Un répertoire non protégé sur le site amoureux.com laissait aux spammeurs la possibilité de copier une base de données de plus de 400.000 adresses électroniques de français amoureux.

Ah, l’amour ! Les sites Internet dédiés aux rencontres sont légions sur la toile. Le cas du site Amoureux.com aurait pu mal finir.

Heureusement, un internaute du nom de “Skyrace” a eu la bonne idée de préférer prévenir que de revendre la base de données qu’un cyber escroc n’aurait su ne pas voir.

Le Cupidon numérique avait tout simplement oublié de protéger un sous-domaine de son site Internet.

Bilan, n’importe quel internaute un peu curieux découvrait via l’espace pub2.amoureux.com plusieurs dizaines de documents dont des fichiers logs.

Fichies logs contenant eux mêmes plusieurs milliers d’adresses de courriers électroniques. Une petite analyse en a dénombré 400.000. 

Contacté, le fondateur du site n’a pas tardé à faire corriger cette porte ouverte “Comme quoi, nous avons beau proposer nos services depuis 10 ans, nous commettons encore de grosses erreur. Encore merci“.

L’éditeur G Data expliquait, en juillet dernier, qu’une base de données de mails pouvait se commercialiser entre 25 et 50 dollars dans le petit milieu des spammeurs. Une diffusion de publicité non sollicitée, sur une durée de 14 jours, 495 dollars.

Inq

zataz

Peter write a post a while ago about choosing a good InnoDB log file size.  Not to pick on Peter, but the post actually kind of talks about a lot of things and then doesn't tell you how to choose a good log file size!  So I thought I'd clarify it a little.

The basic point is that your log file needs to be big enough to let InnoDB optimize its I/O, but not so big that recovery takes a long time.  That much Peter covered really well.  But how do you choose that size? I'll show you a rule of thumb that works pretty well.

In most cases, when people give you a formula for choosing a configuration setting, you should look at it with skepticism.  But in this case you can calculate a reasonable value, believe it or not.  Run these queries at your server's peak usage time:

PLAIN TEXT SQL:

• mysql> pager grep sequence
• PAGER SET TO 'grep sequence'
• mysql> SHOW engine innodb STATUSG SELECT sleep(60); SHOW engine innodb STATUSG
• Log sequence number 84 3836410803
• 1 row IN SET (0.06 sec)
•  
• 1 row IN SET (1 min 0.00 sec)
•  
• Log sequence number 84 3838334638
• 1 row IN SET (0.05 sec)

Notice the log sequence number. That's the total number of bytes written to the transaction log. So, now you can see how many MB have been written to the log in one minute. (The technique I showed here works on all versions of MySQL. In 5.0 and newer, you can just watch Innodb_os_log_written from SHOW GLOBAL STATUS, too.)

PLAIN TEXT SQL:

• mysql> SELECT (3838334638 - 3836410803) / 1024 / 1024 AS MB_per_min;
• +------------+
• | MB_per_min |
• +------------+
• | 1.83471203 |
• +------------+

As a rough rule of thumb, you can make the log big enough that it can hold at most an hour or so of logs. That's generally plenty of data for InnoDB to work with; an hour's worth is more than enough so that it can reorder the writes to use sequential I/O during the flushing and checkpointing process. At this rate, this server could use about 110 MB of logs, total. Round it up to 128 for good measure. Since there are two log files by default, divide that in half, and now you can set

PLAIN TEXT CODE:

• innodb_log_file_size=64M

Does that look surprisingly small? It might. I commonly see log file sizes in the gigabyte ranges. But that's generally a mistake. The server I used for the measurements above is a big one doing a lot of work, not a toy. Log file sizes can't be left at the default 5MB for any real workload, but they often don't need to be as big as you might think, either.

If this rule-of-thumb calculation ends up showing you that your log file size ought to be many gigabytes, well, you have a more active write workload. Perhaps you're inserting a lot of big rows or something. In this case you might want to make the log smaller so you don't end up with GB of logs. But also realize this: the recovery time depends not only on the total log file size, but the number of entries in it. If you're writing huge entries to the log, fewer log entries will fit into a given log file size, which will generally make recovery faster than you might expect with a big log.

However, most of the time when I run this calculation, I end up finding that the log file size needs to be a lot smaller than it's configured to be. In part that's because InnoDB's log entries are very compact. The other reason is that the common advice to size the logs as a fraction of the buffer pool size is just wrong.

One final note: huge buffer pools or really unusual workloads may require bigger (or smaller!) log sizes. This is where formulas break down and judgment and experience are needed. But this "rule of thumb" is generally a good sane place to start.

Entry posted by Baron Schwartz | No comment

Add to: | | | |

Avec l'expansion pandémique de "services" comme Google Analytics, les moyens de se prémunir des SpyWebs prennent de plus à en plus d'importance. Et si des outils comme adBlock offre une très protection locale efficace, la protection d'un réseau dans son entier ne peut se passer de privoxy, un proxy filtrant aux possibilités étonnantes et disponible sur beaucoup de systèmes de Windows à Linux en passant par AmigaOS.

Historique (tout afficher)

• v2 - Mise à jour, suppression de tproxy, passage direct de la transparence avec privox (2008-11-21 14:23)
• v1 - Mise à jour des règles avec une 20aine de nouveaux blockages. Amélioration du script de lancement avec un mode pause/resume (2008-10-31 12:47)

Qu'est-ce qu'un SpyWeb ?

