[OT] Cable Trays

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Just checking before I buy new, anyone have any basket or ladder style
cable trays they need to get rid of?

Regards,

dtb
- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTyIY6AAoJEMP+wtEOVbcdGdQH/1LjDiF1GPHl6EGE6ZH8N/Vj
5MhBa8WWpg1vhQblwwgV8vVTp8rIt07sUTXAbyRMBjUPbnmhD5bOAfIJlpuT8wbK
uFyxeMU27Rb+5GWXLf3AGxOUAstEiBDAsSVxTLcmy1u42vlRaYPrnuGYcPw1gdFQ
lcEVtsYgerrBN0i8Xr5ptT6cDmjOR9JkX9bksNP5MuxvN5GALMu3CxLmX2myBb3F
4WbCY2wKDQ2wBrvP9MPtz+KJonrteK43OzaEAFqwuAsT69aE/ZTkkX5zP121D1od
4B7UnC7eGeQtSdlbUWOFEEJHUxh03nDFaxT2BSLjSE7ckYmV5CKIBf9/e8MKbvA=
=To6p
-----END PGP SIGNATURE-----

Onionshare and Vokoscreen

From: Phil Shapiro 
------------------------------------------------------


Whoops, that is supposed to be Vokoscreen, not Sokoscreen. 


The way I remember Voko is that it sounds like Volkswagen -- and the 
software comes from Germany. If only there were a Volkswagen plant 
in Chatt. If only.... 


phil 

----- Original Message -----

From: "Phil Shapiro"  
To: "Chattanooga Unix Gnu Android Linux Users Group"  
Sent: Wednesday, July 2, 2014 9:14:56 PM 
Subject: [Chugalug] Onionshare and Sokoscreen 




This onion looks sweet. (Maybe Vidalia?) 


https://onionshare.org/ 


It would be fun to do a screencast showing a live gigabit file transfer between two 
ordinary houses (or apartments) in Chatt. You could likely transfer 10 GB in less 
than five minutes -- if you had Core i7 computers on both sides. 


Here is the screencasting software that might work well for that task. 


http://www.kohaupt-online.de/hp/ 


If only there were someone from MAKE magazine in Chugalug who could write up 
a blog post about such an experiment. If only.... 


phil 


Oooh, it would be hilarious to show such a file transfer with an insert video of Windows 7 
booting up on a 2008 or 2009 computer. The 10 GB file transfer might complete before 
Windows 7 reaches the desktop. 



-- 
Phil Shapiro, pshapiro@his.com 
http://www.his.com/pshapiro/briefbio.html 
http://www.twitter.com/philshapiro 
http://www.his.com/pshapiro/stories.menu.html 

"Wisdom begins with wonder." - Socrates 
"Learning happens thru gentleness." 


IRS says free software projects can NOT be nonprofits

From: Mike Harrison 
------------------------------------------------------
Link stolen from a G+ post by Jason Brown..

http://boingboing.net/2014/07/02/irs-says-free-software-project.html?utm

Home Automation and more

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pretend you are designing your dream home (or perhaps are remodeling
and have all the walls torn down and have to run new electrical
service anyway), what would you put in?

Audio/Video/Network/Automation/Alarm/Security/Camera/Paging

Rack full of Linux servers/VMs goes without saying, so we're on-topic.
:)  I've already decided on multiple CAT-6A pulls through-out the
house.  I have been impressed enough with Unifi that I will be using
their wireless, controlled by a Debian VM.  I know some of you have
some awesome ideas.  Feel free to unicast if you don't want to share
on the public forum, but I would enjoy hearing those ideas.

Regards,

dtb
- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTojgDAAoJEMP+wtEOVbcdKCIH/jbyfkqz4mqDxMPo2PakWvDz
ZhVFMYxRQiCOYFR8FvBrzerGOJmsQD49o4gpQPr0iEvP8tW8HJZwX8q20yiuIN0s
DQtUc1bhMUJ5s6WKhSjhIwi2V1n/xGg/xSo1cTgcQC4459aUUw+vqeygoyJSZ4Cu
m1Wcgs2dEDHfDv0EYJQfAIri8lyCRRjhtL/j3GW68r4ZBRj5eHOI4Dk4gPKLwaB+
1OSaQs45Q4msTCwqk9woQSP0wATa3924DTZKa2qeFTyIeR6/KTDGzv80YffIcKMc
HD7H4UKMiMcoxG5rkThVUzMo/PoMBHgDPK2nnhAFrmlp4+pgTnhbxJBWLGGSUi8=
=0fTq
-----END PGP SIGNATURE-----

Dave's Garage - Moving Sale

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

The house finally sold, we're finally moving.  I still have things I
do not wish to move.  Some of you want those things.  Your last chance
to see those items will be Friday evening or Saturday morning, before
they are packed by movers and packed away into storage (and then
secondary move, and wait for me to find time to sort again).

