Planet Kwekje

Man dood na val van 7e etage

AMSTERDAM - Een 47-jarige man uit Vlaardingen is zaterdagochtend omgekomen toen hij van de zevende etage van een flat naar beneden viel. Reanimatie door politieagenten mocht niet meer baten.

Jammie Thomas To Appeal $1.9 Million RIAA Verdict

CNet reports that the lawyers representing Jammie Thomas-Rasset have confirmed she will be fighting the $1.9 million verdict handed down in her case against the RIAA. "The Recording Industry Association of America said on Monday that it had made a phone call to Sibley and law partner Kiwi Camara last week to ask whether Thomas-Rasset wanted to discuss a settlement. An RIAA representative said that its lawyers were told by Sibley that Thomas-Rasset wasn't interested in discussing any deal that required her to admit guilt or pay any money. ... 'She's not interested in settling,' attorney Joe Sibley said in a brief phone interview. 'She wants to take the issue up on appeal on the constitutionality of the damages. That's one of the main arguments — that the damages are disproportionate to any actual harm.'"

Read more of this story at Slashdot.

Dead Gnomes: idiotically grinning ghastly garden gnomes

Out of the Blue's "Dead Gnome" line features garden gnomes with pistols in their mouths, or holding up the dripping heads of decapitated brethren, industriously sawing their own hands off, hanging from a gibbet, grinning glassily at the arrow that's pierced their heads, and so on. It's the wet, happy grins that get me.

Dead Gnome (Thanks, Alice!)

Reality show gives points to clerics for converting Atheists

A new Turkish game-show asks clerics to convert atheists and awards prizes for the most conversions; I think the atheists should get points for resisting the pitch, too -- it's only fair (and the atheists should win supreme if the cleric loses faith altogether!).

A new game show on Turkish television will pit a Greek Orthodox priest, a rabbi, an imam and a Buddhist monk against one another in attempt to convert atheists to their respective religions.

In each episode of Penitents Compete, to be broadcast by Turkey's Kanal T television station in September, the four faith guides will try to persuade 10 atheists of the merits and truth of their creeds...

An eight-member team of theologians will vet contestants to ensure they really are atheists before deciding who will participate in the show.

One-ton manta cyclonic feeding frenzy

Marilyn sez, "Pretty cool photos from July National Geographic. These manta rays in the Maldives have a 12-ft-wingspan, and the photographer Thomas Peschak was right in among them during feeding frenzies to get these shots. I especially like the last one in this gallery, which shows them lining up one behind the other in chain feeding behavior before swirling into a spiral formation for cyclone feeding, a behavior rarely seen outside the Maldives."

Feeding Frenzy (Thanks, Marilyn!)

Holger Levsen: #535691 - RFH: munin packaging help

package: wnpp
x-debbugs-cc: munin-deb-maint@linpro.no, munin-users@lists.sourceforge.net

The munin package could need some more love:
- currently there are 35 open bugs, some with patches, some need to go upstream, etc. - and there is a constant flow of new bugs coming.
- the Debian package has 55 patches applied. Few are Debian specific, many have been applied upstream in the 1.3 branch, but some not. Unfortunatly, we don't have an overview about which patch is in which category...
- munin 1.3 is about to from alpha to beta status and 1.4 might even be released in time for squeeze. It would be awesome to upload 1.3 to experimental soon, to get more testing.
- while uploaders lists five people, most work in the last year has been done by two and most work in the last half year has been done by one person...

If you are interested in helping out, no matter whether you are a DD, DM or not, please contact me or just start working:
- BTS cleanup
- patch renaming (1xx_* = debian-specific, 2xx_* = applied in 1.3, etc)
- packaging 1.3

Thanks.

p7zip 9.04

Het compressieformaat 7z wordt steeds meer gebruikt voor het comprimeren van bestanden. Het programma p7zip is speciaal geschreven voor verschillende Unix-, BSD- en Linux-platformen en biedt volledige ondersteuning voor het 7z-formaat. De ontwikkelaar heeft enkele dagen geleden een nieuwe versie uitgebracht met 9.04 als het versienummer, hetzelfde versienummer als het programma 7-Zip voor Windows-...

webcamXP 5.3.4.205

Het programma webcamXP stelt je in staat om zonder al te veel problemen je eigen webcamstream op het wereldwijde web te publiceren. Het programma ondersteunt zo goed als alle webcams die van vfw en wdm gebruikmaken, maar kan ook beelden doorsturen van ip-gebaseerde webcams. Daarnaast kan het programma ook de eventueel aanwezige pan-, tilt- en zoomfuncties van de webcam aansturen. De ontwikkelaar h...

Condor 7.2.4

Het Condor Team van de Universiteit van Wisconsin-Madison heeft een nieuwe stable-versie uitgebracht van hun 'workload management system' Condor. Het versienummer is aanbeland bij 7.2.4 en het pakket wordt onder de Apache 2.0-licentie uitgegeven. Condor richt zich op het beheer van rekenintensieve taken en kan deze over meerdere aangesloten nodes verdelen. De gebruiker stuurt zijn taak naar Condor...

Western Digital My Book World Edition (II) 01.00.16

Western Digital heeft voor zijn My Book World Edition en My Book World Edition II nas-producten nieuwe firmware uitgebracht met 01.00.16 als het versienummer. Om deze update toe te passen maak je gebruik van de aanwezige WD Discovery Tool waar je in de advanced mode automatisch nieuwe firmware kan binnenhalen. De beknopte lijst met aanpassingen ziet er als volgt uit:My Book World EditionVersion ...

NNTPGrab 0.5.0

NNTPGrab is in staat om bestanden van usenet binnen te halen en wordt onder de gpl uitgegeven. Het kan gebruikmaken van de welbekende nzb-bestanden, automatisch par2-bestanden verwerken en meerdere usenet-servers raadplegen. Voor meer informatie verwijzen we jullie door naar deze pagina. De ontwikkelaars hebben versie 0.5.0 voor zowel Linux, Mac OS X als Windows uitgegeven. De bijbehorende lijst m...

Nokia E51 400.34.011

Nokia heeft voor zijn mobiele telefoons van het type E51 nieuwe firmware uitgebracht met versienummer 400.34.011. Deze update kan zoals gewoonlijk met behulp van de Nokia Software Updater binnengehaald worden om vervolgens doorgepompt te worden naar de mobiele telefoon. Ook kan de update verkregen worden door het binnen lopen van een Nokia Service Punt. De bijbehorende lijst met veranderingen laat...

NewsLeecher 4.0 bèta 5

Afgelopen donderdag is de vijfde bètarelease van NewsLeecher 4.00 uitgebracht. Met dit programma is het mogelijk om op een eenvoudige manier bestanden uit nieuwsgroepen te downloaden. NewsLeecher heeft ondersteuning voor nzb-bestanden, beschikt over een zogenaamde 'super search' en kan gedownloade bestanden automatisch op volledigheid controleren en vervolgens zelfstandig uitpakken. De...

Warzone 2100 2.2.1

Warzone 2100 is een rts -game die vergelijkbaar is met onder andere Earth 2150. Het werd oorspronkelijk ontwikkeld door Pumpkin Studios en in 1999 door Eidos Interactive voor zowel de pc als de Playstation uitgeven. Eidos heeft eind 2004 de broncode van Warzone 2100 onder de GNU General Public License vrijgegeven, waarna het Warzone 2100 Resurrection Project werd gestart. De ontwikkelaars hiervan ...

MediaInfo 0.7.18

Vrijdag is versie 0.7.18 van MediaInfo uitgebracht. Dit programma kan worden gebruikt om meer te weten te komen over de eigenschappen van audio- en videobestanden. Zo geeft MediaInfo uitgebreide informatie over de tags, gebruikte codecs en containers. De software is beschikbaar voor Windows, Linux en Mac OS X, en kan met een grafische gebruikersinterface of vanaf de commandline worden gebruikt...

Wine 1.1.25

Vrijdag is een nieuwe ontwikkelbuild van Wine uitgebracht. Aan Wine wordt door een grote groep ontwikkelaars bijgedragen, vandaar dat gekozen is om elke twee weken een nieuwe build de deur uit te doen, in plaats van te wachten tot er een aantal nieuwe functies klaar zijn. Wine is een opensource-implementatie van de Windows-api. Dit maakt het mogelijk om DOS- en Windows-programma's op onder an...

ChrisTV Online! 4.00

ChrisTV heeft versie 4.00 van ChrisTV Online uitgebracht. Met dit programma kan naar meer dan 1800 tv-kanalen worden gekeken en naar ruim 600 radiokanalen worden geluisterd, zonder dat de computer over een tv-kaart hoeft te beschikken. Het gaat om streams die gratis op internet te vinden zijn en door ChrisTV handig en overzichtelijk worden samengebracht. Het programma kan twee weken gratis w...

VMware ESX(i) 4.0.0 build 171294

Virtualisatie heeft de laatste jaren een steeds prominentere plek veroverd in het bedrijfsleven. Bekende namen zijn onder andere Xen en VMware. Het laatstgenoemde bedrijf heeft met zijn vSphere 4 een stevig platform in handen. Een belangrijk onderdeel van dat platform is VMware ESX, dit wordt ook als een gratis te gebruiken bare-metal-hypervisor werd uitgebracht met VMware ESXi als productnaam. Vo...

Toshiba kondigt in Japan twee hdd-recorders aan

De Japanse elektronicagigant Toshiba heeft twee harddiskrecorders aangekondigd die videobeelden in hoge kwaliteit kunnen opnemen. De recorders hebben een harde schijf van 320GB of 1TB aan boord, maar opnames kunnen ook op dvd gezet worden.

Sapphire propt 2GB geheugen op HD 4890 Vapor-X

Videokaartfabrikant Sapphire gaat een HD 4890 uitbrengen met 2GB gddr5-geheugen. De videokaart is tevens uitgerust met Sapphire's speciale Vapor-X koeler, die de videokaart een stuk stiller en koeler zou moeten houden.

Fraunhofer print batterijen van een millimeter dik

Onderzoekers van het Duitse Fraunhofer-instituut hebben een methode ontwikkeld om zeer kleine, platte batterijen te printen. De energiebronnen zouden kostendekkend gemaakt kunnen worden, maar hebben een beperkte levensduur.

Tarot: now with added cat-girls

Chris' Invincible Super-Blog reviews Tarot #42

(possibly NSFW)

Machinisten belaagd op station Doetinchem

DOETINCHEM - Baldadige jongeren hebben in de nacht van vrijdag op zaterdag op het station van Doetinchem twee machinisten belaagd.

