forsidebilde

Harald Eilertsen

harald@hub.volse.no


  
https://www.zdnet.com/article/security-flaw-in-libssh-leaves-thousands-of-servers-at-risk-of-hijacking/#ftag=RSSbaffb68

An attacker can do this by sending the SSH server "SSH2_MSG_USERAUTH_SUCCESS" message instead of the "SSH2_MSG_USERAUTH_REQUEST" message that a server usually expects (...)

The vulnerability, which is tracked as CVE-2018-10933, was introduced in libssh 0.6.0, released in January 2014. The libssh team released versions 0.8.4 and 0.7.6 yesterday to address this bug.


Come on!

This is what happens when you don't test your protocol implementation. Good thing it only took four and a half year to discover. Sadly, that's two and a half years less than the average for zero-day exploits.

#security #zeroday #ssh #libssh
  
Having to make some upgrades to a legacy #PHP application, I'm reminded on how much I dislike this way of coding.
  
What do you mean?
  
The traditional way of coding PHP apps. Code and html mixed, hardcoded SQL statements directly in the views, tireless amounts of duplication and all the inconsistensies and bugs that come with it. It's a project I took over from someone else, but I can't retire it and get it over to a more sane stack until the replacement is done.
  
Ah, that way of coding.
  
Socialhome HQSocialhome HQ skrev følgende innlegg Sat, 13 Oct 2018 20:34:46 +0200
Bilde/fotografi


The #Socialhome issue tracker has finally moved to where the main code activity happens, ie the #Feneas #GitLab server: https://git.feneas.org/socialhome/socialhome/issues

The server has login over #GitHub account for those who don't want to register using email. Issues are not available via GitHub any more to avoid fracture of information.

Code contributions however are welcome also through GitHub. The GitHub repo will be 100% in sync at all times so pull requests through there are more than welcome.

Boards


To organize issues we have 3 boards for issues currently. The main development board, the bugs board and the newcomer board.

If you're looking to contribute to Socialhome, the last board is a good place to look at things to do. For any questions, come chat to us on #Matrix!

  
Bilde/fotografi
(Bilde fra The Cleaning Lady)

Ah, bare en drøy uke til årets skrekkfilmfestival på oppdal, og listen av gjester er på plass. Og hvilken liste! Magne Steinsvoll (Killungard, O' Hellige Jul), Kristoffer Joner, Alexis Kendra og Jimmy Nelson (The Cleaning Lady), Benjamin Loeb (Mandy), Kristian Söderström (Videomannen) og enda fler! Dette blir stor stas som alltid!

https://ramaskrik.no/nyheter/filmgjester-paa-ramaskrik18/

Offisielt program for Ramaskrik finner du her, uoffisielt oversiktsprogram her.

Noen fler fra det sosiale nettet som tenker seg til oppdal?

#skrekkfilm #oppdal #ramaskrik
  
Høres gøy ut - skrekkblandet fryd!
  
Det er en fryktelig (!) trivelig festival, så om man liker genren er det en god anledning til å få åndelig påfyll og treffe likesinnede. Skulle det ikke passe er jo også Tysvær Skrekkfest uka etter et godt alternativ på vestlandet. Mye av de samme filmene (Ramaskrik og Tysvær samarbeider om bookingen,) og etter sigende god stemning der også.
  
Så tøysesplatteren "The cabin in the woods" eller noe slikt her om dagen. :-D Har ikke anledning til å dra på festival, men litt grøss er gøy.

  
The Commodore Datasette recording format is heavily optimized for data safety and can compensate for many typical issues of cassette tape, like incorrect speed, inconsistent speed (wow/flutter), and small as well as longer dropouts. This makes the format more complex and way less efficient than, for example, “Turbo Tape” or all other custom formats used by commercial games. Let’s explore the format by writing a minimal tape loader for the C64, optimized for size, which can decode correct tapes, but does not support error correction.


https://www.pagetable.com/?p=964

!Retro Computing #c64 #programming #history
 fra Diaspora
It's kind of fantastic. 30 years old, badly stored tapes can usually be read without problems. (most turbo tapes are also fine).
  
pixelfedpixelfed skrev følgende innlegg Thu, 04 Oct 2018 07:58:16 +0200
We will be releasing the first stable version on October 17th (6 months after the first announcement).

