Posts by eulampios

Re: Real programmers

or just a hex-mode in emacs?

Re: Emacs

It takes 20 seconds to write:

replace: "^\([0-9][0-9]\)/\([0-9][0-9]\)/\([0-9][0-9]\)" with: "20\3-\1-\2" and about 10 seconds to execute it. Job done.

Exactly! Replacement with a regex construct like "^\([0-9]+\)/\([0-9]+\)/\([0-9]+\)" , which you can type in by making up the first scope and a slash, kill it and do

C-y C-y C-y . Takes even less.

You could also accomplish this with another Emacs' delicacy and the date utility. Just run-sheell command on the region (when it is marked) with

M-1 M-|

for d in $(cat -); do date --date="$d" +%Y-%m-%d;done <ENTER>

or more justifiable complexity:

"for d in $(cat -); do date --date="$d" +%Y-%b-%d,\ %A;done "

@Tom 38

Same goes with Emacs. Select a region and run whatever command you want taking the region as an argument, like interactive (regex) replacement. or any more sophisticated stuff with run-shell command on it, awk/perl/sed -- you name it.

Re: Speaking of Emacs, ....

It satisfies quite a few, but not all, of Verity's criteria.

Well, not sure about the validity of those criteria. IMHO, GNU Emacs satisfies a number of much more serious and important criteria (for me), that no other editor seems to even be aware of.

Re: Speaking of Emacs, ....

Taking this as an insult. Since, even if you use it, you don't really seem to know it. AMOF, I don't really play games in Emacs. First, think how much space does it take? How fast does it load? Run this( in Emacs with M-! or M-1 M-!)

dpkg-query -Wf '${Installed-size}\t${Package}\n' |\

column -t | grep -P 'emacs.*' | \

awk '

{sum+=$1}

END{

printf "-------------------------\nTotal for emacs: %.3f Mb\n",sum/2^10

}'

Outputs:

-------------------------

Total for emacs: 145.402 Mb

BTW, why does ELReg text parser mutilate the text so bad and both pre,code tags are so ugly???

Most of it is Elisp, it is modular and 145Mb really worth it! Here is why for me, personally:

**incremental (regex) search, where you get search results for a pattern while you're typing it in ; configurable regex system

**grep-mode, you do grep command and get a *grep* buffer with the list of matching lines hyper-linked to the place/file

**this idea, that everything is file... I mean a buffer is implemented, special buffers

**run-shell command on a region with or without an argument (M-1) M-|

**very smart keyboard shortcuts, which you can configure and customize to your own liking

** collection of text killing macros, can your editor know what zap-to-char is anyone? Capitalize, change-toupper/lower and so on. Very efficient text editing. I am so used to it I use in Firefox.

**running every command with M-x with an autocompletion

**calc-mode, a Reverse-Polish with inf. precision calculator that can integrate, differentiate, convert units etc. Both stand-alone and embedded. And hey, you can still run pari-gp, (i)maxima, octave in in its own buffer and yes run-shell on a region with dc?

**tramp-mode

**kill-ring browser

**dired-mode, where you can do operation on files and dirs (with tram-mode via ssh remotely)

**unmatched extendibility

**predefined highlighting and indentation, regex highlighting etc

**aspell and calendar-mode

** hey, it got a vi emulation mode, viper-mode. I do like vim (vi is too plain), does vim have an emacs mode? ;-)

** its own terminal-mode, which is Okay

**org-mode, info-mode, tex-mode, w3m-mode ( a decent web browser) and you-name-ti-mode

=============

Wow, this is just 5% of what it can do and I just don't have an idea about it.

@mmeier, Firefox

As far as the firefox hacking is concerned it also was a partly Windows ASLR feature exploit:

VUPEN was able to exploit Firefox via a use-after-free memory flaw paired with an ASLR/DEP memory exploit. ASLR and DEP are operating system features found in Windows that are intended to protect memory from exploitation.

@mmeier

Not exactly right: here

it was possible to exploit a vulnerability which allowed us to gain code execution in the context of the sandboxed renderer process. We also used a kernel vulnerability in the underlying operating system in order to gain elevated privileges and to execute arbitrary commands outside of the sandbox with system privileges.

@AC

Wrong: Updates to (at least) hal, glibc, dbus and xen require reboots.

You seem to be in the wrong here. If the xen touches the kernel it does require a reboot (unless there ksplice is not used). As far as glibc (hal and dbus) is concerned it very rarely does. When that happens all necessary services are restarted by the updater (apt in my case). When you do absolutely need to reboot the whole machine it prompts for this (creates a file /var/run/reboot_required (again, speaking for a Debian based system)

My own server/desktop example:

Thu, Feb 28 2013 09:46:36 -0600

------------------------------------------------

[UPGRADE] libdbus-glib-1-2 0.84-1ubuntu0.2 -> 0.84-1ubuntu0.3

uptime:

3:22:35 up 37 days, 21:45

============================

Also - updates to Windows usually work in similar manner you describe - after updates you can postpone the reboot until a convenient time

Never had to reboot my desktop after updating firefox/chromium/konqueror/epiphany even lynx and libreoffice, gnumeric ;-) However Microsoft says this:

Bulletin 1 Critical,Remote Code Execution: Microsoft Windows, Internet Explorer --> Requires restart. The other one bull.3 for Office "may require restart".

