Basically Tech

I found a new article about the remarkable command-line interface utility 'find' today. It's a good article, but the best I've found so far is Daniel Miessler's excellent tutorial on the subject, which also incorporates some xargs goodness, something which the former sadly neglects.

This is concerning a cryptic entry from the blog of Jeff Bonwick. The two guys in the photos (follow the link) are Linus Torvalds and Jeff Bonwick. Jeff Bonwick is maybe not quite as well known as Linus Torvalds. He's the CTO of Storage Technologies at Sun Microsystems, he's also the ZFS development team leader, and his blog pretty much focuses on ZFS.

So, what's this about? Aren't there supposed to be licensing issues with Linux and ZFS? All I can assume when Jeff Bonwick says:

All I can say for the moment is... stay tuned."

I use awk (or rather gawk and nawk) a lot, and I was intrigued to find two resources on the internet very recently. This sort of information used to be hard to come by, so it was good to find it.

The first (and IMO the best) resource I found was an awk tutorial called Getting started with awk.

The second was an Awk, Nawk and Gawk cheat sheet.

Add to that my old favourite Handy one-liners for awk, which seems to have taken it's inspiration from the venerable and much-queried Handy one-liners for sed, and you have the four resources hinted at in the title. I hope it proves useful.

There's been a little flurry of news regarding Apple's "Safari" web browser.

The first thing which caught my attention recently was Apple's bundling of Safari by default into iTunes and Quicktime updates on Windows PCs. So unless you're on the ball (but aren't all Internet users on the ball?) and deselect the "Safari" checkbox, you get Safari downloaded and installed on your Windows PC. Well of course you wanted it!

In this update, Apple claims that "Safari for Windows is the fastest and easiest-to-use web browser for the PC", a claim which is countered by many sources. I guess these things are perceptual to some people, rather than quantitative!

This has now been followed up with a fascinating paradox in the EULA which comes with Safari for Windows, which states that you are permitted to install said software (unwittingly downloaded or not) onto no more than "a single Apple-labeled computer at a time." Which means that if you're installing Safari for Windows (which you may have been tricked into downloading and installing in the first place) onto a Windows PC, you're violating the terms of the license.

Added March 28, 2008

Slashdot has a couple of articles related to this, one discussing the points above as well mentioning that Safari seems to be suffering some security vulnerabilities. The second article follows up on the vulnerability theme; at the CanSecWest hacking contest, a MacBook Air was compromised within two minutes due to a Safari-based vulnerability.

This article is eye-opening to say the least. It's a guideline written in 1997 on how to get Microsoft's platforms accepted as de facto standards. Here are some classic quotes, but you should read the full article to get a fuller flavour.

Working behind the scenes to orchestrate "independent" praise of our technology, and damnation of the enemy's, is a key evangelism function during the Slog. "Independent" analyst's report should be issued, praising your technology and damning the competitors (or ignoring them).

Analysts sell out - that's their business model. But they are very concerned that they never look like they are selling out, so that makes them very prickly to work with.

Get a well-known consultant on your side early, but don't let him publish anything blatantly pro-Microsoft. Then, get him to propose himself to the conference organizers as a moderator, whenever a panel opportunity comes up. Since he's well- known, but apparently independent, he'll be accepted ...

lt's amazing what some people will do for a T-shirt.

Interesting peek into an alien mindset.

Personally, when I first saw the headline, I thought, "So what?" However on closer reading, it seems that Hotmail has been deliberately rigged not to work with Firefox 2.0 and GNU/Linux. To work around it, all you need to do is use User Agent Switcher to masquerade as Firefox running on Windows, and it works just fine. There is no technical reason why it shouldn't work, this just seems to be a deliberate attempt to block Linux users from Hotmail.

The funniest part of this whole story is when the author contacted Hotmail support with his woes, explaining that Firefox 2 wasn't fully supported under GNU/Linux, and he received a reply recommending him to use Outlook Express, as well as details of the steps required to set up Outlook Express on Windows XP and Vista.

I'm always interested in security tips for Linux. This article is short and sweet and contains brief snippets of advice from the likes of Ted Ts'o, Andrew Morton, Linus Torvalds, and Fyodor (yes, he of Nmap fame) on how they secure their Linux desktops and networks.

Bruce Schneier is a security advisor for whom I have a lot of respect. He is one of the keynote speakers at Linux.conf.au 2008, and he is being interviewed here prior to that event.

When this guy speaks, if you're interested in security, then it's well worth listening. You don't have to be technically minded. What's important is if you can be open to Bruce Schneier's mindset, it will change the way you think about security. He just comes at it from a completely different angle.

One other site of interest for the security-conscious is Bruce Schneier's blog, Schneier on Security.

There's an alarming post on the Ubuntu forums warning of a recent trend whereby new Ubuntu Linux users are being tricked into running dangerous commands which will delete home directories, or overwrite the system disk, or the like.

One of the great strengths of Linux in particular and Open Source software in general has been the approachability and helpfulness of the community, and it seems some dweebs think its funny to exploit this openness and trick a new user to trash their system.

