In the last couple of weeks I started trying IntelliJ 9.0.2 EAP on our flex source code, and intially there were a ton of RED errors.  I filed a bunch of "good code red" youtrack issues, and Maxim M. and others resolved almost all the issues.   Now, with IU-94.585, about 95% of the files are GREEN.  The only signficant source of "good code red" errors is that we have some MXML files which include ActionScript files using this syntax:

 

<mx:Script source="ComponentFunctions.as"/>

 

In some cases, the developer really shouldn't have put the actionscript in an external file. It should have just been included in the MXML file.  But we have some cases where code is being "shared" between MXML files in this manner.  I really don't like injecting actionscript from a file into the MXML -- this is the exact same problem we had with developers including JSP fragments into JSP files. IntelliJ is correctly evaluating JSP fragments in the context of which JSP file(s) they are included into, so maybe IntelliJ can do the same for MXML/ActionScript.

 

Other case where we have "good code red" is where MXML is using  fully encapsulated actionscript components; When editing the actionscript for one of these components, IntelliJ cannot resolve "flash.events.Event" class or some other core class because the actionscript class doesn't import it.  The code compiles because the actionscript class is only ever referenced by MXML file which imports "flash.events.*" already.  I could fix these by adding the import to the actionscript class, but the problem is that currently at my company everyone is using FlexBuilder for flex development, so they don't see these errors.  It would be nice if IntelliJ somehow handled this, i.e. evalulate actionscript component in context of the MXML file(s) it is included in.

 

One other comment is with the JavaScript inspections being using for ActionScript.  Some of the Javascript inspections are specific to the Javascript running inside a browser.  And there are differences between ActionScript and JavaScript.  Jetbrains seems to be patching the inspections where possible so it supports both languages. But I think to make things clear the toplevel "Javascript" inspection should be renamed as either "Javascript/Actionscript" or the base dialect "ECMAScript" (http://en.wikipedia.org/wiki/ECMAScript) , and then have subfolders for Javascript/browser specfic inspections and ActionScript specific inspections.  I think there are probably alot of new inspections that could also be added for ActionScript and/or MXML.

 

I haven't done much active flex development using IntelliJ yet, so I can't comment how well completion and refactoring are working.   I'm startng the design/implementation phase of our next release, and I am going to use IntelliJ now instead of FlexBuilder for any flex work and see how it goes. Hopefully things like Introduce Variable and Extract Method are working without alot of bugs...

 

For me, it is a no-brainer to use IntelliJ for flex development since I have used IntelliJ for so many years for java/j2ee development.  But trying to convert our UI developers who do 100% flex development and have only ever known FlexBuilder is probably a lost cause.  Heck, I can't even get our java developers using Eclipse to switch to IntelliJ...

2010 is coming up roses for Christoph Waltz. The once unknown actor is not only the Oscar-winning charismatic highlight of Quentin Tarantino's Inglourious Basterds, he's also setting out to become a feature film director. The Hollywood Reporter posts that the Austrian actor is gearing up for his directorial debut with the German-language flick Auf Und Davon (Up and Away).

Loosely based on the book by Meike Winnemuth and Peter Praschl, the story focuses on a ruthless female dating show host who "finds herself in over her head when the show's romantic storyline bumps into her own feelings for a contestant." Waltz has been writing the script for some time, and Fox International's Gabriela Bacher says it "reflects Christoph's formidable sense of humor." Heck, he might even star in the film as well.

Unfortunately, there's some bad news. First: "The film will not necessarily be seen outside of German-speaking countries." Second: He has so many projects on the way that there's a good chance he won't get to this one until next year (at the earliest). Here's to hoping he finds a way to slide this in between his other higher-profile work. In the meantime, look out for him in The Green Hornet and Water for Elephants.

Filed under: Comedy, Foreign Language, Romance, Casting, Deals, Scripts

Permalink | Email this | Comments

I’ll just point you in the direction of this weird rant… thing about Final Fantasy. It sorta explains the differences between Final Fantasy I and Final Fantasy XIII. Something about honor and inns and whatnot. Yeah. More importantly, let’s discuss the possibility of Square Enix remaking Final Fantasy VII, because that hasn’t been done before on the Internet.

The latest bit of news, if you can even call it that, is that the director of Final Fantasy XIII, Motomu Toriyama, has admitted that he’d “really want to remake FFVII” if he had the manpower, and if the remake could live up to FFXIII’s high standards.

I really don’t understand what the hold up is. Square Enix surely must know that, even if it were to spend a nice chunk of change remaking the game—and not just the obvious graphical overhaul, but fleshing out the script, hiring voice actors who can read at an 8th grade level (i.e. not American~!), etc.—it would still make $UNLIMITED at retail. What PS3 owner wouldn’t buy the game? How many people would buy a PS3 specifically to play the game? It would be a gigantic success, guaranteed.

Like, it could be total garbage and people would still lap it up.

The only reason I could see Square Enix not remaking the game is because they’d feel it was an admission that every Final Fantasy since FFVII was a failure in some capacity. That’s completely not true, but perhaps that’s the fear?

via Kotaku

How trainer tore up the script

Radios del Uruguay 1.0
(Amarok 2.0 Script)
Radios del Uruguay, ordenadas por regiones.

changelog:
Si tienen los links para reproducir de otras radios porfavor colaboren.

[read more]

job recommendations:
Praktikant Events/Business/Communication KDE e.V  praktikum 
KDE e.V.  Germany, Berlin  more about this offer
Praktikant Programmierung/Marketing openDesktop.org  trainee 
h i v e 01 gmbh  Germany, Stuttgart  more about this offer
[more jobs]

· Kauto Star falls four out after a ragged ride
· Denman battles on to take second place

The miracle of this Gold Cup was that two great champions were dethroned and yet it still felt like a day of wonder for National Hunt racing. Ruby Walsh rode the fallen odds-on favourite, Kauto Star, back to the unsaddling enclosure from the scene of their tumble upright in the saddle, like a defiant cavalry officer, and Denman reached into his deepest store of energy to finish runner-up to Imperial Commander, who was cheered by an exultant crowd despite spoiling the romantic two‑horse script.

