A document that I was privileged to access pre-release snapshots of has now been published:

Introduction to Chinese Chess (Xiangqi) for International Chess Players A Comparison of Chess and Xiangqi By xq_info(add)gmx.de (a bit shy about his real name) 98 pages

You may like the self-assessment puzzles aspect about it, but not only that. Recommended! It's up here:

http://wxf.ca/wxf/doc/book/xiangqi_introduction_chessplayers_20150323.pdf

Best, Sebastian

While https://panopticlick.eff.org/ is not really new, I learned about that site only recently. And while I knew that browser self-identification would reduce my anonymity on the Internet, I didn't expect this result:

Your browser fingerprint appears to be unique among the 5,198,585 tested so far.

Wow. Why? Let's try one of the others browsers I use. "Appears to be unique", again (where Flash is enabled). What's so unique about my setup? The two reports say about my setup:

User agent and browser plug-ins hurt, fonts alone kill me altogether. Ouch. Update:

• It's the very same when browsing with an incognito window. Re-reading, what that feature is officially intended to do (being incognito to your own history), that stops being a surprise.
• Chromium (with Flash/Java disabled) added

Thoughts on fixing this issue:

I'm not sure about how I want to fix this myself. Faking popular values (in a popular combination to not fire back) could work using a local proxy, a browser patch, a browser plug-in maybe. Obtaining true popular value combinations is another question. Fake values can reduce the quality of the content I am presented, e.g. I would not fake my screen resolution or be sure to not deviate by much, probably.

Zitat: "Mit dieser Petition fordern wir ein generelles und ausnahmsloses Fracking-Verbot für Kohlenwasserstoffe in Deutschland!"

Zur Petition: https://www.change.org/p/bundestag-fracking-gesetzlich-verbieten-ausgfrackt-is

Die vier Beispiele:

• Vattenfall gegen die Bundesrepublik Deutschland
• Philip Morris gegen Uruguay
• Investoren gegen Argentinien
• Chevron gegen Ecuador

Hier der Artikel dazu.

It's 4:17 if you would like to skip the first prime number based slam. No more math after. Though, you may miss something.

Grand Slam Poetry Champion | Harry Baker | TEDxExeter

First, there are longer articles on this very subject if you are looking for something more elaborate. This is my take at a condensed version.

I have a script at /usr/local/bin/on_ssh_login.sh like this:

#! /usr/bin/env bash
if [ "${PAM_TYPE}" != "open_session" ]; then
    exit 0
fi

cat <<BODY | mailx -s "Log-in to ${PAM_USER:-???}@$(hostname -f) \
(${PAM_SERVICE:-???}) detected" mail@hostname.invalid
# $(LC_ALL=C date +'%Y-%m-%d %H:%M (UTC%z)')
$(env | grep '^PAM_' | sort)
BODY

exit 0

It uses command mailx of S-Nail to send e-mail. A config file for S-Nail at /root/.mailrc as simple as two lines total like…

set smtp-use-starttls
set smtp=your-smtp-server-here.invalid

…made it send e-mail for me, but if you need a different port, TLS rather than STARTTLS and/or logging in with SMTP as a specific user, some of these docs [1] [2] [3] [4] should have you covered.

The script can and should first be tested like this:

# PAM_TYPE=open_session /usr/local/bin/on_ssh_login.sh

Once that worked, we can make PAM call out to the script for every login to SSH by appending line…

session  required pam_exec.so /usr/local/bin/on_ssh_login.sh

to file /etc/pam.d/sshd.

NOTE: Be sure to keep a second SSH shell session open while trying out if a new login to SSH sends e-mail to you as expected.

Done. Cheers!

Not really new, just rocks the house. Robyn 'Call Your Girlfriend' Official Video

Wir unterbrechen für eine kurze Durchsage: Gentoo Linux ist bei den Chemnitzer Linux-Tagen am Samstag 21. und Sonntag 22. März 2015 mit einem Stand vertreten.

https://chemnitzer.linux-tage.de/2015/de

Es gibt unter anderem Gentoo-T-Shirts, Lanyards und Buttons zum selbst kompilieren.

Hi! On a rather young Gentoo setup of mine I ran into SSLV3_ALERT_HANDSHAKE_FAILURE from rss2email. Plain Python showed it, too:

# python -c "import urllib2; \
    urllib2.urlopen('https://twitrss.me/twitter_user_to_rss/?user=...')" \
    |& tail -n 1
urllib2.URLError: <urlopen error [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] \
    sslv3 alert handshake failure (_ssl.c:581)>

On other machines this yields

urllib2.HTTPError: HTTP Error 403: Forbidden

instead. It turned out I overlooked USE="bindist ..." in /etc/portage/make.conf which is sitting there by default. On OpenSSL, bindist disables elliptic curve support. So that is where the SSLV3_ALERT_HANDSHAKE_FAILURE came from.

Hi! A friend of mine ran into known (though not well -known) security issues with Apache's AddHandler directive. Basically, Apache configuration like

# Avoid!
AddHandler php5-fcgi .php

applies to a file called evilupload.php.png, too. Yes. Looking at the current Apache documentation, it should clearly say that AddHandler should not be used any more for security reasons. That's what I would expect. What I find as of 2015-02-15 looks different:

• https://httpd.apache.org/docs/current/mod/mod_mime.html#multipleext SetHandler advised, no mention of "security", though
• https://httpd.apache.org/docs/current/mod/mod_mime.html#addhandler Dangerous example "AddHandler cgi-script .cgi" No mention of "security"
• https://httpd.apache.org/docs/current/mod/mod_mime.html#RemoveHandler Promition of AddHandler: "AddHandler server-parsed .html"
• https://httpd.apache.org/docs/current/handler.html#examples Promition of AddHandler: "AddHandler add-footer .html"
• https://wiki.apache.org/httpd/FAQ#How_do_I_enable_CGI_execution_in_directories_other_than_the_ScriptAlias.3F Dangerous recommendation "add a line such as AddHandler cgi-script .cgi"

Maybe that's why AddHandler is still proposed all across the Internet:

• https://wiki.archlinux.org/index.php/Apache_HTTP_Server
• https://wiki.archlinux.org/index.php/Apache_and_FastCGI
• http://aktuell.de.selfhtml.org/artikel/server/apacheconf/apconf15.htm
• https://all-inkl.com/wichtig/
• https://www.devside.net/articles/php
• http://php.net/manual/en/install.unix.php#78781
• http://askubuntu.com/questions/378734/how-to-configure-apache-to-run-php-as-fastcgi-on-ubuntu-12-04-via-terminal
• ..

And maybe that's why it made its way into app-admin/eselect-php (bug #538822) and a few more. Please join the fight. Time to get AddHandler off the Internet!