This will include circles, collections, federation, video uploads and more!

We can't wait. Thank you for your support! :pixelfed: #pixelfed
 fra Diaspora
Oh, federation. That's cool! Does Pixelfed already have local federation between its servers? Like, can I follow a user from another Pixelfed instance?
  
If I'm not mistaken, pixelfed native federation will be over ActivityPub, so federation among instances and other activitypub (i.e. mastodon) sites will be coming at the same time. I expect @dansup or @pixelfed can elaborate?

(I'll try to relay any answers since you probably won't see them on diaspora.)
 fra Diaspora
Ah, right. I've seen someone mention they'll be adding local and general federation at the same time, I forgot. And it will happen quite soon. This is wonderful news. Thank you :)
  
fortellerforteller skrev følgende innlegg Tue, 02 Oct 2018 19:33:32 +0200
Where do I find the best #HarryPotter fandom communities to promote my friends amazing (and free) Harry Potter inspired board game? https://www.handlewithjoy.eu/home/mischief/

  
Bilde/fotografi
Bilde/fotografi

After 30 years of rock'n'roll, one of the most important stages for independent and underground music in Norway has closed it's doors. The venue at the corner of Christies gate and Nygårdsgaten in Bergen has been a home in the rainy city for many of us when visiting. I have been lucky enough to both see a great number of gigs there throughout the times, but also to have performed there myself. It was great to be able to take part in the last three days of your existence. You will be missed!

#garage #bergen #norway #underground #independent #rock
 Kultur
  
Many fond memories from Garage - music, beer, girls, philosophers, friends, Spellemann award door nobs (have any actors done that with their Oscar?), getting kick out for being too rowdy (not really, just drunk enough to bump into the mixing table) - in no particular order.
  
Yep, all the great memories remain.
  
Bjørn Gregory-StærkBjørn Gregory-Stærk skrev følgende innlegg Mon, 24 Sep 2018 11:16:46 +0200
Jeg skal til Kongsvinger bibliotek tirsdag kl 18 og Bekkestua bibliotek torsdag kl 19 og snakke om antiforbruk. Åpent for alle og gratis inngang.

  
Bilde/fotografi

After using UNIX for so many years I knew that I could freeze (or pause) any process in the system with kill -17 (SIGSTOP) signal and then unfreeze it with with kill -19 (SIGCONT) signal as I described in the Process Management section of the Ghost in the Shell – Part 2 article. Doing it that way for the desktop applications is PITA to say the least. Can you imagine opening xterm(1) terminal and searching for all Chromium or Firefox processes and then freezing them one by one every time you need it? Me neither.

Fortunately with introduction of so called X11 helper utilities – like xdotool(1) – it is now possible to implement it in more usable manner.


https://vermaden.wordpress.com/2018/09/19/freebsd-desktop-part-16-configuration-pause-any-application/

#FreeBSD #Unix #desktop
  
Björn Schießle 🇪🇺Björn Schießle 🇪🇺 skrev følgende innlegg Tue, 18 Sep 2018 12:55:50 +0200
#ActivityPub has the potential to change the way we think and act on the #internet, in a way that encourages #decentralization and puts users first again. That’s a vision worth fighting for. By @jdormit https://jeremydormitzer.com/blog/what-is-activitypub-and-how-will-it-change-the-internet/
  
