From anton.bugs at gmail.com Thu Jul 2 10:09:12 2009 From: anton.bugs at gmail.com (Anton) Date: Thu Jul 2 10:09:52 2009 Subject: [Slugnet] budget VOIP In-Reply-To: <20090630001506.67e337de@qufu> References: <20090630001506.67e337de@qufu> Message-ID: <30252b3b0907011909g32952d93yb5329acad7c4633c@mail.gmail.com> Wilfred, Since we are linux guys here, the typical setup would be Asterisk as a local PBX and a gateway to landline/IDD. I'm a happy user of pfingo.com (starhub) which is fully compatible (SIP) with asterisk. Can't tell anything about singtel voip. The cheaper one-time-pay solution is to setup your own gateway via PSTN card and existing landline(s) in the office. Here is a list of such cards: http://www.voip-info.org/wiki/view/Asterisk+hardware Drop me a line if you need more details. Regards, Anton 2009/6/30 Wilfred Walsh : > Dear Slugnetters, > > Does anyone have any experience with asterix-type open source VOIP > systems in Singapore? I want to set up a budget IP PBX for an 8-room, > 20 person office. Or is it ultimately cheaper just to pay for a > singtel VOIP service? ?Can anyone suggest a local company or person > who can consult/configure such a system cheaply?? > > Many thanks for any input, > > Wilfred > > ps I have cheap office space to rent..... > > _______________________________________________ > Slugnet mailing list > Slugnet@lugs.org.sg > http://wiki.lugs.org.sg/LugsMailingListFaq > http://www.lugs.org.sg/mailman/listinfo/slugnet > From lugs at royong.com Thu Jul 2 15:42:32 2009 From: lugs at royong.com (Roy Ong) Date: Thu Jul 2 15:43:16 2009 Subject: [Slugnet] FYI :: Announcing the openSUSE Ambassadors Program Message-ID: <1246520557.4626.60.camel@x61.localhost.localdomain> http://news.opensuse.org/2009/05/27/announcing-the-opensuse-ambassadors-program/+ From michael at metaparadigm.com Thu Jul 2 16:11:06 2009 From: michael at metaparadigm.com (Michael Clark) Date: Thu Jul 2 16:11:25 2009 Subject: [OSAS Discussion] [Slugnet] Spice up your LUG In-Reply-To: <147591.16651.qm@web36903.mail.mud.yahoo.com> References: <147591.16651.qm@web36903.mail.mud.yahoo.com> Message-ID: <4A4C6B9A.1060409@metaparadigm.com> Hi Darrel, Darrel Chua wrote: > SLMG will hope to continue by giving the community a monthly gathering and interaction session afterwards. FOSA, as I see it, promotes Free and Open Source software (not just linux) and focus flagship event is Software Freedom Day which I am urging everyone in community to come forward and help. The AGM is tonight and is completely open and everyone free to contest and stand for election. Sounds good. I will be in interested to catch up and see how it all went... Besides FOSA, my feeling is that now would be a good time now for SLMG and LUGS to be joined together more closely and I have made a firm pledge of SG$1000 to a joined group if this can happen. I have quite often thought it would be nice for LUGS to be having its monthly meeting again and many have questioned on the LUGS list about where have the LUGS meetings gone. My feeling is that we have too little resources to fragment our efforts here as the SLMG monthly meeting is great already!!! and I don't think there is any need to compete with this! as I know that it is hard enough to get speakers for one meetup, which tends to mean you end up with quite a few content free meetings... I have to give a lot of appreciation here for all of your efforts... BTW What do you think about hosting the LUGS AGM as an SLMG meeting? Could we tack this onto one of the upcoming SLMG meeting perhaps? (and if we do do this I'd strongly suggest a 60min time limit on organizational side of the meeting versus content/talks - as I know i'm not the only one with a short attention span). This is the sort of direction we would need to go in if anyone wants to hold me to my pledge which is made towards both SLMG and LUGS, not to one or the other, but to both of them combined together - I'm happily going to sit on the fence on this one (as personally I don't see a distinction between who was/is members of the 2 groups) ;p Cheers, Michael. PS Potential speakers with topics please post to the list here, or to Darrel Chua or Tom Goh - if you don't mind me plugging for SLMG here... I think we will all be glad to have more content-packed sessions, as i'm sure a LUGS AGM won't be much of a draw card. :) From c.david.rigby at gmail.com Thu Jul 2 17:46:03 2009 From: c.david.rigby at gmail.com (C David Rigby) Date: Thu Jul 2 17:46:32 2009 Subject: [OSAS Discussion] [Slugnet] Spice up your LUG In-Reply-To: <4A4C6B9A.1060409@metaparadigm.com> References: <147591.16651.qm@web36903.mail.mud.yahoo.com> <4A4C6B9A.1060409@metaparadigm.com> Message-ID: <1246527963.9138.3.camel@monolith.ratsnest.boldlygoingnowhere.org> On Thu, 2009-07-02 at 16:11 +0800, Michael Clark wrote: > Hi Darrel, > > Darrel Chua wrote: > > SLMG will hope to continue by giving the community a monthly gathering and interaction session afterwards. FOSA, as I see it, promotes Free and Open Source software (not just linux) and focus flagship event is Software Freedom Day which I am urging everyone in community to come forward and help. The AGM is tonight and is completely open and everyone free to contest and stand for election. > > Sounds good. I will be in interested to catch up and see how it all went... > Hello Michael! You can check out Tom Goh's minutes of the AGM here (PDF download): http://fosa.sg/node/6 Cheers C David Rigby From slug at haller.ws Thu Jul 2 19:08:04 2009 From: slug at haller.ws (Patrick Haller) Date: Thu Jul 2 19:08:34 2009 Subject: [OSAS Discussion] [Slugnet] Spice up your LUG In-Reply-To: <4A4C6B9A.1060409@metaparadigm.com> References: <147591.16651.qm@web36903.mail.mud.yahoo.com> <4A4C6B9A.1060409@metaparadigm.com> Message-ID: <20090702110804.GL3906@haller.ws> On Thu, Jul 02, 2009 at 04:11:06PM +0800, Michael Clark wrote: > PS Potential speakers with topics please post to the list here, or to > Darrel Chua or Tom Goh - if you don't mind me plugging for SLMG > here... I think we will all be glad to have more content-packed > sessions, as i'm sure a LUGS AGM won't be much of a draw card. :) I can talk about ssh, screen, or syslog event analysis. I've committed to talk about bash at GeekCamp. ;) Patrick From sohkamyung at gmail.com Fri Jul 3 09:24:23 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Fri Jul 3 09:24:43 