Known to exist:
10/100 unmanaged switches (Intellinet/3Com/AT)
Dell 740 Optiplex units (I believe all are dual-core XP COA included)
Cheap SOHO "Routers" of various flavors (Netgear/DLink/Linksys)
23" 2 Post Rack
Couple of CRT Monitors
Tiny 17" LCD Monitor (makes a nice server rack head-end in a pinch)

If you've been here before, you know literally anything could fall out
of a box and into your vehicle.  Or the whole box.  Anything listed
above is available for free to a good^W^W^W^W new home, donations of
Mojo and other lunchables accepted.

Anything worth more than a burrito is most likely available for
negotiation for cash, BTC (dust included) or barter.  I like shiny
fast network thingies.

Ed, it's really time for you to come pick up your Packard-Hell LP and
HP LC Netserver.  I've been holding them long enough for you... :)

Also to note, as we are cleaning out the garage, I will also be
packing up the bar.  Bourbon and Scotch have been known to fall into
glasses over ice cubes during such events.  We'll say the bar hours
will be from 6-9pm on Friday.  Pizza is also known to mysteriously
arrive during such events, if there are hungry folks to eat it. Reply
via unicast if you need contact information, directions, etc.

Regards,

dtb

- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTfSpMAAoJEMP+wtEOVbcd2FcH+wbjdvIiFMXfJRiY1w4oOlFd
KeshPIA4N90RhvC/dd+VFgrdQvaKB9SuFjlufNehPQERdJ1y7xEYiDjhvoIeqL+k
hTicPhGdw7tObXnHwyYojJ+W7hAsZHEQ6GOWyN1YeWU26MMtjBY3PohcdI537tDx
3+czge+THAE4OCylewQoHAc/2lvLyRXu5Nd97ef8ZudwOoXib467Sbq1xJW+V2aM
Ajbh7YuXrw8ekW7fJeIz+54xyl5ZROmGBWxZuF8+QXYWsTSEd2RlHEe2R5QGD8NS
C8coKF0t6rgw0S0xciYExRhSj1HaX4Tfg7cKl0YvShKxsqdfIwFAR/SlsdGleYI=
=yl+L
-----END PGP SIGNATURE-----

USB Serial Chipset Recommendation

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I am looking for a replacement USB Serial adapter.  I have many PL2303
based adapters and I'm done with the shitty drivers.  I can lock up a
USB bus on Windows, Linux or Mac in a matter of minutes with one of
them installed.  Can anyone recommend a USB serial adapter that does
NOT use the PL2303 driver?

Regards,

dtb


- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJTc4DCAAoJEMP+wtEOVbcde9QH/jB2uoe/9ULC4yPk5R03DEmz
QkI/8CInXTa9xj9qpyuTy06APrQsr9unfj7cIRcND/HSd+0gOA7mV94mMigWbFuq
1CTYqOpcZEM8fMESWQN1K075rugAKN2w5J2mL+AqyQlZ1KoMCpiCxkFaNfCxlzyD
0pjAUS4B2mlwQvFodQgYfL2V9qTU3cauOFjzU0Yl4ejMfFO3R+Iwi42OZUCl87TJ
9CBHSQGxJYYnmYcKGc4kXBCL8OplIUiUo9GAak1NKgGSew+rWIV/w1hxlNisWurD
N6QWv2s0yRkL58k4oBhk745/scH6CDnY1GxUvJ+DEkP4N8nwFDLcINPROhWwDp4=
=xDnX
-----END PGP SIGNATURE-----

Program to download transactions from bank websites

From: James Nylen 
------------------------------------------------------
I've written a program to... you guessed it... download transactions and
balances from bank websites.  Most of the bank websites I have seen are
just atrocious in terms of code and design, and I wanted a system to unify
my accounts.

Here's the code and documentation:

https://github.com/nylen/node-banker

I'd like to start releasing more software, so what are some good ways to
publicize your work?

I use this program with GnuCash (free accounting software) and a GnuCash
web interface that I wrote:

https://github.com/nylen/gnucash-django

This combination doesn't do everything I want, but it is still really
useful to me.  If you find any of this useful, great - please use it and
post issues to GitHub.

The transaction downloader is written in Node.js, which I like anyway, but
it's a practical choice too since a lot of these bank websites require
JavaScript to function properly.  So I think this code is also a decent
example of how to scrape pages using a headless browser.

FYI:Linux and Software Defined Radio

From: Rod 
------------------------------------------------------
Been during research lately into linux and ham radio support.
There have been more than few good linux distros with a ham focus over the  
years.
At least two puppies, a few ubuntu respins, etc.

