Showing posts with label software. Show all posts
Showing posts with label software. Show all posts

2013-12-14

#nsa forces Torvalds' hand? #linux

12.14: intro:
see NSA backdoors all encryption software

12.12: news.cyb/sec/linux/nsa forces Torvalds' hand?:
rt.com:
. MIT-educated cryptographer and Linux developer
Theodore Ts'o stated publically that
he was happy with his decision to resist
earlier pleads from Intel engineers
to have that operating system commit entirely to
RDRAND [intel's on-chip routine] for encryption:
"Relying solely on the hardware random number generator
which is using an implementation sealed inside a chip
which is impossible to audit
is a BAD idea" . Now just three months later,
FreeBSD is rescinding their reliance on Intel and Via’s RNGs.
[by contrast:]
When a petition began circulating in mid-Sept
imploring Linux to stop relying on RDRAND,
one of the OS’s leading developers, Linus Torvalds,
called those who made those pleads "Ignorant" .

2013-10-01

NSA backdoors all encryption software

9.18: news.cyb/sec/NSA backdoors all encryption software:
fierce government it`NSA backdoor:
. the NSA's SIGINT (signals intelligence) Enabling Project
covertly influences or overly leverages
the policies, standards and specifications
of the global cryptography marketplace
to make commercial public key technologies
more crackable by the cryptanalytic capabilities
being developed by the NSA and DOD's
Central Security Service.
. it has used a quarter billion dollars yearly
for at least the past 2 years .

2013-09-26

NSA's globalized internet security

9.26: news.cyb/sec/NSA's globalized internet security:
Sept. 25, 2013, Army Gen. Keith B. Alexander,
Cybercom commander, and director of NSA,
at the National Press Club
or 4th Annual Cybersecurity Summit .

. in the past year, we saw more than 300
distributed denial-of-service attacks
on Wall Street.
We saw destructive attacks against
Saudi Aramco and RasGas [Co. Ltd.],
and against South Korea .

. U.S. Cyber Command (Cybercom)
has activated the headquarters for
one of its 3 Cyber Force branches:
Cyber National Mission Force,
that defends the nation;
Cyber Protection Force
defends DOD's information environment.
and Cyber Combat Mission Force
will provide assistance to the military
to implement cyber counterattacks .
Cybercom teams are now fully operational
and working side by side with NSA
to defend the nation.
The Army, Navy and Marines
trained about a third of the force in 2013
and they will train a third in 2014
and another third in 2015.

2013-09-19

USA intel has SOA on High-Security Internet

9.11: news.cyb/sec/USA intel has SOA on High-Security Internet:
Sept. 11, 2013
Al Tarasiuk, intelligence community CIO
and assistant director of national intelligence .
. the IC ITE ( Intelligence Community
Information Technology Enterprise )
is a new IT environment that will
vastly improve information sharing
across the intelligence community .

. consolidating IT across the community
was driven by budget considerations.
But today,
it's more than an efficiency play on IT:
intelligence integration,
information sharing and safeguarding .
. that translates into 3 goals:
1: effectiveness,
2: security
3: efficiency .
"In the past, these were mutually exclusive,
but now we'll have more of all 3 goals
because of cloud technologies,
and a [SOA (service-oriented architecture)]
or "service-provider-based business architecture"
providing an IC cloud not on the Internet,
but privately hosted on TS|SCI networks
(top secret / Sensitive Compartmented Information)
[18:
. high-security wide-area networks are
connected by Tesla beam transmissions,
which unlike fiber optic cable,
can be transmitted wirelessly,
and are very difficult to intercept .
. the govt denies this technology even exists,
but they've used it to communicate with submarines,
and a chinese-american collaboration is developing it .]

2012-09-26

hidden drive solved by permissions repair #mac

7.6: mis.cyb/mac.finder/
hiding the internal drive from user acct:

. my user acct's finder can't see anything on the internal drive
but on a visible external drive
there is a working link to a file on the internal drive,
so I know the files are there .
. the admin acct can see everything .
. there are no updates from Apple .
. use the disk utility app to verify and repair mac's permissions:
they are bad, but before fixing, verify disk is healthy .
web:
. others are seeing this last year,
and by 2 authors the terminal was suggested:
sudo chflags nohidden /
-- all but one mac user was not happy about that fix:
one just never came back to verify it worked;
and the other cracked jokes about
finding a fix by downloading xcode .
. I would find later that
Apple's diskUtility.permissionsFix
would fix my problem of finder hiding everything .

