Re: Resources

Thanks for this! It can be added to the wiki yourself (that's what a
wiki is) or I'll get around to it sometime.

On 11/28/2010 03:35 PM, windcaller wrote:
> Things that would be good to add to Resources on the "Welcome to GSLUG
> - The Greater Seattle Linux Users Group" http://www.gslug.org/wiki/index.php/Resources
> 
> There was a discussion on terminal basics.  These links will help.
> 
> Basic Terminal Scripting
> tp://www.arachnoid.com/linux/index.html
> 
> * A quick guide to writing scripts using the bash shell (Rutgers)
> http://www.panix.com/~elflord/unix/bash-tute.html
> * Advanced Bash Scripting Guide (Linux Documentation Project)
> http://www.tldp.org/LDP/abs/html/
> * Bash Reference Manual (GNU Project, downloadable versions)
> http://www.gnu.org/software/bash/manual/bash.html
> 
> And to learn more and keep up to date of what is happening with Linux.
> 
> Source for GNU/Linux Web-Radio & Podcasts!
> http://www.thelinuxlink.net/
> 
> Free podcast aggregator for Linux
> http://gpodder.org/
> 

--

-- 
Mark D. Foster <mark <at> foster.cc>

Linux + NonProfits + Volunteers

Re: Linux + NonProfits + Volunteers

On 12/01/2010 11:11 PM, William Fong wrote:
> 1.) We'll be helping a good cause, both for the non-profit and spreading
> open source solutions
> 2.) We only volunteer on the projects we want to. You're interested in
> 3.) You're going to learn a lot. Perhaps you only tinker with Linux on the
> 4.) This will look awesome on your resume. Enough said. :)

> What do you guys think?

It's a great idea & the open-source component is the icing on the cake
so to speak. Sign me up.

This project/movement needs a name!

On a side note I can also say the Free Geek Seattle can be a source for
computers to these non-profits. We currently have half a dozen computers
ready now for just this type of thing.

-- 
Mark D. Foster <mark <at> foster.cc>
http://mark.foster.cc/ |  http://www.freegeekseattle.org/

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

Re: Linux + NonProfits + Volunteers

Trying again because somehow I managed to be subscribed without being a member.

On Thu, Dec 2, 2010 at 6:58 AM, Mark Foster <mark <at> foster.cc> wrote:
> On 12/01/2010 11:11 PM, William Fong wrote:
>> 1.) We'll be helping a good cause, both for the non-profit and spreading
>> open source solutions
>> 2.) We only volunteer on the projects we want to. You're interested in
>> 3.) You're going to learn a lot. Perhaps you only tinker with Linux on the
>> 4.) This will look awesome on your resume. Enough said. :)
>
>> What do you guys think?
>
> It's a great idea & the open-source component is the icing on the cake
> so to speak. Sign me up.
>
> This project/movement needs a name!
>
> On a side note I can also say the Free Geek Seattle can be a source for
> computers to these non-profits. We currently have half a dozen computers
> ready now for just this type of thing.
>

Another non-attendee here. I'd be interested in this project as well.
Most of the non-profits I've come across in the area are not so much
"anti-Linux" as they are desperately clinging to the vague familiarity
of Windows. With a little tech support and gentle coaching, some of
them would be as enthusiastic about Free Software as the rest of us.

Incidentally - Mark, I love the concept of Free Geek. The philosophy
in our home is that a computer's not dead until it's a smoking pile of
melted wires. Our old computers (and one from the church my wife used
to work at) are merrily chugging along in Oklahoma, keeping the rest
of the family online.

Kind Regards,

Brian Wisti
http://coolnamehere.com

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

Re: Linux + NonProfits + Volunteers

Re: Linux + NonProfits + Volunteers

FWIW, I've done some volunteering at a youth-oriented non-profit. The
main reasons this particular NP was using Windows, MS Office, and
Adobe products were:

1. They received the computers & software at no cost because they were
awarded a grant.
2. One of the goals of their computer lab was to give the youth
"computer" experience. Basically, this is a continuation of MS, Adobe,
Apple and other companies providing free or reduced cost software to
schools in an effort train new generations of consumers and office
workers.
3. The organizations and agencies this organization deals with tend to
use Microsoft Office documents as their standard way of exchanging
information.
4. Windows was viewed as easier to "lock down", mostly because the
volunteer who was leading the effort worked in a Windows shop by day
and knew how to use group policy to do so.

I think the biggest problem is #1 - for better or worse, non-profits
have to operate under some of the same constraints as other
organizations, and that means business cases. They'll complain that
using FOSS doesn't really save them any money and if they are going to
switch, they'll need some other business reason. This won't be the
case at all organizations, but it is something we'll want to be aware
of.

FOSS is not taken seriously by most people, primarily due to
perception issues. This has been changing over the last few years, but
at a somewhat glacial pace. I'd like to be part of the solution in
working to change this and am interested in L+NP+V! Perhaps (as Mark
and Brian suggested) this effort can dovetail with Free Geek's goals.