Just found Kali Linux which seems to be picking were up Backtrack Linux  
left off.
Kali Linux has an SDR metapackage that is worth looking into.
It includes their own fork of Debian's gnuradio which updates to the  
latests sources. As well as GQRX which support several USB SDR dongles.
Including a $20 TV dongle that can be used as a broad spectrum scanner  
that can be used for all kinds of cool stuff.
http://www.rtl-sdr.com/about-rtl-sdr/

While Kali Linux should be in any serious linux users toolkit, I'm not  
sure if a distro that runs as root by default is the best choice for some  
of my fellow hams. Especially the many who are xp refugees mourning the  
loss of their dead os. Though it has some good ideas for the start of a  
new HAM Shack OS.

http://docs.kali.org/

-- 
Using Opera's mail client: http://www.opera.com/mail/

Help with blog post about encrypting email

From: "Robert A. Kelly III" 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

I've just written a blog post detailing how to set up and use email
encryption with Thunderbird and Enigmail, on either Windows or Linux,
and I'm looking for some feedback. I would appreciate anyone who
wouldn't mind reading over the post and sharing your feedback. If you
are familiar with these things, I would appreciate your checking for
the accuracy of the post, etc. If you are not, I would appreciate any
feedback on how clear the explanation and instructions are. Are
concepts explained clearly? Are the instructions easy to follow? In
either case, are there things you think I should change? I am planning
to follow up with a part 2 to explain key signing and trust, etc.
Thanks in advance for any feedback.

How to encrypt your email, so the NSA can't read it.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJTAsGBAAoJEFJIfKV7IxD6WTAP/0vJNsBpZhjw+7Qc/QlLG+/O
lr6R5yTcycKetJYqYTC4BmRMKu8EaJ7VtB6S4wyPRNDiMGgAO64ugyak7dn2usWB
q1D8zUf4abYA2tcGxm1i09Hf4xOMc1dddQe6j8JrD5Se1mHXDtxgYfbn7WklooAJ
+F0b/nnm4t/uuL5CY8vdjTtjIFxzmCyLa6NnfSoN6/qAQPxYnRLB4bNYRG3LGpgK
0U5cK/9ISd03Ay9WSIJ6sQlHz0t3qAsB3pk06F/nnb5nhenLdN1GFFdIk3YjFp+s
ZCKXTbCw9piGas27uZWUZSoPgKfcfmtYG46VMb7Vg4TI/1T3Kt9YcfXpIKCPqPRN
xvac+xUnrCMPrvLmaNvUJMAAkxXGzOpLko2ELMMS+dGzop3+H6P61GF4r4JcJLBw
PcYr4GsTMeyxx849Fbx6luvkibChqI5+4NlINdPNHfTQPBbLYezjvEgLFPpvnA6/
mlbyOeO1cyX2NVg1rvH3Cm5JuAvkR+h0kfSfH6wPH4f2krazB1shhxe/eC4DB1We
dZa5Nac80zJ9JKf+CZJNFQQbv0pyEHL0cjR865aMBYrJDjHUNSuRBm/veJW8EjIH
1+yBW5kSVQ0FrbgCZ3s+/cAbXNLytFsOxyrOLUQroddVYnMOHlIdfqEirWAkpQYr
Q00GRm+WfomXfUYQ105+
=7XiJ
-----END PGP SIGNATURE-----

Just found libre.fm

From: Rod 
------------------------------------------------------
It is attempt at an opensource last.fm  Has a html5 player and doesn't  
track users.
powered by gnu-fm project which is hosted on gitorious, which I also  
didn't know about.

https://gitorious.org/foocorp/gnu-fm/source/3f2cfbb47959c7a987d55080310925489887ff09:

So I have three new to me projects this morning.


-- 
Using Opera's mail client: http://www.opera.com/mail/

Eben Moglen:Snowden & the future

From: Rod 
------------------------------------------------------
This site below has these lectures in multiple formats, print, audio, an=
d  =

video. And in many file formats.
The WebM is impressive in Operanext.
---------------------------------------------------
Eben Moglen is a professor of law and legal history at Columbia  =

University, and is the founder, Director-Counsel and Chairman of Softwar=
e  =

Freedom Law Center, whose client list includes numerous pro bono clients=
,  =

such as the Free Software Foundation.

Prof. Eben Moglen's first lecture on the implications of Edward Snowden'=
s  =

revelations. What he has given us and what we need to do now if we want =
to  =

life in a free society in the future
http://snowdenandthefuture.info/index.html


Moglen started out as a computer programming language designer[1] and th=
en  =

received his bachelor's degree from Swarthmore College in 1980, where he=
  =

won the Hicks Prize for Literary Criticism. In 1985, he received a Maste=
r  =

of Philosophy in history and a JD from Yale University. He has held  =

visiting appointments at Harvard University, Tel Aviv University and the=
  =

University of Virginia since 1987.

He was a law clerk to Justice Thurgood Marshall (1986=E2=80=9387 term). =
He joined  =

the faculty of Columbia Law School in 1987, and was admitted to the New =
 =

York bar in 1988.[2] He received a Ph.D. in history from Yale University=
  =

in 1993. Moglen serves as a director of the Public Patent Foundation.

