Older blog entries for dyork (starting at number 388)

The Death of the DocBook Wiki, continued - Turns out nwalsh posted an explanation on March 30. My timing was such that I saw that the wiki was down before the list archives had Norm's post in them. The key part:

The vandals have a script that destroys the wiki on a daily basis (adding porn spam, which would be bad enough, but also reformatting all the pages so that they mostly vanish). That script can do damage a lot faster than fingers can fix it.

Will scripts such as this kill all wikis? At least, the openness of all wikis? I suppose trusting everyone and letting anyone make changes was bound to sooner or later attract the attention of these type of lowlifes, who would then kill it for everyone. I mean, it's one thing if people make changes to a page that can then be restored to a previous version. Simple, one-offs can be dealt with. But a scripted reproducible attack? That type of thing is simply no good.

You could almost see, too, the script kiddies who now have their script that will deface wikis based on MoinMoin. It's a simple google search to find "moin.cgi" which for me just pulled up close to 248,000 results. Now, many of those will be duplicates, but I would expect you would still wind up with several thousand wiki servers at which you could point your script... and destroy the countless hours of work that people have put into them. (Not all would be affected, of course, as some would have access control.)

The result of all of this is that the DocBook wiki and most others will have to move to having access control to prevent random people from destroying pages. Not a terribly big deal, but it does require that now the extra step of registering for an account must be added. It removes some of the spontaneity of response. No longer can you just click the "Edit this page" link. Instead, you must login, then go and edit the page. Sad, in a way, but probably inevitable.

Licensing Yum Cha Carts - This article was passed along by an Aussie friend. Way too funny that they feel the need to license yum cha cart drivers. (I am told that yum cha is similar to the North American "dim sum".)

Small Caps - fxn: Thanks for the screenshot. It is good to see what the issue is.

haruspex: I do see what you mean about the difference between the first letter, which is so big and bold, and the subsequent letters. What is interesting, too, is the large size difference between the first and subsequent letters. From a quick scan, it looks like the subsequent letters are 5/8th or 2/3rd the size of the first letter. However, in MSIE 6.0 in Win XP, the subsequent letters are closer to 7/8th the size of the first. With the delta not being as large, it is not as disorienting as it is there in Safari.

The net of all this, though, is that I think I'll probably drop small caps with my next entry. Why make ugly web pages if browsers won't display them correctly?

Tachyon Transmission Mode - Enjoyed a newsletter which pointed to this article and these links. Nice to see people still doing good things on April 1!

Sickness - Entering Two Weeks - Tomorrow marks two weeks that I will have been sick and, for the most part, out of work. The longest time I have ever been out of the office because of sickness. Went back to the doctor today and was given a very strong anti-biotic... hopefully this will help within the next couple of days. Also had a chest x-ray to see there is something more going on there. I'm very tired of this.

Small Caps - haruspex: Ah, thanks for the pointer to your older message. No, I hadn't seen it. Ah, gotta love browser issues. The small caps actually look quite nice (to me) in MSIE on Windows XP and I don't see them in Safari on MacOS 10.2 (which is Safari version 1.0.2). With that version of Safari, it does the proper HTML thing of ignoring tags or attributes that it doesn't understand and simply shows it as mixed upper and lower case.

That was the behavior I was hoping for - show small caps on systems that support it and "fail gracefully" to mixed upper/lower on systems that don't. It sounds like a new version of Safari must now attempt to support small caps... and from your comments obviously doesn't do a very good job of it.

In any event, thanks, haruspex, for the comments. It's nice to think about typography again, given that it (typography) was such a huge part of my life for the 5 years or so in the early 1990s when I was teaching people all about using FrameMaker and it continues to be something that intrigues me, even if I don't work with it much these days.

MoonV6 - Interesting to see that my alma mater is very involved with moonv6. Good to see... and it is an interesting group of participants. It sounds like they all are doing good work to move IPv6 along.

The Death of the DocBook Wiki - I was surprised to see that the DocBook Wiki has died. As Norm eloquently stated:

Repeated, automated vandalism has killed this wiki. Scripts can destroy this faster than hands can fix it.

Don't know exactly what happened, but it's very sad to see.

CSO Magazine and CERT Security Capability Assessment Tool - Saw this interesting survey/tool sponsored by CSO Magazine and CERT. Nicely done survey. It should be helpful to many people.

