Lenovo laptops now come with pre-loaded with man-in-the-middle adware

Superfish, an adware program that Lenovo admitted in January it included as standard on its consumer PCs, reportedly acts as a “man-in-the-middle” so it can access private data for advertising purposes. The adware makes itself an unrestricted root certificate authority, installing a proxy capable of producing spurious SSL certificates whenever a secure connection is requested. SSL certificates are small files, used by banks, social networks, retailers such as Amazon, and many others to prove to incoming connections that the site is legitimate. By creating its own SSL certificates, Superfish is able to perform its advertising tasks even on secure connections, injecting ads and reading data from pages that should be private.

Remind me not to buy another Lenovo product any time soon.

What it means to work on the Medium plantation

Matthew Butterick's The Billonaire's Typewriter gives thought-provoking analysis of how Medium is using double-speak to convince writers to work for free. 

But un­like the Times, Medium pays for only a small frac­tion of its sto­ries. The rest are sub­mit­ted—for free—by writ­ers like you. Af­ter a long time be­ing elu­sive about its busi­ness model, Medium re­vealed that it plans to make money by—sur­prise!—sell­ing ad­ver­tis­ing. This means dis­play­ing ads, but also col­lect­ing and sell­ing data about read­ers and writ­ers. So Medium will ex­tract rev­enue from every story, whether it paid for that story or not. (By the way, will that rev­enue be shared with writ­ers? Um, no.)

Configuring CGIWrap for large shared hosting systems

Overview

The purpose of this document is to show how to configure CGIWrap to allow users on shared hosting to run CGI and PHP scripts using their own user identity and permissions. The code in this HOWTO is used to provide CGI and PHP capability for over 8,000 users of a Red Hat Enterprise Linux host. In this HOWTO you will learn how to install CGIWrap so that users will be able to run CGI and PHP scripts in a directory named public_html.

What is CGIWrap?

CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail.

CGIWrap is used via a URL in an HTML document. As distributed, cgiwrap is configured to run user scripts which are located in the ~/public_html/cgi-bin/ directory.

CGIWrap Documentation

Read More

Reprint: My collection of vintage Smalltalk books

This is a reprint of a 2010 item that got lost when I moved from WordPress to SquareSpace. I see in the logs that some really astute folks came looking for some Smalltalk news but got the 403 Missing Page instead. Sorry about that. Let's hope that Google sends its little robot around to re-index this real soon. :)

Every time I’m swept up in an new project I gird my loins by gathering a phalanx of books around me. I start by downloading all of the free PDF’s I can find. Stephane Ducasse, author the entertaining Squeak Robots book, has an exhaustive list of free out-of-print Smalltalk books. So I got them all. I don’t know how many of these books I’ll ever read, but I feel good having them there, just in case.

I like real books, so I scoured the used book list on Amazon and was able to find paper copies of many of my free PDF’s.

Most of these books were first published in the 80's and 90's, with a few of the Squeak books arriving after 2000.

Most of these books were first published in the 80's and 90's, with a few of the Squeak books arriving after 2000.

Of all of these books, my favorite is SMALLTALK-80 by Adele Goldberg and David Robson (1989). Though the book’s cover gives it a quaintly old-fashioned look, the content is contemporary and the writing admirably clear — perfect for a student like me.

I like this book so much that I carry it with me on my walks around San Francisco and read it while I sit in Starbucks eating pastries and drinking espressos. Now and then some generic dude will see my antique book and comment, “Damn. Is that language still around? Why would you want to learn that when you could learn Java?” 

I also have a soft spot in my heart for Squeak: Learn Programming with Robots by Stephane Ducasse, which I’ve mentioned previously. This book is good-spirited and all about having fun with programming. It’s an absolutely painless, fun introduction to Smalltalk. A kid can handle this book easily—even an adult kid.

My buddy Bill G. observed me collecting these dusty, out of print tomes. Back in the 80’s he did some Smalltalk programming in The Valley. He said, “There used to be an all-Smalltalk books store in Palo Alto on University Avenue, right down the road from Xerox. That’s how hot Smalltalk was in those days.” He paused. “I think that place is a Starbucks now.”

That’s cool with me. I need a clean, well-lighted place to hang out and read my books and get hassled by Java programmers.

Happy hacking…