Home

Impressed by KDE On Fedora 11 @ 2009-06-13 13:29:51
Filed under: Fedora  Linux  Personal  Tech 
I really am. I'm using it right now and might switch over to it for my general work. It's decently fast, pretty eye candy, has a lot of good default applications and, like GNOME, is very easy to use. Good job to the KDE guys as well as the Fedora KDE packagers!
 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:        


WSGISecurity Pre-Alpha Demo @ 2009-05-16 22:14:54
Filed under: Code  Python  Security  Tech  WSGISecurity 

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:          


How Business Guys Seem @ 2009-05-16 16:10:56
Filed under: Comedy  Frustration  Media 

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:      


Fake History: Python @ 2009-05-10 19:45:36
Filed under: Code  Comedy  Python  Tech 
1991 - Dutch programmer Guido van Rossum travels to Argentina for a
mysterious operation. He returns with a large cranial scar, invents Python,
is declared Dictator for Life by legions of followers, and announces to the
world that "There Is Only One Way to Do It." Poland becomes nervous.

From A Brief, Incomplete, and Mostly Wrong History of Programming Languages.

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:        


EFF Filed Suit Against Apple @ 2009-04-27 22:47:20
Filed under: Philosophy  Politics  Tech 
"EFF filed suit against Apple Inc. to defend the First Amendment rights of an operator of a noncommercial, public Internet "wiki" site known as Bluwiki." Check it out!

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:      


TNT Facebook Play Button Ad Fail @ 2009-04-19 21:54:35
Filed under: Comedy 



 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:  


No Facebook Response to Darryl's 50 Things @ 2009-04-14 21:53:42
Filed under: Comedy  Personal 
1. What color is your toothbrush?
White and blue I think.

2. Name one person who made you smile today:
Me.

3. What were you doing at 8 am this morning?
Sleeping.

4. What were you doing 45 minutes ago?
Reading.

5. What is your favorite candy bar?
5th Ave

6. Have you ever been to a strip club?
No.

7. What is the last thing you said aloud?
some sort of laughter

8. What is your favorite ice cream?
vanilla and cherry 

9. What was the last thing you had to drink?
Water

10. Do you like your wallet?
I guess so.

11, What was the last thing you ate?
Peanuts

12, Have you bought any new clothing items this week?
No

13, The last sporting event you watched?
I don't know, it would have been quite some time ago.

14, What is your favorite flavor of popcorn?
Cheddar + Butter + Carmel

15, Who is the last person you sent a text message to?
Will Foster

16, Ever go camping?
Not real camping ... but I have slept in log cabins.

17, Do you take vitamins daily?
No.

18, Do you go to church every Sunday?
Not every sunday.

19, Do you have a tan?
NO!

20, Do you prefer Chinese food over pizza?
Seperate please.

21, Do you drink your soda with a straw?
No.

22, What did your last text message say?
I assume it means the last one sent to me ... 
"I just got raped by a jackelope ... Or maybe it was just a
dude dressed like a jackelope."

23, What are you doing tomorrow?
Working

25, Look to your left, what do you see?
Guitar, half stack, bike, Green Lantern power lantern

26, What color is your watch?
I don't wear a watch

27, What do you think of when you hear Australia?
Portia de Rossi

29, Do you go in at a fast food place or just hit the drive thru?
Go in.

30. What is your favorite number?
anything complex

31. Who's the last person you talked to on the phone?
My sister.

32, Any plans today?
Sleep.

33, How many states have you lived in?
Five.

34, Biggest annoyance right now?
I'm really tired but I don't want to go to bed.

35 Last song listened to?
The Clash - Red Angel Dragnet

36,Can you say the alphabet backwards?
Not quickly

37, Do you have a maid service clean your house?
No but I should.

38, Favorite pair of shoes you wear all the time?
I have some black vans with spider web images on them

39, Are you jealous of anyone?
Heck yeah!

40, Is anyone jealous of you?
Heck yeah!

41, Do you love anyone?
Yes.

42. Do any of your friends have children?
Yes.

43, What do you usually do during the day?
Write code, audit things, write exploits.

44, Do you hate anyone that you know right now?
Not hate.

45, Do you use the word 'hello' daily?
In other ways, yes.

46, What color is your car?
Not sure if it's really dark blue or lighter black.

47, Do you like cats?
Sure.

48. Are you thinking about someone right now?
Not until this question.

49, Have you ever been to Six Flags?
Yes.

50, How did you get your worst scar?
I think I was born with it.