@AC

The vast majority of android apps ask for permissions they don't seem to need.

So, it's my point, there is not much difference between a bad intent and a sloppy design. It might well be that that little app of yours is useless after all.

So if you're a google fan you'd better fucking hope people don't start reading the list of permissions...

What do you offer me? To become a Microsoft or Apple fan? I doubt that Google can screw up that bad and the former two would change their ways that much really ;-)

As far as Android is concerned, I like it but will ditch for a first viable GNU/Linux alternative whenever it becomes available...at least make it dual boot

@MS/Apple shill

Howdy.

It gets access to your bank account!

If you have a habit to install crappy apps (possibly outside of Google's Play) without examining and analyzing their permissions, neither Kaspersky, nor any other Russian dude would be able to help you anyways. Ignorance is a pretty luxurious thing, you know.

@hahaha-anon

If Microsoft were as security aware as Google are and would have offered an API to sandbox every application+ made the permissions system transparent.. That would be a very different world!

Re: Hmmmmm

except that with Windows everyone around has it, with Android no one has ever really seen it. So let's wait another 16 years.

Re: wow

Yes, Microsoft is yet again about quality, not quantity. Memento Slammer?

Re: Meanwhile...

How come you get more money for owning Chrome when it has had many times more vulnerabilities than IE?

Because, evidently, you receive money for actually exploiting, not counting them. What a nuisance! Otherwise, RICHTO would be more rich(to) than Roman Abramovich by now.

Re: Take the money

as it doesn't have that evil G connection.

When there's M (or A) on it already, it has reached the maximum level of evilness.

Re: @AC

So you have to roll back everything and reboot -

You just suggested me to rollback your entire system to some previous snapshot with everything on the fylesystem, now I hear some "hybrid kernel" faiy tales again. FYI, for modular architecture most of the drivers are loadable modules, that can be loaded and unloaded, as the term suggests. In that case you can always install a different driver against the headers of the current kernel if you wish so.

Tell me please, why does an awesome hybrid Windows kernel need a reboot when it installs a printer driver on Vista? (not sure about Win7/8) Why would need a reboot with pretty much any MS update/patch?

@AC

You tell me how to upgrade databases. Snapshotting is possible on Linux as I told through, for example, LVM. There is also an emerging fs -- btrfs. You can even go with zfs but not in the kernel. I do regular backups of most important things. Say, dumping databases.

As far as your MySQL update issue was concerned, you apply your Windows logic, mon ami, despite all your regalia. All you needed was config files. Just like in the discussed case, if you ever tell any Linux, *BSD admin that you use snapshots in case a driver update gets awry, he or she 'll take it as a joke.

With databases, you do it with special tools (mine is PostgreSQL with pg_upgradecluster etc) or/and by dumping and restoring entire databases.

@AC

I don't use snapshotting, my anonymous friend, I don't need to. However, LVM logical volume management) offers even more than that.

That is not what you need when encounter a buggy driver. All of them are contained in the kernel or associated with it. So it's much more simple just to rollback to the latest stable kernel, I know this is not feasible for a proprietary system and a rocket science really.

@Yet Another Anonymous coward Silver badge

You might have heard about ksplice, I suppose. Anyways,

But that's a cute little unix toy you have there ....

Sic:

The OpenVMS.org websites are for system administrators, developers, database administrators and technical managers, offering recent industry news, events, links, etc. related to HP's OpenVMS operating system running on the VAX, AlphaServer and Integrity platforms.

From the http header of http://openvms.org/

Apache/2.2.9 (Debian) PHP/5.2.6-1+lenny4 with Suhosin-Patch

Re: @JDX

Please, stop automatic downvoting.

Eadon, JDX and SheLluser, my apologies for those people

Apple friends

goals for FreeBSD 10 is a GPL-free base system

I guess that, yet the ultimate goal is to get FreeBSD a common-sense-free system.

The FreeBSD controversy

The reason FreeBSD is so adamant against gpl'd 3 version of gcc was purely political and ... yes strange. 3d version of gpl does not impose any restrictions on the compiled code. You can still license the resulting binary with any version you want. However, they do admit that "it would be bad for our sponsors" going even further to suggest who htat sponsor is. If this is about the values, than tell us please how much less of BSD values do DragonflyBSD guys have?

Now with clang being on par with the outdated gcc 4.2 in the compiled code performance, one one would question FreeBSD performance in general. The latter is well known to be inferior to GNU/Linux in most aspects. While, IMHO, other BSD siblings have historically something unique to offer:

- OpenBSD -> security

- NetBSD -> portability (even higher than Linux)

- DragonflyBSD -> peculiar kernel architecture

And BTW, their sponsor do not reek as much as one of the FreeBSD's famous and infamous one.