Pour faire simple, le SpyWeb est à la toile ce que le SpyWare est à Windows, des applications qui s'exécutent dans votre dos par le simple fait de visiter un site. Et les dangers liés à leur présence sont aussi nombreux que clairement sous-estimés :

• Ces outils collectent toutes sortes d'informations vous concernant qui sont généralement liés à votre adresse IP. Cet aspect est aujourd'hui critique pour les internautes disposant d'une adresse IP fixe (tous les abonnés de Free par exemple), mais le sera demain pour tout le monde, lorsque chaque internaute aura sa propre IPv6.
• La globalisation de l'usage de certains de ces SpyWebs, typiquement Google Analytics, implique que la majorité des sites que vous visitez utilisent ce "service", et par conséquent nourrissent les bases de données d'un acteur unique (Google, Xiti, etc.). Associé au point précédent, cette généralisation laisse imaginer la densité des informations potentiellement nominatives vous concernant, et échappant à toute action de la CNIL.
• Se présentant généralement sous la forme de code JavaScript, personne, y compris les WebMasters qui les incluent avec beaucoup de légèreté dans leur pages, ne peut être assuré de ce qu'ils font réellement, et encore moins de ce qu'il feront demain.
• Certains de ces SpyWebs vont très loin dans leur collecte d'information, jusqu'à se transformer en véritable outil de piratage enregistrant littéralement l'ensemble des actions effectuées au sein d'un même site avec votre souris ET votre clavier (saisie de mots de passe, de coordonnées perso, etc.). Même si l'usage de ces outils n'est pas généralisé, que se passera t-il demain, si par exemple Google, décide d'inclure se type de fonctionnalité ?
• Vu du côté des WebMasters, les outils décentralisés comme Google Analytics impliquent une perte d'informations vitales concernant leurs visiteurs car elles ne leur appartiennent pas. Ce n'est sûrement pas critique pour un bloggeur mais beaucoup plus pour un site professionnel lorsque viendra le moment d'utiliser des outils comme Business Object pour procéder à des études plus poussées que celles fournies en standard.
• Enfin, le moindre mal, ces outils, comme les publicités et autres flasheries, pourrissent votre bande passante en ajoutant de nombreux téléchargements inutiles à l'information affichée.

Entendons-nous bien, je comprends parfaitement l'importance des outils statistiques pour la gestion de la stratégie d'un site. Mais il existe aujourd'hui d'autres solutions (awstats, phpmysites, etc.) qui stockent localement les données des utilisateurs. Il est aujourd'hui parfaitement possible, avec certes un peu plus d'efforts, d'obtenir les mêmes résultats avec en prime un respect de ses utilisateurs, et une maîtrise des données.

Qu'est-ce que privoxy ?

Il existe quelques méthodes pour se débarrasser localement des SpyWebs mais privoxy demeure la plus efficace s'agissant de protéger globalement un réseau.

Privoxy est un proxy HTTP "filtrant" dont le rôle est "simplement" d'analyse chaque page de chaque sites que vous visitez pour y éradiquer publicités et SpyWebs.

Pour arriver à ses fins, privoxy dispose de deux techniques. Soit il va interdir, comme le ferait AdBlock, l'accès à certains sites, soit il va modifier, "à la volée" les pages que vous recevez (par exemple pour altérer des scripts dangereux).

Privoxy est en outre capable de "désanimer" des images GIF, de nettoyer vos cookies pour qu'ils ne laissent pas passer d'information, de maquiller l'identité de votre navigateur. Bref, c'est un outil complet, simple d'utilisation, rapide à installer, prêt à l'emploi et complètement paramétrable pour filtrer encore plus loin.

Au final, le navigateur va recevoir une page la plus "pure" possible débarrassée de tout ce qui peut nuire à la lisibilité, à la bande passante et à la sécurité.

Maintenant la suppression des encarts de pub est un peu plus litigieuse que celles des SpyWebs. En effet le modèle de financement et donc de développement de la toile s'appuie très massivement sur la publicité. Et même si je suis le premier à regretter les abus grandissant ces dernières années (on est loin de l'époque du linteau de pub en haut de la page), le choix de les supprimer purement et simplement n'est pas forcement la bonne solution.

Malheureusement l'éradication de la publicité devient ici un des dommages collatéraux lié à la guerre anti-SpyWebs. En effet, autoriser la publicité et pas les SpyWebs n'a aucun sens car les deux reposent sur les mêmes mécanismes. A titre d'exemple, GoogleAd se base sur un script show_ads.js pour afficher la pub. Aujourd'hui Google Analytics se base lui sur le script urchin.js. On pourrait logiquement autoriser le premier et bloquer le second. Mais si cette pratique se généralise, Google aura tôt fait de vider urchin.js pour transférer la logique d'espionnage sur show_ads.js rendant la protection caduque. La destruction systématique des scripts externes est donc la priorité même si la publicité en pâtie.

La seule solution que j'ai trouvé à ce problème consiste à débloquer la publicité sur les sites que je considère comme "ami", ce qui se fait très simplement avec Privoxy.

Installation

Privoxy peut être installé sur une machine de bureau mais prend sa pleine puissance une fois mis en place sur tout un réseau. Il va donc falloir choisir une machine qui sera connue des autres mais il n'est pas nécessaire qu'elle soit dédiée à cette tâche. Privoxy prend peu de ressource mémoire et CPU, n'importe quelle machine sous n'importe quel système devrait convenir pour peu qu'elle soit allumée en permanence. Pour la suite j'appellerais cette machine, machine_privoxy.

Toutes les versions binaires pour tous les Systèmes sont téléchargeables ici. Pour un système GNU/Linux l'installation se fait comme suit : root#urpmi privoxyouroot#aptget install privoxyroot#/etc/init.d/privoxy startLancement de privoxy : [ OK ]root# 

Paramétrage du navigateur

L'avantage d'un proxy http est qu'il n'existe pas à ma connaissance de navigateur qui ne sache pas l'utiliser. Pour l'exemple nous allons faire ici le paramétrage de FireFox, mais il pourrait tout aussi bien s'agir de Safari, Opéra et même Internet Explorer...