Book Review - Was pleased to learn that a book review I wrote will be picked up by the Linux Journal. Not sure of when, or whether it will be in the print or online edition, but it was nice to get that news.

A Special Place In Hell Is Reserved For DVD Designers - If I believed there was such a place as Hell, I would also believe that there would be special places reserved there in Hell for certain classes of individuals. One such class would be all of those people responsible for the overly long intros to DVDs before you can actually play the DVD movie.

They obviously don't have toddlers. When you are a parent, you don't care if the butterflies flit through the fields on the way to showing you the menu... or how beautiful the coral reef may look... all you care about is STARTING THE MOVIE! We want to stick in the DVD, press "Play" and have the movie appear. That's it. We don't care if you want to show off your animation skills... we just want the dang movie to start!

Sickness - Emerging From The Darkness - After 11 days, the good news is that I seem to be emerging from the worst of the sickness. The bad news, of course, is that Lori now seems to have the extreme fever/chills/sweats that I had last week, along with the severe coughing fits and difficulty breathing. Fun, fun, fun. Chloe, for her part, has a cough and has had a bit of a fever. Tomorrow will no doubt be spent in part at doctor and pediatrician offices. Hopefully I am over it... I still cough a good bit... but hopefully that will pass.

Small Caps = Typographic Gravel Rash? - haruspex: You are welcome, I guess. I'm not sure if your comment is a compliment or veiled jab. :-)

I actually can't take credit/blame for starting the use of small caps in headings here at Advogato. There was someone else here who started doing it, and I liked it enough to go in and see what they were using (a 'style' attribute to the 'b' tag).

LinTraining - Approved two more submissions to LinTraining: one for a training center in Virginia and the other as an updated courseware listing for my old friends at Bradford Learning.

It was fun to see that one come through. A little bit of history... prior to moving to Ottawa to work at e-smith, inc., which was then acquired by Mitel, I worked for this little company in San Francisco known as Linuxcare. :-)dsifry and davidm hired me for Linuxcare primarily to work full time on making LPI become a reality. But I was also to help with developing courseware and training classes for Linuxcare. Over time, we had the wonderful opportunity to bring over a gentleman named Jim Lacey from CompUSA to head up the education group.

Fast forward to 2001... I was already up at e-smith... and Linuxcare had shrank back to down around where it was (staffing-wise) when I had first joined it in early 1999... it was searching for what it should be doing... and one of the things they decided NOT to do was offer training/courseware/etc.

So Jim was able to work with the Linuxcare execs to amicably spin off the work that had been done as "Linuxcare University" to develop courseware and a training channel into a new company called Bradford Learning, bringing over a number of the staff. It was quite a risk, but they took it and today they are doing extremely well as one of the leading providers of Linux training materials in the world.

They are excellent folks, and if any of you are looking for sources for Linux training materials (on a number of Linux-related subjects) I would definitely suggest you consider the Bradford Learning team.

Canadiana - With all the warm weather (i.e. around 10 degrees Celsius), we are actually seeing all the snow finally start to melt. The front lawn only has a trace of ice left while the back yard still has a good bit of cover. It will be nice to see the grass again.

Sickness - 10 days and counting - I haven't written here much lately in large part because today is now the tenth day that I have been struck down with the nastiest cold/flu/virus that I have ever suffered. For the first time in my life, I have now been out of the office for seven days! Coughing extensively, headache, fever, fatigue, unable to talk, unable to sleep. Adding to all the fun has been an eye infection that has turned one eye quite red. It has been quite horrid.

Of course, being stuck inside the 4 walls of our house, I passed the germs along to Lori and Chloe, both of whom have caught the bug to different ideas. Thankfully, Chloe hasn't been too badly affected, but Lori has, like me, been pretty much wiped out. I just want it to end!

Babylon 5 DVDs - As part of being wiped out, I spent a good bit of time lying on the couch and watching the Babylon 5 DVDs. Finished watching Season 3 and then watched all of Season 4. What a tremendous season #4 was! So much power. So much emotion. Television has simply not been the same since B5 left the air.

Babylon 5 Gag Reels - Finally decided to do a web search to find out how to access the season 4 gag reel and season 3 gag reel. Pretty fun stuff... albeit rather short. They do make you work for it to get to it, though!

