Swedish Web sites in the past week, and at least some of the sabotage appears linked to Muslim anger over a Swedish newspaper drawing that depicted the Prophet Muhammad’s head on a dog’s body.

Around 1,600 Web sites hosted by server-provider Proinet and 3,800 sites hosted by another company have been targeted, Proinet spokesman Kjetil Jensen said Sunday. Jensen said hackers, operating on a Turkish network, at times replaced files on the sites with messages.

According to Swedish news agency TT, the Web site of a children’s cartoon called Bamse was replaced by a message saying Islam’s prophet had been insulted.

The incidents have been reported to the police.

Via (


For showing the banner on a telnet session.

Add the following in

telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue

The -b option then the banner file after this allow inetd to reread the conf file by , inetd -c.

After this you will be getting your banner on telnet session.

Sunday, October 7, 2007

DRM on steroids controls backfires on Blu-ray

The introduction of a new form of encryption control for Blu-ray discs last week has been accompanied by playback snags and worse, on a number of players.

Rise of the Silver Surfer and The Day After Tomorrow are the first two Blu-ray releases to feature BD , a virtual-machine technology which allows content providers to bundle code on Blu-ray discs to check if a player’s hardware has been hacked. Unfortunately the discs won’t play on two Blu-ray players from different manufacturers - Samsung’s BDP-1200 and LG’s BH100 - with loading times on other players (including the PlayStation 3) taking as long as two minutes, the High-Def Digest reports.

Other problems including error messages and playback stutter have been reported on Samsung’s BDP-1000 Blu-ray player.

Via (reghardware.)

Tip for the day: TAR IS A ZIP

Ever want to tar and compress a file all in one command:

tar cf - /home/foo | compress > foo.tar.Z

gzip can be used the same way
tar cf - /home/foo | gzip > foo.tar.Z

If you wanted to capture the output so you had an index file of what the tar file contains:

For sh, ksh use:
tar cvf - /home/foo 2>foo.idx | compress > foo.tar.Z

For csh use:
(tar cvf - /home/foo | compress > /foo.tar.Z) >&foo.idx

and an index file will be created.

Saturday, October 6, 2007

Sony plans to cut price of PlayStation 3 by Christmas

The Japanese group Sony is to cut the price in Europe of its new generation video game console PlayStation 3 (PS3) by 100 to 200 euros (141-282 dollars) in order to boost sales ahead of Christmas, a report said here Thursday.

A new model, equipped with a 40 gigaoctet hard drive, will go on sale in Europe at 399 euros, 200 euros less than the current sales price of Sony’s more powerful, 60-gigaoctet device, which is already in stores, according to the newspaper Les Echos.

The more powerful version will see its sales price lowered by 100 euros to 499 euros, the paper said.

A Sony spokesman would not confirm the figures cited by Les Echos but said an announcement was “imminent.”

Via (


find / -type l -print |perl -nle '-e || print';

This will look for all links that are dead and print it out. It can be piped to a file and unlink it later. It is wise to list the links first and save the output to a file. This is in case if the links are needed by
users which remove those files temporary for testing or housekeeping.

Friday, October 5, 2007

Spam-scam crackdown nets $2 billion in fake checks

An international crackdown on Internet financial scams this year has yielded more than $2.1 billion in seized fake checks and 77 arrests in the Netherlands, Nigeria and Canada, U.S. and other authorities said on Wednesday.

The scammers, often West African organized crime groups, use ploys such as “spam” e-mail offering to pay recipients “processing fees” for depositing checks, which later turn out to be phony, and sending the ostensible proceeds to the scammer, authorities said.

The ruses are aided by U.S. financial practices that quickly credit a bank customer for deposits even though it can take far longer to discover a fake check and reclaim the money from the customer. The victims find themselves out the money they forward when the checks prove to be fake.

“Most Americans don’t realize they are financially liable when they fall for these scams,” Susan Grant, vice president of the National Consumers League, said at a news conference to publicize the arrests and promote awareness of the frauds.

The crackdown netted 16 arrests in Nigeria, 60 in the Netherlands and one in Canada, said Greg Campbell, U.S. Postal Inspection Service inspector in charge of global security.

Via (reuters.)


This happened just the other day, and wanted to make it available.

We discovered a directory with no name or unprintable characters:

foohost# ls -ail
208978 drwxr-xr-x 1 2430 Aug 3 13:08
209299 drwxr-xr-x 24 3287 Oct 25 1993 .
208946 drwxr-xr-x 49 447 Jun 22 1993 ..

Using the '-i' option in ls provided the inode of the directory. We then were able to move the
directory to another name so we could see what was in it using a find command:

foohost# find . -inum 208946 -exec mv {} new.dir \;

Worked like a charm.

Wednesday, October 3, 2007

MontaVista releases new Linux-based mobile phone OS

San Francisco (IDGNS) - MontaVista Software planned to announce on Wednesday the latest version of its Linux-based mobile phone operating system, expected to be available in November.