Odd.. Cat's Eye Technologies: Haskell Projects

submitted by dons
[link] [3 comments]

Symantec Exec Warns Against Relying On Free Antivirus

thefickler writes "Clearly, the rise of free antivirus is starting to worry Symantec, with one of their top executives warning consumers not to rely on free antivirus software (including Microsoft's Security Essentials). 'If you are only relying on free antivirus to offer you protection in this modern age, you are not getting the protection you need to be able to stay clean and have a reasonable chance of avoiding identity theft,' said David Hall, a Product Manager for Symantec. According to Hall, there is a widening gap between people's understanding of what protection they need and the threats they're actually facing."

Read more of this story at Slashdot.

The Chemistry of Firework Displays

Ponca City, We love you writes "David Ropeik writes at MSNBC that there's a lot more to making a basic firework display than putting a fuel source and an oxidizer together. Pyrotechnic chemists, who are trying to create bedazzlement instead of bang, don't want their work to explode, but to burn for a bit, so it gives a good visual show. To achieve the desired effect, the sizes of the particles of each ingredient have to be just right, and the ingredients have to be blended together just right. To slow down the burning, chemists use big grains of chemicals, in the range of 250 to 300 microns, and they don't blend the ingredients together very well, making it harder for the fuel and oxidizer to combine and burn, thus producing a longer and brighter effect. Surprisingly few emitters are used in pyrotechnics, and there are no commercially useful emitters in blue-green to emerald green in the 490-520 nm region. Energy from the fire in the basic fuel is transferred to the atoms of the colorant chemicals, exciting the electrons in those chemicals into a higher energy state. As they cool down, they move back to a lower state of energy, emitting light. So, you actually see the colors in fireworks as they're cooling down. To get the really tricky shapes, like stars or hearts, the colorant pellets are pasted on a piece of paper in the desired pattern. That paper is put in the middle of the shell with explosive charges above it, and below. When those charges go off, they burn up the paper, and send the ignited colorant pellets out in the same pattern they were in on the sheet of paper, spreading wider apart as they fly."

Read more of this story at Slashdot.

Stroomstoring in Rotterdam voorbij

ROTTERDAM - Inwoners van de Rotterdamse wijk Pendrecht hebben zaterdag enkele uren zonder stroom gezeten.

Doden en overlast door noodweer Duitsland

AMSTERDAM - Hevige onweersbuien en zondvloedachtige regenval hebben in Duitsland twee mensenlevens geëist en voor veel overlast gezorgd. Dit meldde Bild, de grootste Duitse krant, zaterdag op zijn website.

President Italië tekent afluisterwet niet

ROME - President Giorgio Napolitano van Italië weigert de omstreden nieuwe afluisterwet te tekenen die al door de Kamer van Afgevaardigen is aangenomen en nu bij de Senaat ligt.

Martin Meredith: EuroPython 2009

So, for most of the last week, I’ve been at EuroPython 2009. The conference was amazing, even if I am still completely shattered.

A lot of people who know me have asked why I went to EuroPython. I know at least one person made the comment “But you’re a PHP Hacker (hiss)”. Yes. I’m a PHP hacker by trade, but I’ve been trying to teach myself Python over the last few months, and I’ve really been enjoying it. I’ve not done much of great interest, but I’ve found that Django is a pretty awesome tool, and lets me build stuff like my Video Site with minimal effort.

Anyway, back to the conference. I got involved pretty simply because I’m a local, and know most of the organisers from my Local LUG. I’m glad I did get involved in it though. I enjoyed it (though, until I got home from it, I hadn’t had time to realise I’d enjoyed it!).

Day 1

I arrived at the conservatoire at about 7:30 am. I was half asleep, and didn’t really know what was going on. I found the registration desk, got my badge, and buggered off to the crew room to get changed into my lovely blue shirt, and then I started off helping set some stuff up (projectors and such)

Knowing that I’d previously lost my Bank Card, and that I’d need cash, I scarpered pretty quickly to the bank, to go get some money for the week. I headed back to the conference for about 10, and then wandered aimlessly around looking at the different stalls. I hadn’t volunteered to do anything till 11:30.

At about 11:15, I headed to the Adrian Boult hall to get ready and Mic up the first speaker I had to work with. This was Simon Willison, talking about CrowdSourcing with Django. A pretty cool talk, which was kind of interesting to me after listening to Matthew Somerville’s talk at my local LUG the month before.

Next up was the talk that had been advertised in all the toilets around the venue. I’ve no idea why it was advertised in the toilets, and I didn’t really watch that much of the talk. The speaker had wanted a screen with IRC in for the talk, and this was where the first major fail came in. Chris Swift’s laptop didn’t like the projector, so I had to dash up and replace it with mine. Unfortunately, for some reason, my laptop didn’t want to work with the projector under Ubuntu, but happily worked with it under vista, so I loaded that up, loaded up putty, and SSH’d into my irssi session. Anyone who saw this will probably agree that I need to be in less IRC channels!

Lunchtime next. I quickly ran off to McDonalds to grab some food (not wanting to have to stand in the long queue!) and headed back to set my laptop up with the projector for the big Twitter screen, which people seemed to enjoy (espescially Fiona!).

After lunch was the first Keynote from Cory Doctorow, who I’ve already mentioned before, is one of my favourite authors. Cory managed to give us a dark perspective on where life in the digital age could be going, and a rallying cry for us to fight against that (though surely,this is reminiscent of M1k3y?? I wonder if the DHS will be after Cory now!). I also managed to snag a copy of “Little Brother”, which Cory asked that we email a copy of the ebook to people after we’d read it. I’ll one up that, and tell you that you should go read it (espescially if you saw his talk!) If you want to be emailed a copy, please leave a comment and I’ll add you to the list I’ll be sending it to!

It was about this point that I started wanting to get onto IRC and chat to people. Unfortunately, my laptop is a right dodgy thing, and doesn’t like using wireless of any kind. Luckily, I had my E71 to hand, and so managed to get online with that (and it shocked me how easy it was to set up in Ubuntu). I ended up using this as my primary means to access the net throughout the conference. I just wish I’d had my E71 Desktop Charger with me, as I’d then have been able to charge my phone via USB at the same time! Unfortunately, it meant that I had to spend my time at the hotel flicking and changing between the charger for my phone and my laptop to try and keep them both going (why a hotel room only has one plug socket, I don’t know!)

Next up was “Mashing up the Guardian” and “Flickr for Formulas”. .. the second talk I don’t actually remember any of. But the first one was pretty interesting. I thought during it “Oh, I could link that up to twitter and generate a personal news feed based upon what they were twittering about. Unfortunately, the last few slides was showing someone who’d done exactly that. I guess my ideas aren’t that original!

Off to the Australian bar for the social, where I got rather tipsy, and chatted to some very cool people (thanks for the link to the Biltong seller Brad!)

Day 2

Bruce Eckel started the day off with the keynote. I was half asleep during this, having been out for most of the day, but I do remember that there were some pretty amusing pictures, and some good commentary. I also enjoyed the talk about unconferences, which led me to thoughts about possibly doing something similar for FizzPOP.

The day dwindled away with me running round until Bea’s talk “We need to fail, and we need to fail fast” – a very good insight into Agile Methodology (some of which we should probably adopt at work!). First barefoot presentation I’ve seen. Bea’s a very good speaker though, you can tell she has a lot of passion about what she’s talking about.

Next was a caged deathmatch. I didn’t really know much about Unit Testing in Python, being a bit of a n00b and all, but the talk was interesting nontheless. Even if I did end up running up and down the stairs like a trained monkey (ah well, I needed the exercise anyway!)

Next Keynote: Bletchley Park. I found this talk had some interesting content, but it’s delivery was a bit dry.

Then it was time for the GPG Keysigning. I’d left my ID in the hotel. What an idiot!

Lightning talks were next, followed by another keynote, followed by a spectacular fail trying to get Guido up on the big screen (10 second delays, him not hearing anything, and then the laptop battery running out). Alex took it in his stride though, the bow with a flourish was certainly amusing!

Off to the conference dinner. Good food, good conversation, good talk.

Day 3

I’m surprised I made it in. I was tired. Too much running around.

Tobias started off the day with a short talk on OSS, BSS, and Python, and then I went to the “Clean Code Challenge” talk, which was interesting, though I’m not too sure about the actual coding bit of it. There were a few things in the talk that I wish has been delivered to my bosses, but I’m not too sure the example “Clean Code” that was meant to be pythonised was the best code to work with.

Another Keynote, lots more lightning talks, and then a prize draw. I didn’t win anything, but I enjoyed myself.

After that, there was a “secret” organisers meal at the Hyatt Hotel. Good food and good conversation again.

And that was it, I headed home, and slept for 16 hours!

Thanks to everyone who made EuroPython a success. All the organisers, all the speakers, and all the delegates.

Though hopefully more people will help out next time. I don’t think Ciaran got to sit down for more than 5 seconds during the day!

Veel banden caravans niet in orde

DUIVEN/EMMEN - Meer dan de helft van de caravans die zaterdag voor een vrijwillige inspectie werden aangeboden op parkeerplaatsen voor de Duitse grens, had te kampen met banden die te zacht, te oud of versleten waren.

Generating Power From Ocean Buoys and Kites

cheezitmike writes "Researchers at Oregon State University are testing a new type of wave-energy converter to generate electricity from ocean waves: 'Even when the ocean seems calm, swells are moving water up and down sufficiently to generate electricity. ... For decades the challenge has been to build a device that can withstand monster waves and gale-force winds, not to mention corrosive saltwater, seaweed, floating debris and curious marine mammals. ... In the most recent prototypes, a thick coil of copper wire is inside the first component, which is anchored to the seafloor. The second component is a magnet attached to a float that moves up and down freely with the waves. As the magnet is heaved by the waves, its magnetic field moves along the stationary coil of copper wire. This motion induces a current in the wire — electricity.'" Meanwhile, researchers at Stanford are working to design "turbine kites" that operate at 30,000 feet, where air currents flow much faster than they do close to the ground. Ken Caldeira, a Stanford associate professor, said, "If you tapped into 1% of the power in high-altitude winds, that would be enough to continuously power all civilization."

Read more of this story at Slashdot.

Thermaltake introduceert nieuw ProWater-koelsysteem

De Taiwanese hardwarefabrikant Thermaltake heeft een waterkoelset uitgebracht dat voor high-end systemen bedoeld is. De ProWater PW880i beschikt over één grote radiator om de warmte af te voeren en heeft een koperen koelblok.

Hacker publiceert jailbreaktool voor iPhone 3GS - update

De 19-jarige Amerikaanse hacker 'GeoHot' heeft een jailbreaktool voor de iPhone 3GS gepubliceerd. GeoHot vond dat de jailbreaksoftware van het iPhone Dev Team te lang op zich liet wachten en stelde zijn eigen tool PurpleRa1n beschikbaar.