Re: Linux updates just work?

I do quite like the MS VSS snaps which allow you to rollback driver installs and OS updates, should you require.

On Linux this is not necessary, you got one kernel. When a kernel gets updated, the old one is not discarded, so if it appears to be broken reboot to the latest stable kernel.

Re: @Stuart Longland

Hello Stuart,

(2) this is just a hocus-pocus with key IDs

your link talks about the so-called "gpg/pp key ID collision", there is no problem with that, these are truncated versions of the fingerprints (hashes of the actual keys), these are not used to verify signatures, all more so, to forge a file signature. A key ID is used for the identification purposes. You can check you local public ring file (.gnupg./pubring.gpg that stores longer longer hashes) or run

gpg --list-keys --fingerprint

There is also a massage written by Jon that explains it even better.

(3) yes I referred to the iso hashes and signatures of the hash files, these are the ones you find published. CD's integrity is are checked not for security purposes but rather to see if the burned correctly.

(4) not applicable, I was talking about Linux, even if OEMs "finally grow up" and start shipping with Linux I am almost sure, to use a system of my choice, it would be great just because no MS tax is involved.

sha256, sha512 is not good defense? with salts and multiple iterations. Maybe when quantum computers become a reality...

( with no collisions known and yet no theoretically possible ones?) a salted sha512 password hashing is used in most distros about 5 or so now

It is easier just to hack a machine that signs packages, but one machine is not enough, since things are multiply signed, moreover, you'd have to collide hashes of the source code as well. In those cases when git is used for versioning, good luck succeeding there as well.

So risks is non-zero, yet (with modern technology) is infinitesimally small

--regards

GNU Emacs

But Visual Studio is certainly one of the best IDEs on the planet.

I have used VS.for some time and have been using GNU Emacs. That's why I know that VS is a narrowly oriented IDE, a mouse clicking IDE.

*grep-mode ( a hyperlinking grep putput buffer)

*tons of prog languages, (La)TeX in VS? Any CAS'?

*running a shell (hence any command) on a region wit arguments?

*tex editing capabilities that can't be beat (vim is the only one that can compare to this), with elisp built into, hot keys etc

*tramp mode to run sudo/su/ssh etc

*dired mode - a file manager

*email client

*terminal emulator

*info-mode a help environment, fast and easy to navigate

*org-mode - spreadsheets, publishing and beyond

*calc (both standalone and embedded): can your ide perform calculations with infinite precisions? units conversion, differentiate and take integrals?

Its certainly slimmer than most Linux distributions though.

Yeah, right exactly: more than 12gb of Win RT < 5.6 gb Ubuntu, both with office , plus Ubuntu got much more, like GNU Emacs

<---------- ElReg, WTF, where the GNU Emacs icon?

Re: Malware

You are a bit behind the times. -- I am.

There are over 800 types of known malware that are written specifically to target Linux.. -- They are written already, contrary to what other commenters are saying? Nice, when will they finally start spreading? How do I get "infected"? Please, don't advise me to download, chmod and run it in the terminal.

And Android (based on Linux) has more Malware that Windows managed in ~ 15 years!

Yeah, it Android has many, very few people really saw one.

@WIze

The general public don't know how to secure a machine.

Some sophisticated commercial software manufacturers don't know or care, so why demanding it from the general public? My own experience of installing variants of Ubuntu and Linux Mint has not yet concluded with a single malware infection case, moreover, in those cases a system once being installed to solve some serious Windows issues would not need any further intervention, it just runs and runs.

Anyways, I presume your knowledge about Linux a purely theoretical.

You should know, that unlike Windows users, GNU/Linux and *BSD users do not install from the unknown sources. The sources are known and trusted, called repositories, (or ports for *BSD)

Of course you have to be fixing the Windows mindset, and this Windows education (thanks to Microsoft and corruption for our schools) for the first few days. When a user tries to go out to the Web to download and install something. Instead of firing up a package manager to only search for and check the desired packages: "I had to do it on Windows, now this is too simple and logical to be true!"

We who use Linux/BSD usually don't do stupid things, however, our OS is not in the habit of betraying us either.

@Chris

but no-one should be browsing* the Internet or plugging random USB sticks into

I do it all the time and nothing happens to me. Yes I do have a noscript (mostly to block the idiotic ad scripts) and the with AppArmor/SELinux profiling to guard against those Java/js and many more 0-day risks. A file won't execute by itself when a usb stick is inserted into the machine.

When I was a gullible Windows user (<2004) it happened to me many times both with many floppies and on IE.

On a proper server there might be some additional precautions and guards, like mount and AppArmor/SELinux policies. When it usually gets hacked it's not malware or a vulnerability related, but an ssh policy, bad password, poorly implemented custom software or cgi scripts

Re: chalk one for the good guys

Undoing what they have originally done?

@JDX

Explain me JDX, how would they "infect" my Linux box to redirect away from where I want? Not all the universe lives by the laws invented by Microsoft

As for Android, don't install outside of gogleplay and read the permissions of an app before you install it. No need for microsoft coming for rescue