MontaVista's Mobilinux 5.0 includes a number of updates, such as improved security, better power management tools, support for various types of connectivity such as Bluetooth and Wi-Fi on USB dongles, and faster startup times.

MontaVista says its operating system runs 90 percent of existing Linux-based smartphones. But competition is heating up for the software developer, since analysts have been predicting dramatic growth for mobile Linux and a number of new consortiums are working on interoperability issues. ABI Research, for example, recently said that it expects cumulative Linux mobile device shipments between 2006 and 2012 to reach 331 million.

Mobilinux 5.0's new features help set it apart from other Linux operating systems out there, said Dan Cauchy, director of product marketing for MontaVista. For example, the new OS includes a miniaturized version of SELinux, the security technology developed by the U.S. National Security Agency. The MontaVista version, MicroSELinux, enables role-based access control so that users with different security levels can use a single device running Mobilinux.

The new version also includes improvements to the software's dynamic power management capabilities. Mobilinux 5.0 includes APIs so that developers can make use of the power management capabilities. In tests, MontaVista applied the power management techniques to MP3 playback on a phone so that the device would almost shut off between MP3 packets, said Cauchy. The process allowed the phone to play MP3 songs five times as long as the same phone without the power management technology, he said.

The new OS also improves on device startup times, MontaVista said. Mobilinux 5.0 phones typically boot in less than five seconds.

The software is small too, MontaVista said. A basic implementation can be done in less than 14MB.

Mobilinux 5.0 also includes another upgrade that should please developers, the executives said. MontaVista has added the capability to debug over USB. Normally, developers debug over a serial line, but most mobile devices don't have serial ports anymore, Cauchy said. That means developers often have to use a special test environment in order to debug. "We've been badgered by customers to do this, honestly, because it's such a limit without," said Jim Ready, CTO and founder of MontaVista. "This lets them debug on a real phone as opposed to in a lab."

Via (yahoo news.)

iPhone Rivals Tout Their Openness

While Apple Inc. faces criticism for appearing to penalize iPhone users who download third-party applications, Apple competitors are stepping up their marketing efforts about how open their phones are.

Nokia Corp. this week launched a new Web site highlighting the openness of its phones. "We believe the best devices have no limits. That's why we've left the Nokia NSeries open. Open to applications. Open to Widgets. Open to anything," the main page of the new site reads.

Nokia's smartphones run the Symbian operating system, and the company cultivates a developer community that creates applications for the phones.

Microsoft Corp. has a similar strategy with Windows Mobile. "We think the best approach is to create a sound platform and allow partners to extend that platform," said Scott Rockfeld, group marketing manager for Microsoft's mobile communications business. He said about 18,000 applications have been built for Windows Mobile.

Even Research In Motion Ltd. in recent years has made strides to enable application development for its BlackBerry phones.

Apple, however, took a very different strategy when it decided to launch the iPhone with a closed platform that only allows third-party development through the Safari browser on the phone.

Last week, Apple released an update for the phone and warned in advance that users who make unauthorized changes to the software on their phones, including unlocking techniques, void their warranties. Some iPhone users who had downloaded third-party software applications, against the instructions of Apple, found that those applications were wiped away when they installed the update. They posted complaints online about the effects of the update. Others, not necessarily affected, chimed in with criticisms about the update.

The incident opened the door for iPhone competitors to talk about their platforms. It's surprising that companies such as Nokia and Microsoft haven't made more of the fact that they allow third-party development, said Avi Greengart, an analyst at Current Analysis. "There's been a lot of talk about feature parity or whether it has 3G, but there hasn't been nearly as much focus on extensibility or lack thereof," he said.

That could be because it's difficult to point to broadly popular third-party applications on any of the other platforms, he said. "The mobile applications landscape is extraordinarily fragmented," he said.

Also, it may be hard to point to the iPhone's shortcomings in the face of its success. The lack of third-party development probably hasn't slowed down sales of the iPhone, he said. Also, since more than a million people have iPhones, the percentage of them who are actually hacking the phone and who want to is relatively small, he said.

Apple is likely to open up its platform to development in the future, but probably wanted to start out with a closed environment to help ensure its stability, Greengart said.

It may not be a good idea to wait for Apple to open up its development environment, because it might not fit with Apple's strategy, said Craig Mathias, an analyst at Farpoint Group. "Apple is not horribly interested in building a general-purpose device capable of being a computer, today," he said.

However, Apple is well-positioned to make more applications available through its current Web-hosted approach, if it chooses to do so, and others may follow, he said.

"Apple's at the forefront of a trend that will dominate the industry," he said.

Via (yahoo news.)

Full speed ahead for Linux drivers

Linux needs drivers more than Mars will ever need women. So, noted Linux kernel and Novell developer Greg Kroah-Hartman will be devoting all his time to helping create Linux drivers.

It's never been a secret that Linux needs more hardware drivers, since vendors all too seldom offer Linux drivers for their equipment and often don't allow access to the API information needed to create drivers. So, in an effort to kick-start Linux drivers, in January 2007, Kroah-Hartman offered "all companies free Linux driver development. No longer do you have to suffer through all of the different examples in the Linux Device Driver Kit, or pick through the thousands of example drivers in the Linux kernel source tree trying to determine which one is the closest to what you need to do."