The H Week

This week, The H reported on several new major releases, including Firefox 3.5, Python 3.1, NetBeans 6.7, PHP 5.3.0, VirtualBox 3.0 and PostgreSQL 8.4, and covered the result of Stallman's open letter criticising Debian's use of Mono

Pavlova

Kijk voor de ingrediënten en het recept op nrc.tv

Gevonden lichaamsdeel blijkt schedel vermiste man

LEEUWARDEN - Het lichaamsdeel dat scholieren afgelopen week aantroffen op het recreatie-eilandje De Froskepolle bij Leeuwarden blijkt de schedel van een vermiste man te zijn.

An Askproggit: How to start designing a functional program?

submitted by dons
[link] [1 comment]

Sebastian Fischer: A brief overview on functional programming ... feedback wanted

submitted by dons
[link] [1 comment]

"On" the "By" functions

submitted by notfancy
[link] [10 comments]

Friday Squid Blogging: Office Squid

Office squid.

The Pros and Cons of Password Masking

Usability guru Jakob Nielsen opened up a can of worms when he made the case for unmasking passwords in his blog. I chimed in that I agreed. Almost 165 comments on my blog (and several articles, essays, and many other blog posts) later, the consensus is that we were wrong.

I was certainly too glib. Like any security countermeasure, password masking has value. But like any countermeasure, password masking is not a panacea. And the costs of password masking need to be balanced with the benefits.

The cost is accuracy. When users don't get visual feedback from what they're typing, they're more prone to make mistakes. This is especially true with character strings that have non-standard characters and capitalization. This has several ancillary costs:

• Users get pissed off.
• Users are more likely to choose easy-to-type passwords, reducing both mistakes and security. Removing password masking will make people more comfortable with complicated passwords: they'll become easier to memorize and easier to use.

The benefits of password masking are more obvious:

• Security from shoulder surfing. If people can't look over your shoulder and see what you're typing, they're much less likely to be able to steal your password. Yes, they can look at your fingers instead, but that's much harder than looking at the screen. Surveillance cameras are also an issue: it's easier to watch someone's fingers on recorded video, but reading a cleartext password off a screen is trivial.

  In some situations, there is a trust dynamic involved. Do you type your password while your boss is standing over your shoulder watching? How about your spouse or partner? Your parent or child? Your teacher or students? At ATMs, there's a social convention of standing away from someone using the machine, but that convention doesn't apply to computers. You might not trust the person standing next to you enough to let him see your password, but don't feel comfortable telling him to look away. Password masking solves that social awkwardness.

• Security from screen scraping malware. This is less of an issue; keyboard loggers are more common and unaffected by password masking. And if you have that kind of malware on your computer, you've got all sorts of problems.

• A security "signal." Password masking alerts users, and I'm thinking users who aren't particularly security savvy, that passwords are a secret.

I believe that shoulder surfing isn't nearly the problem it's made out to be. One, lots of people use their computers in private, with no one looking over their shoulders. Two, personal handheld devices are used very close to the body, making shoulder surfing all that much harder. Three, it's hard to quickly and accurately memorize a random non-alphanumeric string that flashes on the screen for a second or so.

This is not to say that shoulder surfing isn't a threat. It is. And, as many readers pointed out, password masking is one of the reasons it isn't more of a threat. And the threat is greater for those who are not fluent computer users: slow typists and people who are likely to choose bad passwords. But I believe that the risks are overstated.

Password masking is definitely important on public terminals with short PINs. (I'm thinking of ATMs.) The value of the PIN is large, shoulder surfing is more common, and a four-digit PIN is easy to remember in any case.

And lastly, this problem largely disappears on the Internet on your personal computer. Most browsers include the ability to save and then automatically populate password fields, making the usability problem go away at the expense of another security problem (the security of the password becomes the security of the computer). There's a Firefox plugin that gets rid of password masking. And programs like my own Password Safe allow passwords to be cut and pasted into applications, also eliminating the usability problem.

One approach is to make it a configurable option. High-risk banking applications could turn password masking on by default; other applications could turn it off by default. Browsers in public locations could turn it on by default. I like this, but it complicates the user interface.

A reader mentioned BlackBerry's solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

I, for one, would like the option. I cannot type complicated WEP keys into Windows -- twice! what's the deal with that? -- without making mistakes. I cannot type my rarely used and very complicated PGP keys without making a mistake unless I turn off password masking. That's what I was reacting to when I said "I agree."

So was I wrong? Maybe. Okay, probably. Password masking definitely improves security; many readers pointed out that they regularly use their computer in crowded environments, and rely on password masking to protect their passwords. On the other hand, password masking reduces accuracy and makes it less likely that users will choose secure and hard-to-remember passwords, I will concede that the password masking trade-off is more beneficial than I thought in my snap reaction, but also that the answer is not nearly as obvious as we have historically assumed.

The Insecurity of Secrecy

Good essay -- "The Staggering Cost of Playing it 'Safe'" -- about the political motivations for terrorist security policy.

Senator Barbara Boxer has led an effort to at least put together a public database of ash storage sites so that people can judge the risk to the areas where they live. However, even this effort has been blocked not by coal companies or utilities, but by the DHS. How could it possibly be a national security interest to cover up the location of material that's "not toxic or anything?" It's not. In fact, even if the ash turns out to be as bad as its worst critics fear, blocking the database is far more dangerous than revealing the location of these sites. Not only has there not been any threat against these sites by terrorists, and no workable scenario by which they might cause a problem, coal slurry impoundments are already failing with regularity, dousing parts of America with millions of gallons of this material. It doesn't take terrorists to make this happen.

Blocking the release of this information doesn't protect the citizens of the United States in any way. It's just another example of the same creeping secrecy that makes cities more difficult to manage because of secrecy over facilities. The same creeping secrecy that "blurs" national monuments from images and puts intentional gaps in public information. The same creeping secrecy that increasingly elevates the most unlikely attack -- the shoe bombers of the world -- above our right to know what's going on around us so that we can make informed decisions. The same secrecy that defends torturers.

Information Leakage from Keypads

Can anyone guess the entry codes for these door locks?

There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234.

More Security Countermeasures from the Natural World

The plant caladium steudneriifolium pretends to be ill so mining moths won't eat it.

She believes that the plant essentially fakes being ill, producing variegated leaves that mimic those that have already been damaged by mining moth larvae. That deters the moths from laying any further larvae on the leaves, as the insects assume the previous caterpillars have already eaten most of the leaves' nutrients.

Cabbage aphids arm themselves with chemical bombs:

Its body carries two reactive chemicals that only mix when a predator attacks it. The injured aphid dies. But in the process, the chemicals in its body react and trigger an explosion that delivers lethal amounts of poison to the predator, saving the rest of the colony.

The dark-footed ant spider mimics an ant so that it's not eaten by other spiders, and so it can eat spiders itself:

M.melanotarsa is a jumping spider that protects itself from predators (like other jumping spiders) by resembling an ant. Earlier this month, Ximena Nelson and Robert Jackson showed that they bolster this illusion by living in silken apartment complexes and travelling in groups, mimicking not just the bodies of ants but their social lives too.

Now Nelson and Robert are back with another side to the ant-spider's tale - it also uses its impersonation for attack as well as defence. It also feasts on the eggs and youngsters of the very same spiders that its ant-like form protects it from. It is, essentially, a spider that looks like an ant to avoid being eaten by spiders so that it itself can eat spiders.

My previous post about security stories from the insect world.

Mike Hommey: Iceweasel 3.5 pre-release packages available

It took less time I expected, but after making xulrunner 1.9.1 pre-release packages available, I’m making iceweasel 3.5 pre-release packages available:

• For amd64
• For i386

As for xulrunner, some more work on these is required before they are ready to be uploaded to the Debian archive.

'EU moet zorgen voor motorvriendelijke vangrail'

BRUSSEL - De Europese Unie moet zo snel mogelijk zorgen voor motorvriendelijke vangrails. Motorrijders lopen nu onnodig gevaar doordat het besluit daarover continu wordt uitgesteld, vinden CDA-Europarlementariërs Wim van de Camp en Corien Wortmann.

50.000 Chinezen geëvacueerd na overstromingen

PEKING - Meer dan 50.000 mensen zijn geëvacueerd in het zuiden van China, nadat hevige regenval rivieren deed overstromen.

Behind the First Secure Quantum Crypto Network

schliz writes "Researchers behind the world's largest quantum encrypted network said the technology could secure business networks inside six years. The prototype Quantum Key Distribution network was built by the Secure Communication Based On Quantum Cryptography (SECOQC) group last year. It is described in a journal paper published by the Institute of Physics this week, which includes details on how it is based on the trusted-repeater paradigm."

Read more of this story at Slashdot.

Bejaarde vrouw dagen dood in woning

HAARLEM - Een 83-jarige vrouw uit Haarlem heeft waarschijnlijk dertig tot vijftig dagen dood in haar woning gelegen zonder dat iemand dit opmerkte.

Mike Hommey: Try your own monster

I’m more than halfway to an upload of xulrunner to experimental, but until I get iceweasel itself built, and xulrunner in an uploadable shape, you can download amd64 and i386 packages of xulrunner-1.9.1 from my p.d.o space. To get something that works, you only need libmozjs2d and xulrunner-1.9.1. Following are direct links to the relevant files:

• For amd64:
  • libmozjs2d_1.9.1-0_amd64.deb
  • xulrunner-1.9.1_1.9.1-0_amd64.deb
• For i386:
  • libmozjs2d_1.9.1-0_i386.deb
  • xulrunner-1.9.1_1.9.1-0_i386.deb

I only tested the amd64 binary, which doesn’t have JIT javascript, so if you have particular problems with the i386 binaries, please report them in the comments. You can obviously leave comments for problems with the amd64 binaries, by the way.

Since iceweasel 3.5 is not ready yet, you may still want something to try this xulrunner out. You can try your own monster, for that purpose. The steps involved to create the monster are actually simple:

• Edit the /usr/lib/iceweasel/application.ini file and change the MaxVersion value in the [Gecko] section to 1.9.1
• Replace the /usr/lib/iceweasel/xulrunner symbolic link with a symbolic link to /usr/lib/xulrunner-1.9.1 (ln -sfn ../xulrunner-1.9.1 /usr/lib/iceweasel/xulrunner)

With these changes, running iceweasel will start the monster.

If you still want to have iceweasel running the “normal” version, skip the second step above and start xulrunner-1.9.1 /usr/lib/iceweasel/application.ini instead.

Acht Nederlandse gewonden bij konvooi

DEN HAAG - Bij verschillende incidenten bij het hetzelfde konvooi in Afghanistan zijn acht Nederlandse militairen gewond geraakt. Het ministerie van Defensie heeft dat zaterdag bekendgemaakt.

Wear patterns as information leakage from security keypads

Bruce Schneier points out that keypad wear is a form of "information leakage": "There are 10,000 possible four-digit codes, but you only have to try 24 on these keypads. The first is most likely 1986 or 1968. The second is almost certainly 1234."