It's made me think. A significant part (**) of the security of a system lies in the users. Linux and Unix have always been professional operating systems, written by professionals, for use by professionals. When you use the command line to ask a *nix system to do something, the assumption is that you know what you're doing. That system won't ask you if you're sure you want to do what you've typed. It'll just do it. I don't think that should change. For me it's part of the attraction.

I've only used Ubuntu once. I was impressed, but not that much that I would leave the distro I currently use . It seemed to me that the Ubuntu people have made it possible to do pretty much anything you might want to do using the GUI, and this is the attraction that has brought in many (welcome!) newcomers to Linux. However the command line is far more powerful and flexible than any GUI, and as people slowly come to realise this and naturally start experimenting, I feel more issues of a similar nature may arise.

If you want your PC (running Linux or Windows) to remain safe and secure, you need to have a particular mindset. "Wary" probably describes it. "Keeping it simple" and experience definitely helps.

(** This is not to say that all systems are equal. Not by a long shot.)

Yes, I know that Windows flaws are ten a penny. It's just that this one is quite amusing.

The bug ... resides in a feature known as Web Proxy Autodiscovery (WPAD), which helps IT administrators automate the configuration of proxy settings in Internet Explorer and other web browsers.

So far so good. But wait, Microsoft fixed this problem years ago!

... the flaw affects every version of Windows including Vista and is actually the continuation of an old vulnerability that Microsoft supposedly fixed years ago.

Oops.

Microsoft appears to have released a patch for the vulnerability in 1999. But the patch only protected domain names ending in .com, so WPAD servers using all other addresses have remained vulnerable.

Hilarious! These idiots would have you believe that the security of Microsoft products rivals that of Linux? Unbelievable.

This article, Windows Is Free, is a discussion about the impact of pirated software on free software, and is an interesting analysis of people's attitudes to using pirated software. Interesting and thought-provoking stuff.

gcal is a remarkable console-based program.

• It can be used to print calendar information, much like cal, but with much more flexibility.
• It can display holiday information for over 300 different countries and states.
• It can display astronomical information such as sunrise, sunset, the current phase of the moon and much more.
• It can also be used as a diary or personal reminder.
• It can print the current date and time. (No, really! )
• It can be used to display the start and stop of daylight saving.

I'll be providing examples of how to use gcal in all these ways. Bear in mind that this article just scratches the surface with regard to what gcal can actually be used for. You are limited by your imagination!

There is a small storm in a teacup brewing over recent events in which it's been confirmed that Microsoft has updated copies of Windows XP and Windows Vista without the users' consent, even if auto-updates have been turned off. Obviously these folks don't read (or is it "understand") the Windows EULA which they clicked on and agreed to when they first started their newly-purchased PC (or when they actually paid for and installed the software.)

Most users of Microsoft Windows seem to have their collective heads buried in the sand. The thing the don't seem to get is that Windows users are just that, users. They don't own the software, they have just purchased the right to use it. Microsoft explicitly retain ownership and the right to update their system as and when they choose.

I don't understand why people are acting so shocked. Windows doesn't belong to you. If it bothers you having a third party changing files on the PC you use without your permission, you can always use an OS which you do own.

(This article has been updated from the original, which focused on Solaris 8 only, to include Solaris 10-specific entries. Where the commands or entries for Solaris 8 and Solaris 10 differ, they are written down in purple for Solaris 8 and green for Solaris 10. In addition, I have added an extra note about changing the NIS Makefile in the event that you're not going to use group passwords.)

This is a step-by-step account of the method I used to install and configure a NIS master and slaves on servers running Solaris 8 (and more recently, Solaris 10). The steps detailed for Solaris 8 should work fine on earlier versions of Solaris, but as I have not explicitly tested other versions (except as clients) you may encounter issues. The clients used with this setup ranged from Solaris 7 to Solaris 10. The installation was in a medium-sized Solaris-only farm (100+ hosts).

Configuring NIS on Solaris is not quite as straightforward as it is on other OSes (such as some Linux distros). This didn't really surprise me, even though NIS is Sun's product. What this does allow is a more tailored end product.

There are three points I'd like to emphasise concerning this article:

• This article is not an definitive how-to; there is more than one way to implement NIS. This way works, it's relatively straightforward, and is more secure than a default NIS installation.
• This article is not an endorsement of NIS over other naming systems. My recommendation to the client was to use LDAP, but NIS had been used before, they were more or less happy with it *, and it did what they wanted it to. Having said that NIS is still used on many sites, it's versatile, it's easy to set up and maintain, and it can be made more secure without too much extra effort.
• This article describes the set up of NIS only. Administration is another matter altogether.

(* The client's existing NIS setup was very old and exhibited quirky behaviour on some rare occasions. In addition, it had allowed encoded password values to be seen when running ypcat passwd. This was not acceptable.)

This is an apparently true event which happened back in 2005. It is the (frankly hilarious) conversation which took place between an IRC user and self-proclaimed hacker named bitchchecker, who mistakenly believed that he had been kicked off an IRC channel by another user named Elch. The "hacker", childishly (ah!) refusing to believe that he had timed, threatened to hack Elch's PC, and dared Elch to give out his IP address. Elch told bitchchecker that his IP address was 127.0.0.1. It's got to be read. This has been translated from the original German.