2012-09-25

getting over Word97 format

7.13: proj.cyb/fs/word97 conversions/wordviewer fails:
. try opening files in xp's todo folder
(the todo's are things like converting files
that only win97 can open )
I do have wordviewer now,
but that isn't helping anything .
. it says I should look into [text recovery tool] .

web.cyb/fs/word97 conversions/
Word text recovery tool fails:
. I found this hopeful title:
How to recover text from any files by using the
"Recover Text from Any File" converter of Word
but none of the instructions for Word
seems to apply to Word viewer?
try installing word97 on xp .

proj.cyb/fs/word97 conversions/xp.word97 fails:
. there is a compatability mode that includes win95,
but something about word97 and xp
was such a vulnerability
that it's now considered a malware .
[@] web,sci.cyb/xp.word97/failing
. once I started playing with the registry,
it had some code to kill the installation process .

7.14: proj.cyb/fs/word97 conversions/
vista.word97 installs ok but fails:

. try vista.ms'word97;
works but won't open .doc files
... the format it seems to be
(from opening it with ko'edit)
is an .rtf not a .doc;
so change file's type.name;
and then vista.word97 still does not open it;
however, vista.wordpad opened it .
[@] news.cyb/vista.wordpad/will open word97's .rtf's

7.14: web.cyb/vista.word97:
is it possible to run word97 on vista?
. can't hurt to try searching on web .
I know vista has better security,
but by then 1997 was a long time ago!
news: not promoted:
. Office 97 Pro compatible with Vista?
. one convincingly shows it does not;
(Description of the versions of Office
that are supported on Windows Vista
goes back only to 2003)
but I'll finish checking the selected links .
news: some encouragement:
. How to Run Office 97 on Vista | eHow.com

7.14: sci.cyb/vista.word97/install succeeds:
. vista does have a win95 compat'mode;
and it's not complaining about word97 .
mis: won't open a .doc
(what mac calls word97 format):

. mac said this 2003 file was word97 format,
(I never used word97 in 2003,
but this file was authored elsewhere).
. word97 would not open it,
but I tricked vista.wordpad into opening it,
(by retyping it as .txt ? vague recall)
. maybe it needs word viewer,
but word pad finds a lot of text,
only there's a lot strange char's added too .

news.cyb/vista.wordpad/
will open word97's .rtf's:

. after correctly identifying the word97 file
as being an .rtf not a .doc format,
vista.word97 still won't open its own file
[due to security issues]
but, vista now gives me
an option to open with wordpad,
so do that: and it does open it!
. it said there were some codes in it
that my permission level was not allowed to have;
so, there file might not look like the original;
but, it looked great .

sci: why word97 can't open its own files on vista:
. word97 wouldn't open its own .rtf
but vista.wordpad would?
. wordpad said
     there were some codes in it
     that my permission level was not allowed to have;
     so, the file might not look like the original ...
but, it looked great .
. and, word 97 does open the same .rtf
after wordpad has filtered the sensitive codes .
. therefore, vista.word97 does work
but can't deal with the security issues
that vista is now trained to detect .
7.12 cyb`gear word97 install
news: compatability may be partial:
The problem was not the driver
but rather changing print settings
from anything but normal in printer properties.
You can make changes
as you print in MS WORD
but do not make any changes in "PRINTERS";
if you do, changing them back to normal
will not accomplish anything;
you will have to remove the printer
and uninstall and reinstall the printer driver.
I tried this three times!
I realize that some may think
this has nothing to do with VISTA
but having used MS WORD
before VISTA without any problems,
I think all the "OUT OF THE
STONE AGE" MS OFFICE 97 users
will appreciate this information.
...
Well, that depends - it may be a
combination of a changed Vista interface
along with the old style interface
that Office programs use
to access system devices.
...
Still, at least for me,
I can change printer settings to
what I'd like to use within Word (temporarily)
but if I start messing with the
main settings in default printer properties,
it's uninstall and reinstall to get it back to normal.
By all means, do not use any compatibility settings,
that's what brings on the winword error message.
news.cyb/vista.ms'office97/
Access has same troubles as Word or worse?:
"( . I finally got my MS Office 97 to load in Vista
but I still couldn't open my old MS Access files.
I finally bought MS Office 2003,
which seems to open all my old files properly.)
. after seeing that,
I wondered if Access worked at all,
or if, like Word, vista just had security issues
with letting an old app open old files .