Information Leakage from Keypads

Nederlandse drugsbaas opgepakt op Ibiza

MADRID - ''Een van de grootste drugsbazen van Europa opgepakt'' en ''Grootste xtc-handelaar van Ibiza opgepakt'' koppen Spaanse kranten.

Noord-Korea vuurt weer raketten af

SEOUL - Noord-Korea heeft zaterdag vanaf de oostkust vijf korteafstandsraketten afgevuurd. Dat heeft het Zuid-Koreaanse ministerie van Defensie bekendgemaakt. Eerder deze week werden ook al dergelijke 'tests' uitgevoerd.

Camera catches Samsung's OLED iPhone wannabe

Jet takes off

Video  …

Things 1.3.8

Task organiser that's more about tasks than organisation

iPhone App Review Task manager apps all pose the question: 'How organised are you?' They imply that you're not very organised at all, or you wouldn't be considering software to help you get on top of things.…

Hitler finds out Michael Jackson has died (Der Untergang remix)

Video. Adolf Hitler is pretty pissed off to learn that Michael Jackson has died and won't be able to perform at his birthday party. Evidences the true marks of a great internet meme: infinite expandability, extremely bad taste in multiple respects, and an unfairly long lifespan. (via @andrewbaron)

'Ervaren militair schiet vaker per ongeluk'

RIJSWIJK - Het Openbaar Ministerie (OM) in Arnhem, dat militaire strafzaken behandelt, krijgt relatief vaak meldingen van militairen die ongewild schoten hebben gelost in Afghanistan.

EFF roemt Nederlandse metazoekmachine

Het Nederlandse Ixquick.com krijgt lofuitingen van privacywaakhond Electronic Frontier Foundation voor zijn "excellente privacybeleid".

Mozilla haast zich met Firefox-patch

Mozilla komt deze maand nog met de eerste patch voor Firefox 3.5. Die nieuwe browser heeft nog veel gaten, waaronder enkele kritieke.

Vijf redenen dat Pirate Bay 2.0 zal zinken

In juridisch zwaar weer verkopen de beheerders plots hun torrentsite The Pirate Bay. De koper heeft grootse plannen. Vijf redenen waarom het niets gaat worden.

djBC's Muppet mashups

djBC, consistently my favorite mashup producer/creator (he's the guy behind the Beasties/Beatles remix "The Beastles"), has released an entire album of remixes of Muppet music! He sez, "In honor of my daughter's first birthday- and one month late- I'm rolling out 'Muppet Mashup.' Ten mashups, remixes, and covers of music from The Muppet Show and Sesame Street. With the legendary McSleazy (of MTV Mash and GYBO), Dunproofin, ATOM, Martinn, Uncanny Valley and yours truly, dj BC. I'm particularly proud of my 'I'm Happy' track, which is built on Edwinn Starr loops, Muppet Show samples, and a fun, funky playground acapella from some little girls on Sesame Street."

I've just listened to this straight through, with the baby, and we were both captivated. Bravo!

Mashups, remixes, and covers of music from The Muppet Show and Sesame Street.

Coral Cache mirror of the entire album

Wilders hekelt oproep tot opstand tegen hem

DEN HAAG - PVV-leider Geert Wilders hekelt de oproep van PvdA-minister Guusje ter Horst (Binnenlandse Zaken) dat de Nederlands elite tegen hem in opstand moet komen.

HOWTO build a radio in a POW camp -- the real life King Rat

This first-hand account of the construction of a clandestine shortwave radio by British POWs in a Japanese camp in Singapore really reminds me of James Clavell's magnificent novel King Rat, my all-time favorite war-novel, which revolves grippingly around the construction, discovery and consequences of a hidden shortwave in the Changi camp (both Clavell and Ronald "St Trinian's" Searle were interned in this camp).

BJ: Can I just ask you - the components for the low voltage battery cells that you produced, where did you get all the components from?

RGW: Well, zinc wasn't hard, there was some sheet zinc lying on the aerodrome and we pinched quite a bit of that because that would be eaten away during the use of the cells for the low voltage. I don't know what would have happened if that ran out. I think someone produced two lantern cells which did for a while, but it was mainly on this home-made cell system, which wasn't efficient but nowhere near as inefficient as the rectifier was. We must have been consuming... Ah Ping said he had to turn up a lot of power to keep the lights what they wanted. We were dispersing such an amount of power in this four test tube rectifier for the high tension.

A variable capacitor was another component we had to bring in. We couldn't make a variable capacitor, it was impossible. We had to take two plates off the one we had to get a high enough frequency. Yes, I can't remember why we didn't go up a bit in inductance; it was largely a trial and error business really. Except that in a regenerative receiver you had some idea when you were near a station because the receiver was so sensitive as all regenerative receivers are.

It had a piece of meat skewer type wood which I had a hole drilled in by a pen-knife, and we glued this in with some of our glue or something, into the capacitor shaft so that we could tune it by holding a little stick across it, fixing it at about six inches because one couldn't get one's hands any closer to the set because it was in a state of very near oscillation where the maximum sensitivity is, just before it bursts into oscillation. With a fairly clear HF band, it wasn't long before we knew roughly, by putting a couple of marks on the stick, where it was. We knew that the Voice of America was due for a transmission and I don't think we ever knew the frequencies because the BBC didn't announce frequencies, they just came on the air and broadcast.

Landmark buildings of the world as acrylic rings

Etsy seller Plastique's got laser-cut acrylic rings boasting pointy world monuments. As knuckledusters, they create the possibility of growling, "Right, mate, you're geography," before you bust your opponent in the chops.

world landmarks acrylic ring set (white) (via Neatorama)

If woowoos ran the emergency room

"Homeopathic A&E," a sketch from the British comedy show That Mitchell and Webb Look invites us to imagine an emergency room (A&E is British for Accidents and Emergencies, the UK equivalent of ER), as run by newage woo woos.

That Mitchell and Webb Look: Homeopathic A&E (via White Coat Underground)

Compuserve shuts down

After 30 years, Compuserve is finally, totally, mostly dead (the email addresses still work). I was always a local BBS and GEnie guy, but there's no doubting the power and influence of Compuserve in introducing the idea of networked communications to a generation, and proving the business-case for commercial online activity:

The original CompuServe service, first offered in 1979, was shut down this past week by its current owner, AOL. The service, which provided its users with addresses such as 73402,3633 and was the first major online service, had seen the number of users dwindle in recent years. At its height, the service boasted about having over half a million users simultaneously on line. Many innovations we now take for granted, from online travel (Eaasy Sabre), online shopping, online stock quotations, and global weather forecasts, just to name a few, were standard fare on CompuServe in the 1980s.

CompuServe users will be able to use their existing CompuServe Classic (as the service was renamed) addresses at no charge via a new e-mail system, but the software that the service was built on, along with all the features supported by that software, from forums for virtually every topic and profession known to man to members' Ourworld Web pages, has been shut down. Indeed, the current version of the service's client software, CompuServe for Windows NT 4.0.2, dates back to 1999.

Massive bank fraud in massively multiplayer game EVE

The chairman of the virtual bank in EVE Online, a space-trading/piracy game, absconded with billions of virtual credits, swapping them for $5,000 in cash to make a house payment. The embezzlement caused a run on the bank and has rocked the economy of EVE.

The run on the bank has come to about 600 billion ISK, which has been withdrawn. However, we have a very big group of excellent supporters, who have deposited about 105 billion ISK sitting in Sweep to keep us liquid. We are extremely grateful for this. Currently the run seems to be mostly over with only a slightly higher withdrawal rate still, than deposit rate. That's to be expected, and in-line with EBANK's strategy to shrink to a more managable level.

EBANK has always been extremely sound, due to our massive reserves. Our checks and balances have proven themselves to work as a mitigation device and by having the reserves spread out over several directors, the embezzlement was kept to a minimum. However, the run on the bank had the potential to do great damage to EBANK as people frantically made withdrawals to ensure they would not be caught if the bank ran short.

We have also had several offers from very large entities, regarding big loans, should we need to cover any insolvency. Frankly, this has yet to be needed. But we are grateful for the support.

New perspective on EVE Online's latest bank embezzlement (via /.)

Honduras stapt uit OAS

TEGUCIGALPA - Honduras heeft zich vrijdag (lokale tijd) met onmiddellijke ingang teruggetrokken uit de Organisatie van Amerikaanse Staten (OAS). Dat heeft de Hondurese interim-president Roberto Micheletti laten weten.

Vrouw ligt vijf jaar dood in appartement

EDINBURGH - In Groot-Brittannië is opschudding ontstaan over de lugubere vondst die de politie deze week deed.

McAfee false-positive glitch fells PCs worldwide

When AV attacks

IT admins across the globe are letting out a collective groan after servers and PCs running McAfee VirusScan were brought down when the anti-virus program attack their core system files. In some cases, this caused the machines to display the dreaded blue screen of death.…

What is your recession sales strategy?

UK Police Told To Use Wikipedia When Preparing For Court

Half-pint HAL tips news of UK prosecution lawyers who are instructing police to study information on Wikipedia when preparing to give expert testimony in court. "Mike Finn, a weaponry specialist and expert witness in more than 100 cases, told industry magazine Police Review: 'There was one case in a Midlands force where police officers asked me to write a report about a martial art weapon. The material they gave me had been printed out from Wikipedia. The officer in charge told me he was advised by the CPS to use the website to find out about the weapon and he was about to present it in court. I looked at the information and some of it had substance and some of it was completely made up.' Mr. Finn, a former Metropolitan Police and City of London officer and Home Office adviser, added that he has heard of at least three other cases where officers from around the country have been advised by the CPS to look up evidence on Wikipedia."

Read more of this story at Slashdot.

Paul Silveria: PostgreSQL 8.4 makes it's own fireworks in July

Downloaded PostgreSQL 8.4 and I must say I'm impressed. My favorite features so far is the parallel restore capabilities, the CTE enhancements (I have to write these in other DB systems and keeping things similar in PostgreSQL makes things easier for me.) and the pgScript scripting framework.

Hats off to the PostgreSQL Team for another great release.

An important reminder

All Hugo votes had to have been received by "midnight (23:59)" Eastern Daylight Time (EDT) July 3.

Playing and learning

submitted by dons
[link] [1 comment]

Haskell: sort and sortBy

submitted by dons
[link] [0 comments]

Biohaskell : A set of tools for working with 454 sequences

submitted by dons
[link] [0 comments]

Hawking Says Humans Have Entered a New Stage of Evolution

movesguy sends us to The Daily Galaxy for comments by Stephen Hawking about how humans are evolving in a different way than any species before us. Quoting: "'At first, evolution proceeded by natural selection, from random mutations. This Darwinian phase, lasted about three and a half billion years, and produced us, beings who developed language, to exchange information. I think it is legitimate to take a broader view, and include externally transmitted information, as well as DNA, in the evolution of the human race,' Hawking said. In the last ten thousand years the human species has been in what Hawking calls, 'an external transmission phase,' where the internal record of information, handed down to succeeding generations in DNA, has not changed significantly. 'But the external record, in books, and other long lasting forms of storage,' Hawking says, 'has grown enormously. Some people would use the term evolution only for the internally transmitted genetic material, and would object to it being applied to information handed down externally. But I think that is too narrow a view. We are more than just our genes.'"