Il faut donc maintenant aller sur la machine cliente pour indiquer à son navigateur d'aller chercher ses pages web sur la machine_privoxy. Dans FireFox allez dans les menus Édition/Préférence/Réseau/Paramètres. Sélectionnez configuration manuelle du proxy et entrez pour HTTP les valeurs machine_provoxy et 8118. Cliquer ensuite sur OK et enfin Fermer.

C'est tout ! Pour vérifier que tout fonctionne, saisissez l'adresse http://config.privoxy.org/ et validez. Vous devez voir apparaître la page de configuration de privoxy.

Privoxy à l'oeuvre

Tout est donc opérationnel. Pour se convaincre que tout est en place, il suffit d'ouvrir une console sur la machine privoxy et d'y faire un tail -f /var/log/privoxy/logfile.

Ensuite sur le poste client, allez faire un tout avec votre navigateur sur le site www.liberation.fr et regardez ce qu'affiche privoxy : root#tail -f /var/log/privoxy/logfileRequest: www.liberation.fr/Request: www.liberation.fr/_looks/liberation/scripts/rObj.js(...)www.smartadserver.com/call/pubj/252/1276/225/M/7424944326/? crunch!Request: www.liberation.fr/_looks/liberation/images/fond_pub_728x90.gif(...)Request: www.smartadserver.com/call/pubj/252/1276/163/S/7424944326/? crunch!Request: www.liberation.fr/_looks/liberation/images/onglet_forum_on.gif(...)Request: cmhtml.fr.overture.com/d/search/p/standard/eu/js/flat/ctxt/ls/?ctxtId=libe_fr_annuaire&NGrp=2&NKw=4&Pg=1&keywordCharEnc=utf-8&outputCharEnc=utf-8&Partner=liberation_js_fr_ctxtls_libe crunch!(...)www.liberation.fr/interactif/question/libeblogs/_files/file_258326_34465_petite_vignette.jpgRequest: www.smartadserver.com/call/pubj/252/1276/276/S/7424944326/? crunch!(...)Request: www.smartadserver.com/call/pubj/252/1276/94/S/7424944326/? crunch!Request: www.liberation.fr/interactif/question/libeblogs/_files/file_260788_26585_petite_vignette.jpg(...)Request: www.google-analytics.com/urchin.js crunch!(...)Request: logi8.xiti.com/hit.xiti?s=197813&s2=2&p=homepage&hl=8x59x22&lng=fr&r=1280x886x32x32&re=1280x746&ref= crunch!root# 

A chaque fois que privoxy affiche crunch, il a bloquer le navigateur. Nous voyons ainsi qu'en standard, privoxy bloque efficacement les publicités, Google Analytics et Xiti. Cela fait déjà beaucoup de nuisance en moins. Mais nous allons pouvoir aller un peu plus loin.

Améliorer le filtrage Les fichiers à modifier

Comme vous l'avez vu, Privoxy par défaut marche déjà très bien. Il est cependant possible d'aller plus loin. Pour changer les paramètres de Privoxy, vous avez deux solutions. Vous pouvez soit utiliser l'interface WEB (personnellement je ne la trouve pas très simple), soit taper directement dans les fichiers de configuration. Pour cela, il faut simplement éditer le fichier /etc/privoxy/user.actions. Notez que le simple fait d'en faire sauvegarde implique son rechargement. Aucun besoin donc de redémarrer privoxy.

Le fichier user.actions contient les règles que vous avez le "droit" de changer. Vous pouvez changer aussi les autres mais cela risque de vous créer plus de problèmes qu'autre chose. Par défaut il contient déjà plein d'exemples utiles.

Vous allez pouvoir ajouter ici, des règles et des alias. Une règle est la combinaison d'une ou plusieurs actions et est appliquée à une ou plusieurs URL. Pour la liste complète des actions que Privoxy propose, allez jeter un oeil ici.

Ajout de nouvelles règles

Prenons un exemple et imagions que nous voulions supprimer l'envoi de tous les cookies sortant pour le site wwww.mauvais-site.fr. En langage privoxy cela nous donne : { +crunch-outgoing-cookies }
.mauvais-site.fr

Cette règle très simple va ajouter l'action "crunch-outgoing-cookies" (qui supprime les envois de cookies) à toutes les urls appartenant à .mauvais-site.fr. Le signe + indique que la directive doit être ajoutée aux autres règles. A l'inverse, si nous ajoutons : { -crunch-outgoing-cookies }
bonne-page.mauvais-site.fr

Toutes les pages du domaine mauvais-site.fr auront leur cookie mangé sauf bonne-page.mauvais-site.fr.

Vous pouvez des * dans les URL, par exemple ad*.site-de-pube.fr, ou même une expression régulière comme pour adBlock comme www[1-9a-ez].example.c*.

Vous pouvez aussi mettre plusieurs actions entre les accolades, soit sur une seule ligne en les séparant par des espaces, soit sur plusieurs lignes en ajoutant un à la fin de chaque ligne. Cela nous donne par exemple pour supprimer cookies entrant ET sortant: { +crunch-outgoing-cookies
  +crunch-incoming-cookies }
ad*.mauvais-site.fr
www[1-9a-ez].example.c*

Ajout d'Alias

Comme nous l'avons vu, il est possible de mettre plusieurs actions entre accolade. Il peut être alors pratique de pouvoir regrouper un ensemble d'actions sous un seul alias. Par exemple, si nous voulons regrouper la suppression de tous les cookies vue plus haut, nous ajouterions dans le fichier user.actions :     {{alias}}
    +crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
    -crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies

Une règle pour ajouter, une autre pour enlever, l'exemple parle de lui-même. Ainsi la règle sur "mauvais-site" pourrait s'écrire avec un de nos deux nouveaux alias : { +crunch-all-cookies  }
.mauvais-site.fr

Par défaut dans user.action il y a deux alias très pratiques. Le premier shop va nous permettre d'assouplir les règles pour les rendre compatibles avec un site de commerce branlant. L'autre s'appelle fragile et permet de ne pas "casser" les sites souvent mal fichu. Si vous avez une boutique qui ne marche plus, ou un site fragile, vous pouvez alors ajouter : { shop }
www.boutique-branlante.fr