Moglen was part of Philip Zimmermann's defense team, when Zimmermann was=
  =

being investigated over the export of Pretty Good Privacy, a public key =
 =

encryption system, under US export laws.[3]

In 2003 he received the EFF Pioneer Award. In February 2005, he founded =
 =

the Software Freedom Law Center.

Moglen is closely involved with the Free Software Foundation, serving as=
  =

general counsel since 1994 and board member from 2000 to 2007. As counse=
l,  =

Moglen was charged with enforcing the GNU General Public License (GPL) o=
n  =

behalf of the FSF,[4] and later became heavily involved with drafting  =

version 3 of the GPL. On April 23, 2007 he announced in a blog post that=
  =

he would be stepping down from the board of directors of the Free Softwa=
re  =

Foundation. Moglen stated that after the GPLv3 Discussion Draft 3 had be=
en  =

released, he wanted to devote more time to writing, teaching, and the  =

Software Freedom Law Center.[5]



Source Wikipedia


-- =

Using Opera's mail client: http://www.opera.com/mail/



-- =

Using Opera's mail client: http://www.opera.com/mail/



-- =

Using Opera's mail client: http://www.opera.com/mail/



-- =

Using Opera's mail client: http://www.opera.com/mail/

Vancouver Public Library rated number one in the world

From: Phil Shapiro 
------------------------------------------------------


Naturally, my main focus in moving Chatt library into the international spotlight would be its strong 
embrace of open source. 


phil 





----- Original Message -----

From: "Phil Shapiro"  
To: "Chattanooga Unix Gnu Android Linux Users Group"  
Sent: Tuesday, December 31, 2013 8:47:34 PM 
Subject: [Chugalug] Vancouver Public Library rated number one in the world 



Hi chugalug community, 

Here's some interesting news to think about. 


http://tinyurl.com/l6xp5bg 


Chatt's library has such strong leadership that it's conceivable that the Chatt library could 
rise to be number one in the world -- especially with the way it has formed partnerships with 
groups around town. 


I don't know all the indicia they use to measure "best library in the world," but I do know the Chatt library is firing on all cylinders these days. 


If you're interested in ideas for moving the Chatt library in that direction, kindly contact me 
off-list -- and we can continue a small group conversation off list and involve Chatt library staff 
as their time permits. 


Yes, it's admittedly a "squishy" concept to be rated number one library in the world. 
But it truly is an attainable goal for Chatt -- and would spotlight the city in a great way if 
that were to happen. 


phil 



-- 

Phil Shapiro, pshapiro@his.com 
http://www.his.com/pshapiro/briefbio.html 
http://www.twitter.com/philshapiro 
http://www.his.com/pshapiro/stories.menu.html 

"Wisdom begins with wonder." - Socrates 
"Learning happens thru gentleness." 



=?windows-1252?q?Someone=92s_Been_Siphoning_Data_Throu?= =?windows-1252?q?gh_a_Huge_Security_Hole_in_the_Internet?=

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 12/5/2013 6:51 PM, Rod wrote:
> 
> Texas is where Boors Allen and other Corporate intelligence
> contractors for the Gov are located. Looks like those east European
> hackers have been busy again.
> 
> http://www.wired.com/threatlevel/2013/12/bgp-hijacking-belarus-iceland/
>
> 
> 

Please refer to the Renesys blog for more accurate information.

Actually, please open your hosts file and add
127.0.0.1	www.wired.com
127.0.0.1	wired.com

If you were intelligent enough to find this list, you are intelligent
enough to find a better source of reading material.

For those not following this in other circles, the general consensus
of actual network operators is that all the instances Renesys reported
on were not globally affecting (most of the "hijacked" announcements
were covered by other announcements, and massive amounts of traffic
were *not* diverted).

Regards,

dtb

- -- 
"Some things in life can never be fully appreciated nor understood
unless experienced firsthand. Some things in networking can never be
fully understood by someone who neither builds commercial networking
equipment nor runs an operational network." RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSomqJAAoJEMP+wtEOVbcd86oH/jv0T2tM+0pn27MxuYGhO88C
4WPYCLnDQT27aiBWco3YEYi3O1LCsax9kAqNB9qczBlqOGxYDzdvaW/oJ2Phjwnq
MW4dxdWqQnh7DcObeurVmOppplwRem8wTHgdzYBpzMolGMvREWtud1JTNgwIha66
/eP4s2shxYQLeYyVkZHJkTH2jkDYGKLpnF6aSM/KmQFHqzC5u7i+bjdO/5mrGH8Z
IwAgh3A0Sai4dwzIt1xQlWyQsZCkLMfUiEEp7ssmUebof05uPl/JMuYBP3wC203q
plY/WJ2Qu4jHD1rE2baduTnK3VdjP3/xTscJ9oSPFQ2DDZ074ylpALCojQclvb8=
=hSDH
-----END PGP SIGNATURE-----

[OT] onsite rep

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Is there a rep from Onsite on the list?  If so, would you mind pinging
me off-list?