The Festival rose a level with Imperial Commander's seven-length victory at 7-1. So relentlessly dramatic was this 3¼-mile trial of the spirit that tens of thousands of spectators became part of the contest out on the track. Cheltenham crowds are often giddy and always appreciative but nobody could remember them being so consumed by the action with every jump. They gasped as Denman soared over fences and howled when Kauto Star crashed through the eighth and knocked the light out of himself before coming down four fences out.

In other sports Imperial Commander would have been greeted as an impostor who had ruined the decider between the winners of the last three Gold Cups. Instead there was a realisation that jump racing had erred by turning this occasion into a private duel between the two Paul Nicholls-trained big shots.

In the build-up the rest of the field had assumed the role of bit-part players. Imperial Commander was not the only contender to interject. Third home was last year's Grand National winner, Mon Mome, who rated barely a mention in the preamble. Plenty of shrewd punters were immune to this ballyhoo. As Imperial Commander passed the line under Paddy Brennan, damp copies of the Racing Post were tossed and hats flew like Frisbees. Some had noticed that the winner had been beaten by only a nose by Kauto Star in the Betfair Chase in November and was decent value at 7-1.

There is the theatre out on the track and then there is the betting, in which most punters were wiped out over the four days. If hope could take human form, it would have been driven away from the Cotswolds in an ambulance. The defeats of Master Minded in Wednesday's Queen Mother Champion Chase and Kauto Star and Denman were the biggest triumphs for bookmakers in a week when gamblers squealed for mercy.

So this was not a two-creature pageant but a test for the best of the National Hunt breed. For seven fences it was a masterclass of steeplechasing. But then Kauto Star exhibited the first signs of mental frailty since the bad old days when he would try to walk straight through fences late in races. Just as Walsh was doubtless starting to sniff his third Gold Cup win on Desert Orchid's successor as the nation's official horse, Kauto Star turned him into a rodeo rider, belting the top of the fence and almost jolting Ireland's champion out of the plate.

L'Extraterrestrial, as he was known in France, ploughed on but his confidence had evaporated. Denman, the darling of traditionalists, took up the stable's cause, jumping audaciously and barrelling into open country. The audience was entranced. Four fences out Kauto Star self-detonated, stepping in to the foot of the obstacle and sending himself over the birch in a somersaulting heap. As Walsh landed like a fly-half diving in for a try, he turned straightaway to check his partner was unharmed. Later, as Imperial Commander took the ovation, Walsh could be seen standing up in the saddle as Kauto Star's white noseband approached through the gloom.

This was how to come home vanquished: upright, proud. Kauto Star cantered back to the exit chute "as fresh as a daisy" in Walsh's plucky phrase. He was hardly that. But National Hunt racing folk do not make a tragedy out of a setback. Kauto Star had passed from invincibility to fallibility inside 10 minutes. His romping wins in last year's Gold Cup and December's King George VI Chase seemed an age ago. Like boxers steeplechasers never warn you the end is nigh. It was not the mistake at the eighth fence that pointed to his mortality so much as his inability to recover from it.

Denman, who could be trained for next year's Grand National, was transcending doubt and showing himself to be a great equine warrior from the old school. To achieve immortality here a horse needs more than one Gold Cup victory (he crushed Kauto Star to win two years ago) yet Denman has twice distinguished himself in defeat. This course jolts him back to life. His acolytes would say it is because he was bred for days like these. The heavy, saturnine mood that seems to afflict him at the Nicholls yard lifts and he attacks the Prestbury fences with joie de vivre. "That Denman, he never goes away, does he?" Brennan said.

Under Tony McCoy he was asked to make the final assault swinging for home but the sprightly, super-fit Imperial Commander was skipping along with him and accelerated up the hill to register a distinctly local triumph. Motor to a Cotswolds village called Guiting Power 12 miles away and you will find a pub called the Hollow Bottom, which feels like an extension of Cheltenham racecourse. It is also a shrine to Nigel Twiston-Davies, Imperial Commander's trainer, who has a share in the business and who said as he approached the winner's enclosure here: "This was a home win. We are where we belong."

Half an hour later Twiston-Davies's 18-year-old son Sam won the Foxhunter Chase on the stable's Baby Run, then their Pigeon Island took the last under Brennan. All leave would have been cancelled at the Hollow Bottom. "Paul Nicholls has done a wonderful job with his two horses but we need new ones coming through and ours is the best now," Twiston-Davies senior said of his champion. "I loved all the Kauto Star-Denman thing but I always thought we could beat them."

From a theoretically anticlimactic day the Racing For Change initiative had the perfect promotional DVD. This beat media training, decimal odds, simpler racecourse announcements and all the other ploys to get people to the track. It was the action speaking for itself. It was the purest sport.

• Cheltenham Gold Cup
• Kauto Star
• Denman
• Cheltenham festival
• Horse racing

Paul Haywardguardian.co.uk © Guardian News & Media Limited 2010 | Use of this content is subject to our Terms & Conditions | More Feeds

Una buena noticia para los que se preocupen mucho por su privacidad: Google anuncia que está trabajando en un método para permitir a sus usuarios no ser registrados en su servicio de estadísticas.

Según dicen en su blog, los desarrolladores de Google Analytics crearán plugins para los distintos navegadores que evitarán el seguimiento del usuario, con el fin de proteger su privacidad y ofrecerles más libertad.

¿Cómo interpretar esto? La verdad es que es una maniobra complicada. Ya existen addons para Firefox y Chrome que niegan la ejecución de scripts y que se pueden configurar para desactivar el código de Google Analytics; así que, ¿por qué Google desarrollará el plugin mencionado?

Para mí, esto puede tener como fin mejorar su servicio de estadísticas. Mientras los usuarios usen plugins de terceros para bloquear Google Analytics, no se podrá saber a ciencia cierta cuántos usuarios se quedan fuera de las estadísticas. Sin embargo, si es Google quien distribuye el plugin, sí que se tendría un recuento de esos usuarios con el que se podrían ofrecer estadísticas más cercanas a la realidad.

