Computer culture

I own this Canon IXUS 50 camera for more than two years now. It's a fine device, but it has some small lacking features where I often asked myself if this could be enhanced with a new firmware.

Until recently, when I read about the CHDK project: It's a kind of firmware enhancements for Canon cameras. It doesn't fully replace the real firmware, but adds additional stuff (I must say I don't fully understand what they do). And now they have an experimental port for the SD400, which is built into my cam.

The first big killerfeature one will notice is that the cam now has a battery monitor, which is the most obvious lacking feature of the original firmware.

One more thing I always would've liked for my cam is a better video compression. The video quality is quite good, but the cam just can do mjpeg, which leads to big files and limits your maximum video size to about 20 minutes. It seems CHDK has some better compression video mode, but I'll have to dig deeper into it. Beside, I can now record raw images. So there's lot's of cool stuff to play with.

Today I asked myself if I can ping an IDN host.

My default ping (iputils on linux) couldn't do it, but I found some patches out there, e.g. from Fedora. Thanks to SpanKY, we now also have IDN-enabled ping in Gentoo (he used a modified patch).

Today heise security brought a news that a growing number of old wordpress installations get's misused by spammers to improve their pagerank. I've more or less waited for something like that, because it's quite obvious: If you have an automated mechanism to use security holes in a popular web application, you can search for them with a search engine (google, the mighty hacktool) and usually it's quite trivial to detect both application and version.

This isn't a wordpress-thing only, this can happen to pretty much every widespread web application. Wordpress had a lot of security issues recently and is very widespread, so it's an obvious choice. But other incidents like this will follow and future ones probably will affect more different web applications.

The conclusion is quite simple: If you're installing a web application yourself, you are responsible for it! You need to look for security updates and you need to install them, else you might be responsible for spammers actions. And there's no »nobody is interested in my little blog«-excuse, as these are not attacks against an individual page, but mass attacks.

For administrators, I wrote a little tool a while back, where I had such incidents in mind: freewvs, it checks locally on the filesystem for web applications and knows about vulnerabilities, so it'll tell you which web applications need updates. It already detects a whole bunch of apps, while more is always better and if you'd like to help, I'd gladly accept patches for more applications (the format is quite simple).

With it, server administrators can check the webroots of thier users and nag them if they have outdated cruft laying around.

Und erwähnt mich. Zitat:
Hanno Böck, der die freie Geodatenbank Openstreetmap vorstellte, war extra nach Augsburg gereist, da es »hier noch besonders viel zu tun gibt«. Ein Blick auf eine Augsburger Stadtkarte zeigte, was er meint: Einige Straßen sind schon drin, Bahnlinie und Hauptbahnhof auch, sogar Sträßchen wie Kappelberg, Milchberg, Bäckergasse und Hallstraße sind eingezeichnet. Aber wo ist die Maximilianstraße? Der Rathausplatz? Da sieht es doch recht leer aus.

Augsburger Allgemeine: Damit der PC mit seinem Nutzer rechnen kann