Read more of this story at Slashdot.

Rails: Validating URLs

Here's a quick-and-dirty way to validate URLs in your model. Updated: Only allow certain schemes.

require 'uri'

class Film < ActiveRecord::Base

  VALID_URI_SCHEMES = ['http', 'https']

  validates_presence_of :url
  validate :url_must_be_valid

protected

  def url_must_be_valid
    parsed = URI.parse(url)
    if !VALID_URI_SCHEMES.member?(parsed.scheme)
      raise URI::InvalidURIError
    end
  rescue URI::InvalidURIError => e
    errors.add(:url, 'is not a valid URL')
  end
end

Ketil Malde: A set of tools for working with 454 sequences

Pyrosequencing is often referred to as next-generation sequencing (although it would be increasingly more accurate to refer to traditional Sanger sequencing as previous-generation sequencing) as it produces large amounts of sequences at lower costs.  As the technology is radically different, so are the type of data that results from it, and while it is possible to use many of the same software tools for working with new sequences, there is a clear need for specific ones as well.

The Haskell bioinformatics library has for some time now supported reading and writing the SFF format, which is used by the oldest (previousest?) of the next generation technologies, namely Roche’s 454 sequencing.  Once the library functionality is in place, it is easy to develop small tools for doing the various chores.   After spending some time in anticipation of the hordes of programmers no doubt rushing to exploit the monumental effort put I down in  the library, I’ve instead written a few programs myself, including tools information/statistics extraction (flower),  extracting sequences by various criteria (fselect), simulating sequencing (pyrosim), and repairing broken SFF files (frepair).  This is their story.

Sebastian Fischer: FP Overview

I have finished a first draft of a brief overview on functional programming featuring type polymorphism, higher-order functions, lazy evaluation, class-based overloading, and equational reasoning.

comments appreciated!

Leo Hsu and Regina Obe: PostGIS 1.4 hot on the heels of PostgreSQL 8.4

PostgreSQL 8.4 has come out, and while I am a bit disappointed that PostGIS 1.4 has not come out for fear that we've missed a bit of the PostgreSQL 8.4 momentum, I am happy that we are nearing closer and just maybe we'll have it out by end next week. We now have a PostGIS 1.4RC1 http://postgis.refractions.net/download/postgis-1.4.0rc1.tar.gz tar ball as well as experimental binary builds of this for windows user's running PostgreSQL 8.3 http://postgis.refractions.net/download/windows/pg83/experimental/postgis/ or PostgreSQL 8.4 http://postgis.refractions.net/download/windows/pg84/experimental/postgis/. Please give both a try.

Working in the Cathedral Really?

As Paul duly noted in his blog entry Working in the Cathedral the model for PostGIS development is morphing, but I wouldn't call this morphing process one that is entirely toward the Cathedral model. Unlike the perceived Cathedral model, I would like to think we will have more frequent releases and beta releases, perhaps parallel experimental builds and most importantly, more fun. The main idea being making it much easier for mere mortals and fake mortals to taste test the cookies in the oven while they are cooking. By fake I mean unit tests, build bots, and computer generated people where the fear of destruction is removed. I feel this is the similar model PostgreSQL goes by or is trying to achieve.

Leo Hsu and Regina Obe: Window Functions Comparison Between PostgreSQL 8.4, SQL Server 2008, Oracle, IBM DB2

PostgreSQL 8.4 has ANSI SQL:2003 window functions support. These are often classified under the umbrella terms of basic Analytical or Online Application Processing (OLAP) functions. They are used most commonly for producing cumulative sums, moving averages and generally rolling calculations that need to look at a subset of the overall dataset (a window frame of data) often relative to a particular row. For users who use SQL window constructs extensively, this may have been one reason in the past to not to give PostgreSQL a second look. While you may not consider PostgreSQL as a replacement for existing projects because of the cost of migration, recoding and testing, this added new feature is definitely a selling point for new project consideration.

If you rely heavily on windowing functions, the things you probably want to know most about the new PostgreSQL 8.4 offering are:

• What SQL window functionality is supported?
• How does PostgreSQL 8.4 offering compare to that of the database you are currently using?
• Is the subset of functionality you use supported?

To make this an easier exercise we have curled thru the documents of the other database vendors to distill what the SQL Windowing functionality they provide in their core product. If you find any mistakes or ambiguities in the below please don't hesitate to let us know and we will gladly amend.

For those who are not sure what this is and what all the big fuss is about, please read our rich commentary on the topic of window functions.

FFI: calling into kernel32.dll

submitted by dons
[link] [1 comment]

New Ports of The Week (June 29)

There were 5 new ports for the week of June 22 to June 28:

• databases:
  • pear-MDB2-mysqli
  • pear-MDB2-sqlite
• devel:
  • p5-Devel-ebug
• editors:
  • texworks
• lang:
  • llvm-gcc4

Some ports had updates that users should be aware of; no port was removed. Some patches were backported to the 4.5-stable branch.

Amazon Wants Patent For Inserting Ads Into Books

theodp writes "Three Amazon inventors set out to correct what they felt was a real problem: that 'out-of-print or rare books ... typically do not include advertisements ... the content is fixed and, therefore, has not been adapted to modern marketing.' Their solution is spelled out in newly-disclosed Amazon patent applications for On-Demand Generating E-Book Content with Advertising and Incorporating Advertising in On-Demand Generated Content. From the patent apps, here's what the future of reading may look like: 'For instance, if a restaurant is described on page 12, [then the advertising page], either on page 11 or page 13, may include advertisements about restaurants, wine, food, etc., which are related to restaurants and dining.' So, what would a delightfully-tacky-yet-unrefined Hooters ad do for your Hemingway experience?"

Read more of this story at Slashdot.

Ghost Town: The Bumpy Road To Bodie

Stephen Worth says:

When I was very small, I had one of those horses on springs. I would jump on it and bounce around furiously while my Dad would urge me on, calling out to me to "Ride that horse down the bumpy road to Bodie!"

Before I was born, my family had taken a trip to the High Sierras and my Dad and Mom never forgot the potholes they had to navigate their 56 Chevy station wagon over. It was a memory they spoke of often. When I got a little older, I got a chance to visit Bodie with them, navigating a slightly more modern Chevy station wagon over those same potholes. Bodie became a lasting part of my consciousness as well.

On my personal blog, Late Night Coffee Shops, I just posted a documentary on Bodie (and its nine inhabitants) from the mid-1950s. If you love the otherworldly feeling of stillness in places like this as much as I do, this video will make your day and fill your dreams with the beautiful sound of wind blowing through sun bleached boards.

Fake Tamiflu "Out-Spams Viagra On Web"

cin62 writes "The number of Internet scammers offering fake versions of the anti-swine flu drug Tamiflu has surpassed those selling counterfeit Viagra, reports CNN. Since the H1N1 virus, also known as swine flu, was declared a global pandemic last month, there has been an increase in the number of Web sites and junk emails offering Tamiflu for sale. 'Every Web site that used to sell Viagra is now selling Tamiflu. We are pretty sure that the same people are making the Tamiflu as are making the Viagra,' said Director of Policy for the UK's Royal Pharmaceutical Society." This news fits in nicely with a report Wired ran a couple weeks ago about the hysteria behind H1N1.

Read more of this story at Slashdot.

The Don Martin Dictionary

Richard Metzger pointed me to the Don Martin Dictionary. Martin was one of my favorite Mad cartoonists. His sophisticated absurdism was the opposite of Dave Berg's middlebrow sitcom humor (but I liked him, too). The Don Martin Dictionary

Music video of stochasticity for Radiolab science podcast

Higher Mammals made a song and video to accompany Radiolab's recent show about stochasticity. If you don't already know about Radiolab, it's a terrific science podcast produced for WYNC public radio.

Radiolab Stochasticity Bonus Video!

Source Code of Several Atari 7800 Games Released

jadoon88 writes to share a series of old Atari 7800 games that have been unofficially open sourced. "Remember Dig Dug or Centipede or Robotron? They used to be favorites when Atari's 7800 series was still around. Since the era of those consoles is over, and a different world of interactive reality gaming has taken over, Atari has unofficially released source code of over 15 games for the coders and enthusiasts to admire the state-of-the-art (because this is what it was back then). During those times, nobody would have imagined in their wildest dreams the games that Atari's developers floated into the gaming thirsty market and instantly swept across continental boundaries. But things changed soon after that and a company once regarded as one of the most successful gaming console manufacturers and developers faded away in the pages of our technology's hall-of-fame."

Read more of this story at Slashdot.

Sandro Tosi: Mid 2009 bts-link update

Several months had passed since I started acting bts-link maintainer and I've never issued a "state of the union" message, so I'm fixing it now :)

I'm going to enlist some of the most relevant facts that have happened:

• bts-link now runs on merkel, that will help it to be identified as an official Debian tool, in particular from upstream projects that doesn't like to be "flooded" by a pick of requests;
• it's executed almost always twice a week (this also reduce load on remote issue tracking systems); now I tried to standardize on Monday and Thursday, but since it's still executed by hand, days may change;
• we now have a log of each execution, and we added to it several additional information to help use drive it the right way;
• the logs are publicly available (even if a bit hidden until now) here;
• we created a scripts to parse those logs and create a couple of graphs (using matplotlib) for each execution, available at the same location of logs; they show us the summary of all logged bts-link executions and (mainly) what are the projects with a lot of forwarded bugs that are still not handled by bts-link (images links are from last run);
• as you can see from the summary graph, the Unconfigured forwarded bugs count is drastically reduced; this is due to mainly 2 reasons: 1. we recently added Roundup (python, gnupg, darcs, mercurial, etc) and Google Code (tesseract, and many small others) issue tracking systems support; 2. we added several missing project for remote BTSes already supported.
• Recap - we are now able to configure packages with remote issue tracking system that uses these tools: berlios, bugzilla, gnats, launchpad, mantis, rt, savane, sourceforge, trac, gforge, googlecode, roundup.
• we have a really active contributor: Olivier Berger. Thanks a lot, Olivier! But we want mooooore;
• we got also a changelog.
  