2009 Subject: [Slugnet] [OT] Moblin v2.0 beta for Netbooks and Nettops - It's here Message-ID: <3ace93110907021824t1e2f7da9u77257d73c0754750@mail.gmail.com> [http://moblin.org/community/blogs/imad/2009/moblin-v20-beta-netbooks-and-nettops-its-here] ===== Moblin v2.0 beta for Netbooks and Nettops - It's here... Submitted by Imad Sousou, updated on 29 Jun 2009 - 143 comments The Moblin steering committee is happy to release the Moblin v2.0 beta for netbooks and nettops for developer testing. With this release, developers can begin to experience and work with the source code of the visually rich, interactive user interface designed for Intel Atom based netbooks. The Moblin v2.0 user experience has been designed from the ground up to provide unique ways to engage with the internet, aggregate your social networking activity, and enjoy your media content. The new user experience and core applications were developed using the Clutter animation framework, leveraging heavily from GL and the physics engine. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From sohkamyung at gmail.com Fri Jul 3 09:36:11 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Fri Jul 3 09:36:28 2009 Subject: [Slugnet] [OT] Linux Kernel Patch Works Around Microsoft's FAT Patents Message-ID: <3ace93110907021836j126256fel362eb487d22da436@mail.gmail.com> [http://www.osnews.com/story/21766/Linux_Kernel_Patch_Works_Around_Microsoft_s_FAT_Patents] [http://lkml.org/lkml/2009/6/26/313] [http://lkml.org/lkml/2009/6/26/314] ===== Linux Kernel Patch Works Around Microsoft's FAT Patents posted by Thom Holwerda on Thu 2nd Jul 2009 16:17 UTC, submitted by lemur2 [...] The new patch offers support for long file names without infringing any of Microsoft's patents. This isn't just an empty claim; several patent lawyers with expertise in this area have investigated the patch and concluded that it does not infringe the patents. In a Q&A about the patch, more details were revealed about how it avoids the patents: The claims of both of the VFAT patents involve the creation (or storing) of both a long filename and a short filename for a file. The 2nd patch only creates/stores either a short filename or a long filename for a file, but never both. The 11 bytes created by vfat_build_dummy_83_buffer() to pad the field for short filenames cannot be used to access the file, and contain bytes which are invalid in FAT and VFAT filenames, and therefore are not filenames as that term is and has been used in the technical community. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From sohkamyung at gmail.com Thu Jul 9 10:32:15 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Thu Jul 9 10:32:42 2009 Subject: [Slugnet] [OT] Moblin 2.0 To Not Run X Server As Root Message-ID: <3ace93110907081932g194289b8lac74abcd2794ab73@mail.gmail.com> [http://www.phoronix.com/scan.php?page=news_item&px=NzM3NA] ===== Moblin 2.0 To Not Run X Server As Root Posted by Michael Larabel on July 08, 2009 Intel's Arjan van de Ven has fired off an email letting us know that Moblin 2.0 will have its X Server running without root privileges. The first feature of their new "Moblin Secure X project" is to integrate NRX technology, which we take to mean "No-Root X" and is described as "NRX is a set of OS changes and patches that makes it possible to no longer run the X server as the privileged 'root' user." Just last week we reported on a root-less X Server nearing reality. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From tomgohj at gmail.com Thu Jul 9 22:10:32 2009 From: tomgohj at gmail.com (Tom Goh) Date: Thu Jul 9 22:11:09 2009 Subject: [Slugnet] budget VOIP In-Reply-To: <20090630001506.67e337de@qufu> References: <20090630001506.67e337de@qufu> Message-ID: <4A55FA58.1080102@gmail.com> Hi, This company does Asterisk stuff http://www.maxcole.com/ BTW its asterisk (Use to also think it was Asterix) Tom Wilfred Walsh wrote: > Dear Slugnetters, > > Does anyone have any experience with asterix-type open source VOIP > systems in Singapore? I want to set up a budget IP PBX for an 8-room, > 20 person office. Or is it ultimately cheaper just to pay for a > singtel VOIP service? Can anyone suggest a local company or person > who can consult/configure such a system cheaply?? > > Many thanks for any input, > > Wilfred > > ps I have cheap office space to rent..... > > From xwangbu at gmail.com Fri Jul 10 14:21:53 2009 From: xwangbu at gmail.com (wangbu xwangbu) Date: Fri Jul 10 14:22:19 2009 Subject: [Slugnet] Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux Message-ID: <7253647f0907092321i76bd4440hf049555292085e5b@mail.gmail.com> still unconfirmed but logs from successful exploits are "convincing": http://www.h-online.com/security/Rumours-of-critical-vulnerability-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712 From xwangbu at gmail.com Fri Jul 10 14:42:31 2009 From: xwangbu at gmail.com (wangbu xwangbu) Date: Fri Jul 10 14:42:49 2009 Subject: [Slugnet] Re: Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux In-Reply-To: <7253647f0907092321i76bd4440hf049555292085e5b@mail.gmail.com> References: <7253647f0907092321i76bd4440hf049555292085e5b@mail.gmail.com> Message-ID: <7253647f0907092342s1d66336fp6ad801f44e9f2990@mail.gmail.com> On Fri, Jul 10, 2009 at 2:21 PM, wangbu xwangbu wrote: > still unconfirmed but logs from successful exploits are "convincing": > > http://www.h-online.com/security/Rumours-of-critical-vulnerability-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712 > and they are in panic: http://forums.hostgator.com/all-servers-ssh-access-restricted-t52287.html http://www.webhostingtalk.com/showthread.php?p=6279045 From hendra at oraclelinux.org Fri Jul 10 14:51:27 2009 From: hendra at oraclelinux.org (Hendra) Date: Fri Jul 10 14:51:53 2009 Subject: [Slugnet] Re: Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux In-Reply-To: <7253647f0907092342s1d66336fp6ad801f44e9f2990@mail.gmail.com> References: <7253647f0907092321i76bd4440hf049555292085e5b@mail.gmail.com> <7253647f0907092342s1d66336fp6ad801f44e9f2990@mail.gmail.com> Message-ID: http://lwn.net/Articles/340483/ ... So, I'm not pursuaded (sic) that an 0day exists at all. The only evidence so far are some anonymous rumours and unverifiable intrusion transcripts. ... On Fri, Jul 10, 2009 at 2:42 PM, wangbu xwangbu wrote: > On Fri, Jul 10, 2009 at 2:21 PM, wangbu xwangbu wrote: >> still unconfirmed but logs from successful exploits are "convincing": >> >> http://www.h-online.com/security/Rumours-of-critical-vulnerability-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712 >> > > and they are in panic: > > http://forums.hostgator.com/all-servers-ssh-access-restricted-t52287.html > http://www.webhostingtalk.com/showthread.php?p=6279045 > > _______________________________________________ > Slugnet mailing list > Slugnet@lugs.org.sg > http://wiki.lugs.org.sg/LugsMailingListFaq > http://www.lugs.org.sg/mailman/listinfo/slugnet > From fox2mike at gmail.com Fri Jul 10 16:08:53 2009 From: fox2mike at gmail.com (Shyam Mani) Date: Fri Jul 10 16:09:33 2009 Subject: [Slugnet] Re: Rumours of critical vulnerability in OpenSSH in Red Hat Enterprise Linux In-Reply-To: References: <7253647f0907092321i76bd4440hf049555292085e5b@mail.gmail.com> <7253647f0907092342s1d66336fp6ad801f44e9f2990@mail.gmail.com> Message-ID: <42dff26a0907100108g59d87768gbafdb84319c7dce2@mail.gmail.com> On Fri, Jul 10, 2009 at 14:51, Hendra wrote: > So, I'm not pursuaded (sic) that an 0day exists at all. The only evidence so > far are some anonymous rumours and unverifiable intrusion transcripts. This was trashed by SANS. http://isc.sans.org/diary.html?storyid=6760 -- Shyam Mani | http://xinetd.accosted.net/ Gentoo Dev | http://dev.gentoo.org/~fox2mike Email | fox2mike@gentoo.org GPG Key | 0xFDD0E345 From sohkamyung at gmail.com Tue Jul 21 09:17:05 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Tue Jul 21 09:17:30 2009 Subject: [Slugnet] [OT] Red Hat on the S&P 500 is a sign of Linux maturity Message-ID: <3ace93110907201817q40107467t3b5ada04470ae8f3@mail.gmail.com> Congrats, Red Hat. You've come a long way since your IPO. [http://blog.internetnews.com/skerner/2009/07/red-hat-joins-sp-500-a-sign-of.html] ===== Red Hat on the S&P 500 is a sign of Linux maturity By Sean Michael Kerner on July 20, 2009 9:37 AM When Red Hat had its IPO in 1999, many (myself included) saw it as the real coming of age of Linux. While there is little doubt that IPO was a big event for Red Hat and Linux, perhaps an even more important one from a milestone point of view will officially occur this Friday. As of Friday July 24, Red Hat will join the S&P 500 index. In my opinion this is a major milestone for Red Hat and for Linux. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From xwangbu at gmail.com Tue Jul 21 09:38:54 2009 From: xwangbu at gmail.com (wangbu xwangbu) Date: Tue Jul 21 09:39:19 2009 Subject: [Slugnet] M$ stuns Linux world, submits source code for kernel Message-ID: <7253647f0907201838n509e883h69c711cbc5f3d6bb@mail.gmail.com> http://linux.com/news/software/linux-kernel/29293-linux-kernel-to-get-microsoft-code In order to provide better support for Linux as a guest OS for Microsoft's Hyper-V virtualization app, Microsoft is contributing 20,000 lines of device driver code to the Linux kernel under the GPL v2 license. The code has been submitted for inclusion to the main Linux kernel source tree. Microsoft sees this as a step towards better interoperability with customers on its virtualization platform, which they hope will be seen as a stronger offering now that Linux should become a more efficient guest OS on Hyper-V. From sohkamyung at gmail.com Tue Jul 21 14:42:30 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Tue Jul 21 14:42:52 2009 Subject: [Slugnet] [OT] Launchpad is now open source. Message-ID: <3ace93110907202342l648ce5afr73637b54922e1a87@mail.gmail.com> [http://blog.launchpad.net/general/launchpad-is-now-open-source] [https://launchpad.net/] Some people have 'grumbled' that Canonical/Ubuntu doesn't contribute much open-source code. Maybe this may make them grumble less...};-) ===== Launchpad is now open source. This is a post I?ve been looking forward to for a long time: Launchpad is now open source! We released it today under the GNU Affero General Public license, version 3. Note that although we had previously announced that we?d be holding back two components (codehosting and soyuz), we changed our minds: they are included ? all the code is open. Big congratulations (and thanks) to the Canonical Launchpad team, who worked overtime to make this happen sooner rather than later, and to Mark Shuttleworth, whose decision it was to open source Launchpad in the first place. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From anandvaidya.ml at gmail.com Tue Jul 21 15:15:01 2009 From: anandvaidya.ml at gmail.com (Anand Vaidya) Date: Tue Jul 21 15:15:31 2009 Subject: [Slugnet] [OT] Launchpad is now open source. In-Reply-To: <3ace93110907202342l648ce5afr73637b54922e1a87@mail.gmail.com> References: <3ace93110907202342l648ce5afr73637b54922e1a87@mail.gmail.com> Message-ID: <200907211515.02076.anandvaidya.ml@gmail.com> On 21 July 2009 pm 14:42:30 Soh Kam Yung wrote: > [http://blog.launchpad.net/general/launchpad-is-now-open-source] > [https://launchpad.net/] > > Some people have 'grumbled' that Canonical/Ubuntu doesn't contribute > much open-source code. Maybe this may make them grumble less...};-) > No, now they will change tune and complain about Affero GPL and why the code is not BSD/Apache licensed etc. From sohkamyung at gmail.com Wed Jul 22 09:32:26 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Wed Jul 22 09:32:50 2009 Subject: [Slugnet] [OT] Most expensive javascript ever? Message-ID: <3ace93110907211832u57993a82n5f211752ed12678d@mail.gmail.com> [http://my.opera.com/hallvors/blog/2009/07/20/most-expensive-javascript-ever] Or, how to p*** off your potential customer. ===== Most expensive javascript ever? Monday, 20. July 2009, 12:15:51 [...] a while ago Opera Software needed more servers. Not just a few servers either - we were planning Opera Mini's growth, implementing Opera Link, and My Opera was also growing quickly. We predicted crazy server load increases for the foreseeable future [...] one of the world's biggest hardware vendors - whose name every single reader will be familiar with, and whose hardware a good share of you will be using right now - apparently didn't do their homework. When Opera's sysadmin booted up the server to test its web-based administration interface, they came across a single JavaScript statement that managed to piss off everyone up to and including the CTO. This single statement, apparently written by some sub-contractor they had outsourced admin