¿Y qué impacto tendrá esta medida? Probablemente solo haya dos opciones. Una, que haya tantos usuarios bloqueando Google Analytics que los webmasters tengan que buscar otra solución de estadísticas más eficaz. Y dos, que más webmasters se pasen a Google Analytics, que al proporcionar una opción a los usuarios que no quieran entrar en las estadísticas, ofrecería datos más reales y útiles.

Habrá que dejar que el tiempo pase para ver qué es lo que ocurre con las estadísticas de Google. Seguramente en Google se lo hayan pensado mucho y hayan decidido que este es el mejor paso. Pero en Google también son humanos y pueden equivocarse.

Vía | Denken Über
Más información | Google Analytics Blog

Quick PDF Library(c) (also known as QuickPDF, Quick-PDF or iSEDQuickPDF) 7.12 (beta) is a powerful royalty-free PDF developer SDK - including a 500+ function API for use with ASP, ActiveX, VB, VB Script, C++, C#, Delphi and more.

Copyright Betanews, Inc. 2010

UPDATE: Much to my disappointment, and probably yours as well, MTV received a denial straight from Tim Burton's people saying, "There is no truth to the story. Tim has not lined up any of his upcoming projects." We'll keep you posted on any further developments or changes to this as we hear them.

The following was originally posted on 3/18/10 by Christopher Campbell

They're creepy and they're kooky, mysterious and spooky, they're altogether ... being reunited on the big screen courtesy of Tim Burton. Yes, for all of us who thought Burton should have made the Addams Family movies instead of Barry Sonnenfeld, he has been given another chance. This one, according to Deadline New York, will be a 3-D stop-motion film unrelated to those prior two movies or the silly old TV series or the upcoming Broadway adaptation starring Nathan Lane and Bebe Neuwirth. Presumably Burton will direct this after his feature-length stop-motion remake of his own Frankenweenie, which is in pre-production now.

Reportedly, and somewhat obviously, Burton will look only to the wittier original Addams Family cartoons by Charles Addams. Anyone who has seen Burton's drawings, especially those in his book The Melancholy Death of Oyster Boy & Other Stories, know how similar they are to the work of Addams (and Edward Gorey). Although, of course, even if you aren't familiar with the filmmaker's artwork (which can currently be seen in an enormously popular exhibit at NYC's Museum of Modern Art), the style of his movies should be enough indication that he's the most perfect person to make a movie about Gomez, Morticia, Wednesday, Pugsley, Uncle Fester, Lurch and the rest of the Addams clan.

Despite Burton's ongoing relationship with Disney, The Addams Family is set up at the Universal-based Illumination Entertainment (The Despicable Me) and will be produced by the shingle's head, former Fox Animation exec Christopher Meledandri. The project is currently going out to screenwriters, though Caroline Thompson (Edward Scissorhands; The Nightmare Before Christmas; Corpse Bride) seems the best choice, even if she did also co-script the first Sonnenfeld effort.

Filed under: RumorMonger, Fandom, Newsstand

Permalink | Email this | Comments

Karsa Fulltext Search Manager is a desktop application thanks to which you can increase efficiency, reduce errors, and work faster when creating fulltext search. The desktop manager serves for setting the search and subsequent generating of saved procedures on the MS SQL Server. You therefore do not need to register any dlls or input the .net code on the SQL Server, because the standard T-SQL script is run and the wide possibilities of the SQL Server iFTS are used every time.

Copyright Betanews, Inc. 2010

It was already a ridiculous notion when the news hit in December. An Overboard remake? Really? As a young kid I loved the flick -- not because it was good, mind you (I had terrible taste), but because I was enamored with the chemistry between Goldie Hawn and Kurt Russell. It was charisma that nicely glossed over the scary premise. It worked in the '80s, but the thought of a woman with amnesia who gets lied to and taken home by a man who hates her, becoming his obedient caretaker and "wife" in every way -- not so cool.

Regardless, it's really happening; The Hollywood Reporter posts that Overboard is definitely in the works, and Jennifer Lopez is in talks to star. Leslie Dixon worked on the script, which is now in the hands of Adam Cooper and Bill Collage for another polish. So much for notions of Katherine Heigl or Kate Hudson (Ms. Hawn's daughter, don't forget) showing up as amnesia lady. It just goes to show you -- when you think one casting choice is bad, remember how much worse it can be.

While the nostalgic part of me wishes this will never get made, the rest of me wants them to go for it. Ignore the obvious stupidity and jump right in, Columbia! Let's throw a lot of money into this and have it flop... Flop bigger than J-Lo's Gigli. I want to see this flounder and fry like a freshman fishie. How about you?

Filed under: Comedy, Romance, Casting, Remakes and Sequels

Permalink | Email this | Comments

BMC Systems Biology, Vol. 4, No. 1. (2010), 28.

BACKGROUND:Systems biology models tend to become large since biological systems often consist of complex networks of interacting components, and since the models usually are developed to reflect various mechanistic assumptions of those networks. Nevertheless, not all aspects of the model are equally interesting in a given setting, and normally there are parts that can be reduced without affecting the relevant model performance. There are many methods for model reduction, but few or none of them allow for a restoration of the details of the original model after the simplified model has been simulated.RESULTS:We present a reduction method that allows for such a back-translation from the reduced to the original model. The method is based on lumping of states, and includes a general and formal algorithm for both determining appropriate lumps, and for calculating the analytical back-translation formulas. The lumping makes use of efficient methods from graph-theory and epsilon-decomposition and is derived and exemplified on two published models for fluorescence emission in photosynthesis. The bigger of these models is reduced from 26 to 6 states, with a negligible deviation from the reduced model simulations, both when comparing simulations in the states of the reduced model and when comparing back-translated simulations in the states of the original model. The method is developed in a linear setting, but we exemplify how the same concepts and approaches can be applied to non-linear problems. Importantly, the method automatically provides a reduced model with back-translations. Also, the method is implemented as a part of the systems biology toolbox for matlab, and the matlab scripts for the examples in this paper are available in the supplementary material.CONCLUSIONS:Our novel lumping methodology allows for both automatic reduction of states using lumping, and for analytical retrieval of the original states and parameters without performing a new simulation. The two models can thus be considered as two degrees of zooming of the same model. This is a conceptually new development of model reduction approaches, which we think will stimulate much further research and will prove to be very useful in future modelling projects.
Mikael Sunnaker, Henning Schmidt, Mats Jirstrand, Gunnar Cedersund

I am using TC4 with postgres 8.1 already. on solaris 10 Sparc.

