Linux: The GHOST Vulnerability | RHEL | CentOS

The GHOST vulnerability is a serious weakness in the Linux glibc library. It allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. CVE-2015-0235 has been assigned to this issue.   Qualys security researchers discovered this bug and worked closely with Linux distribution vendors. And as […]

Read More

scim: Bringing spreadsheets back to the present

2015-01-31-6m47421-scim

After last week’s rash of gold-star software, I was afraid I’d get through this week without seeing anything worth gilding.

2015-01-31-6m47421-scim

Uh-oh. That’s got potential. :)

Andrés M. left a note a few days ago about scim, and shuf brought it up this morning. scim builds on the ancient sc spreadsheet calculator, and adds a lot — I mean a lot — of things that the old spreadsheet either didn’t approach or just weren’t conventions at the time it was built.

For example, scim can undo. :shock: And now … a pause for effect.

If I said “Hallelujah” to that, I wouldn’t be overreacting. I’ve been working with sc for years and never found a proper undo command. In fact, I’ve learned to work with sc in such a fashion that I can backtrack through mistakes or errors without an undo feature. (It takes a lot of cutting and pasting, basically.)

So that feature is reason enough to embrace scim — without even looking at things like hiding rows and columns, sorting data, a redo feature (or undo your undo), date formatting, key remapping, command multiplying, autorecalculation (or, to be more specific, the option to turn off autorecalculation), regex search-and-replace and a whole lot more.

And it’s got color! :mrgreen:

scim takes its cue from The Vim Way of Doing Things, meaning a command mode and an edit mode, with commands usually taking a colon as a prefix. Get to the help pages, for example, with :help. One-key commands are simple mnemonics.

Perhaps best of all — or perhaps more important of all — is scim’s ability to import and export to other formats, and still preserve its compatibility with the spreadsheet of the 80s. In the past if I wanted to move from sc’s exported format to something more conventional, like a Google spreadsheet, there was a hefty amount of text editing and search-and-replacing needed. Hopefully not now.

scim seems to take up all the slack and build up all the features that were missing from its progenitor, and fill in the gaps between 1988 and 2015. I don’t see this in AUR or Debian, but it’s hard to tell with all the references to the old scim input platform in both distros.

In fact, I daresay that might be the only weak point for scim: It’s going to get lost with that name.

No matter; I’d prefer to think that the people who really want a text-only spreadsheet — a very good text-only spreadsheet, in fact — will find it in the mix.

So here we are, with a well-deserved gold star, not just for fulfilling all the points I generally look for in a top-notch text-only application, but for bringing console-based spreadsheets back to the present: :star: Enjoy! :D

Tagged: spreadsheet

Read More

gmail-attachment-downloader: You don’t want to know

2015-01-31-6m47421-gmail-attachment-downloader

Yesterday was the last work day of the month, and in my job that’s both a blessing and a curse, since it’s extraordinarily hectic, but it’s also payday. So my apologies for missing a day, but that job pays, and this one doesn’t. ;)

To complicate things I got two tips via e-mail, one from Rashid and one from Lewis, mentioning gmail-attachment-downloader. I like to check things before I add them to the list, and at first glance it looked like a simple python script that scrapes through attachments in your account, and gives you a local copy.

That’s true, but I should be clear: It downloads attachments. All attachments. Every last one. From the beginning. Of all time. :shock:

So while I don’t have much to show for gmail-attachment-downloader, I do have about 10 years of junk to sort through as a result.

2015-01-31-6m47421-gmail-attachment-downloader

Aside from that warning, there are some other notes I should offer.

I ran into errors when I tried gmail-attachment-downloader in straight python in Arch. python2 appears to be the preferred framework here. Aside from that, I needed no peculiar dependencies. It takes no flags or options.

I gave my account with the @gmail.com suffix; the first time I tried with only the prefix and it wasn’t as successful. That I blame on GMail though, since I know it tends to want full addresses as “user names.”

As you can see, gmail-attachment-downloader is clever enough to avoid name collisions, and will skip over files that are identical and rename files that are similar. I don’t know if that means it is performing some sort of hash check or if it is just looking at file size. Either way is fine with me, but if you have a better idea, talk with the author.

My only suggestion for an improvement would be some sort of date stamping addition. Pulling down years of stashed .config files is fine, but without preserving the original date of the message, or perhaps prefixing the name with original date, everything is just swirled together.

And I suppose I should mention — again — that this is an all-or-nothing adventure. There’s no way (yet) to prompt to download a file, screen messages and pull down attachments by filter, or otherwise control the product. Start it up, set it spinning, and come back a few hours later.

And then spend the next day or two wondering what the context was for the half-dozen Anpanman wallpaper images buried somewhere in your account. Did I really e-mail those to myself … ? :???:

Tagged: attachments, client, download, e-mail, manager, network

Read More