lucky13

This just shows Opera opened to the DSL Forums and ctrl-tab to show other tabs opened. The only way to get more viewing area in Opera would be to maximize it or to set my jwm tray on top to autohide (like the thin blue line at the bottom right corner).

This is just a shot of the DSL forums using elinks in ratpoison. I guess this is more like eye insulin than eye candy.

The advantage? About 1/30th the RAM my other browser is using right now. And ratpoison uses half the RAM jwm uses.

Tweaked my desktop’s JWM configurations a bit and doubled my RAM ($3 for 256MB, how could I resist?).  I added a couple menu buttons on the top tray since I use my mouse. The apps menu shows the standard DSL format (though I factored out everything). The speed menu is my fast launch with my most frequent stuff (including the content-based menu I made for laptop use). Moved the dock to the left side (gaim and opera icons shown), four desktop pager, tasklist with maxwidth set at 120, and then a full clock with date.

I set my monitoring stuff on one virtual desktop and set up htop and my tail terminals to fit around conky so I can see everything. Uptime reset over Christmas (and again for installing RAM). I’d been up 42 days since wiping the drive and reinstalling DSL.

I’m probably going to make a few more jwm tweaks, including moving the dock icons back to the right side — they’re too close to the menus and pager. I might add more menus as well to separate tasks on  the tray instead of in the menu. I’m also using dfm more than I thought I would.

I  thought about switching this one over to a frugal install but I’m in no rush. The only thing this computer needs is a quieter fan.

Larry Dignan and George Ou compared security warnings and severity between Windows XP/Vista and OSX. For sake of fairness, warnings affecting multiple versions (XP and Vista, 10.4 and Leopard) are counted once. The loser? Apple.

Mac versus Windows vulnerability stats for 2007:

[T]his shows that Apple had more than 5 times the number of flaws per month than Windows XP and Vista in 2007, and most of these flaws are serious. Clearly this goes against conventional wisdom because the numbers show just the opposite and it isn’t even close.

Also noteworthy is that while Windows Vista shows fewer flaws than Windows XP and has more mitigating factors against exploitation, the addition of Windows Defender and Sidebar added 4 highly critical flaws to Vista that weren’t present in Windows XP. Sidebar accounted for three of those additional vulnerabilities and it’s something I am glad I don’t use. The lone Defender critical vulnerability that was supposed to defend Windows Vista was ironically the first critical vulnerability for Windows Vista.

Just a matter of time before the FTC investigates Apple’s advertising claims hysterics.

It’s out and it rocks. Quite a few changes: some filesystem modules have been moved out, changes in applications, and new icons and theme (blackandblue). The filesystem modules had no progs in MyDSL so nobody should even notice they’re gone. As far as applications go, mtpaint replaces xpaint. Plenty of folder icons if you don’t like the default color scheme. There are many more improvements.

I burned the ISO pretty fast to give it a quick spin. Now running installed HDD-USB. Here’s a first screenshot, lucky-style with the tray on top.

More later.

Another day, another Apple exploit. Another day, another sign of Apple’s lack of concern. Another day, another new ad trying to con computer buyers into believing Macs are more secure and that Apple is security-conscious.

Slashdot | A Little .Mac Security Flaw:

The de facto online connectivity software sold along with many Apple computers, .Mac, has a Web interface through which users can check their ‘iDisk’ while away from their own computer. However, there is no Log-Out button in this Web interface, so most users just close the browser and walk away… not realizing that their iDisk has been cached by the browser and that anyone who wants to can open up the browser, go back to the link in History, and get into their iDisk completely logged in. From here, files can be downloaded and/or deleted. This seems like a minor security flaw via bad interface design, and podcaster Klaatu (of thebadapples.info) posted this on the discussion.apple.com site, only to have his post removed by Apple. Furthermore, feedback at apple.com/feedback has gone unanswered. The problem remains: there is no way for the average computer user to log-out of their iDisk on public computers. A quick review of any public terminal’s browser history could bring up all kinds of interesting things.

Study: iPhone Major 2008 Hack Target:

The attacks, they say, will likely take the form of malware embedded in photos or video. Until its latest update, the iPhone was vulnerable to such attacks through a bug in its handling of TIFF images. Previous versions of Apple’s firmware used a version of the libtiff library that was susceptible to buffer-overflow attacks.

Security researcher and hacker HD Moore in October revealed that the TIFF exploit would allow malicious hackers access to the phone’s root level. All of the iPhone’s key applications run as root processes, Moore found, so exploiting the TIFF bug provided the ability for hackers to take control of the phone.

I added a couple more pages to my DSL-related page. The one about configuring JWM for mouse-free (or almost mouse-free) use has been accessible via the DSL Forums. The log of my efforts to track down why XFS daemons and various filesystem modules were loading on my hard drive install has been unlinked elsewhere until now.

If I get time this weekend, I want to move the interoperability stuff off that page and add more content about portable apps from notes I’ve accumulated on my personal wiki.

I just trashed Apple (again). I’m fair and balanced. Let’s not leave out MS exploitable code…

Hackers Exploit Access Database Flaw:

In its brief warning, US-CERT offered few details on the attack, saying simply that the organization is “aware of active exploitation” of the problem by criminals who have sent specially crafted Microsoft Access Database (.mdb) files to victims.

These files are “designed for the sole purpose of executing commands,” so they should not be accepted from untrusted sources, Microsoft said in a note on its Web site.

Apple has again patched their bloated, buggy, vulnerable, piece-of-sh_t media player.

After Attacks, Apple Fixes QuickTime Bug:

Apple has released a new security patch for QuickTime, its eighth update this year for the media player software.

New exploits coming soon! Because it has more holes in it than Windows!