see heise mobil newsticker (german), linuxant press release. wrapping windows drivers is a bit ugly imho, but obviously the only solution atm. other centrino-news (german)
secure filesystem synchronization across the internet
the secure shell filesystem can replace filesystem synchronization tools if used with a central linux server and linux clients. however, for cross-platform environments such as mine, the unison file synchronizer is the tool of choice.
2.6.0-test7 and gcc problems
first i’ve thought that the sudden gcc compilation failures have to do with a gentoo-specific gcc/headers problem, then i’ve stumbled over the following lkml message (see the whole thread)
[PATCH][2.6] constant_test_bit doesn’t like my gcc
so in case you experience the same problem, you know what to do :)
ada rocks
ada is a great programming language. i started reading a tutorial a while ago and i’ve even made initial gentoo ebuilds of gnat therefore (unfortunately i’ve lost those and several other nice ebuilds prior to submitting them). now all ada-related stuff in gentoo is maintained by david holm (which is a good thing as he’s proficient in ada).
i’m still a bloody beginner regarding ada, but i’m looking forward to digging deeper.
google.ch censors too..
..sadly (*). that’s the disadvantage (some follow-ups: 1, 2, 3) when using a us-based search engine from within switzerland where dmca fortunately doesn’t exist (yet?). at least google is clever enough to publish the complaint.
is there any more evidence needed why mr. stricker’s case is important to all of us who live in .ch?
(*) in german: “Aufgrund einer Klage, die sich auf den Digital Millennium Copyright Act bezieht, haben wir 1 Ergebnis(se) von dieser Seite entfernt. Wenn Sie wollen, können Sie die DMCA-Klage lesen, die zur Entfernung dieser Ergebnisse geführt hat.”
huh?
..but it doesn’t change facts(*). sure, not all journalists do a good job. nevertheless let’s not ignore that only verifiable evidence counts when accusing renowned newspapers of bad journalism.
speaking about the ups and downs of journalism: encouraging people to do uptime comparisons (aka “schwanzlängenvergleiche” -> sorry, in german only ;) is pretty silly as a) you can’t compare apples with oranges and b) measuring uptimes of workstations/servers is very questionable unless there does not exist even a single known security hole in the system measured.
(*) such as 1, 2, 3, 4, 5, 6, 7, ..
(bugs/security holes in complex software are inevitable with today’s software engineering technologies. however, not to release patches for known security holes within a reasonable amount of time is ignominious.)
exec-shield for vanilla 2.4.22
some days ago, ingo has backported his exec-shield patch to vanilla 2.4.22. you can find it here. i’ve tested it on my box and it seems to work fine now.
enter the grid?
now it’s all about grid computing. according to oracle to be more precise. what a nice coincidence that they offer a new suite of products which enables you to just enter the grid ;)
if however you believe having heard of “grid computing” long long before, this probably wasn’t a mental delusion..
[update 20031002: there are pictures of the event online now]
Continue reading “enter the grid?”
“security is always political” (w. diffie)
i thought whitfield diffie would give a presentation packed with cryptography theory. surprisingly (and slightly disappointing) there wasn’t any at all. instead he gave an overview of the emergence of cryptography, finishing with an outlook. the three key challenges in tomorrow’s cryptography research according to diffie (don’t cite this – it’s based on my memory, not speech recordings):
1. configuration control [dm: clear definition of a device’s configuration/state]
2. automated computer-to-computer economy [dm: think of web services, distributed systems, automated negotiation and (sub-)contracting]
3. trusted computing [dm: think of “tcpa” etc.]
and it’s all about “who will control information society” in the future (am i the only one who heard a gentle criticism here?).. not very exciting insights actually (most people probably knew this before already). seeing whitfield diffie (i’d call him a “living crypto legend”) in person (wearing long white hair and a beard – a bit like mage gandalf ;) was an impressing experience however.
once again
openssh < v3.7 is vulnerable. nice to know that this server has buffer-overflow protection ;)
the gentoo devs will soon release an updated openssh ebuild.
hm.. i wonder whether i should upgrade to kernel 2.6.0-test5 to get some better performance as well :)
[update 20030917: the first patch doesn’t fix it yet, thus update openssh to v3.7.1. “once again” also applies to windows. both won’t be the last vulnerabilities of their kinds for sure..]