I want to migrate to empty MySQL 5.1 database(schemauser) at the backed from current database PostgreSQL 8.1

 

Can i change/switch database from postgresql to mysql?

How can i use/adjust migrateDB.sh script to do that?

Wow, I completely forgot about this project as it has been on the shelf for over three years. Paradox Entertainment, the company bringing Conan back to the bigscreen, has optioned the horror pitch Speed Demon, co-developed by the f/x-vet Stan Winston, for Peter Winther to direct. Winther also developed the project, described as a supernatural actioner about an underworld enforcer, who while hunting a small-time crook on a desert highway discovers that he is also being tracked by a mysterious, terrifying creature. Mike Sorrentino and Randy Vampotic penned the script for the project that Patrick Tatopoulos (the Underworld franchise, I Am Legend) worked with Winston to design creatures for the film.

Article publié le 14/03/2010

Le but de cet article est de présenter un rapide tutoriel d'installation de Seeks, un moteur de recherche dont le but est de regrouper les utilisateurs ayant des requêtes similaires, mais qui permet également de classer les résultats provenant de divers moteurs de recherche.

Avant toute chose, n'oubliez pas que des nÅ“uds de test ont été mis en place, notamment à cette adresse. Cela vous permettra de tester le moteur de recherche avant de l'installer chez vous.

Compilation du proxy

Seeks étant encore jeune et en développement, il vous faudra le compiler. Tout d'abord, installer les outils nécessaires :

marty@babar:~$ sudo apt-get install autoconf automake libtool libcurl4-gnutls-dev libpcre3-dev

Télécharger la dernière version stable de seeks sur Sourceforge. Décompressez l'archive et lancez la génération des fichiers de configuration et du Makefile :

marty@babar:seeks$ ./autogen.sh

On croise les doigts, on lance le script de configuration et on compile :

marty@babar:seeks$ ./configure && make

Si tout s'est bien passé, ça devrait se finir avec :

make[3]: quittant le répertoire « /home/marty/seeks/src » make[2]: quittant le répertoire « /home/marty/seeks/src » make[2]: entrant dans le répertoire « /home/marty/seeks » make[2]: quittant le répertoire « /home/marty/seeks » make[1]: quittant le répertoire « /home/marty/seeks »

On lance le proxy pour vérifier qu'il fonctionne :

marty@babar:seeks$ cd src marty@babar:src$ ./seeks Mar 13 23:30:54.535 b76d66d0 Info: listen_loop(): seeks proxy configuration successfully loaded Mar 13 23:30:54.535 b76d66d0 Info: Reloading configuration file 'lsh/lsh-config' Mar 13 23:30:54.535 b76d66d0 Info: listen_loop(): lsh configuration successfully loaded Mar 13 23:30:54.536 b76d66d0 Info: listen_loop(): attempt to find plugins... Mar 13 23:30:54.540 b76d66d0 Info: loaded plugin websearch-hp Mar 13 23:30:54.540 b76d66d0 Info: Reloading configuration file '/home/marty/seeks/src/plugins/websearch/websearch-config' Mar 13 23:30:54.541 b76d66d0 Info: Registering plugin websearch, and 7 CGI dispatchers Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher websearch-hp Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher seeks_hp_search.css Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher seeks_search.css Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher search Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher search_cache Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher search_similarity Mar 13 23:30:54.541 b76d66d0 Info: registering CGI dispatcher search_clusterize Mar 13 23:30:54.541 b76d66d0 Info: Listening on port 8118 on IP address 127.0.0.1

Seeks va donc tourner comme un proxy (il est basé sur Privoxy), et on l'interrogera via le port 8118. La configuration du proxy se fait via le fichier « config » (dans le répertoire src).

Utilisation de Seeks comme proxy local

Tout d'abord, il faut régler Firefox pour qu'il passe par le proxy :

Configuration de Firefox

On peut ensuite accéder à Seeks de différentes façons :

• via la page http://s.s/websearch-hp ;
• grâce au plugin de recherche pour Firefox. Il faut pour cela copier le fichier src/plugins/websearch/public/opensearch.xml dans le dossier ~/.mozilla/firefox/xxxxxxxx.default/searchplugins (à créer si nécessaire), puis relancer Fifefox ;
• via le plugin de recherche Google, Bing, Cuil ou leur page de recherche respective.

Ce dernier comportement est assez ennuyeux, car Seeks intercepte toutes les recherches et les effectue lui-même. Du coup, impossible d'effectuer une simple recherche sur Google ! Pour éviter cela, éditez le fichier src/plugins/websearch/patterns/qi_patterns, et commentez (# en début de ligne) les moteurs de recherche dont les requêtes ne seront pas interceptées. Pour ma part, aucune requête ne doit être interceptée :

#.google.*/search? #.google.*/custom? #.bing.*/search? #.cuil.com/search?

Relancez Seeks pour que les paramètres soient pris en compte.

Installation d'un serveur web et création du noeud public Seeks

La seconde partie consiste en l'installation d'un serveur web, qui permettra de mettre en place une page web qui interrogera le proxy et gèrera les recherches. Il existe plusieurs scripts qui peuvent être utilisés. Le plus simple est d'utiliser le script PHP, avec le serveur web lighttpd. On installe tout le nécessaire :

marty@babar:~$ sudo apt-get install lighttpd php5-cgi php5-curl

On active le module fastcgi, et on relance :

marty@babar:~$ sudo lighty-enable-mod fastcgi marty@babar:~$ sudo /etc/init.d/lighttpd force-reload

Il reste à copier le script PHP (clic droit → Enregistrer la cible du lien sous...) dans le dossier /var/www/seeks :

marty@babar:~$ wget http://15minutesoffame.be/nico/blog2/data/documents/search.php marty@babar:~$ sudo mkdir /var/www/seeks && sudo mv search.php /var/www/seeks

On lance le proxy, et on accède à la page de recherche à l'adresse http://localhost/seeks/search.php/websearch-hp (remplacez localhost par votre nom de domaine quand vous y accédez de l'extérieur).