{ fragile }
www.site-mal-fichu.fr

Ajout de règles supplémentaires

Il est possible d'améliorer encore privoxy pour ne plus rien laisser passer ou presque. Au début vous allez observer ce que les sites font exactement en observant les logs de Privoxy. Et à chaque fois que vous voyez quelque chose de louche, vous pouvez ajouter une règle comportant l'action { +block } suivi à la ligne suivante de chaque url posant problèmes. Ce qui au final peut donner quelque chose comme cela : {{alias}}
  big-block          = +block +handle-as-empty-document

# Régies publicitaires/ Plateformes d'annonce
{ big-block }
.netavenir.com                              # http://www.netavenir.com/
.turn.com                                   # http://www.turn.com/corp/how/how-it-works.jsp
.bluestreak.com                             # http://www.bluestreak.com/whowhat/index.asp
.criteo.com                                 # http://www.criteo.com/en/bloggers.aspx
.blogbang.com/demo/js/blogbang_ad.php?id=  # http://www.blogbang.com/demo/
/.*/microsoft_adcenterconversion.js       # Régie Microsoft
*.*.marketingsolutions.yahoo.com/*          # Régie Yahoo
www.googleadservices.com/*                  # Régie Google
.fmpub.net                                  # http://federatedmedia.net/whyadvertise/index
pubsrv.allopass.com/*                       # http://www.allopass.com/
.comclick.com                               # http://www.comclick.com/
.regieci.com                                # http://www.regieci.com/fr/accueil/index.asp
.allo-audience.fr                           # http://www.allo-audience.fr/
.audientia.net                              # http://www.audientia.net/new/fr/new/
.clickintext.com                            # http://www.clickintext.com/
.clickintext.net
.intellitxt.com

# Les enregistreurs/relecteurs
{ big-block }
.clicktale.*                                # http://www.clicktale.com/faq.html
cetrk.com/*                                 # http://crazyegg.com/overview
*.robotreplay.com/*                         # http://www.robotreplay.com/
/.*/clickheat.js

# médiamêtrie/traçage
{ big-block }
.estat.com                                  # http://www.estat.com/service/services_form.html
.sitemeter.com                              # http://www.sitemeter.com/
.w3counter.com                              # http://www.w3counter.com/
.reinvigorate.net                           # http://report.reinvigorate.net/snoop
/.*/webanalytics                           # http://france.webanalytics.be/
.opentracker.net                            # http://www.opentracker.net/index.jsp
.weborama.*                                 # http://weborama.com/
.quantserve.com                             # http://www.quantcast.com/
.performancing.com                          # http://performancing.com/tracker
.ToutLeMondeEnBlogue.com                    # http://www.toutlemondeenblogue.com/index.aspx
stats.wordpress.com                         # http://www.wordpress.com
*.technorati.com/*                          # http://www.technorati.com
embed.technorati.com/linkcount              #
/.*xiti.js                                  # http://www.xiti.com/
*.getclicky.com/*                           # http://www.getclicky.com/help/
*.iminr.com/*                               # http://www.iminr.com/
.netprofitblueprint.com/*                   # http://www.netprofitblueprint.com/capture.html (assez opaque celui-la...)
.converdge.com                              # http://www.converdge.com/features
.cybermonitor.com
my.blogitexpress.com/.*.js                 # http://www.blogitexpress.com/
www.atoomic.com/js/*                        # http://www.atoomic.com/
.clustrmaps.com/counter/*
/phpmyvisites.js
.trackalyzer.com

# Page ranking
www.free-pagerank.com/fcgi-bin/alive_js.fcgi.*   
external.wikio.fr/blogs/top/getrank
www.pagerank.fr/pagerank-actuel.gif


# Loggers un peu trop traçeurs
{ big-block }
.mybloglog.com                              # http://www.mybloglog.com/
#*.paperblog.fr/*                           # http://www.paperblog.fr/pages/presentation/

# Outils non centralisé
/.*/phpmyvisites.js                       # http://www.phpmyvisites.net/

# traçage des flux (feeds)
{ big-block }
feedjit.com/*                               # http://feedjit.com/

# Spécial Google
{ big-block }
/.*utm.js                                   # variante d'urchin
/.*stat.*.js                               # un filtrage générique
/.*/urchin.js                              # variante d'urchin
/.*s_code.js                                # variate d'urchin
/.*google-analyticator.*                    # le plugin pour wordpress

# Nuisances
{ big-block }
.snap.com/*                                 # Charge les liens en tâche de fond pour en faire
                                            # des vignettes. Sympa en soit mais pompe pas mal de resources.
.ixnp.com/*
.twitter.com/*
.webreseau.com              (...)

Google App Engine SDK 1.1.6.201Google App Engine lets you run your web applications on Google's infrastructure. App Engine applications are easy to build, easy to maintain, and easy to scale as your traffic and data storage needs grow. With App Engine, there are no servers to maintain: You just upload your application, and it's ready to serve your users.

You can serve your app using a free domain name on the appspot.com domain, or use Google Apps to serve it from your own domain. You can share your application with the world, or limit access to members of your organization.