2012-06-19

google-plus's "(just the right people)

5.28: pos.cyb/net.g'+/blocked/
stay popular to prevent thread erosion:

. if you get blocked from anyone,
you can't see them on
any threads they participate in,
so then this has the effect of
blocking your view of other posts,
because they expect you can see
who they're responding to:
. so keep remembering,
g'+ is not the place for free speech;
it's the place to listen, and learn!
. you'll need to walk softly,
and carry your big stick elsewhere,
or on a dual g'+ account (haven't tried that yet). 

5.26: mis.cyb/net.g'+/being blocked 
hides posts in threads you can still see:
. while googling for g'plus news,
searching for myself on plus.topsy.com,
I found some comments directed at me
that g'plus didn't inform me of? :

2010-11-07

before qubes there was mac vmware virtualizing windows


[at the ubuntu forum]/Setting up virtual machines

. I am so thankful this article was pointed out us;
for 2 years I've been using
mac.vmware`fusion to run ubuntu
-- worried about rootkits --
but since recently hearing about
Joanna Rutkowska's expertise in rootkits
I wondered how her setup differed from mine .

. I was suprised she did her online shopping
on a separate machine from her banking;
but she's right, once at macmall (a secure site)
I got my credit card "validated" by a scam;
who knows what else I got?
(I think macmall uses 3rd-party advertizing).

. as for linux having no 3rd-party drivers:
in security terms,
all open source is 3rd-party!
it's a lot of cooks in the kitchen;
complexity increases risk .
. did you know that most of
russia, china, the world,
are using bootleg microsoft?
when the world moves to linux,
the botnets will come for linux next !

. but by the time they do,
we will be saved by ...
# intel's VT-d, TXT, TPM,
# linux (or anything) on the
okL4 verified microvisor
# and using Joanna's system of
5 vm's for each security domain,
-- or Joanna's Qubes

5 vm's for each security level:
# red: browsing random sites, no privacy;
-- expected to get infected;
. I revert it to a known snapshot every week or so.
# yellow: semi-sensitive tasks,
. uses firefox.NoScript to only allow
scripting to a trusted few sites:
online shopping, blogging, etc.
Sure, somebody might do a
man-in-the-middle (MITM) attack against
a plaintext HTTP connection
that is whitelisted by NoScript
and inject some malicious drive-by exploit,
but then again,
Yellow machine is only semi-sensitive
and there would not be a big tragedy
if somebody stole the information from it.
[unless credit cards are used?
maybe that's for green vm?]
# green: https-only, bank's account
. it is quite important to make sure
only HTTPS is used for this machine
to mitigate potential MITM attacks;
for example, on any hotel Wi-Fi.
. don't use the host's browser as a Green machine:
[the host is a huge attack vector;
and, all the attacks are coming from online;
so, take it offline .]
# where to keep one's email client:
[with separate personal and work vm's;
both have mozilla mail;
work needs a noscript browser]

other tips:
#handling updates:
[getting prompt updates for each guest vm
dramatically reduces the number of attacks .]
# clipboard:
[every guest can be logging the clipboard .]
transfer of files between vm's and host:
[more networking is more risk .]