Dernières astuces

Pour éviter le log des recherches :

marty@babar:src$ ./seeks 2> /dev/null

Le proxy est encore instable, pour le relancer automatiquement lorsqu'il plante on le lance dans une boucle infinie :

marty@babar:src$ while true; ./seeks; done

La configuration du moteur de recherche se fait via le fichier src/plugins/websearch/websearch-config. On peut par exemple modifier la liste des moteurs de recherche interrogés, et activer le « content analysis » :

enable-content-analysis 1

Pensez également à configurer votre firewall pour autoriser les connexions entrantes sur le port 80 si vous voulez qu'on puisse accéder à votre serveur web.

Billet original de Marty.Votez pour cet article sur le Planet Libre.

Article publié le 23/09/2009

Depuis quelques mois, les solutions de VPN payant type Ipredator ont fleuri sur la toile. Ces solutions d'anonymat, séduisantes au premier abord, possèdent un gros point noir : qui se cache réellement derrière ces VPN ? N'y a-t-il pas un risque que ces « bienfaiteurs de l'Internet libre » ne revendent un jour toutes les données collectées ? Comme on n'est jamais mieux servi que par soi-même, nous allons voir comment monter son propre serveur VPN grâce à OpenVPN. Par ailleurs, ce VPN pourra aussi vous servir à passer les éventuelles restrictions mises en place sur votre lieu de travail, ou sécuriser votre connexion lorsque vous devez vous connecter sur des réseaux publics peu sécurisés.

Configuration du serveur

Avant toute chose, vous devez avoir accès à un serveur, si possible avec une bande passante suffisante. En effet, ce serveur va servir de relai entre vous et la cible distante : la bande passante en upload du serveur deviendra votre bande passante en download maximale. Dès lors, mieux vaut se tourner vers un service professionnel, offrant souvent une bande passante allant jusqu'à 100 Mb/s (environ 12 Mo/s). Cherchez donc du côté des VPS (Virtual Private server) : vous aurez toutes les possibilités d'un serveur dédié, mais à prix (et performances) réduit. Un serveur OpenVPN est très léger, donc 128 Mo de RAM devraient être suffisants. En France, Gandi, OVH ou LWS ont des offres intéressantes à moins de 15 € par mois. Partagée entre 2 ou 3 personnes de confiance, cette solution est rapidement plus avantageuse qu'une solution type Ipredator. Attention tout de même car beaucoup de VPS promettent une bande passante de 100 Mbits/s, mais en pratique ce n'est pas le cas. La bande passante n'est pas partagée de manière équitable entre les différentes machines virtuelles, et résultat les performances laissent à désirer (j'ai déjà eu le cas avec du 100 Mbits/s qui en pratique approchait péniblement le 100 kbits/s...). Cherchez donc des solutions où la bande passante est moindre, mais assurée (comme Gandi le propose).

Avant de mettre en place votre VPN, pensez à sécuriser votre serveur. Une machine avec IP fixe accessible 24h/24 sera irrémédiablement la cible d'attaques.

Installation de OpenVPN et création des clés et certificats

Installez tout d'abord OpenVPN, bien souvent disponible dans les dépôts de base de votre distribution :

marty@server:# apt-get install openvpn

OpenVPN peut fonctionner avec plusieurs types d'authentification. Nous utiliserons l'authentification par clés et certificats, plus sûre que le classique login/mot de passe. Pour générer les clés et certificats nécessaires, des scripts ont été créés et se situent, sous Ubuntu 9.04, dans le dossier /usr/share/doc/openvpn/examples/easy-rsa/2.0. Commençons par copier tout ceci dans un répertoire de travail (tout le processus doit s'effectuer en tant que root) :

marty@server:# cd /etc/openvpn marty@server:# cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0 /etc/openvpn marty@server:# mv 2.0/ easy-rsa/ marty@server:# cd easy-rsa/

Modifiez tout d'abord les variables du fichiers vars :

export KEY_COUNTRY="US" export KEY_PROVINCE="CA" export KEY_CITY="SanFrancisco" export KEY_ORG="Fort-Funston" export KEY_EMAIL="me@myhost.mydomain"

Initialisez-le via la commande :

marty@server:# . ./vars

(vous devez bien écrire point/espace/point, ce n'est pas une erreur).

On efface les éventuelles clés présentes :

marty@server:# ./clean-all

On crée le certificat et la clé de l'Autorité de Certification (CA) :

marty@server:# ./build-ca

Les fichiers ca.crt et ca.key sont alors créés dans le dossier keys, et les variables précédentes devront être confirmées. Ces fichiers sont les fichiers centraux de la sécurité de votre serveur OpenVPN. La clé vous servira à signer les clés du (des) serveur(s) ainsi que des différents clients, et le certificat servira de « carte d'identité » à laquelle serveur(s) et clients se réfèreront.

On crée le certificat et la clé pour le serveur :

marty@server:# ./build-key-server server

Laissez toutes les options par défaut (y compris la demande de mot de passe), et répondez « yes » à la question de la signature :

Certificate is to be certified until Sep 5 14:02:19 2019 GMT (3650 days) Sign the certificate? [y/n]:y 1 out of 1 certificate requests certified, commit? [y/n]y

Le certificat du serveur sera alors signé avec la clé de l'Autorité de Certification. Les fichiers server.crt et server.key seront créés.

On crée le certificat et la clé pour le client :

marty@server:# ./build-key client1

De la même manière que pour le serveur, on laisse toutes les options par défaut et on accepte la signature par avec la clé de la CA. Les fichiers client1.crt et client1.key seront créés. Il est recommandé de créer une paire certificat/clé par client, de manière à pouvoir les révoquer par la suite si nécessaire (au cas où le client les perdrait).