App Engine costs nothing to get started. Sign up for a free account, and you can develop and publish your application for the world to see, at no charge and with no obligation. A free account can use up to 500MB of persistent storage and enough CPU and bandwidth for about 5 million page views a month. During the preview release of Google App Engine, only free accounts are available. In the near future, you will be able to purchase additional computing resources.
WHAT'S NEWVersion 1.1.6.201:

• Datastore now supports filtering and sorting on the key special property, which evaluates to each entity's key.
• Fixed a bug where it was possible to append None to ListProperty.
• Datastore appengine.ext.db models allow deletion by key without instantiating a model instance.
• Datastore models allow access to key name before put() if key_name given.
• Datastore fetch max results and max query offset match production limits.
• Fixed an issue in production where query fails with NeedIndexError when a model has two ancestor indexes.
• • http://code.google.com/p/googleappengine/issues/detail?id=423
• Allow trailing whitespace in PropertyValueFromString for datetime.
• Fixed to_xml on models with binary data in a BlobProperty: they now are base64 encoded. Note: This changes XML serialization.
• • http://code.google.com/p/googleappengine/issues/detail?id=430
• Fixed an issue with setting expando attributes.
• • http://code.google.com/p/googleappengine/issues/detail?id=431
• Fixed an issue where TypeError was raised instead of NeedIndexError for "merge join" queries, i.e. queries with only equals filters and no ancestor or sort orders, that still need an index.
• • http://code.google.com/p/googleappengine/issues/detail?id=749
• URLFetch in the SDK now has the same 5 second timeout to match production.
• URLFetch response headers are combined
• • http://code.google.com/p/googleappengine/issues/detail?id=412
• URLFetch now uses original method when following a redirect.
• • http://code.google.com/p/googleappengine/issues/detail?id=363
• URLFetch logs a warning when using a non standard port.
• • http://code.google.com/p/googleappengine/issues/detail?id=436
• URLFetch allows integers as values in request headers.
• Enforce response size and API request size limits to match production.
• • http://code.google.com/p/googleappengine/issues/detail?id=447
• SDK sanitizes response headers to match production
• • http://code.google.com/p/googleappengine/issues/detail?id=198
• Login URLs now require login in the SDK to match production.
• • http://code.google.com/p/googleappengine/issues/detail?id=53
• Fixed an issue with long URLs in HTTP 302 redirect responses.
• • http://code.google.com/p/googleappengine/issues/detail?id=407
• Fixed an issue with regular expressions in static_files in app.yaml
• • http://code.google.com/p/googleappengine/issues/detail?id=711
• SDK only allows "C" locale to match production.
• • http://code.google.com/p/googleappengine/issues/detail?id=356
• Support the bufsize positional arg in open()/file().
• lstat is aliased to stat.
• appcfg handles index building errors more gracefully.
• Fixed an issue with symlinks in the path to the Python core libraries.

REQUIREMENTSMac OS X 10.4 or later.
DEVELOPERGoogle
DOWNLOADS2875
DOWNLOAD NOW (3.6 MB)
More information

Category: Games
Released: Nov 15, 2008
Price: $0.99

Description:
Even pirates need to learn their numbers, matey! The littlest buccaneer on our crew, the Pink Pirate, needs to keep her math skills sharp. In order to help her out, Capt. Bill wrote this fun application so she could practice when she had a free moment. This is a great alternative to flash cards and your kids will love it. This program will quiz your child with a series of math problems. Once they have finished the game, they will earn a letter grade based on their score. Do well enough and Capt. Bill himself will congratulate you. You can set the highest number allowed, the number of problems presented and the operations allowed. When stealth is required, you can mute all sounds, yarrr! Have fun, me hearties, and be sure to check out the other family friendly SalemPirates games available on the iPhone AppStore! ************************************************** *****Pirate Prize Sweepstakes! As a thank you to all the buccaneers who've purchased one of our fine products, the SalemPirates are excited to announce our first giveaway sweepstakes! Just dress up in your favorite pirate regalia and send us a picture of you holding an iPhone (or iPod touch) displaying any one of our games. Email the photo to our crew by November 30th, 2008 for your chance to win! For further details...http://www.salempirates.com/logs/20081106a/index.php ************************************************** *****

Website: http://www.salempirates.com
Support Website: http://www.salempirates.com

Note: The description above is the official one supplied by the application developer and does not necessarily represent the views or opinions of this site or its staff.


Get it on iTunes: MathTraption - Pirate Math Contraption

I'm using a MacBook Pro 2.4 Ghz Intel Core 2 Duo (System 10.5.5) and am having a particular problem connecting to an important network at my school. I can connect to just about any other open network except for this one.

The modems are in the classrooms, and so signal strength is not a problem. I can see the signal strength in the horizontal top bar, but when I log on to the network with my appropriate protocol, the Airport card seems to misinterpret the fact that I've requested 802.1X WEP. The software records that choice in the Preferred networks list, but the school's network person is seeing a different protocol at her end when she looks at my login attempts in her log. Does anyone know what's going on?

She writes:
"I’ve just been told that our logs indicate you’re trying to authenticate via EAP-TLS or PEAP, not 802.1x WEP or LEAP."

I'm not even sure I've ever been given LEAP as a choice on my MacBookPro. Does anyone know if I can find it and downlaod it in case it would solve this problem? Any other advice?

Thanks.

br / bAuthor:/b a href='http://forum.newsbin.com/profile.php?mode=viewprofileu=1316'Bull/abr /br / bPosted:/b Thu Nov 20, 2008 8:56 pmbr /br / br /br / When I Shift-Delete headers in a rather small group for a certain period of time and I reload the view the selected headers are a goner.br / br / Now when I do this with a large group, RAM usage varying for instance between 400MB-500MB before Shift-Deleting, Shift-Deleting can take a while to really end. RAM usage peaking ~700-800MB. Enough memory left.br / br / I take btw Task Manager aside to really see if nbpro.exe has nothing to do.br / br / When nbpro.exe has gone idle I refresh the view yet not all headers I Shift-Deleted are gone yet the number has decreased.br / br / Missing some sort of sql progress view here. Disk is spinning, nbpro is active in Task Manager yet nbpro looks idle.br / br / I wait a short while, refresh the view and still, not all headers I Shift-Deleted are gone and again the number has decreased.br / Eventually nbpro gets the job done.br / br / If nbpro.exe would have some progress indicator/bar, more then enough space left next to the Reload and Update buttons, like a Cleanup button guiding to for instance Sh-Del'ing filtered headers or all viewed headers, it'd be easier to really know newsbin has finished cleaning up.br / br / I rarely use the logs as they might indicate nbpro has finished that part.