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:    


Quick Reaction to Cybersecurity Act of 2009 Part 1 @ 2009-04-04 17:45:22
Filed under: Code  Politics  Security  Tech 
From: Cybersecurity Act of 2009

18          (1) in consultation with the Office of Manage-
19           ment and Budget, develop a plan within 90 days
20           after the date of enactment of this Act to implement
21           a system to provide dynamic, comprehensive, real-
22           time cybersecurity status and vulnerability informa-
23           tion of all Federal government information systems
24           and networks managed by the Department of Com-
25           merce; and
 1           (2) implement the plan within 1 year after the
 2           date of enactment of this Act.


Sounds like an area only FLOSS software can solve. Hopefully the government will be smart enough to see the value in using the populace to help create something we all can use.

1      (3) efforts to make new cybersecurity tech-
2 nology, standards, and processes usable by United
3 States-based small- and medium-sized companies;


This to me looks like another good reason why the solutions coming out of this work must be FLOSS. If these groups come out with closed source solutions that work on platform Y they are already breaking the above statement. It is very common for small and medium sized companies to be using multiple platforms depending on need (Linux on servers, Windows or OS X on desktops).

 5       (3) SOFTWARE    SECURITY.—The    Institute shall
 6 establish standards for measuring the software secu-
 7 rity using a prioritized list of software weaknesses
 8 known     to   lead  to   exploited  and   exploitable
 9 vulnerabilities. The Institute will also establish a
10 separate set of such standards for measuring secu-
11 rity in embedded software such as that found in in-
12 dustrial control systems.


The above seems like it could be a bit of an issue. The list is updated very quickly and keeping two lists could lead to diverging streams with different ID's.

13      (4) SOFTWARE    CONFIGURATION SPECIFICATION
14 LANGUAGE.—The      Institute shall, establish standard
15 computer-readable language for completely speci-
16 fying the configuration of software on computer sys-
17 tems widely used in the Federal government, by gov-
18 ernment contractors and grantees, and in private
19 sector owned critical infrastructure information sys-
20 tems and networks.


This is another interesting statement. Today there are a number of ways to describe what is on a system. Puppet, CFEngine and bcfg2 have ways of describing what should be present but not what is actually present at any point in time. I think this is a really good idea ... and it also shows the need to use software that is packaged (or on Windows, registered with the system) so that the data can be pulled. This will more than likely put a hit on people who deploy Java jar/war/ear, Python egg, Ruby gem, etc.. which currently do not provide good ways to query installs.

3      (6)   VULNERABILITY                         LAN-
                                 SPECIFICATION
4 GUAGE.—The    Institute shall establish standard com-
5 puter-readable language for specifying vulnerabilities
6 in software to enable software vendors to commu-
7 nicate vulnerability data to software users in real
8 time.


Good idea but it was already done by AVDL. Agreed, it is not perfect (it's XML) but nothing is.

 9                (7) NATIONAL      COMPLIANCE STANDARDS FOR
10           ALL SOFTWARE.—
11                      (A) Protocol.—The Institute shall establish
12                 a standard testing and accreditation protocol
13                 for software built by or for the Federal govern-
14                 ment, its contractors, and grantees, and private
15                 sector owned critical infrastructure information
16                 systems and networks. to ensure that it—
17                           (i) meets the software security stand-
18                      ards of paragraph (2); and
19                           (ii) does not require or cause any
20                      changes to be made in the standard con-
21                      figurations described in paragraph (4).
22                      (B) COMPLIANCE.—The Institute shall de-
23                 velop a process or procedure to verify that—
24                           (i) software development organizations
25                      comply with the protocol established under
 1             subparagraph (A) during the software de-
 2             velopment process; and
 3                  (ii) testing results showing evidence of
 4             adequate testing and defect reduction are
 5             provided to the Federal government prior
 6             to deployment of software.


Another really good thing to do as long as the protocol evolves along with the industry to some degree. I can see this being hard to keep up with for organizations. Development takes time. Sometimes it takes a long time and by the time the software/hardware is ready the standards may have changed. On the flip side I can see the government having an issue keeping the protocol up to date. If that becomes true then the protocol is simply a barrier to entry and helping in a significant way. Either way I can promise you developers will hate you ... they don't like being told what to do :-D.

 7      (b) CRITERIA           STANDARDS.—Notwithstanding
                        FOR
 8 any other provision of law (including any Executive
 9 Order), rule, regulation, or guideline, in establishing
10 standards under this section, the Institute shall disregard
11 the designation of an information system or network as
12 a national security system or on the basis of presence of
13 classified or confidential information, and shall establish
14 standards based on risk profiles.


Wut?

22           (d) COMPLIANCE ENFORCEMENT.—The Director
23 shall—
 1          (1) enforce compliance with the standards de-
 2     veloped by the Institute under this section by soft-
 3     ware manufacturers, distributors, and vendors; and


How?