interface programming to, cost them millions of NOK in lost sales. And the code they sent all the way to Oslo for testing? Here's an extract: if (is.opera) { window.location.href="config/error.htm"; } [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From kq at kquee.com Wed Jul 22 11:43:02 2009 From: kq at kquee.com (Kelvin Quee) Date: Wed Jul 22 11:43:22 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) Message-ID: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> Hi SLUG! I need advise on this. I have a db which is being constantly updated and queried by a few computers. We are doing datamining. The machine is running on a moderately powered machine and processors constantly hit 90%. At the same time, we need to present these data on a web interface. The performance for the web interface is now very sluggish as most of the power is occupied by the mining process. I have thought of a few ways out of this - 1) Buy a mega powered machine (temporal solution, quick fix) 2) Do a master-slave configuration 3) Separate the DB into 2 - One for pure mining purposes, the other purely for web serving For (2), I do not know if it will be very effective since the master will probably have many changes at any moment. I do not understand how the changes will be propagated from the master to the slave and how it will impact the slave's performance. Anyone with more experience here? (3) seems ideal but is a very very painful solution! We can possibly use a message queue system but again I am not familiar with MQ. Will need to do more research. If you were me, how would you solve this problem? Kelvin Quee +65 9177 3635 From chpq2000 at gmail.com Wed Jul 22 12:20:36 2009 From: chpq2000 at gmail.com (Puqing) Date: Wed Jul 22 12:20:53 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> Message-ID: If the db is updated too much, maybe you can modify the data mining program, buffer some data in memory and update them periodically to db. And, if the data mining process consumes too much CPU, maybe you can try reducing its priority with the 'nice' command. From michael at metaparadigm.com Wed Jul 22 12:27:13 2009 From: michael at metaparadigm.com (Michael Clark) Date: Wed Jul 22 12:27:49 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> Message-ID: <4A669521.4040505@metaparadigm.com> Kelvin Quee wrote: > Hi SLUG! > > I need advise on this. > > I have a db which is being constantly updated and queried by a few > computers. We are doing datamining. The machine is running on a > moderately powered machine and processors constantly hit 90%. > > At the same time, we need to present these data on a web interface. > The performance for the web interface is now very sluggish as most of > the power is occupied by the mining process. > > I have thought of a few ways out of this - > > 1) Buy a mega powered machine (temporal solution, quick fix) > 2) Do a master-slave configuration > 3) Separate the DB into 2 - One for pure mining purposes, the other > purely for web serving > > For (2), I do not know if it will be very effective since the master > will probably have many changes at any moment. I do not understand how > the changes will be propagated from the master to the slave and how it > will impact the slave's performance. Anyone with more experience here? > 1. Buy lots of cheap ram first and bump up the innodb buffer pool sizes to 2.5-3GB (or higher if you are on 64bit) 2 and 3 are sort of the same thing. You basically enable binlogs on your master instance, and the slave instance slurps up the logs in real-time. http://dev.mysql.com/doc/refman/5.1/en/replication-howto.html Then you use the slave for doing your data mining/decision support queries. You could even run these two instances on the same box and still benefit. e.g. as long as you can partition the IO and CPU e.g. the slave instance has its own disk spindles, and nice the CPU on the slave mysqld process so that the master always takes priority to serve up the queries from the web. The only disadvantage is that it will take twice the space. ~mc From kq at kquee.com Wed Jul 22 13:01:46 2009 From: kq at kquee.com (Kelvin Quee) Date: Wed Jul 22 13:02:12 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4A669521.4040505@metaparadigm.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> <4A669521.4040505@metaparadigm.com> Message-ID: <4e9464f90907212201l5717a55u8665f4dce955a7ad@mail.gmail.com> Thanks Puqing and Michael. Michael, I don't get it. How can (2) and (3) be "sort of" the same? When you mean same - you mean they give the same results? >From my naive point of view, it seems that (3) can deliver better results since we basically torn the db apart - one for each purpose. If (2) can give near-to or similar performances as (3), it will be BRILLIANT as it means a lot less re-development time. :) Thanks for the quick response! Kelvin Quee +65 9177 3635 On Wed, Jul 22, 2009 at 12:27 PM, Michael Clark wrote: > Kelvin Quee wrote: >> >> Hi SLUG! >> >> I need advise on this. >> >> I have a db which is being constantly updated and queried by a few >> computers. We are doing datamining. The machine is running on a >> moderately powered machine and processors constantly hit 90%. >> >> At the same time, we need to present these data on a web interface. >> The performance for the web interface is now very sluggish as most of >> the power is occupied by the mining process. >> >> I have thought of a few ways out of this - >> >> 1) Buy a mega powered machine (temporal solution, quick fix) >> 2) Do a master-slave configuration >> 3) Separate the DB into 2 - One for pure mining purposes, the other >> purely for web serving >> >> For (2), I do not know if it will be very effective since the master >> will probably have many changes at any moment. I do not understand how >> the changes will be propagated from the master to the slave and how it >> will impact the slave's performance. Anyone with more experience here? >> > > 1. Buy lots of cheap ram first and bump up the innodb buffer pool sizes to > 2.5-3GB (or higher if you are on 64bit) > > 2 and 3 are sort of the same thing. > > You basically enable binlogs on your master instance, and the slave instance > slurps up the logs in real-time. > > http://dev.mysql.com/doc/refman/5.1/en/replication-howto.html > > Then you use the slave for doing your data mining/decision support queries. > > You