I was once again on the hunt for an efficient and powerful CMS... clients keep asking for upgrades and there always seems to be something better!
Anyway, I have seen "django" around town a few places (most notably for me, at BitBucket) and decided to give it a read-through. I read the intro and FAQ one day and decided that it was worth looking into. The idea that its creators had ditched PHP for a Python-based framework was intriguing to me (I have done so much in PHP, from simple home-made projects to Joomla themes/plugins, Drupal themes/moduels, and WordPress themes). The other intriguing fact was that django was born out of a fast-paced newsroom environment with the chief features being speed of deployment and ease of administration.
Today, I decided to give it a whirl. I recently loaded up an Ubuntu 10.10 virtual machine (VirtualBox) on my MacBook Pro and configured it with the bridged connection so that I could access a server running on the VM. I installed the WSGI Apache module and then hit the tutorials for both WSGI and django to get a basic app working. It's really amazing how it all works together; the WSGI app seems not to know where to go, but a single line that passes the django app handler to the WSGI script is really tight integration, and we're up and running in about 45 minutes of stumbling hurriedly through docs!
I took a step back to read the design philosophies of the django project, and boy are they ideal! Where other projects that claim MVC (like Drupal) have settled for a hybrid between object-oriented programming and plain old procedural PHP and still others (like Joomla) have gone overboard with the object-oriented features of PHP5, django has taken an ideal approach to what functionality belongs where and really separated the layers. And their automatic administrative interface is simply beautiful. The major drawback is support from hosting providers. Of course, running a VPS/Dedicated Server/Cloud Server, you have complete control over the server config, which is really straight-forward, but hooking into the Apache configuration and enabling the WSGI module is really something that takes some consideration on the part of the web host, consideration not often taken by the cheap ones.
Needless to say, I will be considering django-based solutions as appropriate in the very near future!
Registered Linux User #370740 (http://counter.li.org)
Cyberwarfare
It has been awhile since I posted, but I am by no means out of touch with recent events, especially those surrounding WikiLeaks.
The purpose of WikiLeaks is to enforce the open government policy by stealing or otherwise obtaining through improper channels information that should remain private for reasons of security (bodily harm) or privacy (emotional harm) and releasing that information to the public on the Internet. Service providers have withdrawn their service from this organization, including hardware and network access to host it, and they, in turn, have become the target of electronic assault by WikiLeaks supporters, primarily distributed denial-of-service attacks (DDoS) by a group identified as "Anonymous".
Numerous tech columnists (including Paul Mah at FierceCIO) have commented that small businesses should be aware of the risk they run by neglecting security practices with respect to their computing resources; while giants like Amazon did not suffer interruptions of service due to the attacks, they have enormous capability to identify and respond to the attacks in real-time, whereas small shops with disgruntled customers would have a far worse time identifying, responding, and recovering from such an attack.
I plan to do some traveling this holiday season, by plane and by private automobile, and transportation security is one of those places where the information technology sector's security practices could be applied analogously to great effect. One of the first things an IT security consultant must do is define the perimeter of the system. For transportation security, this can be tricky due to the several modes of transportation available to the public. Then, at the gateways (the ordinary vulnerability), the problem of detecting the unforeseen is both easier and more difficult for transportation officials. For computing, as long as you can trust the integrity of the code running the gatekeeper, spotting an unauthorized or otherwise malicious entry is relatively straight-forward. For transportation, it must be well-defined what is a harmful object or even a harmful disposition in a person crossing into the region, and the depth of the search for these things can easily violate a person's privacy and dignity as a human person (not simply a data packet, which can be searched exhaustively with no moral consequence). It seems that anything could be a weapon, and any number of otherwise innocuous substances could even be transported within the human body across security lines. With the advent of millimeter wave and backscanner search devices at airports, the skin is the new boundary of concealment; a traditional metal detector would detect metallic objects under the skin (this does not address non-metallic explosive materials).
The issues go on and on; it is essentially impossible for an institution like the TSA to engage in a flawless preventative security policy because of the creativity of the human mind that can be applied to any set of substances or objects to derive a tool to accomplish any task. Rather, as in cyber-security, a distributed model would be most important. Intelligent agents authorized by society as a whole to enforce security and intervene in the case of an incident that jeopardizes security or privacy in transportation should be ubiquitous and equipped to respond to a wide variety of circumstances. Likewise, ordinary citizens (who are naturally ubiquitous in this respect) should also be educated and equipped (at least virtually) to respond to situations that jeopardize their security or privacy or that of those around them. In this way, would-be perpetrators would be stopped early on and over time this reality would become a deterrence.
The moral of the story: be vigilant!
