English

As you may have heard, the WINE-project, which let's you run Windows programs in Linux, released it's first beta version after a long time.
I've been a demoscener for a long time, while with my switch to linux some years ago, I couldn't watch most demos any more (and having a windows partition just because of that was too much hassle, I like my laptop windows-free).

Today I was playing around how well WINE performs with Demos and was quite impressed. My experiences in the past were mostly that WINE only produces error messages and never runs anything. After DasTier (still not blogging) told me that probably my sound settings are wrong and I have to set it to "driver emulation" in winecfg, I could run a couple of older windows-demos and intros, I had at least The Product (FarbRausch), Kötterdämmerung (SquoQuo), Störfall Ost (Freestyle) and Raving Tomatoes - Biomutating Planet Acid running (just some random ones I tried out).
I failed to run more recent stuff, at first because my graphics hardware won't manage that (just a Radeon 9200) and second because of the limited shader support in WINE.

Motivated by that, I also could run the legendary Second Reality (Future Crew) (hey, did you know that it has a hidden part?) in DosBox.

I'm thinking about creating a project for building a database of working demos and writing qualified bug-reports/patches for non-working ones.

Some years ago I started the webpage dosdriver.de, cause I permanently had problems running old DOS games and demos, the lack of proper VESA-support, missing sound drivers and things like that. I forgot to upload this again when I moved all my webpages to our little server project, so it was offline for the last months.
I noticed when the free-domain-provider I'm hosting dosdriver.de mailed me that I'm violating their AGB if I don't use the domain for a real webpage. Today I took the page from a backup, removed old eMail-adresses, made xhtml 1.1, added a small section about emulators and some general rework. Most of the information is still valid, so if you intend to run a real DOS on some up-to-date PC, you might find it useful.
The domain is still a free-domain with ads, but as most of you probably have popup-blockers, you won't mind.

Everybody seems to talk about flock today (via BoingBoing). Flock is a web browser based on Firefox supporting features like direct tagging of links, uploading them to del.icio.us, blogging, uploading images to flickr and things like that.

It's surely a nice idea to integrate all those social software into easy to use applications, so more people get to know blogs and all that stuff. Although I'm a bit sceptically about centralised services like flick or del.icio.us, I prefere more standardised, decentralized services that everyone can use with his own software (Blogs, Podcasts and things like that).

I'd prefer to blog this entry with flock, but it seems not to support serendipity yet, at least I couldn't get it to work.

Get Flock today, probably no distribution packages for anything yet, but the binary just works when running from it's unpacked dir without installing anything.

For people who like to play around with crazy bleeding edge stuff (who doesn't?), I've created cvs ebuilds for Luminocity (the wobbling windows effect) and cairo-gtk-engine (gtk theme engine using the possibilities of cairo).
See Seth Nickell's blog for information, screenshots etc., I also made a video of luminocity a while ago.

For luminocity you need to switch to the modular x ebuilds and the kdrive-snapshot, if you have it installed, run it with:
Xfake :1 -ac -screen 1024x3072x32 &
DISPLAY=:1 xterm &
luminocity :1

cairo-gtk-engine can be installed right away as long as you are using unstable (~x86) gtk+ and cairo versions (then copy over /usr/share/themes/Caligula*/gtk/gtkrc to ~/gtkrc-2.0).

I've just created a gallery for collecting images I found worth publishing witout any special context, e. g. nature pictures. I plan to fill this collection in the future. Maybe I'm gonna play around with random images in the sidebar or something like that. Probably you'll gona see one of the pictures in the upcoming (and never finished) design of my blog.

The first two images are from a visit in Lindau this summer, the later ones are from a bicycle trip at the Rhine from Mainz to St. Goar recently.

Bruce Schneier writes about Phishing attacks and that he wants financial companies to be responsible for phishing attacks.

This brought me to some thoughts about online banking security and secure authentication in general.
Today, most online banking goes through web interfaces. That's really horrible in the sense of security. I remember when I asked my local bank for an online banking account, they told me "hey, you just need a web browser to do this". They have better alternatives (HBCI), but they don't promote them to their normal customers.
With a web-interface, you only have a one-way-authentication (the user authentificates itself to the bank, but the bank doesn't) and that's the whole thing why phishing works. If there would be any mechanism that verifies the authenticy of the bank for the user (or, to be exact, his applications, because we all now that average users don't manage to do so), the whole phishing-stuff would be senseless.

Even the less secure variant of HBCI with keyfiles is much more secure than web-interfaces. For a successfull phishing-attack, a user would have to upload his keyfile - which he usually won't do, because he doesn't know where it is. But the most obvious way: Smartcards.
Smartcards can be a fine solution for various security problems - and it's not much more complex. Everyone knows that he has to put his bank card into a cash terminal, so why shouldn't the average user be able to put it in a computer slot? But hey, it's even hard to get smartcard-drives - I once asked in the Saturn (big german technology market), they don't sell them at all.
The right thing would be having smartcard-drives in computers by default - and having chipcards for various security-applications.

HBCI, for the ones who don't know, is a german standard for online banking - I wonder why there is no word-wide online-banking-standard yet - with a secure, open design and based on two-way-authentication, together with some easy-to-use standard applications for online banking installed on every PC. That would really help a lot.

From the ffmpeg-list:
>>> Java is rumored to be platform-independent.
>> Highly overhyped rumor, it actually runs on all platforms... that have a JVM.
> Right, both of them. :) Funny essay on the matter:
> http://web.ivy.net/~carton/academia/java_languageoftomorrow.html

And congratulations to the marketing guys of sun who managed to promote their product for years with something that just isn't true.