West Wing DVDs - With Lori getting sick, and with us having cancelled cable, and with both of us only wanting to lie on the couch and try to breathe, we wound up renting out DVDs of season one of The West Wing. Since we have been long-time fans of the show, it was great to see the first season as: 1) we didn't see much of it before; and 2) the characters have changed and grown so much since this first season. It was a reminder again of how great this show is!

CISSP - Funny how the little things affect you. As part of receiving the CISSP credential, I had a note that I could receive a free lapel pin from the ISC2's online store. I did so, and a couple of days later, an envelope arrived with the lapel pin. Silly on one level, but it was something that I enjoyed receiving.

CISSP - Received a nice present at the end of last week with an envelope from ISC containing my official status as a CISSP! Very cool. Definitely a nice credential to have.

makefaq - Finally got a chance to merge the CVS branch for makefaq into the HEAD so that the CVS repository is more easily browsable via ViewCVS. Been wanting to do that for most of two years now... I just never made the time to do it. Nice to be back in sync.

Network World article on Jabber - Actually the article is really about XMPP, the protocol Jabber uses... but it's good to see it being covered by Network World!

SPF Now Equals "Sender Policy Framework" - I read an InfoWorld article about SPF that said the name was "Sender Policy Framework". I was all set to write them a letter saying they had the name wrong. But when I checked the main SPF web site, I found the name changed there! (And a news item from Feb 11 noting the change.) It seems they wanted a better name than "Sender Permitted From" when they created the official RFC draft.

Understanding OO - ncm: Thanks for the link... entertaining read!

CIO Article on Open Source - Interesting article in CIO Magazine about the The Myths of Open Source.

LinTraining - Approved entries to LinTraining from:

  • Saint-Herblain, France
  • Fortaleza, Brazil

Three Ways to Stop Spam - Good article in Windows & .NET Magazine about SPF, Microsoft's Caller ID for E-mail and Yahoo's DomainKeys initiatives.

Leap Day - Figured I should write something today... hey, it will be another 4 years before I can write on February 29th again!

makefaq release 2.5 - The same logic applied to getting out a new release of makefaq. I figured... why not? I had one annoying warning that I had been wanting to get rid of - so I did. makefaq release 2.5 is now up on the site and ready to go.

Security and VoIP - The Register had an article on VoIP vulnerabilities recently. I had a couple of issues with it. First, the issue in question with Cisco was reported back in August and was resolved then. (Was it just a slow week for news at the Register?) But my larger issue is that it tars all VoIP solutions with the same brush.

FOSDEM Jabber Server - Was very pleased to see that FOSDEM had a Jabber server. I logged in but missed the talks that I was interested in. Good idea, though, for conferences.

LinTraining - Approved new training center submissions to LinTraining from:

  • Bombay, India
  • Ontario, Canada
  • Wien, Austria (Vienna)

Excel 2000 and automatic link creation - Was rather annoyed to find out that there is no easy way to disable automatic e-mail hyperlink creation in Excel 2000. Quite annoying. So now I am putting apostrophes in front of all e-mail addresses. Sigh

AVDL - Not sure what I think yet of the Application Vulnerability Description Language. Sounds interesting, as this article indicates, but it does seem to really only have support so far from vendors of security investigation programs.

Bush - On Guard or AWOL? - Good summary in the Memphis Flyer of the whole Bush issue. I also enjoyed Doonesbury's take on the issue as well as their $10,000 contest to find witnesses who saw Bush there. Quite sad, really, that it has to occur at all.

18 Feb 2004 (updated 18 Feb 2004 at 03:43 UTC) »

LinTraining and German Linux Training Centers - There must have been an article about LinTraining in some German magazine or web site, because I've approved probably 6 or 7 new Linux training centers in Germany in the past week or so. That was the majority of recent submissions, which is just unusual. Whenever there is a grouping like that, it makes one think there must have been a mention of it somewhere. I just don't think that a bunch of people in Germany suddenly found LinTraining!

--refresh-keys - 687 new sigs across 208 keys in my keyring... guess I hadn't updated it for a while.

'script' for Windows - Was trying to find something as simple as 'script' in the Windows environment. I just want to log a series of commands and their results without having to have a high buffer on the command window and copy/paste the commands/results into another window. I did find a great repository of UNIX utilities for Win32, but alas, no 'script'. There is, however, 'wc' and a number of other good commands! Another good repository of Win32 tools over at Interop Systems (but again no 'script'!).