could even run these two instances on the same box and still benefit. > e.g. as long as you can partition the IO and CPU e.g. the slave instance has > its own disk spindles, and nice the CPU on the slave mysqld process so that > the master always takes priority to serve up the queries from the web. > > The only disadvantage is that it will take twice the space. > > ~mc > > From edwin11_1979 at yahoo.com.sg Wed Jul 22 13:08:34 2009 From: edwin11_1979 at yahoo.com.sg (Edwin Lee) Date: Wed Jul 22 13:09:01 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> Message-ID: <905213.92592.qm@web76010.mail.sg1.yahoo.com> --- On Wed, 22/7/09, Kelvin Quee wrote: > I need advise on this. > > I have a db which is being constantly updated and queried > by a few > computers. We are doing datamining. The machine is running > on a > moderately powered machine and processors constantly hit > 90%. > > At the same time, we need to present these data on a web > interface. > The performance for the web interface is now very sluggish > as most of > the power is occupied by the mining process. > > I have thought of a few ways out of this - > > 1) Buy a mega powered machine (temporal solution, quick > fix) > 2) Do a master-slave configuration > 3) Separate the DB into 2 - One for pure mining purposes, > the other > purely for web serving > > For (2), I do not know if it will be very effective since > the master > will probably have many changes at any moment. I do not > understand how > the changes will be propagated from the master to the slave > and how it > will impact the slave's performance. Anyone with more > experience here? i would plump for (2) if i have the choice. Have 2 different boxes, do an active-passive pairing. The online transactions will be performed against the active. Data replicated asynchronously over to the passive. Data mining queries done against the passive. And you get HA with it as well! Regards, Edwin New Email names for you! Get the Email name you've always wanted on the new @ymail and @rocketmail. Hurry before someone else does! http://mail.promotions.yahoo.com/newdomains/sg/ From michael at metaparadigm.com Wed Jul 22 14:12:32 2009 From: michael at metaparadigm.com (Michael Clark) Date: Wed Jul 22 14:12:59 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4e9464f90907212201l5717a55u8665f4dce955a7ad@mail.gmail.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> <4A669521.4040505@metaparadigm.com> <4e9464f90907212201l5717a55u8665f4dce955a7ad@mail.gmail.com> Message-ID: <4A66ADD0.2030808@metaparadigm.com> Kelvin Quee wrote: > Thanks Puqing and Michael. > > Michael, I don't get it. How can (2) and (3) be "sort of" the same? > When you mean same - you mean they give the same results? > Well in both cases you are splitting load over 2 instances and you want to move some decision/data mining support query load from one instance and put it on another instance so that you don't disturb the performance of the other some other function - in this way they are the same. The only difference is the technology you use to achieve the moving of data between the two instances e.g. at the database level with replication (2) or at an application level (3) by writing to certain tables in specific instances or periodically copying certain data from data one instance to the other. At this point it is a design detail, i.e. if you do it at the database level with selective replication for the tables or schemas that you want on the other instance (doesn't need to be all tables), or alternatively you could do this at the application level by making your app write to different tables on the two instances (split the schema up as you say). They are pretty much doing the same thing, (3) probably requires more work, but for the extra effort, you may be able to trim out some redundancies in the entire database replication approach. > From my naive point of view, it seems that (3) can deliver better > results since we basically torn the db apart - one for each purpose. > Maybe, maybe not. With (2) you can completely isolate your primary database from your data mining/decision support load - the only downside is that it is a blunt knife, so as data is getting updated, it will all propagate to your slave instance - the downside here is the slave has to support the update load as well as its query load - depending on your update volume, this may or may not be an issue (where a periodic query that dumps data to the slave may be more efficient)... > If (2) can give near-to or similar performances as (3), it will be > BRILLIANT as it means a lot less re-development time. > Ya, I would personally would focus on (2) until I had proved that it is not otherwise feasible as it would be a lot quicker to implement... From kq at kquee.com Wed Jul 22 15:00:19 2009 From: kq at kquee.com (Kelvin Quee) Date: Wed Jul 22 15:00:38 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4A66ADD0.2030808@metaparadigm.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> <4A669521.4040505@metaparadigm.com> <4e9464f90907212201l5717a55u8665f4dce955a7ad@mail.gmail.com> <4A66ADD0.2030808@metaparadigm.com> Message-ID: <4e9464f90907220000g728e662ej184076bc83604a98@mail.gmail.com> Thanks Michael and Edwin. I will go try an implement (2) and get back to you guys asap. :) You guys rock! Kelvin Quee +65 9177 3635 On Wed, Jul 22, 2009 at 2:12 PM, Michael Clark wrote: > Kelvin Quee wrote: >> >> Thanks Puqing and Michael. >> >> Michael, I don't get it. How can (2) and (3) be "sort of" the same? >> When you mean same - you mean they give the same results? >> > > Well in both cases you are splitting load over 2 instances and you want to > move some decision/data mining support query load from one instance and put > it on another instance so that you don't disturb the performance of the > other some other function - in this way they are the same. > > The only difference is the technology you use to achieve the moving of data > between the two instances e.g. at the database level with replication (2) or > at an application level (3) by writing to certain tables in specific > instances or periodically copying certain data from data one instance to the > other. > > At this point it is a design detail, i.e. if you do it at the database level > with selective replication for the tables or schemas that you want on the > other instance (doesn't