pFiled under: a href="http://www.downloadsquad.com/category/security/" rel="tag"Security/a, a href="http://www.downloadsquad.com/category/text/" rel="tag"Text/a, a href="http://www.downloadsquad.com/category/utilities/" rel="tag"Utilities/a, a href="http://www.downloadsquad.com/category/windows/" rel="tag"Windows/a/pa href="http://www.javacoolsoftware.com/docscrubber.html#Overview"img hspace="4" vspace="4" border="0" align="right" src="http://www.blogcdn.com/www.downloadsquad.com/media/2008/11/docscrubber.jpg" alt="" //aEvery Word file can contain a fairly large amount of metadata. This is stuff like the revision logs (for tracking changes), name of the author, last time edited, and last time printed. All that information is there for a reason, but embarrassing incidents have been known to occur when people don't realize what they're sending in their metadata. If you want to avoid that, you could delete it all by hand, or you could get a href="http://www.javacoolsoftware.com/docscrubber.html#Overview"Doc Scrubber/a, a free metadata-removal app. br /br /Doc Scrubber can quickly tell you what all the "hidden info" on your docs says, or just delete it for you. It'll handle multiple docs at once, and is compatible with Word 97, 2000 and XP files. It doesn't do DOCX files, but those also don't handle metadata the same way, so they're less likely to expose your info.p style="padding:5px;background:#ddd;border:1px solid #ccc;clear:both;"a href="http://www.downloadsquad.com/2008/11/20/doc-scrubber-removes-hidden-data-from-your-documents/"Doc Scrubber removes hidden data from your documents/a originally appeared on a href="http://www.downloadsquad.com"Download Squad/a on Thu, 20 Nov 2008 14:00:00 EST. Please see our a href="http://www.weblogsinc.com/feed-terms/"terms for use of feeds/a./ph6 style="clear: both; padding: 8px 0 0 0; height: 2px; font-size: 1px; border: 0; margin: 0; padding: 0;"/h6a href=http://www.javacoolsoftware.com/docscrubber.html#OverviewRead/anbsp;|nbsp;a href="http://www.downloadsquad.com/2008/11/20/doc-scrubber-removes-hidden-data-from-your-documents/" rel="bookmark" title="Permanent link to this entry"Permalink/anbsp;|nbsp;a href="http://www.downloadsquad.com/forward/1377790/" title="Send this entry to a friend via email"Email this/anbsp;|nbsp;a href="http://www.downloadsquad.com/2008/11/20/doc-scrubber-removes-hidden-data-from-your-documents/#comments" title="View reader comments on this entry"Comments/a pa href="http://feedads.googleadservices.com/~a/5QUxLcBpmM1EmwM4bc5We20r6sU/a"img src="http://feedads.googleadservices.com/~a/5QUxLcBpmM1EmwM4bc5We20r6sU/i" border="0" ismap="true"/img/a/pdiv class="feedflare" a href="http://feedproxy.google.com/~f/weblogsinc/downloadsquad?a=70xfBZ62"img src="http://feedproxy.google.com/~f/weblogsinc/downloadsquad?i=70xfBZ62" border="0"/img/a a href="http://feedproxy.google.com/~f/weblogsinc/downloadsquad?a=8fQ7gKo3"img src="http://feedproxy.google.com/~f/weblogsinc/downloadsquad?i=8fQ7gKo3" border="0"/img/a /divimg src="http://feedproxy.google.com/~r/weblogsinc/downloadsquad/~4/y4q6wCOtzeU" height="1" width="1"/

Moose File System is a networking, distributed, fault tolerant file system. It spreads data over several servers visible to a user as one resource. For standard file operations, MooseFS, mounted with FUSE, acts as other Unix-alike filesystems. hr / strongLicense:/strong GNU General Public License v3 hr / strongChanges:/strongbr / An improved rebalancing algorithm. Protections against overriding metadata.mfs.back by older metadata.mfs. Fixes to build mfstools, mfsmaster, and mfsmetarestore with Large File Support on Linux (previously only mfsmount had LFS enabled). Less verbose logging in mfsmaster. This release logs chunkserver disconnections in mfsmaster.img src="http://feeds.feedburner.com/~r/freshmeat/feeds/fm-releases-global/~4/459851938" height="1" width="1"/

Moose File System is a networking, distributed, fault tolerant file system. It spreads data over several servers visible to a user as one resource. For standard file operations, MooseFS, mounted with FUSE, acts as other Unix-alike filesystems. hr / strongLicense:/strong GNU General Public License v3 hr / strongChanges:/strongbr / An improved rebalancing algorithm. Protections against overriding metadata.mfs.back by older metadata.mfs. Fixes to build mfstools, mfsmaster, and mfsmetarestore with Large File Support on Linux (previously only mfsmount had LFS enabled). Less verbose logging in mfsmaster. This release logs chunkserver disconnections in mfsmaster. pa href="http://feedads.googleadservices.com/~a/FfxMn-hfaWSCgmqHKUCZdMhOotg/a"img src="http://feedads.googleadservices.com/~a/FfxMn-hfaWSCgmqHKUCZdMhOotg/i" border="0" ismap="true"/img/a/pimg src="http://feedproxy.google.com/~r/freshmeat/feeds/fm-releases-unix/~4/pH6h0wglIRg" height="1" width="1"/

Moose File System is a networking, distributed, fault tolerant file system. It spreads data over several servers visible to a user as one resource. For standard file operations, MooseFS, mounted with FUSE, acts as other Unix-alike filesystems. hr / strongLicense:/strong GNU General Public License v3 hr / strongChanges:/strongbr / An improved rebalancing algorithm. Protections against overriding metadata.mfs.back by older metadata.mfs. Fixes to build mfstools, mfsmaster, and mfsmetarestore with Large File Support on Linux (previously only mfsmount had LFS enabled). Less verbose logging in mfsmaster. This release logs chunkserver disconnections in mfsmaster. pa href="http://feedads.googleadservices.com/~a/X0oUDI-LoleDB7LqsXOpGIpQx6M/a"img src="http://feedads.googleadservices.com/~a/X0oUDI-LoleDB7LqsXOpGIpQx6M/i" border="0" ismap="true"/img/a/pimg src="http://feedproxy.google.com/~r/freshmeat/feeds/fm-releases-global/~4/pH6h0wglIRg" height="1" width="1"/

Hi,

I have an iMac 24" 3.06Ghz, about six months old.

