June 26, 2002
Federal Court Says Pledge of Allegiance Is Unconstitutional

For the first time ever, a federal appeals court Wednesday declared the Pledge of Allegiance unconstitutional because of the words ``under God'' added by Congress in 1954.

The ruling, if allowed to stand, means schoolchildren can no longer recite the pledge, at least in the nine Western states covered by the court.

House passes ban on "morphed" erotica

"This bill closes the door left open by the recent Supreme Court decision," Rep. Lamar Smith, R-Texas, said at a press conference Tuesday. "I urge the Senate to take action immediately."

You know... it really *SUCKS* when lawmakers don't have a clue!

Congress passes laws.

Congress left that "door" wide open... the Supreme Court merely pointed out that the door was open... which is *EXACTLY* what their job is.

The problem is that congress isn't doing *IT'S* job, and they are the one's responsible for the laws.


June 25, 2002
Mitnick Testifies Against Sprint in Vice Hack Case

"I had access to most, if not all, of the switches in Las Vegas," testified Mitnick, at a hearing of Nevada's Public Utilities Commission (PUC). "I had the same privileges as a Northern Telecom technician."

Mitnick's testimony played out like a surreal Lewis Carroll version of a hacker trial -- with Mitnick calmly and methodically explaining under oath how he illegally cracked Sprint of Nevada's network, while the attorney for the victim company attacked his testimony, effectively accusing the ex-hacker of being innocent.

All Eyes Are on You

Tollbooths, ATMs, doctors' offices, online chat: You leave critical personal data behind wherever you go. Let's follow one American as he scatters his digital DNA.

June 24, 2002
The Abolition of Work

No one should ever work.

Work is the source of nearly all the misery in the world. Almost any evil you'd care to name comes from working or from living in a world designed for work. In order to stop suffering, we have to stop working.

kuro5hin.org || technology and culture, from the trenches

Many people are under the mistaken impression that the business of media is collecting information or creating entertainment and selling it to the public. This is not true. Information and entertainment is the bait, the "loss leader," which is used to lure large numbers of people into looking at a magazine, newspaper, television show or what have you. The "product" that media sells is you, the audience. Your attention, gained through information or programming, is sold to advertisers whose ultimate aim is to convince you to buy their product.

Advertising is not a means of supporting media. Media is an excuse for presenting advertising.

Shared objects for the object disoriented!

Ashish Bansal tells you how to write dynamically loadable libraries and suggests tools you want to use in the process. He reviews the compilation process and naming conventions, and then walks you through writing, compiling, and installing a shared library.

Common threads -- Dynamic iptables firewalls

Firewalls are good and fun, but what do you do when you need to make rapid, complex changes to your firewall rules? Easy. Use Daniel Robbins' dynamic firewall scripts that are demonstrated in this article. You can use these scripts to increase your network security and responsiveness, and to inspire your own creative designs.

Why BSD is superior to Linux

Check out the link... you'll understand.

Mandrake Linux Advisory: apache

MandrakeSoft is urging all users of Mandrake Linux to update their Apache installations immediately. What was previously thought to have been a DoS-only condition has now been proven to be more than that; exploitable conditions have been discovered on both 32bit and 64bit platforms. Successful exploitation of this vulnerability may lead to the execution of arbitary code on the server running a vulnerable Apache with the permissions of the web server child process (on Mandrake Linux this is the user "apache"). This can be used to exploit other vulnerabilities that are unrelated to Apache on the local system, and potentially allow the intruder root access.

I think that the real story today is that the problem is solved.

Not a workaround... solved.

In less than one week! Too bad multi-billion dollar companies can't provide the same level of service!!

June 21, 2002
Beware of .Net sticker shock

Companies planning on moving their old programs to Microsoft's new .Net software plan had better prepare for sticker shock: Making the conversion could cost roughly half of the original development cost, Gartner says.

According to a new cost model devised by Gartner, the cost of moving older Windows programs to .Net may range from 40 percent to as much as 60 percent of the cost of developing the programs in the first place.

where ever I lay my url

You see, I just realised that no one - at least no one who pays me a wage - has any real idea where I am. I've never met my editor here at O'Reilly, Simon St Laurent, but given that I'm English he could possibly guess to within a few hundred miles, and my boss at The Guardian could perhaps narrow it down to within 10, but at the end of the day, my address is my URL, my email and my Instant Messenger accounts. Add in a mobile phone, and I've worked seamlessly from Tehran to Rangoon with no one noticing.