At first, people were inclined to think that no one would take Kroah-Hartman up on his offer. They were wrong.

In a few weeks, the project was rocketing along. "The initial response to this was amazing," Kroah-Hartman said. "A measurable number of new Linux drivers will be created thanks to this program."

One reason why this happened was that Kroah-Hartman and his crew of volunteer developers were willing to sign NDAs (nondisclosure agreements). Kroah-Hartman also explained that the NDAs are "usually signed either to keep information about the device private until it is announced at a specific date, or to just keep the actual specification documents from being released to the public directly. All code created by this NDA program is to be released under the GPL for inclusion in the main kernel tree, nothing will be obfuscated at all."

In addition to these efforts, both the Linux Foundation and the Free Software Foundation have been reaching out to the IHVs (independent hardware vendors) for greater Linux support. These efforts have lead to some success. Intel has started up its LessWatts project to make Linux greener. In addition, Advanced Micro Devices announced it would provide open-source data and a development package to support the ATI RadeonHD 2000 series and ATI Radeon X1000 series of graphics processing units on Linux desktops.

It wasn't just the vendors that wanted Linux drivers. As Kroah-Hartman explained in his blog, "Way back in January, I announced a program to write Linux drivers for companies for free. When I did that, I never expected the response to be as large as it was.

"It turns out that there were two large groups of people who responded to the announcement, companies wanting drivers, and developers wanting to help out," Kroah-Hartman said.

As of this September, "It turns out that over 100 different developers offered up their services. Clearly this was a huge untapped group of talented people who wanted to help out." And, "the number of companies expressing interest in this has exceeded all of my wildest expectations. Already this announcement has caused a number of drivers to end up in the main Linux kernel source tree, with more in the pipeline."

Via (linux-watch.)

Tip for the day: VI AND NOT DISK SPACE

If you get the error while opening a file in vi,

"There is not enough space in the file system. [Press return to continue]"

and you know that you have space in your home directory, than simply use this command in vi, say

:set dir=

then press:

:e .

You will be able to see the entire file.

Brute force attack yields keys to Google’s kingdom

Miscreants pushing Viagra and malware are making new progress infiltrating Google indexes, a feat that’s considered the Holy Grail among spammers.

Google, which by some estimates carries out 60 per cent of the world’s searches, goes to great lengths to filter naughty sites from its results. The proliferation of rogue sites that have made an end run around the controls is giving rise to conspiracy theories that Google has been hacked.

“If a smart spammer has really found a way to game the Google search results with spoofed or cloaked sites, and Google still doesn’t have a fix, this could be a major issue with the underlying infrastructure of the entire Google operation,” according to this post on The Google Watchdog blog. “This is the first time that I’ve ever been worried that Google’s own index has been hacked.”

The site notes that specific search terms return large number of domain names ending in .cn. When clicked, they redirect the user to a different address that attempts to install malware. The rogue sites catch the attention of Google search bots by appropriating keywords and other content from legitimate sites. Amazingly enough, the rogue sites manage to secure a higher ranking than the legitimate ones, according to Google Watchdog.

According to Roger Thompson, a Exploit Prevention Labs researcher who specializes in finding innocuous search terms that return toxic results, the perpetrators are mainly succeeding through sheer brute force. Spammers register thousands of domain names and create thousands of landing pages for each one and then embed thousands of legitimate sounding keywords in each one. Then they lie in wait. Once a page is entered into the Google index, the miscreants enter code into the page that causes it to redirect to a site that installs malware.

“We’ve seen a real surge of this thing over the last couple of months,” Thompson says. “By putting out just the landing pages, they get up near the top of the search results and potentially get a lot more victims before they get shut down.”

Domain names ending in .cn seem to be especially popular these days because they sell for as little as 13 cents apiece, Thompson said.

Via (theregister.)


The unix time() value will rollover to 10 digits for the first time in modern computer history starting Saturday Sept 8th,2001. The timestamp will be 10 digits long, and not 9.

Here's a short Perl script to compute the time left:

#!/usr/bin/perl -w
use strict;

my $now=time();
my $target='1000000000';
- $now);
my $now_string=localtime(time());
my $target_string=localtime($target);
my $message=qq{today is $now_string\n$mon months $dom days $hrs
hours $min minutes $sec seconds left till U1e9
print $message;

Tuesday, October 2, 2007

Tip for the day: KILL IDLE USERS

Here is a quick script to kill idle users at the 10 hour mark.

Cchange the 10 to the hour you would like to kill at and #run as cron every hour This is for HP UNIX, check the fields on the "who" command for your flavor

------- cut here ----------

who -u | cut -c 1-10,39-50 | grep 10: > current
for each IDLE_USR ( `cat current | awk '{print $3}'` )
kill -9 $IDLE_USR
exit (0)

------- cut here ----------