 4          (2) shall require each Federal agency, and each
 5     operator of an information system or network des-
 6     ignated by the President as a critical infrastructure
 7     information system or network, periodically to dem-
 8     onstrate compliance with the standards established
 9     under this section.


How?

18 SEC. 7. LICENSING AND CERTIFICATION OF CYBERSECU-
19                RITY PROFESSIONALS.
20       (a) IN GENERAL.—Within 1 year after the date of
21 enactment of this Act, the Secretary of Commerce shall
22 develop or coordinate and integrate a national licensing,
23 certification, and periodic recertification program for cy-
24 bersecurity professionals.
 1      (b) MANDATORY LICENSING.—Beginning 3 years
 2 after the date of enactment of this Act, it shall be unlawful
 3 for any individual to engage in business in the United
 4 States, or to be employed in the United States, as a pro-
 5 vider of cybersecurity services to any Federal agency or
 6 an information system or network designated by the Presi-
 7 dent, or the President’s designee, as a critical infrastruc-
 8 ture information system or network, who is not licensed
 9 and certified under the program.


This could be a disaster. Lots of certifications just turn out to be taxes rather than actually providing or giving back value and could mean that the amount of security professionals that are available to a government network is less than what it could be. Hopefully the government will look at the failure of MCSE, A+ and other simple as dirt certifications that only end up showing you paid someone some money (well ... for technical folks. When non-technical folks get those certificates I actually believe they did a good job). There should also be a track that allows someone to prove their knowledge and receive a certification rather than going through classes and buying books (IE: just the test).

 3 SEC. 9. SECURE DOMAIN NAME ADDRESSING SYSTEM.
 4      (a) IN GENERAL.—Within 3 years after the date of
 5 enactment of this Act, the Assistant Secretary of Com-
 6 merce for Communications and Information shall develop
 7 a strategy to implement a secure domain name addressing
 8 system. The Assistant Secretary shall publish notice of the
 9 system requirements in the Federal Register together with
10 an implementation schedule for Federal agencies and in-
11 formation systems or networks designated by the Presi-
12 dent, or the President’s designee, as critical infrastructure
13 information systems or networks.
14      (b) COMPLIANCE REQUIRED.—The President shall
15 ensure that each Federal agency and each such system
16 or network implements the secure domain name address-
17 ing system in accordance with the schedule published by
18 the Assistant Secretary.


Huh. That actually can mean a number of thin and helping in a significangs (replace DNS? Fix holes in the governments DNS setup? etc..). Hopefully this will be spelled out a bit more.

I'll probably post more when my head is back on.

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:        


Dumb Pong @ 2009-03-29 12:23:47
Filed under: Comedy  Tech 
I left this page open all night .... I'm good when I'm asleep. Note that I did place the left paddle while playing before I went to bed. It stayed there and rocked.



 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:    


New Media Douchebags Explained @ 2009-03-22 17:21:36
Filed under: Philosophy  Tech 
Late on seeing this but it is very true!! The only thing missing is a suit


 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:    


Python Is Great Except When People Are Not @ 2009-03-18 22:06:52
Filed under: Code  Philosophy  Python 
I really like Python so I'd figure I'd say something negative about it (I am complicated). Don't write code like the following .... it's ugly, doesn't explain what it's doing, and is just preachy (we all know lambda is cool, but we don't need to use it in place of all the methods!!!!): As you can see it IS possible to write ugly/bad Python ... it's just harder to do so.
class c(list):
    _a,_b,_c=1,2,3
    __init___=lambda self:None
    data=lambda self:(self._a,self._b,self._c)
    set=lambda self,a,b:self.__setattr__(a,b)


 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:      


Director 1.2.0 Released @ 2009-03-08 15:56:24
Filed under: Code  director  Python  Tech 
The python command line plugin library Director just release 1.2.0! Even though it's not in the documentation IronPython 2.0.1 passed Director's tests making it the first release that works with IronPython!

Report any bugs in the normal place (requires Fedora Account).

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:        


Updated Desktop Theme Yet Again @ 2009-03-07 19:02:58
Filed under: Linux  Personal  Tech 

 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:      


Ther POWER Of Java @ 2009-03-02 22:24:45
Filed under: Comedy  Tech 
This is how I see the future if Java ever becomes cool again. Welcome to the future, ya'll.


 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:    


Updated Blog Software @ 2009-02-22 20:47:32
Filed under: Personal  Tech 
Let me know if you see anything that broke. There should be a few more (half baked) features ... but mostly behind the scenes with pinging and what not. I'm sure I'll make the comments usable in the future :-P.
 digg it   seed it   del.icio.us   ma.gnolia
Comments: 0 Tags:    


 
A Django joint.
© 2007-2009 Steve 'Ashcrow' Milner | Studio7designs | Arbutus Photography