d

Eva

 Six demonstrators arrested after blocking bulldozers in Um Salmuna

by Anarchists Against the Wall, ©Anarchists Against the Wall

Fifty Palestinians, Israelis and international activists managed to stop construction today during a demonstration against the wall. This is the second day in a row demonstrators confront army and police in an attempt to save village land from being destroyed for the wall. Three people were arrested yesterday – the village’s mayor and an assistant of his, who were released a few hours later, and the mayor’s son, who still remains in custody.

Hardware

 How to Upgrade, Repair, Disassemble a Mobile (Cellular) Phone

by Werner Heuser, ©Werner Heuser

Need to repair your mobile (cellular) phone? Need to fix a broken display? Want to know what chips are actually inside your mobile phone? Or just in the mood of modding your mobile gadget? Here is a collection of links to take apart instructions, disassembly pictures, upgrade and repair manuals, as well as do-it-yourself (DIY) tips and tricks for mobile phones. If you have written a report yourself (or if you know of a report not linked here), please submit a new entry.

Linux

 Stack Smashing Protection for Debian

by Steve, ©Debian Administration

Since we last covered the use of Stack Smashing Protection (SSP) the default compiler for Debian Sid has been upgraded to include it, with no need for custom patching. Read on for a brief demonstration of how it can be used to prevent attacks.

The default C compiler for Sid, which will be used in Etch too, is GCC v4.1. This releasecontains the SSP patch which previously needed to be applied manually (we demonstrated applying this patch for GCC v3.4 a long time ago).

Since the SSP patch is included in the compiler by default it is suddenly a lot easier to start working with it.

Programming

 Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services

by B.P. Miller, D. Koski, C.P. Lee, V. Maganty, R. Murthy, A. Natarajan, and J. Steidl, ©B.P. Miller, D. Koski, C.P. Lee, V. Maganty, R. Murthy, A. Natarajan, and J. Steidl

We have tested the reliability of a large collection of basic UNIX utility programs, X-Window applications and servers, and network services. We used a simple testing method of subjecting these programs to a random input stream. Our testing methods and tools are largely automatic and simple to use. We tested programs on nine versions of the UNIX operating system, including seven commercial systems and the freely-available GNU utilities and Linux. We report which programs failed on which systems, and identify and categorize the causes of these failures.

The result of our testing is that we can crash (with core dump) or hang (infinite loop) over 40% (in the worst case) of the basic programs and over 25% of the X-Window applications. We were not able to crash any of the network services that we tested nor any of X-Window servers. This study parallels our 1990 study (that tested only the basic UNIX utilities); all systems that we compared between 1990 and 1995 noticeably improved in reliability, but still had significant rates of failure. The reliability of the basic utilities from GNU and Linux were noticeably better than those of the commercial systems.

We also tested how utility programs checked their return codes from the memory allocation library routines by simulating the unavailability of virtual memory. We could crash almost half of the programs that we tested in this way.

Security

 Forming an Incident Response Team

by Danny Smith, ©AusCERT

Forming an Incident Response Team (IRT) in the 1990s can be a daunting task. Many people forming an IRT have no experience with doing this. This paper examines the role an IRT may play in the community, and the issues that should be addressed both during the formation and after commencement of operations. It may be of benefit to existing IRTs as it may raise awareness of issues not previously addressed.

Sysadmin

 How To Implement SPF In Postfix

by Falko Timme , ©HowtoForge

This tutorial shows how to implement SPF (Sender Policy Framework) in a Postfix 2.x installation. The Sender Policy Framework is an open standard specifying a technical method to prevent sender address forgery (see http://www.openspf.org/Introduction). There are lots of SPF extensions and patches available for Postfix, but most require that you recompile Postfix. Therefore we will install the postfix-policyd-spf-perl package from openspf.org which is a Perl package and can be implemented in existing Postfix installations (no Postfix compilation required).

Webmaster

 Creating grunge brushes

by Veerle Pieters, ©Veerle Pieters

My recent tutorial about creating pattern backgrounds sparked some questions from readers if I could do the same for something that is referred to as "grunge". The pattern tool is ok for repeating items but the grunge look gets it effectiveness just from the randomness I think. So I think it would be better if I show you how to make a grunge brush instead. I know several of those are available for download but there is nothing more rewarding then creating your own :)

So in this article I’ll show you how to create 2 types of brushes that can be used to create the grunge effect. Like always this is just one way of doing things as I’m sure there are others also. In a next tutorial I’ll explain another way to create a similar effect in Photoshop if you just want borders. A brush is better because you can apply it everywhere and it gives you more creative freedom then the other technique.