Registered Linux User #370740 (http://counter.li.org)
The purpose of WikiLeaks is to enforce the open government policy by stealing or otherwise obtaining through improper channels information that should remain private for reasons of security (bodily harm) or privacy (emotional harm) and releasing that information to the public on the Internet. Service providers have withdrawn their service from this organization, including hardware and network access to host it, and they, in turn, have become the target of electronic assault by WikiLeaks supporters, primarily distributed denial-of-service attacks (DDoS) by a group identified as "Anonymous".
Numerous tech columnists (including Paul Mah at FierceCIO) have commented that small businesses should be aware of the risk they run by neglecting security practices with respect to their computing resources; while giants like Amazon did not suffer interruptions of service due to the attacks, they have enormous capability to identify and respond to the attacks in real-time, whereas small shops with disgruntled customers would have a far worse time identifying, responding, and recovering from such an attack.
I plan to do some traveling this holiday season, by plane and by private automobile, and transportation security is one of those places where the information technology sector's security practices could be applied analogously to great effect. One of the first things an IT security consultant must do is define the perimeter of the system. For transportation security, this can be tricky due to the several modes of transportation available to the public. Then, at the gateways (the ordinary vulnerability), the problem of detecting the unforeseen is both easier and more difficult for transportation officials. For computing, as long as you can trust the integrity of the code running the gatekeeper, spotting an unauthorized or otherwise malicious entry is relatively straight-forward. For transportation, it must be well-defined what is a harmful object or even a harmful disposition in a person crossing into the region, and the depth of the search for these things can easily violate a person's privacy and dignity as a human person (not simply a data packet, which can be searched exhaustively with no moral consequence). It seems that anything could be a weapon, and any number of otherwise innocuous substances could even be transported within the human body across security lines. With the advent of millimeter wave and backscanner search devices at airports, the skin is the new boundary of concealment; a traditional metal detector would detect metallic objects under the skin (this does not address non-metallic explosive materials).
The issues go on and on; it is essentially impossible for an institution like the TSA to engage in a flawless preventative security policy because of the creativity of the human mind that can be applied to any set of substances or objects to derive a tool to accomplish any task. Rather, as in cyber-security, a distributed model would be most important. Intelligent agents authorized by society as a whole to enforce security and intervene in the case of an incident that jeopardizes security or privacy in transportation should be ubiquitous and equipped to respond to a wide variety of circumstances. Likewise, ordinary citizens (who are naturally ubiquitous in this respect) should also be educated and equipped (at least virtually) to respond to situations that jeopardize their security or privacy or that of those around them. In this way, would-be perpetrators would be stopped early on and over time this reality would become a deterrence.
The moral of the story: be vigilant!
Registered Linux User #370740 (http://counter.li.org)
Facebook 33% Internet Penetration
Facebook announced this week that it now has over 500 million registered users. I recall seeing a YouTube campaign about the online billion helping the hungry billion in the past. According to Wolfram|Alpha, there are now 1.56 billion people online.
One must stop and think - what are they all doing online? Facebook began as a casual way to share memories via photographs and keep in touch with fellow classmates, as well as extend academic communities. It grew to include high schools and workplaces (while adding more features, including video and applications, especially games), and finally expanded to remove the concepts of academic, professional, and geographic networks to simply consider each members' connections to other members and the connections gained collaterally via those initial connections to represent a user's network.
How does Facebook help humanity? It provides a diversion (now often blocked by corporate firewalls) for the office-workers among us, perhaps making work more enjoyable and thereby increasing productivity. Through its Causes application, it leverages its platform of connecting people to support various charitable causes financially and in coordinating manual labor to support those causes. Through competitive games that require the use of intellect and strategy, it builds vocabulary with Scrabulous, and sharp arithmetic and logic skills with Sudoku puzzles. Various applications provide users with a daily inspirational quote, scriptural passage, or model citizen from whom to take inspiration in living a more gratifying life or otherwise keeping ourselves happy.
All these things, however consume time, and while they are good, there is so much on Facebook that is bad (with 500 million users, it is inevitable that some users are offended or scandalized by others' content). And for all that is bad, there is content that simply consumes time with no beneficial product for humanity. Look at Vampire Wars or applications that consume time taking endless surveys that you share with your friends, only we can only see your responses after completing the survey ourselves... the list goes on and on. Then there's Farmville and Fluff Friends...
Facebook, as a major player in the computer software industry, has made substantial and radical contributions to the open source community, providing tools that they have refined in-house to the community at large, in order to stimulate smarter and more efficient use of computing resources. These contributions should not go unnoticed, and it should also be noted that it is partly the large member base that caused Facebook to optimize various standard tools that are used on the web.