2010-05-31

ubuntu's WYSIWYG web editors

web.addn/free html editors:
5.31: web:

>> Ubuntu >> Packages >> lucid >> web:

KompoZer WYSIWYG web page editing.
a complete Web Authoring System
that combines web file management
KompoZer is designed to be extremely easy to use,
making it ideal for non-technical computer users
who want to create an attractive, professional-looking web site
without needing to know HTML or web coding .

web based HTML WYSIWYG editor
TinyMCE is a platform independent web based
Javascript and HTML WYSIWYG editor control
released as Open Source under LGPL
by Moxiecode Systems AB.
It has the ability to convert HTML TEXTAREA fields
or other HTML elements to editor instances.
TinyMCE is very easy to integrate into
other Content Management Systems.
* Easy to integrate, takes only two lines of code.
* Customizable through themes and plugins.
* Customizable XHTML 1.0 output.
* Block invalid elements and force attributes.
* International language support (Language packs)
* Multiple browser support, Mozilla, MSIE, FireFox, Opera and Safari
. version 2 of tinymce is older version
the google web app way -- openware:
www.openwebware.com/
. a free cross-browser WYSIWYG editor
that's packed with every rich-text editing feature
you need to make your content management system
that much better.

Setting up openWYSIWYG is so easy,
you can quickly turn any html`textarea
into a powerful WYSIWYG editor
with just a few simple lines of code.

Packed with every rich text editing feature you need,
openWYSIWYG gives you total control over formatting your text.
The ultimate html`textarea replacement
for your content management system.
Coded Entirely in JavaScript
Regardless of what language you use to code your web applications,
openWYSIWYG will work.
openWYSIWYG is coded entirely in client side JavaScript,
so it will work with any web programming language .
other tools

Text-to-HTML conversion tool
Markdown is a text-to-HTML conversion tool for web writers. It allows you to write using an easy-to-read, easy-to-write plain text format, then convert it to structurally valid XHTML (or HTML).

Macro processor for HTML documents
Mp4h is a core component of the Website Meta Language (WML).
Mp4h is a macro processor for HTML documents,
with powerful programming features.
It allows definition and expansion of new tags
with a syntax familiar to HTML authors.

off-line HTML generation toolkit
WML (Website META Language) is a
free and extensible Webdesigner's off-line
HTML generation toolkit for Unix.
WML consists of a control frontend
driving up to nine backends
in a sequential pass-oriented filtering scheme.
Each backend provides one particular core language.
For maximum power WML additionally ships with
a well-suited set of include files
which provide higher-level features
build on top of the backends core languages.
While not trivial and idiot proof
WML provides most of the core features
real hackers always wanted for HTML generation.
Homepage: www.thewml.org/

Content management platform to maintain complex web sites
WebGUI is a content management platform based on
Apache, mod_perl and MySQL,
built to allow average business users
to build and maintain complex web sites.
It is modular, pluggable, and platform independent.
. get some detail$ . no mention of wysiwyg .

pretty print html
hindent

error-tolerant HTML parser for Python
The BeautifulSoup class turns arbitrarily bad HTML
into a tree-like nested tag-soup list of Tag objects
and text snippets.
A Tag object corresponds to an HTML tag.
It knows about the HTML tag's attributes,
and contains a representation of everything contained
between the original tag and its closing tag (if any).
It's easy to extract Tags that meet certain criteria.

HTML syntax checker and reformatter
Corrects markup in a way compliant with the latest standards,
and optimal for the popular browsers.
It has a comprehensive knowledge of the attributes
defined in the HTML 4.0 recommendation from W3C,
and understands the US ASCII, ISO Latin-1, UTF-8
and the ISO 2022 family of 7-bit encodings.
In the output:
* HTML entity names for characters are used when appropriate.
* Missing attribute quotes are added, and mismatched quotes found.
* Tags lacking a terminating '>' are spotted.
* Proprietary elements are recognized and reported as such.
* The page is reformatted, from a choice of indentation styles.
Tidy is a product of the World Wide Web Consortium.

check websites and HTML documents for broken links
linkchecker-gui

Makes an HTML site map from meta tags from other HTML pages
This Python script reads the META DESCRIPTION tags
from all HTML files under a directory
and generates a site map from them.
It can be easily configured with a simple dotfile.