• add more remote issue tracking systems: php is the next big one, and meebey just told me it has a XMLRPC backend, so it's an easy one; let's hope MySQL has the same XMLRPC enabled, since they based their BTS on php one;
• add more Debian packages under bts-link monitoring: those are packages with forwarded bugs to upstreams with a supported remote BTSes - here we need your help!
• make bts-link more a general purpose tool, not Debian specific - and here Olivier is working really hard, let's hope I can help him achieve this (for example reviewing and merging his changes ;) ).
• have a more suitable summary output, with elapsed time, already grouped up information from results, ready to be parsed and graphed; something is already done, but some code refactoring is needed to complete it;
• [long term] convert it to "some sort of" daemon; run executed by cron is a beginning, but there were talks about a real daemon, continuously checking forwarded bugs, with a reasonable amount of delay to not bother that much on BTSes;
• [long term] integrated with Debian bts;
• we got also a TODO list.
  

• do you maintain a package with forwarded bugs to a supported remote issue tracking system not yet checked by bts-link? let us know, and we'll add it;
• do you maintain a package with forwarded bugs to a not yet supported remote issue tracking system? let us know, and we'll add it (it's welcome if you already contact upstream to alert them of the possibility of automatic tool checking their BTS and to find out if their BTS support some sort of programmatic querying, like CSV exporting, XMLRPC, etc.);
• do you want to help? contact us, there's always something to do :)

Jeff Bailey: Taxes; Bixi

Finally filed our Quebec, Canada, California and US taxes today - two stops for local tax agencies and then the post office.

Another "How awesome is Montreal" moment: Biking downtown on a rental bike for which I pay ~$80CAD/year, going past cars that were stuck in traffic, past the jazz festival on a warm sunny day. Drop off the rental bike a stand, and walk the 2 or 3 blocks to the destination, pick it up to return.

Less than an hour of time to make up for work, all included.

Bixi takes a bit of getting used to since they don't have all the supply and demand quirks worked out, but I've been remarkably lucky with it.

Andy Warhol paints Debbie Harry on an Amiga

This week, Cory posted a Talking Heads video and I followed up with a Laurie Anderson clip. For the trifecta of posts related to NYC's downtown scene in the 1980s, here is a video of Andy Warhol painting Debbie Harry on an Amiga computer at a Commodore press event in 1985.

Gergely Patai: Playing and learning

My profiling project is currently in the state where I can’t really show any pictures or code, since I’m fighting with various edge cases that one can bump into while writing a multithreaded distributed graphical application. In short, remote graphing has already been working since the beginning of the week, but there are stability issues that need to be ironed out before the next release, and it’s taking longer than I anticipated...

Until then, let me bring another program into your attention. It is a Bloxorz clone in Haskell, available through cabal in the bloxorz package. It is more limited than the original, and only features three levels, but the essence is there. This rendition was made by a student of mine, Viktor Devecseri, for a ‘practical functional programming’ class I’ve been teaching for one and a half years. This is an optional class available to students of electrical engineering and informatics (at our university, the latter involves a fair amount of both CS and IT), who don’t necessarily have any non-mainstream programming background.

The point of the class is basically to give students a wider perspective by exposing them to functional programming. The primary language of the course is Haskell, but I also talk about Hume, and the last time I dedicated a lesson to Timber too, as the official name of the course is Embedded Functional Programming for historical reasons. We even used Hume to control Mindstorms NXT robots and a Tmote Sky sensor the first time this class was held, but this proved to be a bit too complicated due to the lacking toolset for this language, so the topic slowly shifted towards general practical FP. While one might argue that Haskell is not the most practical language, it is definitely among the few languages that’s both useful for real-life purposes and can broaden one’s mind to a great extent.

I always take the time to ask everyone about their learning experience, what they found easy or hard while working on their assignment. Since students can have rather different past experiences, I let everyone choose the topic on their own, the only constraint being that the program should be interactive in some way. In other words, I don’t want to see pure data grinding, because there is another class with that focus, and it’s probably more rewarding for newcomers to see something move and respond right away.

While talking to Viktor, he had remark that the approach being ‘not object oriented enough’ (I hope I’m not misquoting him too much here) was somewhat inconvenient. Afterwards, we had a little conversation about FP being a completely different approach to modularisation than OO. Nevertheless, even if I have a few years of experience with functional languages, I still found it hard to respond to questions pertaining concrete problems. I believe it would help a lot if there was some kind of tutorial on designing real-life applications in the style of Why Functional Programming Matters. Is there such a guide somewhere, or only in the brains of experienced people and scattered everywhere across the web? My dear readers, please help me out!

"Osfameron": Bids for YAPC::EU::2010 - Pisa and Kiev!

Organizing a conference is hard, let's go shopping! For the first time I'm officially helping, not just for the Italian Perl Workshop this year, but possibly for YAPC::EU::2010 too. I've been working with the perl.it guys on the proposal to host the European Perl Conference 2010 in Pisa.

We submitted the bid on Monday, and it's just been announced that the teams competing are: Pisa (us) and Kiev in Ukraine. Wow! YEF have actually published both our bids on that link, which is fantastic for transparency.

It also means that we can read their bid... and it's a good one! Looks like we've got some competition. Of course our Pisa bid is excellent too - in any case, the next couple of weeks till we find out who won are going to be a nailbiting time!

Hubert Lubaczewski: Waiting for 8.5 – let’s start

Everybody wrote that 8.4 was released, so it’s not a news now. But. Starting from yesterday, my own PostgreSQL reports it’s version like this: # select version(); [...]

Turning the Tide

According to the sell copy for Turning the Tide, in January 1945 "The Nazis' march towards total world domination is gathering pace". Which should tell you right off the bat this is an arcade shmup, evidently created by people who are historically illiterate. (The turning point was in 1942, with Stalingrad and Midway; in January 1945, the Bulge is extinguishing the Germans' last hope of stopping the Western Allies, the Russians are rolling relentlessly toward Berlin, and the Japanese are beginning to starve.)

In most of the game's 14 levels (4 in the demo), you're flying a plane (in some running a sub), with a wide variety of enemies and objectives -- mostly bombing missions of one kind or another, but some based mainly on shooting down enemy aircraft. A flight sim this is not; it's a sidescrolling shmup, with somewhat retro pixellated graphics but nice responsiveness.

What either makes the game interesting or makes it frustrating, depending on your attitude, is the control scheme; holding the left mouse button down increases your altitude, while releasing it puts you into a dive, so maintaining level flight means tapping the button in a particular rhythm. In the meantime, you're using other controls -- right mouse button to shoot, space to drop bombs, "a" and "d" to increase or decrease speed -- and keeping it all working requires practice and dexterity. As shmups go, it's less frantic than many, but the contrariness of the control system suffices to prevent it from being trivially easy for serious shmuppers.

Yes, I will take my raincoat

Exit Palin ... for now

Former Republican vice-presidential candidate Sarah Palin has [announced] she will resign as governor of Alaska on 26 July and not run for re-election.



[And to the person who ear-wormed me with 99 Luftballoons: thanks heaps]

Looking for recent examples

From an old post:

The SFnal Lysenkoist Tendency: when actual, tested science contradicts some detail in an SF story, attack the science.

Any good recent examples? I'm particularly lousy at keeping up with discussions of shorter material.

rasfw-watch

I wish I had figured out how to manage to create an income stream from examples of Nicoll's Law.

Doden door grote brand in flat Londen

LONDEN - Zeker zes personen zijn vrijdagavond in Londen om het leven gekomen tijdens een grote brand in een appartementenflat. Dat meldde een woordvoerder van de politie. Eerder stelden de autoriteiten dat er sprake was van twee doden.

Lijk op strand geen misdrijf

AMSTERDAM - De vrouw die vrijdagmiddag dood op het strand van Vlissingen werd gevonden, is niet overleden door een misdrijf. Ze was donderdag als vermist opgegeven, meldt de politie.

ask haskell $ is SuperMonad a bad idea?

submitted by yairchu
[link] [8 comments]

Friday Squid Blogging: Office Squid

Office squid.

The Pros and Cons of Password Masking

Usability guru Jakob Nielsen opened up a can of worms when he made the case for unmasking passwords in his blog. I chimed in that I agreed. Almost 165 comments on my blog (and several articles, essays, and many other blog posts) later, the consensus is that we were wrong.

I was certainly too glib. Like any security countermeasure, password masking has value. But like any countermeasure, password masking is not a panacea. And the costs of password masking need to be balanced with the benefits.

The cost is accuracy. When users don't get visual feedback from what they're typing, they're more prone to make mistakes. This is especially true with character strings that have non-standard characters and capitalization. This has several ancillary costs:

• Users get pissed off.
• Users are more likely to choose easy-to-type passwords, reducing both mistakes and security. Removing password masking will make people more comfortable with complicated passwords: they'll become easier to memorize and easier to use.

The benefits of password masking are more obvious:

• Security from shoulder surfing. If people can't look over your shoulder and see what you're typing, they're much less likely to be able to steal your password. Yes, they can look at your fingers instead, but that's much harder than looking at the screen. Surveillance cameras are also an issue: it's easier to watch someone's fingers on recorded video, but reading a cleartext password off a screen is trivial.

  In some situations, there is a trust dynamic involved. Do you type your password while your boss is standing over your shoulder watching? How about your spouse or partner? Your parent or child? Your teacher or students? At ATMs, there's a social convention of standing away from someone using the machine, but that convention doesn't apply to computers. You might not trust the person standing next to you enough to let him see your password, but don't feel comfortable telling him to look away. Password masking solves that social awkwardness.

• Security from screen scraping malware. This is less of an issue; keyboard loggers are more common and unaffected by password masking. And if you have that kind of malware on your computer, you've got all sorts of problems.

• A security "signal." Password masking alerts users, and I'm thinking users who aren't particularly security savvy, that passwords are a secret.

I believe that shoulder surfing isn't nearly the problem it's made out to be. One, lots of people use their computers in private, with no one looking over their shoulders. Two, personal handheld devices are used very close to the body, making shoulder surfing all that much harder. Three, it's hard to quickly and accurately memorize a random non-alphanumeric string that flashes on the screen for a second or so.

This is not to say that shoulder surfing isn't a threat. It is. And, as many readers pointed out, password masking is one of the reasons it isn't more of a threat. And the threat is greater for those who are not fluent computer users: slow typists and people who are likely to choose bad passwords. But I believe that the risks are overstated.

Password masking is definitely important on public terminals with short PINs. (I'm thinking of ATMs.) The value of the PIN is large, shoulder surfing is more common, and a four-digit PIN is easy to remember in any case.

And lastly, this problem largely disappears on the Internet on your personal computer. Most browsers include the ability to save and then automatically populate password fields, making the usability problem go away at the expense of another security problem (the security of the password becomes the security of the computer). There's a Firefox plugin that gets rid of password masking. And programs like my own Password Safe allow passwords to be cut and pasted into applications, also eliminating the usability problem.

One approach is to make it a configurable option. High-risk banking applications could turn password masking on by default; other applications could turn it off by default. Browsers in public locations could turn it on by default. I like this, but it complicates the user interface.