So let's hope that those who use Facebook leverage its powerful platform that connects people in ways that are productive for society as a whole, and not merely for the fleeting fun that is often so tempting to indulge.
Registered Linux User #370740 (http://counter.li.org)
One must stop and think - what are they all doing online? Facebook began as a casual way to share memories via photographs and keep in touch with fellow classmates, as well as extend academic communities. It grew to include high schools and workplaces (while adding more features, including video and applications, especially games), and finally expanded to remove the concepts of academic, professional, and geographic networks to simply consider each members' connections to other members and the connections gained collaterally via those initial connections to represent a user's network.
How does Facebook help humanity? It provides a diversion (now often blocked by corporate firewalls) for the office-workers among us, perhaps making work more enjoyable and thereby increasing productivity. Through its Causes application, it leverages its platform of connecting people to support various charitable causes financially and in coordinating manual labor to support those causes. Through competitive games that require the use of intellect and strategy, it builds vocabulary with Scrabulous, and sharp arithmetic and logic skills with Sudoku puzzles. Various applications provide users with a daily inspirational quote, scriptural passage, or model citizen from whom to take inspiration in living a more gratifying life or otherwise keeping ourselves happy.
All these things, however consume time, and while they are good, there is so much on Facebook that is bad (with 500 million users, it is inevitable that some users are offended or scandalized by others' content). And for all that is bad, there is content that simply consumes time with no beneficial product for humanity. Look at Vampire Wars or applications that consume time taking endless surveys that you share with your friends, only we can only see your responses after completing the survey ourselves... the list goes on and on. Then there's Farmville and Fluff Friends...
Facebook, as a major player in the computer software industry, has made substantial and radical contributions to the open source community, providing tools that they have refined in-house to the community at large, in order to stimulate smarter and more efficient use of computing resources. These contributions should not go unnoticed, and it should also be noted that it is partly the large member base that caused Facebook to optimize various standard tools that are used on the web.
So let's hope that those who use Facebook leverage its powerful platform that connects people in ways that are productive for society as a whole, and not merely for the fleeting fun that is often so tempting to indulge.
Registered Linux User #370740 (http://counter.li.org)
Effectively Erasing Files
I am re-posting a US-CERT Cyber Security Tip on erasing files that I think is relevant for people to know about. You can view the original on the US-CERT website; the PGP signature is included below for authenticity verification.
http://www.us-cert.gov/cas/tips/ST05-011.html
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
http://www.us-cert.gov/cas/tips/ST05-011.html
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 http://www.us-cert.gov/cas/tips/ST05-011.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (Darwin) iEYEARECAAYFAk7vkTYACgkQQ1w9EhddFvYT9wCfZHqYkH7apeCKBNvzWU3tgvYL eGYAoILGnZJXNdp93PPkbUf+IILK4GD4 =IBiM -----END PGP SIGNATURE-----
Registered Linux User #370740 (http://counter.li.org)
Securing Wireless Networks
I am re-posting this Cyber Security Tip about Securing Wireless Networks, from US-CERT. This is standard practice information and should scale to accommodate future technology soon to be developed. Security is a mindset, a way of thinking about daily life, and information such as that published regularly by US-CERT (the Computer Emergency Readiness Team) helps inform the general public about various issues and technologies that are issues of concern or remedies with respect to computer security.
http://www.us-cert.gov/cas/tips/ST05-003.html
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
Happy reading!
Registered Linux User #370740 (http://counter.li.org)
US Census - NOT ONLINE
http://www.us-cert.gov/current/index.html#u_s_census_bureau_2010
Please follow the link above to view the official notice from the US Department of Homeland Security's Computer Emergency Readiness Team.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
At the time of writing, the US Census Bureau website is offline and does not appear in DNS lookups... and in the space of five minutes, it is back online. Curious, to say the least! It also looks like NTT is experiencing abnormally high peering latency outbound to Sprint and inbound from Verizon (InternetPulse).
Registered Linux User #370740 (http://counter.li.org)
Please follow the link above to view the official notice from the US Department of Homeland Security's Computer Emergency Readiness Team.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
At the time of writing, the US Census Bureau website is offline and does not appear in DNS lookups... and in the space of five minutes, it is back online. Curious, to say the least! It also looks like NTT is experiencing abnormally high peering latency outbound to Sprint and inbound from Verizon (InternetPulse).
Registered Linux User #370740 (http://counter.li.org)
Web Browsers
I am reposting a US-CERT Cybersecurity Tip that defines web browsers, hoping to give users the advantage of understanding their systems in order to better protect themselves online.