Regards,

dtb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSoPlnAAoJEMP+wtEOVbcdxgUH/RB1rltILNOy+Z2wkIAIB6YS
xrV3I6radcyrFjkJSCbrKj+MyTX9POkegafufZLZFUTJa8PvOyaOEaISO5YBpYKl
cEWGqhBMTt70EJISLjS8tBWb7B2PyjxcpBLIfiTxRh5JRR6MJodHBypx8wsw3nu/
N1iDF9V5LVTZdGt3f+nY+a0yYaJdUqGsurmRAHcyuX/W4NrZcgFeTwOWDQSYkUc0
e8OdhZm2SOXnVu1Fc9bgFecyeHZeiMZl+sjbGQyHm1QbYbahB2WrzkZmd+pz8gNH
QtYYSJE4yU1BVb77OimAYgM+SNmeDAo3dviuXFfdlr1qTVLGvNlC5+oswdYBx2c=
=rr67
-----END PGP SIGNATURE-----

OT: pimpin some warez

From: Ed King 
------------------------------------------------------
cool, I'll bring bitcoin=0A=0A=0A=0A=0A

=?utf-8?q?Driving_a_3-axis_TTL_stepper_mounted_router?=

From: basic2point0@gmail.com
------------------------------------------------------
SWYgaXTigJlzIGFueSBoZWxwIHRvIGFueW9uZSwgSSB3b3JrIGFzIGEgQ05DIG1hY2hpbmlzdC4g
TGF0aGUsIG1pbGwsIGdyaW5kZXIsIHJvdXRlciB0YWJsZSwgbGFzZXIgcm91dGVyLCB3ZSBoYXZl
IGFsbCB0aGF0IHN0dWZmLiBJIGJvcnJvd2VkIHNvZnR3YXJlIGZyb20gd29yayB3YXkgYmFjayB3
aGVuIEkgc3RhcnRlZCBhdCB0aGlzIHBhcnRpY3VsYXIgcGxhY2UsIHNvIHRoYXQgSSBjb3VsZCBp
bnN0YWxsIGl0IG9uIG15IG93biBtYWNoaW5lIGFuZCBwbGF5IGFyb3VuZCB3aXRoIGl0LCBiZWNh
dXNlIEkgZGlkbuKAmXQgaGF2ZSB0aW1lIGZvciBleHBlcmltZW50YXRpb24gYXQgd29yay4NCg0K
DQpJIGhhdmUgTWFjaCAzIChyZWdpc3RlcmVkKSBpbiAgYSBXaW5kb3dzIDIwMDAgVmlydHVhbGJv
eCAgdm0gdGhhdCBzb21lb25lIGNvdWxkIHBsYXkgd2l0aCBpZiBuZWVkZWQuIA0KDQoNCg0KRnJv
bTogSmFzb24gQnJvd24NClNlbnQ6IOKAjk1vbmRheeKAjiwg4oCOTm92ZW1iZXLigI4g4oCOMTji
gI4sIOKAjjIwMTMg4oCONOKAjjrigI41NOKAjiDigI5QTQ0KVG86IENoYXR0YW5vb2dhIFVuaXgg
R251IEFuZHJvaWQgTGludXggVXNlcnMgR3JvdXANCg0KDQpJIGhhdmUgYSBsaXR0bGUgZXhwZXJp
ZW5jZS4NCg0KQXQgQ2hhdHQqbGFiIHdlIGhhdmUgYSA0J3g4JyBDTkMgcm91dGVyIGRvaW5nIGV4
YWN0bHkgdGhhdC4gVGhlcmUgYXJlIGEgTE9UIG9mIHdheXMgdG8gZ2V0IHRvIHdoZXJlIHlvdSB3
YW50LiBBIGxvdCBvZiBpdCBkZXBlbmRzIG9uIHRoZSBzaXplIG9mIHlvdXIgbWFjaGluZSwgZmlu
YWwgZ29hbHMsIGFuZCB3aGF0IGhhcmR3YXJlIHlvdSBhbHJlYWR5IGhhdmUuIEl0IHNvdW5kcyBs
aWtlIHlvdSBhbHJlYWR5IGhhdmUgc3RlcHBlciBkcml2ZXJzIGFuZCBhIHBvd2VyIHN1cHBseSBz
byB5b3UganVzdCBuZWVkIHRvIGludGVycHJldCBnLWNvZGUgaW50byBzdGVwcGVyIHB1bHNlcy4N