Programmet til årets Ramaskrik begynner å ta form: https://ramaskrik.no/program/

#horror #skrekkfilm #ramaskrik #oppdal #norge
  
Siden det er litt ugreit å få oversikt over ramaskrik-programmet slik det er lagt opp på sidene deres, så lagde jeg et lite script for å få bedre oversikt. Resultatet finner du her: https://volse.anduin.net/~haraldei/ramaskrik2018/

Selve scriptet finner du her: https://code.volse.no/ramaskrik-program.git/

#ramaskrik #skrekkfilm #horror #oppdal #norge
  
Bjørn Gregory-StærkBjørn Gregory-Stærk skrev følgende innlegg Thu, 13 Sep 2018 13:27:42 +0200
Jakten på den grønne lykken er nå ute, på papir og som ebok: http://www.humanistforlag.no/jakten-paa-den-groenne-lykken.6136558-325894.html

En journalist spurte meg hvem jeg skrev den for. Jeg slet med å svare, for jeg har egentlig bare fulgt nysgjerrigheten min, men her er et svar: Det er en bok for folk som er som meg, som kanskje ikke har beina plantet i miljøbevegelsen, men som merker at samfunnet vårt er på kollisjonskurs med naturen, andre mennesker og oss selv, og leter etter noe positivt som kan inspirere oss til å finne veien ut.
  


What we're left with is a license condition that does nothing to benefit individual contributors or other users, and costs us the opportunity to fork projects in response to disagreements over design decisions or governance. What it does is ensure that a range of VC-backed projects are in a better position to improve their returns, without any guarantee that the commons will be left better off.

 Ultima 2018: William Kentridge – Ursonate

Starter: lørdag september 15, 2018 @ 7:00 PM
Slutter: lørdag september 15, 2018 @ 8:00 PM
  
Bilde/fotografi

Ursonate, som er skrevet av den tyske dadaisten og eksilkunstneren Kurt Schwitters (1887–1948), har blitt kalt 1900-tallets fremste lyddikt. Verket ble fullført i 1932 og er firedelt, som en klassisk symfoni. Det består av vokale lyder og et merkelig, fremmed språk. I senere år har Ursonate blitt anerkjent som et mesterverk.

Nå tar den sørafrikanske kunstneren William Kentridge sin Performa 2017-produksjon av Ursonate til Ultima. Hans timelange versjon er en svært fysisk tolkning av verket, som blant annet innebærer voldsomme kroppsbevegelser og en samling projiserte bilder som utfyller og kommenterer teksten.

https://operaen.no/forestillinger/ultima-2018-william-kentridge-ursonate-opera/
Plassering: Den norske Opera, Oslo
  
  
You may check out this earlier performance. I think... Didn't watch it myself as I don't want to spoil seeing it on saturday.

 Kunstutstilling m/Lailia Litangen

Starter: lørdag september 22, 2018 @ 11:00 AM
Slutter: lørdag september 22, 2018 @ 3:00 PM
  

Salgsutstilling – malerier av Laila Litangen.


Bilde/fotografi
Plassering: Kafé Tandem, Grefsenveien 26, Oslo
  
Seems I can connect to @pixelfed accounts now, but posts don't federate yet. Not sure if the problem is with #hubzilla, #pixelfed or if this is to be expected for now. Still: things are progressing!
 fra Diaspora
Most every ActivityPub platform has had trouble initially connecting with Hubzilla because they usually do the bare minimum to support Mastodon, and then ship the product. In every case we've seen so far, it is because they assume that every platform implements ActivityPub exactly as Mastodon does; while the actual specification allows for some wildly different interpretations.
  
That's what I expected too. The developer seems responsive, though so I'm sure it'll improve rapidly.
  
Matrix.orgMatrix.org skrev følgende innlegg Thu, 06 Sep 2018 14:06:44 +0200
Synapse critical security update 0.33.3.1 has just been released as per yesterday’s planned disclosure announcement: https://matrix.org/blog/2018/09/06/critical-security-update-synapse-0-33-3-1/ . It impacts all previous Synapse versions. Please upgrade asap.