5.21: about.com's take:

Aptana Studio Community edition:
"( Instead of focusing on the HTML,
Aptana focuses on the JavaScript
and other elements that allow you to create Rich Internet Applications.
One of the things I really like
is the outline view that makes it really easy to visualize the DOM.
This makes for easier CSS and JavaScript development.
If you are a developer creating Web 2.0 applications,
Aptana Studio is a good choice.)
5.31: not easy to find:
. for linux as app or eclipse plugin;
but not installable by ubuntu .

Screem:
"( Screem is a versatile text Web page editor and XML editor.
It recognizes the Doctype you're using
and validates and completes tags based on that.)
5.31: Screem ubuntu lucid download is missing:
--. for hardy but not lucid (the current release)
"(Unlike most other web site / HTML editors
SCREEM does not provide a WYSIWYG display of pages.)

2010-03-28

teach a man to ... "(oh, fish!)

3.22: pol/teach a man to ... "(oh, fish!):
windows7sins.org:
"(Give a man a fish
and you feed him for a day.
Teach him how to fish
and you feed him for a lifetime.)
. seeing this in the context of
protesting against proprietary software,
I realized that such secret.ware
is just another way of
controlling population by marginalizing it .
"(
. teach a man to fish,
and he reproduces until the pond is empty;
then he's clubbing to control the next pond .
. give the masses a right to
improve your product
and the masses will do your job
for mere beans .
) .

2010-01-31

ms dev survey

1.10: ms`survey for dev'ers using vc++ express:

How did you arrive at the MSDN Web site today?
Via a link from a non-Microsoft Web site or newsletter

Which of the following best describes
the primary task you were trying to accomplish
with your visit to the MSDN Web site today?
download sdk

Please tell us in your own words
what specific information or resources you were looking for
during your visit to the MSDN Web site today.
. an openware said I could compile its code
using your free visual c++ express sdk .

most true of your visit to the MSDN Web site today?
I found what I was looking for

level of knowledge and skills related to the product
or technology you are researching today.
Intermediate
When do you plan to use the information you were looking for today?
In the next month

What is your preferred way of finding information on the Web
for the primary task you are performing today (download)?
I rely on search wherever possible.
I will quickly search again if a search result doesn't have what I'm looking for.
x I usually rely on search initially,
but when I click on a search result
I will often try navigating from there before searching again.
I rely on navigation wherever possible.
I think of search as a last resort when navigation is not helpful.

Please indicate which, if any, of the following methods
you used to look for information or resources
on the MSDN Web site today.
Site navigation (i.e., using links in the menu(s) or tabs on this site)
Links within the site content or articles
Search tool on the site

Satisfaction with the Web Site
Please rate your level of satisfaction with the following features of the MSDN Web site.
no:
The ability to easily find the information that I am looking for
Accuracy of the information on the Web site
Depth of information included on the Web site
The organization of information on the Web site
ok:
Loading speed of the Web site compared to other sites
Up-to-date content
Links within the site content or articles
Search tool on the site
Site navigation (i.e., using links in the menu(s) or tabs on this site)

Overall, how satisfied are you with the MSDN Web site?
ok
What changes would you like to see to improve your
experience with the MSDN Web site? (Please be specific.)
. there are a lot of product choices;
please be immediately specific (all on one page)
as to intended target, price,
what you get for paying more,
or what you don't get
for using free tools .

Thinking about the resources currently provided by the MSDN Web site
(including documentation, articles, forums, blogs, code samples, downloads, training, etc.),
please rate your agreement with the MSDN Web site
ability to provide resources that...
5/10:
Help me get the most out of my Microsoft products
Improve my skills
Help me evaluate new products
Are easy to find
Help me connect to the IT community
Help me do my job better
Help me make the case for investing in Microsoft products
Help me solve technical problems

Please indicate your level of agreement with
each statement as it applies to the MSDN Web site.
Visitors can find and interact with
peers and experts on the site
Visitors can contribute their own content to the site
(e.g., comments, articles, samples, uploads, etc.)

Please tell us how likely you will be
to recommend the MSDN Web site to a friend or colleague.
surely

How long have you been programming, either for school, work or non-work purposes?
4-6 years

Now, we would like to ask you a few questions about
Microsoft as a company.