need to be all tables), or alternatively you could > do this at the application level by making your app write to different > tables on the two instances (split the schema up as you say). They are > pretty much doing the same thing, (3) probably requires more work, but for > the extra effort, you may be able to trim out some redundancies in the > entire database replication approach. > >> From my naive point of view, it seems that (3) can deliver better >> results since we basically torn the db apart - one for each purpose. >> > > Maybe, maybe not. With (2) you can completely isolate your primary database > from your data mining/decision support load - the only downside is that it > is a blunt knife, so as data is getting updated, it will all propagate to > your slave instance - the downside here is the slave has to support the > update load as well as its query load - depending on your update volume, > this may or may not be an issue (where a periodic query that dumps data to > the slave may be more efficient)... > >> If (2) can give near-to or similar performances as (3), it will be >> BRILLIANT as it means a lot less re-development time. >> > > Ya, I would personally would focus on (2) until I had proved that it is not > otherwise feasible as it would be a lot quicker to implement... > From harish.pillay at gmail.com Wed Jul 22 23:32:10 2009 From: harish.pillay at gmail.com (Harish Pillay) Date: Wed Jul 22 23:32:36 2009 Subject: [Slugnet] OpenSourceForAmerica.org Message-ID: * - Please see opensourceforamerica.org. We had something like that - but not as robust and developed - called Singapore Open Source Alliance. It did not exist as a legal entity and am looking forward to the newly formed FOSA as a vehicle to drive this. I am certain LUGS would be a happy party in this. -- Harish Pillay h.pillay@ieee.org gpg id: 746809E3 fingerprint: F7F5 5CCD 25B9 FC25 303E 3DA2 0F80 27DB 7468 09E3 From sohkamyung at gmail.com Thu Jul 23 09:18:23 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Thu Jul 23 09:18:47 2009 Subject: [Slugnet] [OT] Why Microsoft open-sourced its Linux drivers Message-ID: <3ace93110907221818g67552e37q50fc479da119438a@mail.gmail.com> [http://blogs.zdnet.com/microsoft/?p=3433] ===== July 22nd, 2009 Pigs are flying low: Why Microsoft open-sourced its Linux drivers Posted by Mary Jo Foley @ 4:27 am [...] my ZDNet blogging colleague Paula Rooney and TechFlash?s Todd Bishop both noted yesterday, one of the key reasons Microsoft agreed to do this was left out of the original tale told by the Softies. Microsoft originally was licensing the Linux drivers, also known as the Linux Integration Components (LIC), in a way that was in violation of the GPL. It was offering them under a combination of the GPL and a closed source license. [...] I re-contacted Kroah-Hartman last night to verify this new piece of information. Here?s what he said, via e-mail: MJF: Hemminger is claiming Microsoft put the LIC code under the GPL because it was in violation of the GPL. Is this true? Did you have to suggest to (Microsoft Platform Strategy Chief Sam) Ramji & Co. that they were in violation in order to get them to agree to release the code under GPLv2? GKH: I didn?t have to ?suggest? anything, I only had to merely point out the obviousness of the situation :) MJF: If this isn?t accurate, could you let me know how to interpret (Hemminger?s) comments on his blog. GKH: No, that sounds accurate. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From johan.gozali at gmail.com Thu Jul 23 12:48:55 2009 From: johan.gozali at gmail.com (Johan Gozali) Date: Thu Jul 23 12:49:21 2009 Subject: [Slugnet] Creative Services Web Designer/Developer Needed Message-ID: Hey Guys, I would like to spread the word around in case anyone here is interested: ?http://lindenlab.hrmdirect.com/employment/view.php?req=38265 * Linden Lab are the makers of Second Life. * We're basically looking for solid web front-end designer/developers. People who do magic with CSS, jQuery, etc. * Linden Lab is a Debian Linux shop. We rely extensively on OSS, and our systems are usually written in Python or PHP. Please feel fee to submit resumes/portfolios to the email address provided in the link above. Cheers, Johan. From jiinjoo at cs.stanford.edu Thu Jul 23 21:42:17 2009 From: jiinjoo at cs.stanford.edu (Ong Jiin Joo) Date: Thu Jul 23 21:42:46 2009 Subject: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) In-Reply-To: <4A66ADD0.2030808@metaparadigm.com> References: <4e9464f90907212043ubbf8281web8a1c1723b4e48a@mail.gmail.com> <4A669521.4040505@metaparadigm.com><4e9464f90907212201l5717a55u8665f4dce955a7ad@mail.gmail.com> <4A66ADD0.2030808@metaparadigm.com> Message-ID: <8CAE2D1EAB974115B6D2D4D3753C02CC@ong> >> If (2) can give near-to or similar performances as (3), it will be >> BRILLIANT as it means a lot less re-development time. >Ya, I would personally would focus on (2) until I had proved that it is >not otherwise feasible as it would be a lot quicker to implement... Contrary to Michael's suggestion, I'd high suggest you bite the bullet and make the transition into a proper pub-sub design. By focusing on (2) you'll end up dragging over both your DB because the nature of your application is a lot a lot of updates, but only limited queries (oops.. am I supposed to say this here) So if you're dumping massive amounts of RSS feeds into the DB, while only processing for the web interface occasionally (when the user request for data), I highly suggest that you create a small replica (possibly with a slightly different schema suitable for the GUI), and get your RSS db to publish changes to the small replica. From there it's your choice on whether to make it an app level thing or a DB "transform"... -----Original Message----- From: slugnet-bounces@lugs.org.sg [mailto:slugnet-bounces@lugs.org.sg] On Behalf Of Michael Clark Sent: Wednesday, July 22, 2009 2:13 PM To: kq@kquee.com Cc: slugnet Subject: Re: [Slugnet] Advise Needed on DB Design (PostgreSQL on Debian Lenny) From gaurav at ggvaidya.com Mon Jul 27 17:45:16 2009 From: gaurav at ggvaidya.com (Gaurav Vaidya) Date: Mon Jul 27 17:45:41 2009 Subject: [Slugnet] Fwd: Announcing the first Singapore Perl Mongers Meetup: August 1, 1600-1900 In-Reply-To: <2665a3df0907270008g40185f7s6d4d8113279a3682@mail.gmail.com> References: <2665a3df0907270008g40185f7s6d4d8113279a3682@mail.gmail.com> Message-ID: <2665a3df0907270245x568df4ecld496a7cd7b143e50@mail.gmail.com> Hey everybody, We're having our first Perl meetup this Saturday, 4pm to 7pm, at the Earshot Cafe in the Old Parliament House. If you are interested in or curious about Perl, please drop by! All details are attached. Our fairly uninformative website is at http://singapore.pm.org/, but atleast it has instructions on signing up to our mailing list. cheers, Gaurav ---------- Forwarded message ---------- From: Gaurav Vaidya Date: 2009/7/27 Subject: Announcing the first Singapore Perl Mongers Meetup: August 1, 1600-1900 To: singapore-pm@pm.org Hey everybody, The decisions have been made, the timetables have been drawn up; the first Singapore Perl Mongers meetup (codenamed "Adagio") will be this Saturday (August 1, 2009) at the Earshot Cafe [1] at The Arts House [2] (the Old Parliament Building; it's right behind Victoria Concert Hall near the Singapore river) from 4pm to 7pm in the afternoon/evening. The meetup will then break for drinks or boardgames or whatever. We don't have a fixed agenda for this meetup; Patrick Haller offered a talk on creating a common runtime environment for a repository of Perl scripts, and I don't mind talking about joining in on core module, perl6 or even perl5 development with GitHub, so we've got a bunch of things to talk about (if the Earshot Cafe isn't too crowded). Personally, I'm just interested in meeting up with all of you and finding out what Perl is used for in Singapore, and how Singapore.pm can help promote Perl in Singaporean companies and to Singaporean students. Please let me know if you need directions, want to ask questions or would like to suggest or volunteer talks; my e-mail address is gaurav@ggvaidya.com. If you want to promote this event on Facebook, I've created an "Event" to make that easier [3]. See you all there! cheers, Gaurav [1] http://www.earshot.com.sg/website/contact.asp [2] http://gothere.sg/directions#arts%20house: [3] http://www.facebook.com/event.php?eid=148139276152 From sohkamyung at gmail.com Tue Jul 28 11:25:00 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Tue Jul 28 11:25:20 2009 Subject: [Slugnet] [OT] Linux man-pages maintainer is writing a book Message-ID: <3ace93110907272025y7f9aae8y493d5ccf855cb477@mail.gmail.com> I've been using his man-pages [http://kernel.org/doc/man-pages/] as one of my linux/posix programming references and this looks good: a complement to generic unix/posix books like Stevens's "Advance Programming in the UNIX Environment". [http://linux-man-pages.blogspot.com/2009/07/different-story-my-book.html] [http://blog.man7.org/2009/07/whats-book-about.html] [http://blog.man7.org/2009/07/64-chapters.html] ===== Monday, July 27, 2009 A different story: my book For quite a long time now, I've been working on a book that covers much the same topic area as man-pages; that is, the Linux/Unix kernel-userland interface (system calls, /proc, and so on) and C library (glibc) functions. The book is going to be comprehensive: it runs to around 1500 pages (exactly how long will depend on typesetting and page layout, which are just getting started), has 64 chapters, 116 diagrams, 85 tables, and around 250 example programs. It will be published in the first half of 2010 by No Starch Press. You can read about its ongoing progress towards publication in my other blog at blog.man7.org. To get an overview of what the book is about, read this post, and to see the table of contents of the book, read this post. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From gaurav at ggvaidya.com Wed Jul 29 18:08:00 2009 From: gaurav at ggvaidya.com (Gaurav Vaidya) Date: Wed Jul 29 18:08:19 2009 Subject: [Slugnet] Re: Announcing the first Singapore Perl Mongers Meetup: August 1, 1600-1900 In-Reply-To: <2665a3df0907270245x568df4ecld496a7cd7b143e50@mail.gmail.com> References: <2665a3df0907270008g40185f7s6d4d8113279a3682@mail.gmail.com> <2665a3df0907270245x568df4ecld496a7cd7b143e50@mail.gmail.com> Message-ID: <2665a3df0907290308s4bbb1308m4748e0fedb9b2eed@mail.gmail.com> Hey everybody, 2009/7/27 Gaurav Vaidya : > We're having our first Perl meetup this Saturday, 4pm to 7pm, at the > Earshot Cafe > in the Old Parliament House. If you are interested in or curious about > Perl, please drop by! All details are attached. Sorry for the sudden change, but for reasons outside my control, we've had to shift our meetup to the Mind Cafe on Princep Street [1]. It will still be this Saturday, August 1st, from 4pm to 7pm as previously scheduled. My apologies for the sudden change, and I hope you can make it! Luther: Thanks for the tip and the advert! It's done: http://forums.hardwarezone.com.sg/showthread.php?p=39284862#post39284862. cheers, Gaurav [1] Read all about it: http://www.themindcafe.com.sg/TheMindCafe_Outlet_ps.php [2] Here's a map: http://www.themindcafe.com.sg/images/outletsPrinsep_r3_c1.jpg From chounmin at yahoo.com.sg Wed Jul 29 22:29:48 2009 From: chounmin at yahoo.com.sg (Emmanuel Nee) Date: Wed Jul 29 22:30:14 2009 Subject: [Slugnet] [OT] Jobs - AIX Admin Message-ID: <488322.63211.qm@web76212.mail.sg1.yahoo.com> Hi guys, My company is hiring for AIX administrator with strong background in storage. Please contact me if you are keen. Regards, Nee Choun Min 91005063 New Email names for you! Get the Email name you've always wanted on the new @ymail and @rocketmail. Hurry before someone else does! http://mail.promotions.yahoo.com/newdomains/sg/ From sohkamyung at gmail.com Thu Jul 30 09:36:09 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Thu Jul 30 09:36:33 2009 Subject: [Slugnet] [OT] ArsTechnica: One extra ampersand in code leads to IE exploit Message-ID: <3ace93110907291836h15434a9ay420c53dd0b95bf6f@mail.gmail.com> [http://arstechnica.com/microsoft/news/2009/07/a-single-extra-resulted-in-ie-exploit.ars] Microsoft isn't alone: I've made this mistake also. Anybody else want to confess? ===== Microsoft has admitted that a single extra ampersand ("&") resulted in the recently patched Internet Explorer exploit. By Emil Protalinski | Last updated July 29, 2009 3:22 PM CT [...] "The extra '&' character in the vulnerable code causes the code to write potentially untrusted data, of size cbSize, to the address of the pointer to the array, pbArray, rather than write the data into the array, and the pointer is on the stack. This is a stack-based