Bash is worse than heartbleed! Oh noes!

A really bad remote code execution bug surfaced yesterday, in Bash–the GNU replacement for the Unix shell. If you have a webserver running, or possibly just SSH, it can be used to execute arbitrary code. It affects anything Unixy–Linux, BSD, Mac OS X, and likely many proprietary Unix flavors, since many of them have adopted the GNU toolchain.

This could be really bad. Some people are calling it potentially worse than Heartbleed. Maybe. I’m thinking it’s more along the lines of MS08-067. But there’s an important lesson we must learn from this. Read more

Google is your friend if you have an old scanner

My wife bought a scanner around the turn of the century. It’s old, but has always worked well. It’s a Canon LIDE 50, which should come as no surprise. Canon generally makes good hardware. The only problem is that Canon hasn’t made a new driver for it since Windows XP.

I’ve thought of keeping an XP box around for scanning, but wondered if there was a better way. Turns out there is. Thanks to this blog post I know the LIDE 60 drivers work fine, so we can keep the scanner even as we leave XP behind. That’s great, because I hate tossing perfectly usable hardware just because it’s old.

So if you have an old scanner, Google it. There may very well be a close-enough driver out there for it that you can use with a bit of tweaking. And if not, and you don’t mind paying $40, there’s VueScan, which works with 2,400 different scanners and all three (yes, three!) major operating systems. So you can use old weird scanners with Mac OS X or Linux if you want. And $40 is probably less than a new comparable scanner will cost.

The trade off of fidelity and convenience in marketing, and how it doomed my favorite company

I’m reading a book called Trade-Off, by former USA Today technology columnist Kevin Maney. It’s primarily a marketing book.

Maney argues that all products are a balance of fidelity and convenience, and highly favor one or the other. He additionally argues that failed products fail because they attempted to achieve both, or failed to focus on either one.

An example of a convenient product is an economy car. They’re inexpensive to buy and inexpensive to keep fueled up, but don’t have much glitz and you probably won’t fall in love with it. A high-end sports car or luxury car is a lot less practical, but you’re a lot more likely to fall in love with it, and gain prestige by driving around town in it. Read more

Update Flash now

Adobe updated Flash today, to fix a couple of 0-day vulnerabilities. Here’s how to force a manual update on Windows and Mac OS X. I put on my sysadmin hat and looked over the update scripts on the page; they’re a little complex but don’t do anything nefarious.

Grab the appropriate update script for the type of computer you’re running, close your browser, run it, and stay safe. And remember, you’re doing me and the rest of the world a favor; if your computer is up to date, then it isn’t attacking my network, and if mine’s up to date and secure, mine isn’t attacking yours.

A fast way to turn lots of images into an Adobe Acrobat PDF file

I have a collection of magazine scans that, inconveniently, came as a series of JPG images rather than as PDFs that are more conducive to reading. I wanted PDFs, so I found a way to turn lots of images into an Adobe Acrobat PDF file.

Building the PDF manually took a good 30 minutes per issue, so I wanted a faster way. Using command-line tools, I was able to convert the entire collection (about 40 issues) in less than 30 minutes. Read more

Thanks for the misinformation, Disney

In one of its throwaway kid’s sitcoms, Disney insinuates that open source software contains spyware and using it is a ‘rookie mistake’.

Open source software rarely contains viruses or spyware. Since it’s open for examination, changes to the code that have any funny business in them tend to be rejected. For that matter, code with unintended bad consequences tends to either be rejected, or quickly changed.
Read more

Things I wish everyone knew about home Mac security

On Wednesday evening, I wrote about basic computer security from a Windows-centric perspective. I knew some people who needed help in a hurry, and given there was a 90% or so chance they were running Windows, I took that route.

Some of my buddies who use Macs passed it along. And much of what I said then does apply, but I’d like to clarify a few of those points.
Read more

WordPress Appliance - Powered by TurnKey Linux