I have started experiencing random but frequent complete system freezes.

This is what typically happens over a period of 5 minutes:

1. I get the odd app crash (often Thunderbird, but possibly only because that is always running; sometimes mail.app crashes, something Open Office etc. No pattern to it).

2. The fans start thrashing although iStat doesn't record a higher temperature than normal. That said, the top bar hangs early on in this process so I guess the temp could be spiking. The box does not feel overly hot though (for an iMac). Normal temp about 39 degrees C.

3. All app windows freeze, and I get the beach ball. Mouse still works

4. dock freezes. Mouse still works.

5. keyboard freezes. Only mouse working now.

6. have to power off

I also have a very annoying ghosting problem on the screen that has only just started happening.

I am a relatively recent switcher to Mac, and have a lot of experience administering / developing on Windows XP.

I'm happy to trawl through the logs, so could anyone give me any suggestions about what to look for, what could be wrong etc.

Thanks

D.

pimg src="http://cache.gawker.com/assets/images/gizmodo/2008/11/blackberrystorm.jpg" align="left" hspace="4" vspace="2" width="804" height="613" style="display:block;float:none;" /It's hard to overstate how important the BlackBerry Storm is to RIM and Verizon. It's RIM's bold effort to fend off the iPhone and Verizon's best hope for a star handset that draws people in, or at least keeps them from bailing. The Storm's major innovation is what RIM calls SurePressmdash;the entire touchscreen is fat, honkin' buttonmdash;which has been paired with a redesigned, finger-friendly BlackBerry OS. We've already a href="http://gizmodo.com/5060378/blackberry-storm-first-hands-on"showed you a lot of/a what the fuss is all about, but now that we've spent some quality, uninterrupted time with the Storm, here's why we think it falls short of its promise./p pstrongThe Hardware/strongbr strongThe Body/strongbr It's surprisingly heavy. Like, heavier than RIM's manly slab of smartphone, a href="http://gizmodo.com/tag/blackberry-bold"the Bold/a, at 5.47 oz to the Bold's 4.7 oz. It feels thick, too, thicker than it actually is, because of its squarish shape. It looks good, it feels okay in your hand. It's just kind of clunky at the same time. On the other hand though, all this substance also makes the Storm feel really robust. You'll never feel like you're going to break it./p pstrongThat Button Screen/strongbr When you push the screen and it clicks, it's a genuinely satisfying tactile sensation that, as I said in my hands on, is clearly a finely tuned experience. You won't accidentally press it when you don't mean to, but you don't have to drop a sledgehammer on it, either. Like the rest of the body, it's a sturdy piece of hardware that seems like it will hold up over the many, many thousands of clicks it will endure in its life time. The only concern is that it seems like the chasm between the screen and rest of the body is a lint nest waiting to happen. But the gap is large enough you should be able to clean your pocket gunk out with the edge of a toothpick./p pstrongThe Other Buttons/strongbr For a touchscreen phone, the Storm has a lot of damn buttons. Nine, to be exact: The four standard BlackBerry buttons, one side button, a volume rocker, and dedicated lock and mute keys. I wouldn't get rid of any of them. The BlackBerry button is still your best friend, since you'll still need to bring up the menu in practically every situation./p pstrongScreen/strongbr The Storm has the biggest, highest resolution screen RIM has ever produced with a 480x360 res. It's bright and beautiful, though not quite as stunning as the Bold's since it has a lower pixel density. Still, the OS and video look fantastic on it, with plenty of pop. The capacitive touchscreen is fairly responsivemdash;on par with the T-Mobile G1mdash;though sometimes the OS lags behind you./p pstrongBattery/strongbr We haven't fully tested the battery life on the Storm yet, but it seems to be respectable. The battery isn't quite as beefy as the beast powering the Bold, but you shouldn't have a HUGE problem getting through the day on one charge or anything./p pstrongNetwork/strongbr No Wi-Fi is a bummer, even with Verizon's fantastic 3G network, 'cause not even it penetrates everywhere. That said, one of the Storm's greatest strengths is Verizon's network, with its basically unbeatable coverage, and you'll get a signal most everywhere that's not a subway, airplane or supervillian secret lair. 3G is plenty fast and more reliable than ATT, so it's been sunshine. Any pokiness in web browsing is the software's fault. Calls sounded great to the other party, though kind of muted to me compared to the Bold or iPhone./p pstrongCamera/strongbr The camera is 3.2MP of noisy noise, like most cellphone cameras. The camera is tarted up with some basic photo editing features and a dedicated flash, but it's nothing incredible./p pstrongGPS/strongbr The GPS seems to provide a pretty accurate location with a reasonable amount of speed, though you're stuck with Verizon's VZ Navigator as the main navigation app (no BlackBerry maps). Some people really hate Verizon's program, so you might be less than a happy camper here./p pstrongOS and Usability/strongbr strongInterface/strongbr RIM's first touchscreen BlackBerry doesn't toss the old baby out with the buttons (or something like that). It's very much the familiar BlackBerry OS, just with a UI that's been optimized for your fat fingers. It's pretty, with big, easy-to-press icons, lots of fade transition as you move from screen to screen, and standard highlight motif of lighting up a Dr. Manhattan shade of blue whenever you select something./p pThe list menusmdash;like the menu pop up when you press the BlackBerry button or lists of messagesmdash;are just spacey enough to be touchable without pressing thing very often. The accelerometer is pretty decent at keeping up with you and will rotate the screen in all four orientations, letting you choose to the have the four main buttons on the left or right in portrait mode. It got "stuck" in the wrong orientation less often than the iPhone does (to me anyway), which is good, since the only way to use the QWERTY keyboard is in landscape (or conversely, SureType in portrait)./p pThe major