Please tell us how your visit to the MSDN Web site today
influenced your satisfaction with Microsoft Corporation.
5/10

Considering everything you know or have heard about Microsoft,
its products, its service and support organization,
how satisfied are you with Microsoft as a company?
ok
[considering their research on security, singularity, .net,
what they could do if not held up by backward compat
and demand to giving dev's full stupid control .]

The last few questions are for classification purposes only.
Which of the following categories
best describes you?
Developer: Designs or customizes software applications or Web sites;
writes or tests computer code; or manages a software development process.

your primary purpose for visiting the MSDN Web site today?
Personal use

Thinking about your average weekly activities,
which one of the following best describes your primary role at work?
Testing software - this could include testing projects and software that you or others have written.
x Architecting software applications - architecting applications, creating the guiding technology design for your organization, systems for speed, efficiency, scalability, load, network security, or the hardware and network infrastructure layer for your organization.
Designing - designing the overall look and feel or user interface for software application for Web sites, may include serving as the overall producer or creative manager of design efforts for applications and/or Web sites.
Develop software applications, rich internet applications and/or Web sites or Web applications - creating applications for any computer platform; may also include using a database management software program, writing macros, creating software or applications using a programming language or tool, or writing production code.
Other software or development activities - this may include activities relate to managing software development projects, database design, assessing business needs.

What is the approximate number of personal computers,
including laptops, in your organization at all locations?
1 - 4 PCs
What is the approximate number of professional developers,
in your organization at all locations?
1 (self-employed)
What country/region do you live in?

Thank you for taking this survey.
Your feedback is greatly appreciated.
This survey was conducted for Microsoft by comScore,
a marketing research firm commissioned by Microsoft to conduct this survey.

Members of the Research Panel
provide valuable information to Microsoft
by answering online surveys
and participating in online discussions.

Why should I join the Microsoft Online Research Panel?
Your participation in online surveys and discussion groups helps Microsoft
make informed business decisions.
Whether the focus is products, services, communications
or other aspects of its business,
Microsoft is interested in hearing from you!
Panelists who participate in an online survey
are automatically entered in sweepstakes
for Amazon gift certificates after completing the survey.
Panelists who participate in an online discussion group
receive a cash incentive as a thank you for their participation.

2009-12-16

mac'finder needs better undo or trash backup

7.19: mis.addn/mac/finder needs better undo or trash backup:

. I should have fixed that cranky card drive
so it would fit the usb socket:
it has this habit of spontaniously losing its connection
-- sometimes during a folder transfer --
so that it will leave an empty folder at the destination;
then when you try the transfer over again,
it says you're overwriting a folder of the same name .
. if you're sure it's from connection loss,
then it's safe to overwrite,
but if your downloading a camera folder,
and didn't rename the last download,
then you need to stop and rename .
. in this case I had both a connection problem,
and I'd forgotten that I recently downloaded without renaming,
so I accidently overwrote this morning's photo' set
with the most recent photo download .

mac does the strangest undo:
. I was hoping I could do something user-friendly on the mac
like cure an accidental overwrite with a simple undo;
unfortunately, even the 10th version of mr.user-friendly
is falling flat on its iconic smiley face .
. the undo returns the moved folder to it's original location;
but, it has not returned the overwritten folder to the mov's destination;
so, try undo again, then it asks for admn permission .
. OK'ing that, I then notice the overwritten has appeared since then
and is now being removed? did I see that right? .
. testing again, I see what happens is that
the next undo (cmd-z) is actually an undo the undo: [redo mov] .

. I'm really surprised that
while the cocoa frameworks supports infinite undo,
the system finder doesn't take advantage of it .
. this is the same stupid behaviour you get from ms`dos:
it has a trash can for things you delete,
but not for things your app's will delete with an overwrite .

. that should be my highest developer priority:
a suite of common app's that provide universal undelete .
. instead of asking you those stupid questions,
it simply renames your name-clashes
unless you ask for clashes to be moved to trash .
. it also offers to do an ms`dos-style merge of clashing folders
if you set the configuration that way:
this merges an subfolders that have clashing names,
and unlike ms`dos,
it will rename filename clashes during a merge
unless you ask for clashing folders to be moved to trash .