Pour que notre serveur fonctionne, nous auront également besoin des paramètres de Diffie-Hellman :

marty@server:# ./build-dh

Le fichier dh1024.pem est créé. J'avoue, je n'ai pas compris à quoi cela servait précisément dans le cas de OpenVPN...

Finalement, nous augmentons encore la sécurité de notre serveur grâce à tls-auth :

marty@server:# openvpn --genkey --secret keys/ta.key

Le fichier ta.key est créé.

Résumé des fichiers créés

Au terme dela génération de ces diverses clés et certificats, nous obtenons les fichiers suivants :

• ca.crt : certificat de l'Autorité de Certification
• ca.key : clé de l'Autorité de Certification
• server.crt : certificat du serveur
• server.key : clé du serveur
• client1.crt : certificat du client1
• client1.key : clé du client1
• dh1024.pem : paramètres de Diffie-Hellman
• ta.key : clé utilisée pour tls-auth

En vert, les fichiers qui ne sont pas secrets, en rouge les fichiers secrets. Attention toute particulière au fichier ca.key qui sert à signer tous les certificats. Il permet d'autoriser ou non un client, et il est donc fondamental qu'il soit gardé secret !

En pratique, les fichiers nécessaires sont :

• serveur : ca.crt, server.crt, server.key, dh1024.pem et ta.key
• client1 : ca.crt, client1.crt, client1.key et ta.key

Notez bien que le fichier ca.key n'est nécessaire ni sur le serveur, ni chez aucun client ! Gardez-le en lieu sûr ;-)

Fichier de configuration serveur

Toute la configuration s'effectue dans un fichier quelconque, ci-après server.conf. Voilà un exemple typique :

#Configuration serveur mode server # c'est le fichier de configuration du serveur proto tcp # protocole TCP port 443 # port 443 (https) dev tun # mode routé #Clefs ca keys/ca.crt cert keys/server.crt key keys/server.key dh keys/dh1024.pem tls-auth keys/ta.key 0 # 0 pour le serveur cipher AES-256-CBC # algorithme de chiffrement #Configuration VPN #client-to-client # permet la connexion entre clients server 10.8.0.0 255.255.255.0 # adresse IP attribuées sur le VPN push "redirect-gateway def1 bypass-dhcp" # redirection du flux de données push "dhcp-option DNS 208.67.222.222" # utilisation de DNS alternatifs push "dhcp-option DNS 208.67.220.220" keepalive 10 120 # ping toutes les 10 secondes, # considéré comme down après 120 secondes sans réponses #Divers user nobody # on passe de l'utilisateur root à nobody group nogroup # nogroup est typique d'Ubuntu, groupe nobody pour les autres chroot /etc/openvpn/ovpn_jail # chroot de openvpn persist-key # n'accède plus à certaines options, persist-tun # car réduction des privilèges utilisateur comp-lzo # compression des données #Log verb 3 # verbosité du log (1-9, 4 recommandé) mute 20 # ne répète pas plus de 20 fois un message status openvpn-status.log # fichier de statut log-append /var/log/openvpn.log # fichier de log

Tout d'abord, le port utilisé (443) a été choisi parce qu'il n'est jamais bloqué (port https). Vous pouvez utiliser un autre port plus aléatoire si vous ne devez pas contourner de blocages quelconques.

Le mode routé (dev tun) est préféré au mode bridgé pour sa plus grande simplicité de configuration. Si vous avez une utilisation « basique » du VPN, ne vous préoccupez pas de ça.

De nombreux algorithmes de chiffrement sont disponibles. Nous choisissons ici le chiffrement AES 256 bits, qui est assez élevé. Si votre serveur rame, tentez de passer à du 128 bits.

client-to-client permet à deux clients de se connecter l'un à l'autre, par exemple via un serveur NFS. Dans notre cas, cette ligne est commentée.

server 10.8.0.0 255.255.255.0 définit le range d'adresses IP locales qui seront attribuées. Le serveur prendra l'adresse 10.8.0.1, et les clients 10.8.0.2, 10.8.0.3, 10.8.0.4... Attention : cette adresse ne doit rentrer en conflit avec aucune autre. Évitez donc d'utiliser les habituelles 192.168.x.x ou 10.108.x.x.

La ligne contenant « redirect-getaway » spécifie que tout le flux doit être redirigé vers le VPN. Attention à cette ligne qui peut différer d'une version à l'autre. Il semble que sous CentOS, il ne faille pas mettre les mots clés « def1 bypass-dhcp », alors que sous Ubuntu 9.04 cela est obligatoire.

Par la suite, la sécurité est améliorée en diminuant les privilèges du programme (« user nobody », « group nogroup ») et en effectuant un chroot (le dossier spécifié doit être créé). De cette manière, une éventuelle faille d'OpenVPN ne pourra être exploitée qu'en tant qu'utilisateur restreint, dans un environnement restreint.

Vous pouvez faire un premier test, en commentant la ligne « log-append » pour que le log s'affiche directement dans le terminal. Pour cela, on lance (en root, dans le dossier où se trouvent le fichier server.conf ainsi que le répertoire keys) :

marty@server:# openvpn server.conf OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Mar 9 2009 Diffie-Hellman initialized with 1024 bit key /usr/bin/openssl-vulnkey -q -b 1024 -m Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication TLS-Auth MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ] ROUTE default_gateway=XXX.XXX.XXX.XXX TUN/TAP device tun0 opened TUN/TAP TX queue length set to 100 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] chroot to '/etc/openvpn/ovpn_jail' and cd to '/' succeeded GID set to nogroup UID set to nobody Listening for incoming TCP connection on [undef]:443 Socket Buffers: R=[87380->131072] S=[16384->131072] TCPv4_SERVER link local (bound): [undef]:443 TCPv4_SERVER link remote: [undef] MULTI: multi_init called, r=256 v=256 IFCONFIG POOL: base=10.8.0.4 size=62 MULTI: TCP INIT maxclients=1024 maxevents=1028 Initialization Sequence Complete

La première ligne en gras indique que l'interface tun0 a bien été créée (c'est le réseau virtuel), et les 3 autres que le chroot ainsi que le changement de propriétaire ont bien fonctionné. Dans un autre terminal, le ifconfig donne :

eth0 Link encap:Ethernet HWaddr 00:16:3e:51:5f:e9 inet addr:XXX.XXX.XXX.XXX Bcast:XXX.XXX.XXX.255 Mask:255.255.252.0 inet6 addr: fe80::216:3eff:fe51:5fe9/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:162377096 errors:0 dropped:0 overruns:0 frame:0 TX packets:153812357 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:4278174076 (4.2 GB) TX bytes:2956197161 (2.9 GB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:127075 errors:0 dropped:0 overruns:0 frame:0 TX packets:127075 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:77312107 (77.3 MB) TX bytes:77312107 (77.3 MB) tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

L'adresse IP du serveur sur le réseau virtuel (tun0) est bien 10.8.0.1.