issue with the interface, at least in the main menu area, is that lags. Like, enough to be annoying. Scrolling through the main menu, for instance, it seems like part of the scroll slowdown is built in (I don't know why) but it got choppy more often than occasionally. The transition fades from screen to screen, besides being inconsistent (sometimes you get 'em, sometimes you don't), make the OS actually feel slower. And when it does lag, it's somehow more frustrating because it makes you distrust and pissed off at the SurePress feedbackmdash;not good for your major selling point./p pstrongStability/strongbr The Storm needed a little bit longer in the ovenmdash;I had lotsa lock-ups and crashes over the last two days with it. Lag was all over the place, which is a cardinal sin with a touch-based UI. It really needs to be more stable. I wonder how long before there's a software update, 'cause it needs one badly./p pstrongThe Keyboard/strongbr The keyboard layouts themselves are roomy and perfect, with the QWERTY subtly divided into two halves. Which actually makes for a good guidelinemdash;keep your thumbs on their respective sides of the divide and you'll be a much happier camper when it comes to typing, since you have to consciously let the screen pop back up between every letter press. Having a true alternating rhythm between your thumbs makes it much easier to use, so you're trying to press a key with your other thumb while the screen's already pushed in./p pRIM makes a big deal out of the fact they've separated navigation from confirmation with their SurePress thing. That, hypothetically, is a means to an end, the end being more accurate typing than a standard, feedbackless touch keyboard. In that respect, it fails. Even after two days, with the keyboard's great layout and perfect size, I was leaning just as hard on the autocorrect on the Storm as I ever did on the iPhone. Here's why: Confirming I've pushed a key doesn't actually tell me whether I've pushed the right one. Which makes the feedback, as far as typing on a keyboard goes, basically useless. It's made worse by the fact that RIM's glowing blue highlights also are far less effective than pop up letters at indicating what key you're pushing./p pI hate to say this, but I kind of came to hate typing on it. Pushing the screen in over and over requires so much more effort than simply gliding my fingers around a good touch keyboard. It was tiring. SurePress is a bit less annoying with the onscreen SureType keyboard in portrait mode though. One other gripe is that you can't get a QWERTY keyboard in portrait, even though its screen is as wide as the iPhone's./p pstrongOther Touchiness/strongbr Copy and paste! Yeah, Storm's got it. You highlight text by putting your fingers on either side of the text you want to highlight, then you've got a little menu that pops up below asking what you want to do with it. Your fingers are probably too big to do it correctly every time, but once you've learned the process of how to float the cursor with a long touch, it's easy and it works most of the time. Moving the cursor around within text isn't quite as intuitive as the iPhone's magnifying glass, but once you hover to take it into cursor mode, the whole screen acts like a trackpad, so you can move anywhere around it. It works. There are some other cool UI things heremdash;in your inbox, hovering over an email will bring up every one in that thread./p pstrongEmail and Texting/strongbr It's a BlackBerry, so yes, the Storm is everything you'd expect from one in the email department, like search, push, the works, just touched up with a touch UI. For instance, the aforementioned easy search feature, which also bring a menu when you hover over a person's name to do things like send them an MMS (take that iPhone!) or add to contacts that works really well with touch. Thankfully, I saw lag in the email app far less than anywhere else in the phonemdash;it was always snappy, and works really with the touch UI. It's also got a few subtle aesthetic enhancements over the email client in the Bold. I'd like threaded text messaging, but it's the standard BlackBerry setup here that looks just like email./p pstrongCalling and Visual Voicemail/strongbr The phone UI is pretty dandy, with giant buttons all around and easy access to logs, contacts, and contact search. Contacts is a fairly standard list thing with search. Visual voicemail though, that is a snazzy looking app. It's kind of busy, but I think it's one place I like the UI better than the iPhone./p pstrongBrowser/strongbr The first thing I asked the RIM rep was how much better the Storm's browser was than the Bold, which kind of eats it when it comes to scripts. He said it was improved "but don't expect a miracle." That's a good assessment. It's fast, faster than the Bold whenever I put them side by side, but not quite the fastest browser on the planet. It's also smarter than the Bold, rendering pages more accurately where the Bold slipped. Performance once pages loaded was good. I'll be doing some more formal benchmarks, like with our browser Battlemodo earlier today, shortly./p pOne thing RIM gets really right is the browser UI. You have lots of of options for getting aroundmdash;two prominent zoom in and out buttons, plus you can zoom by clicking. Very easy. You've got two main navigation modes thoughmdash;pan mode, where your finger swipes zoom around the page, and cursor mode, where the whole screen acts like a trackpad. I mostly stuck with pan mode. SurePress comes in handy when scrolling, because you'll never accidentally press a link again. One thing I'd like is multitouch zooming (sorry, gotta say it) and a way to quickly get to the bottom of the page, since a hard flick doesn't send you flying like on mobile Safari. Overall though, RIM delivers pretty big here./p pstrongMultimedia/strongbr The biggest improvement over the Bold is that the Storm comes with an 8GB microSD card. Unfortunately, everywhere else, it's mostly the same. The media player UI is essentially identical, with minimal tweaks to make it touchable. On the actual playback screen, it's fine, and album art looks great. However, the list system it uses is fairly tired and straight out of the old BlackBerry playbook essentially. The bigger pain point, if you're comparing it to the iPhone's multimedia muscle, is the crappy Ro