Lenovo laptops now come with pre-loaded with man-in-the-middle adware

February 22, 2015 DVP

Lenovo installs adware on its computers that could let hackers steal private data

“Superfish, an adware program that Lenovo admitted in January it included as standard on its consumer PCs, reportedly acts as a “man-in-the-middle” so it can access private data for advertising purposes. The adware makes itself an unrestricted root certificate authority, installing a proxy capable of producing spurious SSL certificates whenever a secure connection is requested. SSL certificates are small files, used by banks, social networks, retailers such as Amazon, and many others to prove to incoming connections that the site is legitimate. By creating its own SSL certificates, Superfish is able to perform its advertising tasks even on secure connections, injecting ads and reading data from pages that should be private.”

Remind me not to buy another Lenovo product any time soon.

What it means to work on the Medium plantation

February 20, 2015 DVP

Matthew Butterick's The Billonaire's Typewriter gives thought-provoking analysis of how Medium is using double-speak to convince writers to work for free.

“But unlike the Times, Medium pays for only a small fraction of its stories. The rest are submitted—for free—by writers like you. After a long time being elusive about its business model, Medium revealed that it plans to make money by—surprise!—selling advertising. This means displaying ads, but also collecting and selling data about readers and writers. So Medium will extract revenue from every story, whether it paid for that story or not. (By the way, will that revenue be shared with writers? Um, no.)”

Configuring CGIWrap for large shared hosting systems

January 19, 2015 DVP

Overview

The purpose of this document is to show how to configure CGIWrap to allow users on shared hosting to run CGI and PHP scripts using their own user identity and permissions. The code in this HOWTO is used to provide CGI and PHP capability for over 8,000 users of a Red Hat Enterprise Linux host. In this HOWTO you will learn how to install CGIWrap so that users will be able to run CGI and PHP scripts in a directory named public_html.

What is CGIWrap?

CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server. Scripts are run with the permissions of the user who owns the script. In addition, several security checks are performed on the script, which will not be executed if any checks fail.
CGIWrap is used via a URL in an HTML document. As distributed, cgiwrap is configured to run user scripts which are located in the ~/public_html/cgi-bin/ directory.
– CGIWrap Documentation

Parallel & Cloud programming course at CCSF

January 9, 2015 DVP

Looking for a course to help you prepare for working with Big Data, Social Networks, Cloud Computing, CUDA, and OpenCL? You're in luck! CCSF is offering CS 280 Parallel and Cloud programming at the Downtown Campus at 4th and Mission in San Francisco. The course meets on Mondays from 6PM to 9:50PM starting Jan 12. You can attend the course even if you haven't enrolled, see what's going on, ask questions, and then sign on. This class will help to satisfy CCSF's C++ Programming certificate. For more details, checkout the flyer.

Reprint: My collection of vintage Smalltalk books

January 8, 2015 DVP

This is a reprint of a 2010 item that got lost when I moved from WordPress to SquareSpace. I see in the logs that some really astute folks came looking for some Smalltalk news but got the 403 Missing Page instead. Sorry about that. Let's hope that Google sends its little robot around to re-index this real soon. :)

Every time I’m swept up in an new project I gird my loins by gathering a phalanx of books around me. I start by downloading all of the free PDF’s I can find. Stephane Ducasse, author the entertaining Squeak Robots book, has an exhaustive list of free out-of-print Smalltalk books. So I got them all. I don’t know how many of these books I’ll ever read, but I feel good having them there, just in case.

I like real books, so I scoured the used book list on Amazon and was able to find paper copies of many of my free PDF’s.

Most of these books were first published in the 80's and 90's, with a few of the Squeak books arriving after 2000.

Of all of these books, my favorite is SMALLTALK-80 by Adele Goldberg and David Robson (1989). Though the book’s cover gives it a quaintly old-fashioned look, the content is contemporary and the writing admirably clear — perfect for a student like me.

I like this book so much that I carry it with me on my walks around San Francisco and read it while I sit in Starbucks eating pastries and drinking espressos. Now and then some generic dude will see my antique book and comment, “Damn. Is that language still around? Why would you want to learn that when you could learn Java?”

I also have a soft spot in my heart for Squeak: Learn Programming with Robots by Stephane Ducasse, which I’ve mentioned previously. This book is good-spirited and all about having fun with programming. It’s an absolutely painless, fun introduction to Smalltalk. A kid can handle this book easily—even an adult kid.

My buddy Bill G. observed me collecting these dusty, out of print tomes. Back in the 80’s he did some Smalltalk programming in The Valley. He said, “There used to be an all-Smalltalk books store in Palo Alto on University Avenue, right down the road from Xerox. That’s how hot Smalltalk was in those days.” He paused. “I think that place is a Starbucks now.”

That’s cool with me. I need a clean, well-lighted place to hang out and read my books and get hassled by Java programmers.

Happy hacking…