A reader mentioned BlackBerry's solution, which is to display each character briefly before masking it; that seems like an excellent compromise.

I, for one, would like the option. I cannot type complicated WEP keys into Windows -- twice! what's the deal with that? -- without making mistakes. I cannot type my rarely used and very complicated PGP keys without making a mistake unless I turn off password masking. That's what I was reacting to when I said "I agree."

So was I wrong? Maybe. Okay, probably. Password masking definitely improves security; many readers pointed out that they regularly use their computer in crowded environments, and rely on password masking to protect their passwords. On the other hand, password masking reduces accuracy and makes it less likely that users will choose secure and hard-to-remember passwords, I will concede that the password masking trade-off is more beneficial than I thought in my snap reaction, but also that the answer is not nearly as obvious as we have historically assumed.

How To Get Your Program Professionally Marketed?

one-man orchestra writes "I'm the sole programmer of a small, multi-platform, commercial audio program (a spectrogram editor). After over 6 months on the market, I realized that the program would never just sell itself, and that I need some real marketing done for it. Being a one-man orchestra is becoming increasingly difficult; I only can devote so much time to marketing, my skills in that department are lacking, and I'd much rather spend more time coding. Despite my lackluster part-time marketing effort, I still manage to make a modest living out of the sales. My logical assumption is that with someone competent taking care of that part, revenue could greatly scale up. But what's the right way to go about doing this? What type of people/company do I need to contact? What to expect? What to look out for?"

Read more of this story at Slashdot.

Record sleeve table and syringe chandelier

While BB Gadgets' Rob is fond of Bughouse's Album Side Table made from old LP jackets, I prefer the Hypolux Chandelier, constructed from plexiglass plates, commercial syringes, and a ballchain suspension.

Open Source Facing a Difficult Battle For Cloud Relevance

A recent eulogy for open source's relevance to cloud computing by Redmonk analyst Stephen O'Grady caught the attention of Matt Asay, who breaks down the difficulty of this David and Goliath problem. "In a world where horsepower matters more than the software feeding those 'horses,' in terms of the entry cost to compete, and where big vendors like Amazon and Google are already divvying up the market, the odds of a small-fry, open-source start-up challenging 'Goliath' are slim. It's not a new argument: Nick Carr has been suggesting for some time that only a few, big companies can afford relevance in this hardware-intensive business. Given this fact, O'Grady thinks the best we can hope for (and he thinks it's pretty important) is 'a loose coalition or confederation of [open-source] projects and vendors that will together comprise an increasingly viable top to bottom alternative to some of the cloud providers today.' He includes projects like Puppet (Reductive Labs) and Hadoop in this mix, but is careful to point out that he doesn't see a full-fledged, open-source alternative seriously challenging the closed platforms of Google, Amazon, Salesforce, and the other mega-clouds."

Read more of this story at Slashdot.

Phoenix Lander Discovers Nighttime Snowfall On Mars

Many outlets are reporting on the recently released results of the various experiments and observations of NASA's Mars Phoenix Lander. Most notable is the discovery of nighttime snowfall on the planet, lending credibility to the idea of a hypothesized active water cycle based on earlier data collection. "The papers rely on evidence from a variety of the instruments on the lander, and the description of the data provides an impressive catalog of the various ways that Phoenix could prod and query the Martian pole. In the months before Martian winter shut the lander down, it managed to dig a dozen trenches, taking soil samples from each. These samples went into wet and dry chemistry labs, had their conductivity tested, and were even examined using an atomic force microscope. Meanwhile, cameras and a LIDAR system (a laser-based range detector) scanned the surroundings. The overall conclusion is that the northern pole has an active water cycle. This had been suggested by a variety of evidence from orbital sensors, as well early images returned from Phoenix. It's also not a huge shock, given the seasonal growth and retreat of the polar ice cap. Still, Phoenix provided some significant details on the cycling of water in the area where it landed."

Read more of this story at Slashdot.

Professor Gets 4 Years in Prison for Sharing Drone Plans With Students

Hugh Pickens writes "Retired University of Tennessee Professor Dr. John Reece Roth has been sentenced to four years in prison after he allowed a Chinese graduate student to see sensitive information on Unmanned Air Vehicles (UAVs), also known as drones. In 2004, the company Roth helped found, Atmospheric Glow Technologies, won a US Air Force contract to develop a plasma actuator that could help reduce drag on the wings of drones, such as the ones the military uses. Under the contract, for which Roth was reportedly paid $6,000, he was prohibited from sharing sensitive data with foreign nationals. Despite warnings from his university's Export Control Officer, in 2006, Roth took a laptop containing sensitive plans with him on a lecture tour in China and also allowed graduate students Xin Dai of China and Sirous Nourgostar of Iran to work on the project. 'The illegal export of restricted military data represents a serious threat to national security,' says David Kris of the US Department of Justice. 'We know that foreign governments are actively seeking this information for their own military development. Today's sentence should serve as a warning to anyone who knowingly discloses restricted military data in violation of our laws.' During his trial, Roth testified that he was unaware that hiring the graduate students was a violation of his contract. 'This whole thing has not helped me, it has not helped the university,' said Roth. 'And it has probably not helped this country, either.'"

Read more of this story at Slashdot.

Yemenia schrapt ook vluchten Parijs

PARIJS - Luchtvaartmaatschappij Yemenia maakt tot nader order geen gebruik meer van de luchthavens bij Parijs. Dat heeft de eigenaar van de Airbus die afgelopen dinsdag met 153 inzittenden neerstortte bij de Comoren besloten.

Sarah Palin stapt op als gouverneur Alaska

WASSILA - Sarah Palin, de gouverneur van de Amerikaanse staat Alaska die vorig jaar kandidaat was voor het vice-presidentschap namens de Republikeinen, legt haar functie later deze maand neer.

Cool projects on Make: Online

Make: Online has published a number of cool projects recently.

Sew a cute Morse code key leg strap

Diana Eng's frilly and fashion-forward Morse code key. Diana Eng (best known from Project Runway and her book Fashion Geek) is our current guest author. Besides being a geek-chic fashion maven, Diana is also a ham operator and on a mission to introduce a new generation of hobbyists (especially women) to ham radio. In this project, she makes a sexy garter strap to hold her new Morse key.

Shrinky Dink gaming minis

Sean Ragan shows you how to make some sweet home-baked gaming components using Shrinky Dink plastic and binder clips.

More on making Light Bricks

As a follow-up piece to Alden Hart's LED Light Brick project in MAKE, Volume 18, the atuhor shares more ideas for molding and casting the acrylic bricks to house your LED board, including using machinable wax to create a life-mask face to house your array. Disco face, baby!

Tiemann: Open Source Incentives

Michael Tiemann reports on his recent trip to Brazil for FISL 10. He notes that free software adoption is growing rapidly within the Brazilian government. He also describes an effort by the Malaysian government to reward use of free software, rather than the development of it, because that can lead to multiple, competing solutions that don't necessarily solve the users' problems. In addition, he also noted a barrier to free software adoption: "On the alarm front, I heard specific confirmation of a storyline I've been following, which is that the Bill and Melinda Gates Foundation is basically telling governments: if you want contributions/investments from us, then you'll give Microsoft cabinet-level access to inform policy, and you'll use Microsoft products. For example, donations to educational initiatives require installing and teaching Microsoft products."

Open Source Facing a Difficult Battle for Cloud Relevance

A recent eulogy for open source's relevance to cloud computing by Redmonk analyst Stephen O'Grady caught the attention of Matt Asay, who breaks down the difficulty of this David and Goliath problem. "In a world where horsepower matters more than the software feeding those 'horses,' in terms of the entry cost to compete, and where big vendors like Amazon and Google are already divvying up the market, the odds of a small-fry, open-source start-up challenging 'Goliath' are slim. It's not a new argument: Nick Carr has been suggesting for some time that only a few, big companies can afford relevance in this hardware-intensive business. Given this fact, O'Grady thinks the best we can hope for (and he thinks it's pretty important) is 'a loose coalition or confederation of [open-source] projects and vendors that will together comprise an increasingly viable top to bottom alternative to some of the cloud providers today.' He includes projects like Puppet (Reductive Labs) and Hadoop in this mix, but is careful to point out that he doesn't see a full-fledged, open-source alternative seriously challenging the closed platforms of Google, Amazon, Salesforce, and the other mega-clouds."

Read more of this story at Slashdot.

Phoenix Lander Discovers Nighttime Snowfall on Mars

Many outlets are reporting on the recently released results of the various experiments and observations of NASA's Mars Phoenix Lander. Most notable is the discovery of nighttime snowfall on the planet, lending credibility to the idea of a hypothesized active water cycle based on earlier data collection. "The papers rely on evidence from a variety of the instruments on the lander, and the description of the data provides an impressive catalog of the various ways that Phoenix could prod and query the Martian pole. In the months before Martian winter shut the lander down, it managed to dig a dozen trenches, taking soil samples from each. These samples went into wet and dry chemistry labs, had their conductivity tested, and were even examined using an atomic force microscope. Meanwhile, cameras and a LIDAR system (a laser-based range detector) scanned the surroundings. The overall conclusion is that the northern pole has an active water cycle. This had been suggested by a variety of evidence from orbital sensors, as well early images returned from Phoenix. It's also not a huge shock, given the seasonal growth and retreat of the polar ice cap. Still, Phoenix provided some significant details on the cycling of water in the area where it landed."

Read more of this story at Slashdot.

Copyright Should Encourage Derivative Works

Techdirt has an interesting look at copyright and the idea that an author is the originator of a new work. Instead, the piece suggests that all works are in some way based on the works of others (even our own copyright law), and the system should be much more encouraging of "remixing" work into new, unique experiences. "Friedman also points back to another recent post where he discusses the nature of content creation, based on a blog post by Rene Kita. In it, she points out that remixing and creating through collaboration and building on the works of others has always been the norm. It's what we do naturally. It's only in the last century or so, when we reached a means of recording, manufacturing and selling music — which was limited to just those with the machinery and capital to do it, that copyright was suddenly brought out to 'protect' such things."

Read more of this story at Slashdot.

Seattle Data Center Outage Disrupts E-Commerce

1sockchuck writes "A major power outage at Seattle telecom hub Fisher Plaza has knocked payment processing provider Authorize.net offline for hours, leaving thousands of web sites unable to take credit cards for online sales. The Authorize site is still down, but its Twitter account attributes the outage to a fire, while AdHost calls it a 'significant power event.' Authorize.net is said to be trying to resume processing from a backup data center, but there's no clear ETA on when Fisher Plaza will have power again."

Read more of this story at Slashdot.

New images of the lunar surface

NASA's Lunar Reconnaissance Orbiter has sent back its first photos of the moon. The photo above was taken near the moon's Mare Nubium region. The man in the moon is just outside the frame. From NASA:

Older craters have softened edges, while younger craters appear crisp. (The image) shows a region 1,400 meters (0.87 miles) wide, and features as small as 3 meters (9.8 feet) wide can be discerned. The bottom (faces) lunar north.