buffer overrun vulnerability." The typo corrupted the code of the MSVidCtl ActiveX control used by Internet Explorer. Here is the line in question: hr = pStream->Read((void*)&pbArray, (ULONG)cbSize, NULL); should be hr = pStream->Read((void*)pbArray, (ULONG)cbSize, NULL); [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From gaurav at ggvaidya.com Thu Jul 30 10:26:33 2009 From: gaurav at ggvaidya.com (Gaurav Vaidya) Date: Thu Jul 30 10:32:19 2009 Subject: [Slugnet] [OT] ArsTechnica: One extra ampersand in code leads to IE exploit In-Reply-To: <3ace93110907291836h15434a9ay420c53dd0b95bf6f@mail.gmail.com> References: <3ace93110907291836h15434a9ay420c53dd0b95bf6f@mail.gmail.com> Message-ID: <2665a3df0907291926v1b114a9ayfb9b94596e762cfe@mail.gmail.com> Heyo, 2009/7/30 Soh Kam Yung : > [http://arstechnica.com/microsoft/news/2009/07/a-single-extra-resulted-in-ie-exploit.ars] > > Microsoft isn't alone: I've made this mistake also. ?Anybody else want > to confess? > I haven't made this mistake in years - because I don't do systems programming, and therefore don't need to fiddle with pointers, ever! (Which isn't to say I haven't had segfaults; my *Java* code is segfaulting consistently at the moment. Horror of horrors. Praise Turing for Perl!) cheers, Gaurav From anandvaidya.ml at gmail.com Thu Jul 30 11:12:49 2009 From: anandvaidya.ml at gmail.com (Anand Vaidya) Date: Thu Jul 30 11:13:15 2009 Subject: [Slugnet] [OT] ArsTechnica: One extra ampersand in code leads to IE exploit In-Reply-To: <3ace93110907291836h15434a9ay420c53dd0b95bf6f@mail.gmail.com> References: <3ace93110907291836h15434a9ay420c53dd0b95bf6f@mail.gmail.com> Message-ID: <200907301112.49506.anandvaidya.ml@gmail.com> On 30 July 2009 am 09:36:09 Soh Kam Yung wrote: > [http://arstechnica.com/microsoft/news/2009/07/a-single-extra-resulted-in-i >e-exploit.ars] > > Microsoft isn't alone: I've made this mistake also. Anybody else want > to confess? If I understand correctly, this happened 'coz Visual Studio had a defective template and as per the "Best Practices" every one happily clicked on the codewizards etc and never bothered to look into the code that is being generated automagically. Is that right? Regards Anand > > ===== > Microsoft has admitted that a single extra ampersand ("&") resulted in > the recently patched Internet Explorer exploit. > By Emil Protalinski | Last updated July 29, 2009 3:22 PM CT > > [...] > > "The extra '&' character in the vulnerable code causes the code to > write potentially untrusted data, of size cbSize, to the address of > the pointer to the array, pbArray, rather than write the data into the > array, and the pointer is on the stack. This is a stack-based buffer > overrun vulnerability." The typo corrupted the code of the MSVidCtl > ActiveX control used by Internet Explorer. > > Here is the line in question: > > hr = pStream->Read((void*)&pbArray, (ULONG)cbSize, NULL); > should be > hr = pStream->Read((void*)pbArray, (ULONG)cbSize, NULL); > > [...] > ===== From sohkamyung at gmail.com Thu Jul 30 18:22:38 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Thu Jul 30 18:22:56 2009 Subject: [Slugnet] [OT] SSL flaw revealed at Black Hat Message-ID: <3ace93110907300322k47b477bap54e57fa8972d023a@mail.gmail.com> [http://www.h-online.com/security/SSL-flaw-revealed-at-Black-Hat--/news/113880] Problem here appears to be assuming the input to be a C-type (NULL terminated) string, instead of checking the actual input string length. ===== SSL flaw revealed at Black Hat [...] The flaw both Marlinspikes and Kaminsky have identified is that adding a null character into the string supplied as the domain name will get the CA to issue a fake certificate that browsers will accept as genuine. Marlinspikes' example: www.paypal.com\0.thoughtcrime.org. "In most implementations of SSL," he told the Black Hat audience, "this certificate is completely valid for www.paypal.com." Implementations at risk include browsers, email clients, chat clients, and even SSL VPNs. A user will have no way of detecting a man-in-the-middle attack. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas) From sohkamyung at gmail.com Fri Jul 31 11:11:57 2009 From: sohkamyung at gmail.com (Soh Kam Yung) Date: Fri Jul 31 11:12:27 2009 Subject: [Slugnet] [OT] CNet: An SMS can force a URL or app on smartphones Message-ID: <3ace93110907302011n761a29e1ge77d1faf457f1e49@mail.gmail.com> [http://news.cnet.com/8301-27080_3-10300536-245.html?part=rss&subj=news&tag=2547-1_3-0-20] ===== July 30, 2009 7:28 PM PDT An SMS can force a URL or app on smartphones by Elinor Mills LAS VEGAS--In one of a handful of SMS-related presentations here at the Black Hat security show, researchers demonstrated on Thursday how they can force certain types of smartphones to visit a malicious URL or install an app without user approval. The vulnerability only affects phones that have been misconfigured by the original equipment manufacturer so that they accept any message sent through WAP Push (Wireless Application Protocol), a service that runs on top of SMS, said researcher John Hering. WAP Push messages should only be accepted when sent by a trusted party such as the mobile operator, said Hering, chief executive of Flexilis, which provides software for protecting mobile phones from attack. The vulnerability spans all Windows Mobile devices including HTC, Motorola, and Samsung, but not all of any one make or model of phone is found to be vulnerable, only random ones, he said. [...] In a presentation earlier in the day, Zane Lackey of ISEC Partners and independent researcher Luis Miras demonstrated how an attacker could spoof an MMS (multimedia messaging service) type of SMS message that appears to be sent from a trusted source and trick the recipient into visiting a malicious Web site. Also on Thursday, Charlie Miller of Independent Security Evaluators and independent researcher Collin Mulliner demonstrated another type of attack in which they can take complete control over an iPhone merely by sending special SMS messages. They proved the attack the night before with a denial of service attack on my non-jailbroken iPhone, which runs OS 3.0. [...] ===== -- Soh Kam Yung my Google Reader Shared links: (http://www.google.com/reader/shared/16851815156817689753) my Google Reader Shared SFAS links: (http://www.google.com/reader/shared/user/16851815156817689753/label/sfas)