RDF Primer

The Resource Description Framework (RDF) is a general-purpose language for representing information in the World Wide Web. It is particularly intended for representing metadata about Web resources, such as the title, author, and modification date of a Web page, the copyright and syndication information about a Web document, the availability schedule for some shared resource, or the description of a Web user's preferences for information delivery. RDF provides a common framework for expressing this information in such a way that it can be exchanged between applications without loss of meaning. Since it is a common framework, application designers can leverage the availability of common RDF parsers and processing tools. Exchanging information between different applications means that the information may be made available to applications other than those for which it was originally created. This Primer is designed to provide the reader the basic fundamentals required to effectively use RDF in their particular applications.

June 20, 2002
The Price of Procrastination

Looking for a great way to waste money? Consider sending bills in late, ignoring your important paperwork, and putting off your financial planning. If that doesn't appeal to you, then consider the 15-minute solution. After all, how long does it take to put something in the mail?

Tracking changes in cvs

CVS, the Concurrent Versioning System, manages simultaneous development of files. It stores files in a central repository, and allows users to check out working copies of the files and commit changes back to the repository.

CVS maintains a record of the changes to each file, allowing the user to revert to a previous version, merge versions, and track changes. Change-tracking can be surprisingly useful, and is frequently underutilized.

Disney, Linux and the next big thing in computing

How does this work? Disney has opposed the Open Source community so many times activists wanted to boycott the company. At the same time, Disney is standardizing key parts of its operations on Linux? If that seems surprising, it shouldn't be.

A number of companies who look like unlikely candidates for Linux are making the switch. Like at Disney, many of them have executives who see the Open Source community as a threat to their business. Like at Disney, whatever management may think of the Open Source movement, company engineers are rapidly standardizing on Linux to solve a unique set of technical problems.

Join the Desktop Linux revolution

To turbocharge this year's wIndependence Day celebration, DesktopLinux.com is inviting readers to send in their 500-1000 word accounts of how they have 'kicked the Windows habit' or implemented Linux as a Windows-alternative in their company or organization. Twenty-five of the best essays submitted by midnight July 3rd will be selected for publication at DesktopLinux.com beginning on July 4th, and their authors will be awarded prizes from among the following:

Thinking robot in escape bid

Scientists running a pioneering experiment with "living robots" which think for themselves today said they were amazed to find one escaping from the centre where it "lives".

Varsion Fatigue

That's a pain in individual cases, but the big picture is even worse: by now, everyone but the very youngest has learned that time spent acquiring knowledge in this area is likely to be wasted. Think about all those tricks you learned for DOS 3.31, or Windows 95 -- they're mostly useless now. Version fatigue comes from the accumulated realization that most knowledge gained with regard to any particular version of a product will be useless with regard to future generations of that same product. (And, of course, it's even worse when products change - those VisiCalc tricks you were once so proud of are entirely worthless now, except to demonstrate your old-timer credentials).

June 19, 2002
The Owner-Builder Book

If you're considering home ownership, and especially if you want to design in the things which ordinary houses don't take into account (here are two more related stories: one, two), this sounds like a useful resource. Read on for the rest of Jeff's review.

OASIS announcement of edXML discussion list

This community will embark on a number of initiatives to fast-track the documentation of PK12 educational requirements for XML based markup, controlled vocabularies, ontologies, web services and protocols. It will pursue areas not currently being addressed in other standards communities, and will coordinate with IMS and other groups where important foundation specifications, relevant to PK12 are being developed. The edXML community will explore the relationships between other important emerging XML specifications, like ebXML, DSML, SAML, WSRP, WSXL, and PK12 requirements, and create liaisons between them.

June 18, 2002
Why software is so bad ...