Ckl0IGlzIGEgQklUIG1vcmUgY29tcGxpY2F0ZWQgdGhhbiB0aGF0IGlmIHlvdSB3YW50IGFueSBk
ZWNlbnQgcGVyZm9ybWFuY2UgdGhvdWdoLCBhY2NlbGVyYXRpb24sIGhvbWUgc3dpdGNoZXMsIHNv
ZnQgYW5kIGhhcmQgbGltaXQgc3dpdGNoZXMsIHRvb2wgb2Zmc2V0IGNhbGN1bGF0aW9ucywgZXRj
IGV0Yy4NCg0KSSByZWNvbW1lbmQgTGludXhDTkMgdG8gZ2V0IHN0YXJ0ZWQsIHlvdSBwcm9iYWJs
eSBoYXZlIHNvbWV0aGluZyBseWluZyBhcm91bmQgdGhhdCB3aWxsIHdvcms6DQoNCklmIHlvdSB3
YW50IHRvIGNvbnRyb2wgZGlyZWN0bHkgZnJvbSBhIFBDOg0KICAgIEZvcmdldCB1c2luZyBVU0Ig
dG8gcGFyYWxsZWwgcG9ydHMsIHRoZXJlIGlzIHRvbyBtdWNoIGxhdGVuY3kuIERyaXZpbmcgc3Rl
cHBlcnMgbmVlZHMgcHJlY2lzZSB0aW1pbmcgYW5kIGEgcmVhbC10aW1lIGtlcm5lbCBpbiBMaW51
eCBvciBXaW5kb3dzIFhQLg0KICAgIFVzZSBhIHJlYWwgcGFyYWxsZWwgcG9ydC4gVGhlcmUgYXJl
IHN0aWxsIHBjaSBpcyBwY2ktZSBwYXJhbGxlbCBjYXJkcyBhdmFpbGFibGUuIExhcHRvcHMgaGF2
ZSBpc3N1ZXMgZHVlIHRvIHRoZWlyIHBvd2VyIHNhdmluZyBmdW5jdGlvbnMuDQogICAgR2V0IGEg
cGFyYWxsZWwgcG9ydCBicmVha291dCBib2FyZCBmb3IgeW91ciB3aXJpbmcuIEkgdXNlIHRoaXMg
b25lIGFuZCBsaWtlIGl0IGEgbG90OiANCiAgICAgICAgaHR0cDovL3d3dy5lYmF5LmNvbS9pdG0v
VVNCLTUtQXhpcy1DTkMtQnJlYWtvdXQtQm9hcmQtSW50ZXJmYWNlLUFkYXB0ZXItRm9yLVN0ZXBw
ZXItTW90b3ItRHJpdmVyLS8zMjExMzMwMjMxMjkNCiAgICBJdCBzYXlzIFVTQiwgdGhhdCBpcyBq
dXN0IGZvciBwb3dlci4uLi4gDQoNClRoZSBMaW51eCBXYXk6IChXaGF0IEkgYW0gZG9pbmcpLg0K
ICAgIExpbnV4Q05DOiBodHRwOi8vd3d3LmxpbnV4Y25jLm9yZy8NCiAgICBodHRwOi8vd2lraS5s
aW51eGNuYy5vcmcvY2dpLWJpbi93aWtpLnBsP0xpbnV4Q05DS25vd2xlZGdlQmFzZQ0KDQpUaGUg
V2luZG93cyB3YXk6IChNb3JlIGNvc3RseSBvZiBjb3Vyc2UpDQogICAgTWFjaDM6ICAoR29vZCBz
b2Z0d2FyZSwgdHJpYWwgdmVyc2lvbiBpcyBncmVhdCBmb3Igc21hbGwgcGFydHMgYW5kIHRlc3Rp
bmcgYnV0IGlzIGxpbWl0ZWQgdG8gNTAwIGxpbmVzIG9mIGctY29kZS4pIA0KICAgICAgICBodHRw
Oi8vd3d3Lm1hY2hzdXBwb3J0LmNvbS9zb2Z0d2FyZS9tYWNoMy8NCg0KSWYgeW91IHdhbnQgdG8g
dXNlIGEgZGVkaWNhdGVkIGRyaXZlciBib2FyZCBJIGhlYXIgdGhlIGdyYmwgc3R1ZmYgaXMgZ3Jl
YXQsIGJ1dCBJIGhhdmUgbm90IGhhZCBhIGNoYW5jZSB0byB0cnkgaXQgb3V0IHlldC4gIEZvciBl
eHBlcmltZW50YXRpb24sIHRoZSBMaW51eENOQyByb3V0ZSBpcyBtb3JlIGZsZXhpYmxlLCBidXQg
bW9yZSBjb21wbGljYXRlZC4gIEZvciBhIHByb2R1Y3Rpb24gdW5pdCBvciBzb21ldGhpbmcgSSB3
ZXJlIHNlbGxpbmcsIEkgd291bGQgZ28gd2l0aCBzb21ldGhpbmcgZ3JibCBiYXNlZC4NCi4NCiAg