The list of tools that Interop Systems has for Microsoft's Services For UNIX 3.5 is quite nice, too. (But again, no 'script')

identd - Needed some background on identd today and so wound up reading RFC 1413. Was mildly amused to see an acknowledgement at the bottom thanking Dan Bernstein. I have known of him for qmail and djbdns, but didn't realize he had a historical connection to identd.

The 3050 ICP Rides Again - For a period of time, we had a product in Mitel's portfolio called the 3050 ICP that was a small SIP-based PBX targeted at small and medium-size businesses. It was actually developed by a separate company, Mitel Knowledge Corporation, that is, like Mitel Networks, owned by Terry Matthews. The 3050 ICP was, to me, a very cool idea. I will admit that part of my bias was certainly that it was Linux-based and sat on top of our 6000 Managed Application Server product. But another part of the attraction was just that it was SIP-based and was entirely done in software.

In any event, for a number of reasons the relationship changed and we stopped carrying the 3050 ICP. The folks at Mitel Knowledge then formed MKC Networks and the product became the MKC Networks 7000 Communication Server. They also moved away from basing it on our commercial "6000 MAS" product and instead based it on our open source developer release called the "SME Server" and now supported through the community site of contribs.org.

The whole reason this came back to my attention was the news posting to the contribs.org developer site where MKC Networks is offering the software to developers who are interested. I hope some folks take them up on it. We need more stuff like this. I wish them all the best and do so hope the product evolves well.

Cisco INFOSEC Certification - Was passed along the link for the Cisco INFOSEC Professional which has some backing from the NSA. Interesting stuff.

The Chloe Journals: Tea Parties at 6am - So after listening to her talking in her room since about 5:30am or so, I finally roused myself out of bed a bit before 6am to go over and do the morning diaper change, etc. Before I could do that, though, I had to of course sit on the floor and accept the plate and fork from her, along with the mug and spoon (all small plastic toy ones, of course) and then participate in her little tea party. It was quite cute.

Security Fun - A good chunk of time this week was chewed up in issues around the Microsoft ASN.1 flaw. At one point this week I wasn't sure which I was receiving more of: spam, or security advisories about the Microsoft advisory! Sheesh... it's like all the creators of those various lists don't realize that anyone who has a clue about MS security is also on the MS security bulletin list!

LinkedIn - So now I have been invited to the LinkedIn social networking site. I did accept the invite to see what the buzz was about. Interesting, although I find some things harder about it than Orkut.

FOAF, plink.org, etc. - In the midst of that, dmarti asked if I had a FOAF file at all, as he finds that far more useful than any of these social networking sites. So I went to FOAF-a-matic to create a file that is now on my website. He also suggested I check out plink.org, which is a social networking site without any membership, etc., all based on open standards such as FOAF.

Wireless Certifications - Found out that several wireless vendors we work with are now asking for wireless certifications from their VARs. I didn't know of these certs, but their existence makes sense.

LPI Outreach to LUGs - LPI has announced a new outreach effort to Linux User Groups through a web site called LPI-LUG.org. As noted on the site, LUGs that register and have a number of people LPI-certified can obtain discounts off exam prices.

Python video - A friend sent me the link to this python video. I haven't watched it yet, but it sounds interesting.

Free Standards Group and ISO - Nice to see that the FSG received ISO recognition. Assuming this goes forward and they are able to get ISO recognition/certification for Linux, it will go far to help with government sales of Linux-related products. Good stuff.

Enigmail with Thunderbird - Started using thunderbird with enigmail at home for my personal e-mail. Wonderful to see how well it works with GnuPG to let me very easily sign and encrypt e-mail. Very nicely done.

Chinese WLAN Standard - The controversy over the Chinese proprietary WLAN standard continues. This decision makes it difficult for other companies to be able to sell into the Chinese market. Unless, of course, you partner with one of the 11 Chinese companies. :-) Fun, fun, fun...

Cisco Likes The Teleworker Market - Nice to see that Cisco sees the teleworker market as an opportunity. Good market validation, although our solution solves some of the security challenges posed by VPN-based teleworker solutions.

379 older entries...

New Advogato Features

New HTML Parser: The long-awaited libxml2 based HTML parser code is live. It needs further work but already handles most markup better than the original parser.

Keep up with the latest Advogato features by reading the Advogato status blog.

If you're a C programmer with some spare time, take a look at the mod_virgule project page and help us with one of the tasks on the ToDo list!