Practical Technology

for practical people.

May 19, 2008
by sjvn01
1 Comment

Lenovo Linux-Powered ThinkPad in Action

My old reliable X40 IBM ThinkPad finally came to the end of its day so I had to replace it with a new laptop. These days though instead of having to buy a Windows laptop and retrofitting Linux on it, I have a wide variety of Linux notebooks to choose from.

I’ve tried a good sized sampling of the current generation of Linux laptops—the Dell 1420 with Ubuntu, and Asus Eee spring to mind–but I finally decided to buy a Lenovo R61 ThinkPad. It’s not that I found the other laptops lacking. For most users, I’d recommend the Dell 1420. For users on a budget or for whom having the lightest possible full-service laptop is all important, I’d commend the Asus models without a moment’s hesitation.

I, however, have been an unabashed ThinkPad fan for over a decade now. Historically, I get about twice the life span from a ThinkPad than any other brand of laptop. They’re little tanks in notebook computer clothing.

Continue Reading →

May 18, 2008
by sjvn01
8 Comments

Linux and Sun Partnering?

What happens when you get Linus Torvalds, Mr. Linux, together with Jeff Bonwick, Sun’s master of storage and creator of ZFS? Well, right now, we don’t know.

All we know is that Bonwick has posted a trio of photos of himself and Torvalds on his blog under the mysterious title, Casablanca, with a couple of cryptic comments about chocolate and peanut butter and the phrase, “All I can say for the moment is… stay tuned.”

Jim Grisanzio, Sun’s senior programming manager for OpenSolaris, links to the blog under the title “ZFS Pics.” This seems to indicate that Sun may be talking with Torvalds about bringing ZFS to Linux. Even this conclusion is really just speculation.

Continue Reading →

May 17, 2008
by sjvn01
4 Comments

Firefox 3 First Look

I’ve loved Firefox since version 0.93. It was so much better than Internet Explorer and the other alternatives that I couldn’t imagine using anything else. But, then Firefox’s memory leaks went from annoying me to ticking me off; I started having real stability problems with it on both Windows and Linux; and security holes started appearing far more often. I was about to switch to Safari on Windows and MacOS and Konqueror on Linux, when Mozilla got serious about not just fixing, but rebuilding Firefox. Now, Firefox 3 release candidate 1 was released early. Based on my quick look at it, I may end up sticking with Firefox after all.

I downloaded Firefox 3 RC 1 yesterday for both my Windows XP SP3 system and one of my openSUSE 10.3 PCs. Both are up-to-day systems without any problems. Installing the browser on both operating systems was a snap. How easy was it? I installed them at the same time with barely a thought.

Once in place, rather than looking at the new and nifty features, I just start using the browser as I would normally. Features are all well and good but what I really wanted to know was whether the browser was back to being a stable, reliable partner and had it stopped snatching up memory. I’m happy to report that, based on twelve hours of non-stop use and abuse, Firefox 3 is both more stable than Firefox 2.x and it finally has stopped being a memory piggy.

More >

May 16, 2008
by sjvn01
0 comments

WhitePages.com grapples with privacy in a Web 2.0 world

WhitePages.com does exactly what you’d expect from the name — it tries to provide phone book-style listings for both the U.S. and Canada. Of course, there’s nothing new about that, so WhitePages.com tries to do an especially thorough job. The company claims that at the end of 2007, it had 180 million U.S. adults, about 80% of the population, in its records.

As Web 2.0, social networking and a changing idea of personal privacy have come to the fore, WhitePages.com has also started to ask itself how it might offer users more control over their information while providing more and different kinds of information. Forward-thinking, maybe noble even but, as experience is showing, far easier said than done.

Specifically, founder and CEO Alex Algard has said that the company would start adding features to let people edit and/or hide portions of their directory information. At the same time early this year, the company promised that it would work on a way to let people send text messages or e-mails, using the directory information but without revealing their information — something along the lines of a social-networking site such as LinkedIn or Facebook.

For example, let’s say you were looking for your old high school girlfriend, and she’s listed in WhitePages.com’s records, but chooses to keep her information hidden. With the system Algard envisions, you could send her a note via WhitePages.com, and she could then decide whether to get back in touch with you or to call the police because you’re still stalking her after all those years.

More >

May 16, 2008
by sjvn01
0 comments

Fixing Debian OpenSSL

Debian, the popular Linux distribution, has just been shown to have made an all-time stupid security goof-up. They managed to change OpenSSL in their distribution so that it had no security to speak of. Good job guys!

OpenSSL makes it possible to use SSL (Secure Socket Layer) and TLS (Transport Layer Security) in Linux, Unix, Windows and many other operating systems. It also incorporates a general purpose cryptography library. OpenSSL is used not only in operating systems, but in numerous vital applications such as security for Apache Web servers and security appliances from companies like Check Point and Cisco. Yeah, in other words, if you do anything requiring network security on Linux, chances are good, OpenSSL is being called in to help

Now, OpenSSL itself is still fine. What’s anything but fine is any Linux, or Linux-powered device, that’s based on Debian Linux libssl 0.9.8c-1 code, which was released September 17th 2006 until version libssl 0.9.8, which was released on May 13th. That includes the most popular Linux of all: Ubuntu.

More >

May 15, 2008
by sjvn01
13 Comments

Open-Source Security Idiots

Sometimes, people do such stupid things that words almost fail me. That’s the case with a Debian ‘improvement’ to OpenSSL that rendered this network security program next to useless in Debian, Ubuntu and other related Linux distributions.

OpenSSL is used to enable SSL (Secure Socket Layer) and TLS (Transport Layer Security) in Linux, Unix, Windows and many other operating systems. It also includes a general purpose cryptography library. OpenSSL is used not only in operating systems, but in numerous vital applications such as security for Apache Web servers, OpenVPN for virtual private networks, and in security appliances from companies like Check Point and Cisco.

Get the picture? OpenSSL isn’t just important, it’s vital, in network security. It’s quite possible that you’re running OpenSSL even if you don’t have a single Linux server within a mile of your company. It’s that widely used.

Now, OpenSSL itself is still fine. What’s anything but fine is any Linux, or Linux-powered device, that’s based on Debian Linux OpenSSL code from September 17th, 2006 until May 13, 2008.

What happened? This is where the idiot part comes in. Some so-called Debian developer decided to ‘fix’ OpenSSL because it was causing the Valgrind code analysis tool and IBM’s Rational Purify runtime debugging tool to produce warnings about uninitialized data in any code that was linked to OpenSSL. This ‘problem’ and its fix have been known for years. That didn’t stop our moronic developer from fixing it on his own by removing the code that enabled OpenSSL to generate truly random numbers..

Continue Reading →