ICBSZWNlbnRseSBvbmUgb2YgdGhlIGRldmVsb3BlcnMgLyBpbnZlbnRvcnMgb2Ygc29tZSBuaWNl
IGdyYmwgYmFzZWQgaGFyZHdhcmUgdmlzaXRlZCBDaGF0dCpMYWIgYW5kIHdlIGRpc2N1c3NlZCBo
aXMgcHJvZHVjdHMgYXQgbGVuZ3RoLiBodHRwczovL3d3dy5zeW50aGV0b3MuY29tLyBJIHBsYW4g
dG8gYnV5IGEgY291cGxlIGZvciBleHBlcmltZW50YXRpb24gd2l0aCBhIHNtYWxsIENOQyBtaWxs
IGFuZCBsYXRoZSBzb29uLiANCg0KSSdtIGhhcHB5IHRvIGRpc2N1c3MgZnVydGhlciwgb3Igc2hv
dyB5b3UgdGhlIHN0dWZmIEkgaGF2ZSBydW5uaW5nIGRvd24gYXQgdGhlIGxhYiBzb21ldGltZS4N
CiAgICANCi0tIEphc29uDQoNCk9uIDExLzE4LzIwMTMgMDQ6MzEgUE0sIERhbiBMeWtlIHdyb3Rl
Og0KDQoNCkZyaWVuZCBoYXMgYSByb3V0ZXIgbW91bnRlZCBpbiBhIDMgYXhpcyB0YWJsZSwgd2l0
aCBlbm91Z2ggY2lyY3VpdHJ5IHRvDQpkcml2ZSBzdGVwcGVycyBmcm9tIFRUTCBpbnB1dHMuIEhl
IHdhcyB3cml0aW5nIGhpcyBvd24gc29mdHdhcmUgdG8NCmRyaXZlIHRoaXMgdGhpbmcuDQoNCkZy
aWVuZCBpcyBraW5kIG9mIGEgbmVhdCBmcmVhayBhbmQgZG9lc24ndCBsaWtlIGhvdyBtdWNoIHNh
d2R1c3QgaXQNCmdlbmVyYXRlcyBpbiBoaXMgZ2FyYWdlLiBJIGhhdmUgZ3JhY2lvdXNseSBvZmZl
cmVkIG15IHdvcmtzaG9wLg0KDQpXaGF0IEknZCBsaWtlIGlzIHRoZSBxdWlja2VzdCBlYXNpZXN0
IHRvb2xjaGFpbiBwb3NzaWJsZSB0byBkcml2ZSB0aGlzDQp0aGluZyBmcm9tIExpbnV4Lg0KDQpJ
IG5vdGUgdGhhdCBJbmtzY2FwZSBoYXMgYSBidW5jaCBvZiBwbHVnLWlucyB3aGljaCBjYW4gZ2Vu
ZXJhdGUgZ2NvZGUNCnRvb2xwYXRocy4NCg0KU28gSSAqdGhpbmsqIHRoYXQgd2hhdCBJIG5lZWQg
aXMgc29tZXRoaW5nIHRoYXQnbGwgZWl0aGVyIGdpdmUgbWUgYSBVU0INCnBhcmFsbGVsIHBvcnQs
IG9yIHRha2UgVVNCIGluIGluIGEgd2F5IHRoYXQgSSBjYW4gZmVlZCBpdCBnY29kZSwgYW5kDQp0
aGF0J2xsIGdpdmUgb3V0IFRUTCBwdWxzZXMuDQoNClJpZ2h0IG5vdyB0aGUgbGVhZGluZyBjaG9p
Y2Ugc2VlbXMgdG8gYmUgaW5zdGFsbGluZw0KaHR0cDovL2RhbmsuYmVuZ2xlci5uby8tL3BhZ2Uv
c2hvdy81NDcwX2dyYmwgb24gYW4gQXJkdWlubyAzMjguDQpIb3dldmVyLCBpZiBhbnlvbmUgaGFz
IGV4cGVyaWVuY2Ugb24gc2V0dGluZyB1cCB0aGUgZnVsbCB0b29sY2hhaW4gZm9yDQp0aGlzLCBJ
J2QgbGlrZSB0byBzYXZlIHRoZSBjb3VwbGUgb2YgaHVuZHJlZCBidWNrcyBvZiB3cm9uZyBwYXRo
cyBJJ20NCmFib3V0IHRvIGdvIGRvd24uLi4NCg0KQW55b25lIGRvbmUgdGhpcyBhbmQgZ290IGlu
cHV0Pw0KDQpEYW4NCl9fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19f
X19fDQpDaHVnYWx1ZyBtYWlsaW5nIGxpc3QNCkNodWdhbHVnQGNodWdhbHVnLm9yZw0KaHR0cDov
L2NodWdhbHVnLm9yZy9jZ2ktYmluL21haWxtYW4vbGlzdGluZm8vY2h1Z2FsdWc=