As software becomes increasingly important, the potential impact of bad code will increase to match, in the view of Peter G. Neumann, a computer scientist at SRI International, a private R&D center in Menlo Park, CA. In the last 15 years alone, software defects have wrecked a European satellite launch, delayed the opening of the hugely expensive Denver airport for a year, destroyed a NASA Mars mission, killed four marines in a helicopter crash, induced a U.S. Navy ship to destroy a civilian airliner, and shut down ambulance systems in London, leading to as many as 30 deaths. And because of our growing dependence on the Net, Neumann says,

June 17, 2002
Why Free Source Long Run TCO must be lower

This paper argues that the long run total cost of operations (TCO) for a suite of proprietary software must necessarily be greater than that for an equivalent suite of free source software. The total cost of operation of a free source suite of software is the price determined by a competitive market for a bundle of goods and services associated with that suite. Because the source code is open and not subject to limitations on development or distribution, the market for services relating to that code will be perfectly competitive. A rational vendor will use a proprietary route for a program only where releasing that program in that way will allow them to increase their profit above that which would be returned to them by the operation of a competitive market. This result should be hardly surprising, given that the express objective of copyright law is to mandate a market failure and permit software creators to extract above market rents as an incentive for the creation of that software.

Joel on Software - Strategy Letter V

In today's episode, I'll show how one of those concepts explains a lot about some familiar computer companies. Along the way, I noticed something interesting about open source software, which is this: most of the companies spending big money to develop open source software are doing it because it's a good business strategy for them, not because they suddenly stopped believing in capitalism and fell in love with freedom-as-in-speech.

June 14, 2002
Microsoft accidentally distributes virus

Microsoft accidentally sent the virulent Nimda worm to South Korean developers, distributing Korean-language versions of Visual Studio .Net that carried the virus, company representatives acknowledged Friday.

These guys can't buy a clue!

If you use their products... you get what you deserve!!

Wal-Mart shipping PCs with Lindows preinstalled

"These computers do not ship with Microsoft Windows. They ship with an exciting new UNIX based Operating System (OS) named Lindows. This exciting new OS delivers the stability of UNIX with the ease of Windows and the ability to run most Microsoft programs. These computer systems are a perfect low cost alternative to computers preloaded with Microsoft Windows."

This is huge!

Painful rescue

Compare this to open source. Open source is designed to empower the user. It assumes that you, not your vendors, are the most important party to lay hands on your machine. With open source, vendors know that you can go elsewhere and get equivalent software. So they must deliver the services you need to keep your business. It is no surprise, then, that a typical Linux distribution gives you multiple ways to preserve your data when something goes wrong.

Open source puts power in your hands. If you're betting your business on your software, isn't that precisely where you want the power to be?

June 13, 2002
Ruling lets Iowans seek Microsoft refunds

Thousands of Windows 98 users in Iowa could get $40 refunds from Microsoft Corp. after the Iowa Supreme Court reinstated a lawsuit Wednesday that alleges price fixing.

Des Moines lawyer Roxanne Conlin, who represented Iowa consumers in the lawsuit, said the 5-2 opinion was the first antitrust ruling in any state that favored "indirect purchasers," in this case, consumers who bought the Windows 98 operating system or bought computers with Windows 98 installed.

The Changing AdTI Documents

Of course, this argument ignores the fact that 95% of software is developed for internal use and is not even sold or made available to the public. When someone asks me "Who is going to pay to develop Open Source software?" I can be fairly certain of two things. 1) They develop software commercially and 2) They don't understand the Open Source model. When I reply that their customers are funding Open Source development because most software vendors are not responsive to customer needs, I get a blank stare. Well, the market is a tough bitch and she'll teach them all eventually...

File sharing: Innocent until proven guilty

An economist says music piracy should be hurting the recording industry, but it isn't -- and he doesn't know why.

Serious IIS Hole; Minor X Bug

"Microsoft announced Wednesday that there is a serious software flaw with its IIS web server. The 'vulnerability affects a function in the server software that allows Web administrators to change passwords for an Internet site.' A researcher with eEye Digital Security discovered the flaw in mid-April but it wasn't announced publicly because of an agreement with Microsoft. The Wired article is here and this appears to be the MS bulletin describing the vulnerability in detail." And several people reported this Register story on a way to DOS Mozilla users by trying to display ludicrously large fonts. Microsoft's time to patch a remote hole where the attacker can gain complete access to your computer: two months. Open Source's time to patch a much less serious bug where the attacker can merely crash your computer: three days.

Last sentence says it all...

June 12, 2002
Under the Hood of the World Wide Web

Driving a web browser or other computer application is as easy as driving a car -- or at least it should be. "You don't have to know how the computer works, just how to work the computer." This presentation is a quick peek "under the hood", one level deeper, to give you some idea what's going on behind the scenes.