En l'état, votre serveur ne fonctionnera pas. Pourquoi ? Parce que le firewall n'a pas été configuré bien sûr ;-)

Configuration du firewall

Avant toute chose, on s'assure que le forwarding est activé en tapant dans un terminal (en root) :

marty@server:# echo 1 > /proc/sys/net/ipv4/ip_forward

Comme dans la section précédente, nous utiliserons Webmin pour configurer le firewall.

Dans la section Packet filtering, on ajoute les règles :

Incoming packets (INPUT) Accept If protocol is TCP and destination port is 443 Accept If input interface is tun0 Forwarded packets (FORWARD) Accept If input interface is tun0 Accept If output interface is tun0

Et dans la section Network address translation :

Packets after routing (POSTROUTING) Masquerade If source is 10.8.0.0/24 and output interface is eth0

Adaptez évidemment en fonction du protocole, port et adresse IP choisis.

Avec Iptables, cela donne :

iptables -A INPUT --dport 443 -p tcp iptables -A INPUT -i eth0 iptables -A FORWARD -i tun0 -j ACCEPT iptables -A FORWARD -o tun0 -j ACCEPT iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Ces règles sont peut-être un peu trop permissives, il est surement possible de les améliorer.

Configuration du client

Configurer un client est très simple, car cela repose sur la création dun fichier client.conf, à la manière du server.conf. Voilà le fichier client.conf associé au server.conf précédent :

#Configuration client client # mode client dev tun proto tcp-client remote XXX.XXX.XXX.XXX 443 #Remplacer XXX par l'adresse IP ou le nom d'hôte resolv-retry infinite nobind persist-key persist-tun #Clefs ca keys/ca.crt cert keys/client1.crt key keys/client1.key tls-auth keys/ta.key 1 #1 pour le client cipher AES-256-CBC #Ces 3 lignes sont inutiles si spécifié dans la configuration du serveur #redirect-gateway def1 bypass-dhcp #dhcp-option DNS 208.67.222.222 #dhcp-option DNS 208.67.220.220 comp-lzo verb 3

Il faut bien s'assurer que les options sont identiques entre client et serveur (compression, port, protocole, chiffrement...), car une seule erreur et ça ne fonctionnera pas. Après avoir fourni les clés fichiers nécessaires (voire section précédente) ainsi que le fichier client.conf au client concerné, installé OpenVPN sur la machine cliente, il suffit de lancer dans un terminal (après avoir préalablement lancé OpenVPN sur le serveur):

marty@client:# openvpn client.conf OpenVPN 2.1_rc7 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on May 8 2009 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info. /usr/bin/openssl-vulnkey -q -b 1024 -m Control Channel Authentication: using 'keys/ta.key' as a OpenVPN static key file Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication LZO compression initialized Control Channel MTU parms [ L:1560 D:168 EF:68 EB:0 ET:0 EL:0 ] Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:135 ET:0 EL:0 AF:3/1 ] Local Options hash (VER=V4): '2f2c6498' Expected Remote Options hash (VER=V4): '9915e4a2' Attempting to establish TCP connection with XXX.XXX.XXX.XXX:443 [nonblock] TCP connection established with XXX.XXX.XXX.XXX:443 Socket Buffers: R=[87380->131072] S=[16384->131072] TCPv4_CLIENT link local: [undef] TCPv4_CLIENT link remote: XXX.XXX.XXX.XXX:443 TLS: Initial packet from XXX.XXX.XXX.XXX:443, sid=4421b77a 4dc14e71 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA [server] Peer Connection Initiated with XXX.XXX.XXX.XXX:443 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 208.67.222.222,dhcp-option DNS 208.67.220.220,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' OPTIONS IMPORT: timers and/or timeouts modified OPTIONS IMPORT: --ifconfig/up options modified OPTIONS IMPORT: route options modified OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified TUN/TAP device tun0 opened TUN/TAP TX queue length set to 100 ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500 route add -net XXX.XXX.XXX.XXX netmask 255.255.255.255 gw 192.168.1.1 route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5 route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5 Initialization Sequence Complete

et ça devrait fonctionner ! Pour vérifier, on tente d'abord un ifconfig qui devrait renvoyer quelque chose de similaire à ce qui s'affiche sur le serveur, et vérifier son adresse IP sur http://checkip.dyndns.com. Vous devriez alors avoir l'adresse IP du serveur. Par ailleurs, vérifiez également que vos DNS ont été changés (allez sur le site http://www.opendns.com/, et si c'est le cas « You're using OpenDNS » devrait être indiqué). Si ce n'est pas le cas, changez-les manuellement dans le fichier /etc/resolv.conf ou via l'applet de configuration réseau.

Un peu d'automatisation...

Côté serveur, on peut lancer OpenVPN grâce à la commande :

marty@server:# nohup openvpn server.conf &

nohup permet de ne pas terminer la commande (en l'occurence, openvpn) lorsqu'on coupera la connexion SSH. Selon la distribution utilisée, il est possible qu'OpenVPN se lance automatiquement au démarrage.

Côté client, il vous faudra installer le paquet network-manager-openvpn pour pouvoir effectuer la configuration depuis l'applet réseau. Avec les versions récentes de ce dernier, il suffit de glisser-déposer le fichier client.conf dans l'onglet VPN pour que la configuration soit automatique. On activera/désactivera alors simplement la connexion via l'applet réseau.