Regards,
Brett

On Thu, Dec 2, 2010 at 8:09 AM, Larry Schwerzler <plecebo1 <at> gmail.com> wrote:
> Another interested person here. I also don't attend meetings, and mostly
> just lurk on the lists. I've not done much non profit volunteering but use
> linux daily and manage a few linux servers for a small business.
> Larry Schwerzler
>
>
> On Wed, Dec 1, 2010 at 11:11 PM, William Fong <will <at> digitaldev.com> wrote:
>>
>> Hello all!
>> None of you know me. I've tried to make some of these meetings, but
>> something always comes up on Saturdays. I keep myself pretty busy by
>> volunteering at nonprofits, taking care of their IT needs as well as I can.
>> Here's something I've noticed. The nonprofit organizations around here are
>> very anti-Linux. Not directly because it is Microsoft land, but because it
>> is extremely hard to find volunteers who know Linux. That's not surprising,
>> just concerning. Add to that, unfortunately, some of the volunteers are
>> doing things that are a bit over their head, continually requiring the
>> volunteer to go in and making fixes. The nonprofit is basically forced to
>> either accept mediocre IT support or none at all. This must change.
>> Organizations that are trying to help the world should have access to open
>> source solutions, which in itself is a "non profit organization" in a way.
>> I would like to help address this issue by bringing together a few Linux
>> geeks to form a volunteer Linux support organization. Initially, helping to
>> implement mixed environments with the org's existing Windows desktops, but
>> with Linux servers on the back end. The reason for this is server
>> administration is a lot easier than end user support. When we gain enough
>> momentum, we can start exploring Windows-alternative desktops, and other fun
>> projects.
>> Why should we do this?
>> 1.) We'll be helping a good cause, both for the non-profit and spreading
>> open source solutions
>> 2.) We only volunteer on the projects we want to. You're interested in
>> server administration, we'll offer that. Want a project to learn PHP or
>> Python? Sure, there are many problems nonprofits have that can be easily
>> solved with a few scripts and web front ends.
>> 3.) You're going to learn a lot. Perhaps you only tinker with Linux on the
>> desktop, because $DAYJOB is a Microsoft shop. Here's a chance to dig into a
>> production Linux server farm. Never tried load balancing with LVS? No
>> problem. A NPO has a need for content filtering so the kids don't access
>> porn but only has a few donated P4's. Let's throw together a cluster with
>> LVS running http proxy with content filtering. (P4 desktops are a dime a
>> dozen).
>> 4.) This will look awesome on your resume. Enough said. :)
>> I've got a few ideas to make this real easy for us. For example, we'll
>> have a wiki page that lists all the nonprofits we're working with, along
>> with login credentials, etc. We'll require all the nonprofits to email in a
>> "support ticket" if there are any issues, so any one of us can pick it up,
>> and fix it right away. That way we're distributed. This is going to be so
>> much better than a nonprofit relying on one volunteer's schedule.
>> What do you guys think?
>> Thanks for the read.
>> -will
>> (irc: seekwill)
>>
>> --
>> --
>> Gslug-general mailing list
>> http://www.gslug.org/wiki/index.php/Mailing_Lists
>
> --
> --
> Gslug-general mailing list
> http://www.gslug.org/wiki/index.php/Mailing_Lists
>

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

Security Speaking Series <at> Google with Firesheep & Integers!

Good Morning GSLUG,

It has been far too long since I made it to a meeting although I saw a
number of you at Linuxfest Northwest in April. I wanted to extend the
list an invitation to a software security speaking event I organize.

Next Thursday, December 9th, is the last iSEC Seattle Open Forum of
2010. Join us at Google in Kirkland where Eric Butler and Ian
Gallagher, the creators of Firesheep, will discuss "Firesheep:
Intentions, Responses, and what's next?" and iSEC Partners' Andreas
Junestam will be presenting “Integer issues in C – Exploring the dusty
corners of C arithmetic.” An additional speaker will be announced next
week. Light refreshments will be provided.

Please RSVP to andrew <at> isecpartners.com to ensure we have the proper
quantity of food and beverages.

Andrew Becherer
Senior Security Consultant, iSEC Partners

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
iSEC Open Forum Seattle!
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

DATE: Thursday, September 16th, 2010

TIME: 6pm-9pm

LOCATION: Google Kirkland, 747 6th Street South, Kirkland WA
http://maps.google.com/maps?q=747+6th+Street+South,+Kirkland,+WA

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
AGENDA
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

SPEAKER:

Eric Butler, Software Developer, Seattle, WA
Ian Gallagher, Security Consultant, Security Innovation

TITLE: Firesheep: Intentions, Responses, and what's next?