What it takes

I continue to find myself fretting over the sheer amount of information Mr. Bush must not know, given that he was, until recently, unaware that there are blacks in Brazil.

Writing CGI Applications with Perl

One corner that is often cut when discussing CGI programming is security. This is a very dangerous approach to take as a badly written CGI program can leave your web server open to attack from anyone on the Internet. That's not a mistake that is made here as the authors introduce security in chapter 2. Add to that the fact that the code examples all use -w, use strict and CGI.pm and the book is already head and shoulders above most of its competition.

June 11, 2002
Tough... Adapt or Die!

The fact is that any software license has terms and conditions which must be obeyed. The GPL is no different; if you do not like its terms, don't use GPL'd software. Microsoft's agenda is transparent here.

June 07, 2002
How I Learned to Stop Worrying and Love the Panopticon

How much ass does Google kick? All of it.

Remember when searching the Internet was hard? The dark days when we relied on dumb-as-sand machine intelligences, like those on the back-ends of AltaVista and Lycos, to rank the documents that matched our keywords? The grim era before Google, when searching was a spew of boolean mumbo-jumbo, NEAR this, NOT that, AND the other?

God, that sucked.

Personal RSS Aggregators

Similarly, the raw output of the online news collective is filtered for me by people doing what they do best: spotting patterns, alerting the tribe.

Monitoring Linux firewalls with firelogd

Monitoring firewalls on a Linux system can be a challenge because of the text-based nature of the OS. The firelogd program can greatly improve the monitoring process by e-mailing concise summaries of important entries to an admin.


In this article, I will focus on File Transfer Protocol or FTP and programming techniques for this most convenient communication tool on the AS/400. A lot has been written on FTP and how convenient it is for communicating with virtually any other system now being built.

XPlanner Home

XPlanner is a project planning and tracking tool for eXtreme Programming (XP) teams. If you are not familiar with XP software development practices, the links page contains pointers to relevant resources. To summarize the XP planning process, the customers pick the features to be added (user stories) to each development iteration (typically, one to three weeks in duration). The developers estimate the effort to complete the stories either at the story level or by decomposing the story into tasks and estimating those. Information about team development velocity from the previous iteration is used to estimate if the team can complete the stories proposed by the customer. If the team appears to be overcommitted, the set of stories are renegotiated with the customer. The XPlanner tool was created to support this process and address issues experienced in a long-term real-life XP project.

June 06, 2002
IPfwd: an IP protocol redirection tool

IPfwd is a tool to perform redirection of arbitrary IP protocol datagrams. This is useful for implementing Firewalls and IP Masquerading, among other things. Another tool you might wish to look at is redir (RPM) which redirects TCP/UDP sockets.

IPfwd was originally written to support gatewaying PPTP (Internet Draft) across a linux-based firewall. IPfwd uses TCP port 1723 and IP protocol 47. Other tools, including redir and portfwd can be used to redirect PPTP across the firewall, but there were no tools to handle the IP protocol 47 datagrams. IPfwd is the solution, and is currently in production use.

PPTP Client Project

PPTP Client is a Linux, FreeBSD and NetBSD client for the proprietary Microsoft Point-to-Point Tunneling Protocol, PPTP. Allows connection to a PPTP based VPN as used by employers and some cable and ADSL service providers.

Linux VPN Masquerade HOWTO

VPN Masquerade allows you to establish one or more IPsec and/or PPTP sessions to internet-accessible VPN servers via your Linux internet firewall without forcing you to connect to your ISP directly from the VPN client system - thus retaining all of the benefits of your Linux internet firewall. It also allows you to set up a VPN server with a Private Network IP address (as described in RFC1918) behind a masquerading Linux firewall, permitting you to provide relatively secure access to a private network via only one registered IP address - even if that IP address represents a dynamic dial-up link.

Is Linux Ready for National Security?

"Computer systems are the backbone to U.S. national security," said Gregory Fossedal, chairman of ADTI. "Before the Pentagon and other federal agencies make uniformed decisions to alter the very foundation of computer security, they should study the potential consequences carefully."

But the Pentagon has conducted its own study, one that has led the traditionally close-mouthed Defense Department ally itself the open source movement, and not with vendors of proprietary systems as ADTI advocates.