Please view the original article on the US-CERT website.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
Registered Linux User #370740 (http://counter.li.org)
Please view the original article on the US-CERT website.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
Registered Linux User #370740 (http://counter.li.org)
Wolfram|Alpha
Wolfram|Alpha
It is the computational knowledge engine, released in the Summer of 2009 by Wolfram Research, makers of Mathematica and maintainers of the MathWorld reference library. I followed the project loosely from buzz to release. It was rumored to be a Google rival, also having strong mathematical underpinnings. While it may take some traffic from Google, Wolfram|Alpha was not designed to be a direct competitor - it is not concerned with searching the web.
Wolfram|Alpha is made up of very high-end supercomputing clusters, running various derivatives of their Mathematica software for the web and for supercomputing, and a mind-boggling number of statistical and other reference material that is structured in such a way that the software can compute a result for your query.
The data that they use is peer-reviewed and accurate, and beyond retrieving statistics and displaying trends (such as rainfall patterns or economic prosperity for a given region), Wolfram|Alpha can actually compute your query, if it concerns mathematics, science, or engineering. Check out the example queries to get a feel for what it can do in each subject area.
Read about it and start computing! Think twice next time you need some numbers for a report - try Wolfram|Alpha first - you may be pleasantly surprised!
Registered Linux User #370740 (http://counter.li.org)
It is the computational knowledge engine, released in the Summer of 2009 by Wolfram Research, makers of Mathematica and maintainers of the MathWorld reference library. I followed the project loosely from buzz to release. It was rumored to be a Google rival, also having strong mathematical underpinnings. While it may take some traffic from Google, Wolfram|Alpha was not designed to be a direct competitor - it is not concerned with searching the web.
Wolfram|Alpha is made up of very high-end supercomputing clusters, running various derivatives of their Mathematica software for the web and for supercomputing, and a mind-boggling number of statistical and other reference material that is structured in such a way that the software can compute a result for your query.
The data that they use is peer-reviewed and accurate, and beyond retrieving statistics and displaying trends (such as rainfall patterns or economic prosperity for a given region), Wolfram|Alpha can actually compute your query, if it concerns mathematics, science, or engineering. Check out the example queries to get a feel for what it can do in each subject area.
Read about it and start computing! Think twice next time you need some numbers for a report - try Wolfram|Alpha first - you may be pleasantly surprised!
Registered Linux User #370740 (http://counter.li.org)
Operating Systems (from US-CERT)
I just received an email on the general security tips mailer from the US Computer Emergency Readiness Team that describes operating systems in general, and then with examples of the most popular consumer operating systems on the market.
Check out tip ST04-021 now.
The US-CERT mailing lists are very informative, including these tips, as well as Cybersecurity threats and remedies.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
Registered Linux User #370740 (http://counter.li.org)
Check out tip ST04-021 now.
The US-CERT mailing lists are very informative, including these tips, as well as Cybersecurity threats and remedies.
This link is provided for informational purposes only and does not represent an endorsement by or affiliation with the Department of Homeland Security (DHS).
Registered Linux User #370740 (http://counter.li.org)
Followup on Moodle
The Moodle project, in which I participated this past semester, was a success, though not complete.
The reality is that, in Open Source, each contribution, though perhaps partial, helps the community at large. It is important that each code, technical, or design contribution be accompanied by appropriate documentation that explains its foundations and motivation, as well as sufficient technical documentation as to its specific functioning. Our project included just that, a 25-page report detailing our preliminary efforts, the tools we used, our end product, its flaws, and advice for improvements.
More specifically, we completed a fairly complete DB2 interface to echo those of MySQL, PostgreSQL and others already supported in the 1.9.x database scheme (the v2.0 scheme is different). We also completed some preliminary testing that helped us to further complete our implementation. The next team to take on this project will have their work cut out for them to guarantee that Moodle works fully on DB2.
Please drop any questions in the comment area below. Thanks!
Registered Linux User #370740 (http://counter.li.org)
The reality is that, in Open Source, each contribution, though perhaps partial, helps the community at large. It is important that each code, technical, or design contribution be accompanied by appropriate documentation that explains its foundations and motivation, as well as sufficient technical documentation as to its specific functioning. Our project included just that, a 25-page report detailing our preliminary efforts, the tools we used, our end product, its flaws, and advice for improvements.
More specifically, we completed a fairly complete DB2 interface to echo those of MySQL, PostgreSQL and others already supported in the 1.9.x database scheme (the v2.0 scheme is different). We also completed some preliminary testing that helped us to further complete our implementation. The next team to take on this project will have their work cut out for them to guarantee that Moodle works fully on DB2.
Please drop any questions in the comment area below. Thanks!
Registered Linux User #370740 (http://counter.li.org)
Subscribe to:
Posts (Atom)