World's oldest basketball shoes

These may be one of the oldest pairs of basketball sneakers in the world. The shoes were manufactured by the Colchester Rubber Company which shut down in 1893. Vintage clothing dealer Gary Pifer paid 50 cents for them at an estate sale in Vista, California. From CafeTerra:

"In a instant, I knew this discovery would be re-writing basketball and sneaker history, as these sneakers are 25 years older than the 1917 Converse All-Stars", added Pifer. The Colchester Rubber Co. was located in Colchester, Connecticut and was in business from 1888 to 1893.

Beloning voor tip 320.000 gestolen erectiepillen

KEULEN - De Duitse medicijnfabrikant Bayer heeft een beloning van 20.000 euro uitgeloofd voor de tip die leidt tot vondst van 320.000 gestolen erectiepillen.

Summer Reading List by Roy Christopher

Roy Christopher has assembled his annual summer reading list, which includes book recommendations from several of our friends and former guest bloggers.

Gareth Branwyn:

A trend I’m noticing in books recently is that there are an increasing number that trade in danger – anti-Nanny State books. No, not those Dangerous Book for Boys and Girls. Those are rubbish. I’m talking about books like Theo Gray’s tremendously awesome Mad Science: Experiments You Can Do at Home – But Probably Shouldn’t (Black Dog & Leventhal) and Bill Gurstelle’s Absinthe and Flamethrowers (Chicago Review Press). Gray’s book has a bunch of enticing experiments that are so well-documented and gorgeously photographed, you don’t have to do them yourself, but if you decide you want to, Gray tells you the real dangers involved and what you have to find out on your own to do them safely and successfully. Treating us like adults. What a concept.

My friend Bill Gurstelle’s book first looks at reasons for living dangerously, mapping what he calls the Golden Third, those people who take risks, who aren’t afraid to live a certain degree of risk,… but not too much risk. Be too risk-taking and you might not survive, not reproduce, don’t take any risks, and you won’t move the culture, innovation, etc. forward. All the action is in that Golden Third. After these ruminations on the why of living dangerously, he gets into some projects and activities, the “art” of living dangerously, from “thrill eating” (stuff like fugu that can theoretically kill you) to Bill’s main bailiwick, teaching you how to spectacularly blow shit up (hence “flamethrower” in the title).

Life Inc.: How the World Became a Corporation and How to Take it Back by Douglas Rushkoff (Random House, 2009): Ever get the feeling that you’re trapped on a hamster wheel of predatory “Corporatism”? An unwitting participant in a system that you didn’t sign up for in the first place? What happens when the operating system of the corporate Moloch runs amok.

Never Trust a Rabbit by Jeremy Dyson (Duck Editions, UK, 2001): Great macabre short story collection from the silent member of The League of Gentlemen. “Never trust a rabbit. They may look like a child’s toy, but they will eat your crops.” Hungarian proverb.

Would You Like Linux With Your Jello? (Linux Journal)

Linux Journal takes a look at a hospital with Linux thin clients for patients. "The happy healers at Glendale Adventist Medical Center, in conjunction with Linux luminaries IBM and Novell, as well as the networkers at NoMachine, have found a way to insert Linux into the lives of its patients. Rather than blank walls and bad TV to stare at, patients in the new West Tower at Glendale Adventist have access to the outside world, via Linux-based thin clients available right in the patient's room. The setup utilizes servers from IBM, the networking and compression expertise of NoMachine, and SUSE Linux Enterprise Desktop to provide patients with access to the internet, where they can do everything from learning about their condition and treatment to keeping family and friends abreast of their progress via the standard cast of internet characters: Twitter, Facebook, and the omnipresent blogs."

Security advisories for Friday

CentOS has updated openswan (input validation flaws), pidgin (denial of service), ruby (denial of service).

Debian has updated nagios (arbitrary program execution).

Gentoo has updated libwmf (pointer use-after-free flaw), modsecurity (denial of service).

Red Hat has updated ruby (denial of service).

SUSE has updated java (multiple vulnerabilities), optipng, cups, quagga, pango, strongswan, perl-DBD-Pg, irssi, openssl/libopenssl-devel, net-snmp, ImageMagick/GraphicsMagick, perl, ipsec-tools/novell-ipsec-tools, poppler/libpoppler3/libpoppler4, yast2-ldap-server, tomcat6, gstreamer-plugins/gstreamer010-plugins-bad, apache2-mod_php5 (various issues).

Ubuntu has updated perl (buffer overflow), nagios (arbitrary program execution).

Peter Eisentraut: Do you have a good idea for PostgreSQL?

Do you have a feature request or a good idea for how to improve PostgreSQL? Subscribing to a mailing list is too cumbersome? Or you did subscribe to a mailing list and presented your idea there, and now it's rotting in the archives or on the todo list? Let's try something different.

I have set up a feedback forum over at UserVoice. There you can enter your ideas, comment and vote on other suggestions, and see what the top requests are, without the overhead of tracking a mailing list every day. Let's consider this an experiment. It is not going to replace the existing project communication channels, and you shouldn't send bug reports or engage in coding discussions there. But the more people raise their "user voice" there and provide useful suggestions and comments, the more useful it might become.

To try it, go to: http://postgresql.uservoice.com/

The floodgates are open for development on PostgreSQL 8.5, so now is the time to make yourself heard.

(Disclaimer: UserVoice is a commercial company. I am not associated with them. This is just an attempt to find better interfaces for user feedback.)

(picture by NoNo^Q8 CC-BY)

London Stock Exchange To Abandon Windows

BBCWatcher writes "Computerworld's Steven J. Vaughan-Nichols reports that the London Stock Exchange is abandoning its Microsoft Windows-based trading platform: 'Anyone who was ever fool enough to believe that Microsoft software was good enough to be used for a mission-critical operation had their face slapped this September when the LSE's Windows-based TradElect system brought the market to a standstill for almost an entire day .... Sources at the LSE tell me to this day that the problem was with TradElect ...'"

Read more of this story at Slashdot.

IBM bouwt zelf-lerende compiler

Computergigant IBM heeft aangekondigd een compiler voor gcc te hebben ontwikkeld die in staat is te leren. De compiler kan applicaties op een intelligente manier optimaliseren, wat tot compactere en snellere programma's moet leiden.

GNOME and KDE developer conference begins on Gran Canaria

The Gran Canaria Desktop Summit 2009 is the first time that the KDE and GNOME communities are co-locating their annual GUADEC and Akademy conferences

Even more Beautiful Code (C -> Haskell)

submitted by dons
[link] [0 comments]

Haskell for Maths: Conjugacy classes, part 1

submitted by dons
[link] [0 comments]

Making a choice from a list in Haskell, Vty (part 1)

submitted by dons
[link] [0 comments]

Firefox Gods summon New Ice Age

Fur enough

Strategy Boutique You might notice that there's something subtly different about the new look of Firefox - the popular virtual memory stress test tool that's cunningly disguised as a web browser. With an icy blast from the Arctic, the British Isles - or something that used to look quite like them - have disappeared beneath sheets of glaciers.…

What is your recession sales strategy?

NSA plans massive, 65MW, $2bn data center in Utah

Yes, Utah

The ultra-secretive National Security Agency plans to build a 1-million-square-foot data center in Utah as it seeks to decentralize its computing resources and tap regions with ample supplies of lower-cost electricity.…

What is your recession sales strategy?

The Choppers (1961)

"The choppers call him 'Torch.'"

Many thanks to the The Isotope Guerrilla Cult Theatre for uploading this 1961 movie about a gang of kids who steal and strip down cars to turn into hotrods.

If you cool cats like classic hotrod cars, bad boys from the other side of the tracks, sexy blondes in tight shirts, insipidly catchy songs, goofy teen idol good looks, and the world's biggest cell phone... this one is for you!

Hot rods, hot rock, and hot hair are the jewels in the juvenile delinquency crown of THE CHOPPERS. This classic drive-in exploitation flick features the debut of sixteen year-old Arch Hall Jr. as Cruiser, the spoiled rich kid with a taste for crime and his band of troubled teens who call themselves cool names like Torch, Flip and Snoop, and specialize in stripping cars in record time. This is the movie that made you mom weak in the knees and your daddy worried about the crowd you run with.

Featuring the some exceptional less-than-hit songs from the awesome Arch Hall Jr, including non-classics like "Konga Joe" and "Monkey In A Hatband".

Wachtgeldregeling versoberd voor politici

DEN HAAG - Ministers, Tweede Kamerleden, gedeputeerden, wethouders en andere politieke ambtsdragers krijgen voortaan maximaal vier jaar wachtgeld als ze hun functie verliezen.

iTunes minus the player: hack your Apple beats

Dodge the shareware sledgehammer

Mac Secrets QTMovie, the principal class inside the QTKit framework, isn't just for playing movies.…

What is your recession sales strategy?

Kentucky payroll phishing scam nets small fortune

Blue grass county hit by Trojan-fueled cybercrime

A gang of cybercrooks has made off with $415,000 from the coffers of Bullitt County, Kentucky following the conclusion of an elaborate phishing scam, The Washington Post reports.…

Offloading malware protection to the cloud

Teckel rent 7 kilometer op Duitse snelweg

BERLIJN - Een teckel op de snelweg A93 in Beieren heeft vrijdag een chaos veroorzaakt. Talrijke automobilisten moesten gevaarlijke rem- en uitwijkmanoeuvres uitvoeren om het dier te ontwijken, meldde de politie.

@BBVBOX: recent guest-tweeted web video picks (boingboingvideo.com)

(Ed. Note: We recently gave the Boing Boing Video website a makeover that includes a new, guest-curated microblog: the "BBVBOX." Here, folks whose taste in web video we admire tweet the latest clips they find. I'll be posting periodic roundups here on the motherBoing.)

More @BBVBOX: boingboingvideo.com

Ript: the dude equivalent of a padded bra

Behold, gentlemen! Ript, "the revolutionary torso-enhancing undershirt." The designer of this undergarment is described as "the creative force behind P. Diddy's Sean John clothing line, where she mastered her understanding of what appeals to the most sophisticated and discriminating men." Ah, so we can blame Diddy.

"Ript" is so technologically advanced, it comes with a HOWTO, bitches:

Ript, via Book of Joe.

Lamson - email app coding without the palm sweat

Doing what Java never did

"Can you integrate this with my e-mail?" It's one of the more dreaded questions in software development. For any programmer who has been around the block a few times, it evokes a long repressed fear of Sendmail m4 macros or Outlook COM objects. When a non-technical managerial type asks this question in a group meeting, and your boss assures him that Internal System from Hell X can easily be integrated with the company's e-mail system, your palms sweat.…

Web threats: Why conventional protection doesn't work