Conclusion

En principe, tout devrait être fonctionnel. Si ce n'est pas le cas, n'hésitez à pas demander de l'aide au support de votre hébergeur, certains nécessitant une configuration supplémentaire pour fonctionner.

Vous pouvez également vérifier le trafic réseau grâce à Wireshark (à lancer en root). Allez dans Capture → Options, puis cliquez sur Start. Dans la colonne Info, vous devriez voir la mention « Encrypted data » de nombreuses fois, et des transferts vers le port https (si vous avez choisi le port 443, évidemment). Si c'est le cas, c'est que ça fonctionne !

Billet original de Marty.Votez pour cet article sur le Planet Libre.

Find yourself an old record player, a laser level, and a digital scanner and you can build a 3D scanner. That’s what [Rob] did. The camera and laser level are mounted on the turntable for steady rotation. The camera captures the vertical laser line traveling around the room by recording 30 fps at a resolution of 640×480. This data is then translated into a Blender 3D file via a Python script and the Python Image Library. You can scan a whole room or just a small object. The face above is the result of this image capture after a bit of processing. [Rob] found this worked best in the dark and when scanning surfaces that are not reflective.

Make sure you also check out the camera-and-projector scanning method.

Voici Spritely un script jQuery d'Artlogic qui va vous permettre de créer des animations d'arrières plans et des "sprites" en JavaScript et HTML pour votre site ou votre blog. Pas besoin de Flash pour réaliser vos animations ! :whistle:

Lire la suite...

Chickenfoot -- Firefox plugin to let you script and manipulate web pages. Useful for automation, like Greasemonkey, but acts on the rendered page and not the HTML source. This and more in today's Four Short Links.

One of our readers, Bill, wrote in to let us know about a pretty dangerous batch script that was pos ...(more)...

A certain someone was talking to me about how they find it interesting that node.js, the JavaScript server framework du jour which loves all things async, starts life with a bunch of synchronous require() calls. Now, this is actually quite fine since the startup of the server is not the issue at hand.

However, if you are running require()-esque loader code in the browser you want to avoid blocking calls else Steve Souders will come over and beat you up.

I have seen a couple of interesting items in this area:

RequireJS

James Burke of Mozilla Messaging has spent a lot of time in the depths of dojo.require(). He has taken another look at the problem and RequireJS a solution that offers:

• some sort of #include/import/require
• ability to load nested dependencies
• ease of use for developer but then backed by an optimization tool that helps deployment

He walks through the problem and why other solutions like LABjs, CommonJS require, and Dojo itself don't cover all of his bases.

The end result is:

PLAIN TEXT JAVASCRIPT:

•  
• // code that runs asynchronously when the library is loaded
• require(["some/script.js"], function() {
•     //This function is called after some/script.js has loaded.
• });
•  
• // defining the module and dependencies
• require.def(
•     // The name of this module
•     "types/Manager",
•  
•     // The array of dependencies
•     ["types/Employee"],
•  
•     // The function to execute when all dependencies have loaded. The arguments
•     // to this function are the array of dependencies mentioned above.
•     function (Employee) {
•         function Manager () {
•             this.reports = [];
•         }
•  
•         // This will now work
•         Manager.prototype = new Employee();
•  
•         // return the Manager constructor function so it can be used by other modules.
•         return Manager;
•     }
• );
•  

Google Analytics "async add to []" Pattern

When talking to Davis Frank of Pivotal about some Google Analytics code, he pointed me to details about the new GA asynchronous loader that we very excitedly blogged about since GA was such a blocking offender on the Web.

Part of the asynchronous API is that you, the developer create an array, and use the push() method to put commands on a queue. This means that you can start pushing commands immediately.

Then, when the GA code loads asynchronously, it takes over that array and wraps those standard methods. Now it can take the commands and fire them back to GA and push() can do more. Freaking brilliant.

It is my pleasure to announce a new project to better the Ubuntu.com website experience, specifically for users who prefer a language other than English. The new project, called Website Localization will put a short (4-5 word) message on any www.Ubuntu.com <http://www.ubuntu.com/> web page directing users to more resources in their preferred language.

This project has two main parts to it. The first part of the Website Localization project is the technical aspect of the project. It is the goal of the project to create a script that will pull out of a users web browser their preferred language. After obtaining this information, the script will cross reference this language against a list of languages that have approved resources offered, and then display a short link to their languages landing page.

The second part of this project is creating landing pages for as many resources as possible. This part of the project will be done by LoCos and the i18n team. The landing pages will be on the wiki, and will be ever changing to direct users to the best information that we can give them.

Currently, the goal is to have the project completed and implemented by the end of May. I would also like to have a working demo of the project by April 19th so that we have plenty of time to fix any problems that arise prior to the final implementation of this project.

I can’t do all of this myself, so I am going to need help from the Ubuntu community. At this point, I need some assistance with the technical side of the project. I need a few people to create the script that will detect the users preferred language, and then show them a link to the landing page in their language. If you have the skills needed to help out with this Website Localization project, please send me an email with your name, launchpad account, a little bit of information about the experience you have and your general ability (time zone, and anything else that may help me out). My goal is to get a group of a few people to work on the technical aspect of this project and have a meeting in the next few weeks to discuss the project in a little more detail, and determine the best way to make this happen.

[Discuss the Ubuntu.com Website Localization Project on the Forum]

Originally sent to the loco-contacts mailing list by Chris Johnston on Wed Mar 17 19:32:43 GMT 2010

Google Apps a enfin dévoilé sa place de marché, proposant des applicatifs payants créés par des tiers, et propose également depuis peu des API de scripts pour son tableur... Google Apps vient d'annoncer deux nouveautés : - Une place de marché, appelée "Google Apps Marketplace", qui permet de télécharger de très nombreuses applications à insérer dans ses Google Apps (en version Premier, Standard

Featured Script CheckErrorLog The script shows SQL Server's error log without messages about differential and log backup. It is usfull if you want to chec... (read more) Database Design Feedback - a Different Perspective David wrote in with a different take and suggestion set on the database...(more)