"Banning open source would have immediate, broad and strongly negative impacts on the ability of many sensitive and security-focused DOD groups to protect themselves against cyberattacks," concluded a May 10 report prepared by Mitre Corp., a non-profit which operates federally funded research and development centers for the DoD, FAA and IRS.

Scientific American: Explore!: SciTech Web Awards 2002

In this, our second annual Scientific American.com Sci/Tech Web Awards, the editors have again done the work of sifting through the virtual piles of pages to find the top sites for your browsing pleasure. We've selected an eclectic mix of 50 sites--five sites in each of 10 subject categories. The sites run the gamut from the serious and information-packed to the more whimsical, and even playful, sides of science and technology.

June 05, 2002
A Guide to Mozilla 1.0

Mozilla 1.0 is the first major-version release of the Mozilla software. A full-fledged browser suite based on the latest Internet standards as well as a cross-platform toolkit, Mozilla 1.0 is targeted at the developer community and enables the creation of Internet-based applications. It was developed in an open source environment and built by harnessing the creative powers of thousands of programmers on the Internet, incorporating their best enhancements.

Steve Jobs and the History of Cocoa

In this first part of a two-part series, Simson Garfinkel and Michael Mahoney explain why Cocoa and Mac OS X aren't nearly as revolutionary as they are evolutionary -- and still in the process of refinement. The story begins with Apple's genesis in the 1970s and takes you through key events up through 1993, when NeXTSTEP began to flounder. In Part Two (Friday, May 10), Simson and Michael pick up the story with the Star Trek project and bring you to the current iteration of Mac OS X.

Procurement policy and competition and security in software markets

We are writing to follow up a topic from our April 8, 2002 meeting. Can the federal government use its purchasing power to solve issues concerning security and competition in the software market? As you know, Microsoft has an astounding market share for desktop operating systems and office productivity software. The Department of Justice is spending years in court trying to restrain very modest elements of Microsoft's monopoly abuses. There are serious problems with the Microsoft monopoly, including those associated with harm to innovation, security, and pricing. We request the following information to advance constructive deliberations on this subject:

Security Flaw Found in Explorer

A security flaw in Microsoft's Internet Explorer browser could allow a hacker to take control of a remote computer if its user clicks a link to an outdated Internet protocol, a computer security firm says.

Oy Online Solutions Ltd. of Finland said it notified Microsoft Corp. of the security hole on May 20 but the software giant has yet to produce a software patch to fix the problem, the Toronto Star reported Tuesday.

A Microsoft spokesman who refused to be identified said Tuesday that the company is "moving forward on the investigation with all due speed" and will take the action that best serves its customers.

The problem concerns Gopher, an Internet protocol that predates the World Wide Web with pages like Web pages except that they are unable to store audio and video content.

June 03, 2002
Bug hunter reports flaw in Excel

A security hole in Microsoft's Excel XP spreadsheet application could allow hackers to take over a computer by using specially formed XML style sheets, according to a security expert.

Build A Primary Domain Controller With Samba, Part 2

Today we leap right into smb.conf and configure our Samba primary domain controller. Remember- There Can Be Only One. Do not use this if there is already a PDC on your network.

It may help to print and annotate smb.conf. Be sure to make a backup copy before changing anything. Samba's man pages are exceptionally useful, start with man samba and man smb.conf. Some comments below are abbreviated, see smb.conf for the full text. A complete list of global parameters is in man smb.conf. You can't just invent them- must use the official Samba parameters.

Is Beauty Only Pixel Deep?

It seems that fonts under Linux represent one of the great bugaboos of working in the Linux environment. There's a mystique around fonts as though something magical is happening, something that is better left untouched for fear of angering the X gods. Even seasoned Linux users tread lightly around this topic: Warning! Here be monsters.

MS/DOJ: Judge again bars controversial e-mail from court

A controversial e-mail message sent by a top Microsoft Corp. official to Chairman and Chief Software Architect Bill Gates that allegedly highlighted the company's strong-arm dealings with hardware makers will not see the light of day in court, a federal judge ruled again on Wednesday.

perl 5.8.0 RC 1 Released

Perl 5.8.0 Release Candidate 1 is now available. This is a release candidate, and is not recommended for use in a production environment, but downloading and testing is strongly encouraged. Read on for the announcement, and also read perldelta to see what's changed.

What's Up...

Went away for a week to Coeur d' Alene, Idaho looking for new digs!

Been away from the computer for a week... without serious side effects even...