Why you don't store passwords, explained

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/

Well written article with a mini crib-sheet guide included :)

Regards,

dtb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSeTMjAAoJEMP+wtEOVbcdXYIH/i587GZTZBEfLEDLRiLY2n+c
BBjZGLCYF+WvzHFqI725vKwTlzlwW36UFrLxORN7lfv1JM5qCDFdeQG9XqkZKkYG
UAck4M1E07xXYzZnWQe/Rir0DoXzJJ/FL0HmrhtADvlzLyVuykiDLx71zueyDh8+
2utCpc6TE85klUOYAqbMZFX5ul9tGoQkYAKZcf6RM/VWUWdY8kyAcprVmV/h1hSn
HDJ1xevmpk5/zEOB41Nf5Yiv1mc2vMVYYpphK1UBd+HbF9XEj1xAUTRQZQXotFhA
uvODS6q32UgwKhGfM096RMP/Dk47gSOf730IPQNxihbsdbL+M/UNhMzKX5+lClw=
=qxNX
-----END PGP SIGNATURE-----

CLI analysis of hacked php.net

From: Dave Brockman 
------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

http://www.netresec.com/?page=Blog&month=2013-10&post=Command-line-Forensics-of-hacked-PHP-net

Regards,

dtb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBAgAGBQJSbxOZAAoJEMP+wtEOVbcdhHYH/1MoRz9Fc1YxgoJ0y9cWjkH/
iUYIPRTNaI2jNdNuMYVTeBazJbgMBcdvEmsBx06rxuONaOZVjEoY71zkfTBYeYwy
aW5E1VovoBBKx+jV23iXngdJ0iywtz5m8reyhki3GyiGjBXAXqFoaRdGKL5OltP5
pNab//vQuIEfyvyuVI2UTtHIgqhyMv75+PjkcMRbXxToNenkyn0LX+mMVEWZWkkk
X5VIMYflWZTrWaJei7aw5Bbs3cDH5RTOtARMK1lTxLYRVOKO4mrceFmyrpKjgOdb
IpIMPruuXYpyX60SvSGGSHoYK1MlHBA8KH7fynSfekxOJdxK1wpPqn5afZaUS4k=
=tShk
-----END PGP SIGNATURE-----

MySQL Tuning... With Oracle/Java MySQL Enterprise Monitor

From: Mike Harrison 
------------------------------------------------------

Ed and other heavy MySQL/Maria users..

Dispite that it installs Java, and therefor I probably won't run it all 
the time... (added some server load as well as just being Java) I've been 
playing with the Oracle MySQL Enterprise Monitor (and the Agents you 
install on each SQL server) and learned some things about MySQL tuning 
from it, it actually has some very informative helpful information in it. 
More useful instructions that the MySQL Website (which is pretty good).

Summary: Works best if you install the monitoring agent on each server,
and then install the monitoring server on a seperate system, The Agents 
connect back to the server. They even use SSL connections, you should
be able to run the monitor in your office for systems in colo with some 
firewall rules. It recognized the multi-master slave configs and even a 
second MySQL instance (on strange ports) running on the servers.
It gives advice about user perms/security configs as well as table cache 
and settings for InnoDB writes and such.. Including when doing something 
for a performance increase breaks ACID compliance. While it installs and 
uses MySQL 5.6 and Java, the Agents will work with 5.1 and above,
in my case right now it's looking at two 5.1 servers on Redhat, a 5.5 
server on Ubuntu and three 5.6 servers on Redhat.. across 4 systems on two 
physically separated networks. If you are careful, setting up multiple 
MySQL instances is not that hard..

Worth playing with, and going through the Oracle signup process to get a 
copy to evaluate. Of course.. They'd like you to pay for it for production 
long term use, and I'd have to say it could save you enough headaches it 
would be worth it.

And it has awesome pretty dashboard/charts for the pointy haired types..
as well as useful screen candy for DBA/SysAdmin types.









mysql vs mariadb (was: "How libraries can be a haven for makers")

From: Ed King 
------------------------------------------------------
Digging up old emails... =A0 =0A=0AWe've been on the new servers for a few =
weeks now, and things are hunky dory =0A=0Abut...=A0=A0 we stuck with mysql=
 instead of putting mariadb into production.=A0=A0 After setting the mysql =
transaction isolation level to "READ COMMITTED" we stopped getting those pe=
sky "lockwait timeouts" and that was our main beef with mysql.=A0=A0 Yeah w=
e don't trust Oracle but then again...=A0 can we trust Monty?=A0 He sold ou=
t the first time; he might do it again ;-)=0A=0Aso no mariadb war stories t=
o tell=0A=0A=0A=0A=0A=0A=0A