ABSTRACT: At ToorCon several weeks ago, Eric and Ian released
Firesheep, a Firefox extension that simplifies HTTP Session Hijacking
/ Sidejacking. They were tired of seeing insecure websites that made a
big deal out of user privacy with upper-layer controls (Facebook
privacy prefs, for example) but neglected protecting the basic HTTP
transport. This is nothing new, all of the big websites know about
these dangers, and usually they protect usernames and passwords with
HTTPS, but nothing more. Eric and Ian hope to push big sites
everywhere to adopt site-wide HTTPS by making it painfully clear that
the issue is real.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

SPEAKER: Andreas Junestam, Vice President and Resident Swede, iSEC Partners

TITLE: Integer issues in C – Exploring the dusty corners of C arithmetic

ABSTRACT: In this talk, I’ll walk through different issues when it
comes to arithmetic problems in C: variable promotions, operator
precedence, sign extension / truncation and more, and what issues this
can result in. I will end the talk with a few bug examples where the
audience is very encouraged to participate in the walk-through of the
issue.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

SPEAKER: To be Announced Next Week

TITLE: To be Announced Next Week

ABSTRACT: To be Announced Next Week

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
About the iSEC Open Security Forum
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

The iSEC Open Security Forum is an informal and open venue for the
discussion and presentation of security related research and tools,
and an opportunity for security researchers from all fields to get
together and share work and ideas. The Forum aims to meet in the Bay
Area and Seattle quarterly. Forum agendas are crafted with the
specific needs/interests of its members in mind and consist of brief
20-30 minute talks. Talks are not product pitches or strongly vendor
preferential. Attendance is by invite only and is limited to engineers
and technical managers. Any area of security is welcome including
reversing, secure development, new techniques or tools, application
security, cryptography, etc.

Interested in presenting at a future Forum? Email
andrew <at> isecpartners.com. Talks should be 20-30 minutes max.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

To unsubscribe from further communication regarding iSEC Seattle Open
Forum, please email andrew <at> isecpartners.com with UNSUBSCRIBE in the
subject.

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

Re: Security Speaking Series <at> Google with Firesheep & Integers!

Sorry Everyone!

A quick update... December 9th! December 9th! December 9th! There was
a mismatch in the body text and the formal invitation text. Again, I
apologize and thanks to those who pointed it out.

--
Andrew

On Thu, Dec 2, 2010 at 10:07 AM, Andrew Becherer <andrew <at> becherer.org> wrote:
> Good Morning GSLUG,
>
> It has been far too long since I made it to a meeting although I saw a
> number of you at Linuxfest Northwest in April. I wanted to extend the
> list an invitation to a software security speaking event I organize.
>
> Next Thursday, December 9th, is the last iSEC Seattle Open Forum of
> 2010. Join us at Google in Kirkland where Eric Butler and Ian
> Gallagher, the creators of Firesheep, will discuss "Firesheep:
> Intentions, Responses, and what's next?" and iSEC Partners' Andreas
> Junestam will be presenting “Integer issues in C – Exploring the dusty
> corners of C arithmetic.” An additional speaker will be announced next
> week. Light refreshments will be provided.
>
> Please RSVP to andrew <at> isecpartners.com to ensure we have the proper
> quantity of food and beverages.
>
> Andrew Becherer
> Senior Security Consultant, iSEC Partners
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> iSEC Open Forum Seattle!
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> DATE: Thursday, September 16th, 2010
>
> TIME: 6pm-9pm
>
> LOCATION: Google Kirkland, 747 6th Street South, Kirkland WA
> http://maps.google.com/maps?q=747+6th+Street+South,+Kirkland,+WA
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> AGENDA
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> SPEAKER:
>
> Eric Butler, Software Developer, Seattle, WA
> Ian Gallagher, Security Consultant, Security Innovation
>
> TITLE: Firesheep: Intentions, Responses, and what's next?
>
> ABSTRACT: At ToorCon several weeks ago, Eric and Ian released
> Firesheep, a Firefox extension that simplifies HTTP Session Hijacking
> / Sidejacking. They were tired of seeing insecure websites that made a
> big deal out of user privacy with upper-layer controls (Facebook
> privacy prefs, for example) but neglected protecting the basic HTTP
> transport. This is nothing new, all of the big websites know about
> these dangers, and usually they protect usernames and passwords with
> HTTPS, but nothing more. Eric and Ian hope to push big sites
> everywhere to adopt site-wide HTTPS by making it painfully clear that
> the issue is real.
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> SPEAKER: Andreas Junestam, Vice President and Resident Swede, iSEC Partners
>
> TITLE: Integer issues in C – Exploring the dusty corners of C arithmetic
>
> ABSTRACT: In this talk, I’ll walk through different issues when it
> comes to arithmetic problems in C: variable promotions, operator
> precedence, sign extension / truncation and more, and what issues this
> can result in. I will end the talk with a few bug examples where the
> audience is very encouraged to participate in the walk-through of the
> issue.
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> SPEAKER: To be Announced Next Week
>
> TITLE: To be Announced Next Week
>
> ABSTRACT: To be Announced Next Week
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
> About the iSEC Open Security Forum
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> The iSEC Open Security Forum is an informal and open venue for the
> discussion and presentation of security related research and tools,
> and an opportunity for security researchers from all fields to get
> together and share work and ideas. The Forum aims to meet in the Bay
> Area and Seattle quarterly. Forum agendas are crafted with the
> specific needs/interests of its members in mind and consist of brief
> 20-30 minute talks. Talks are not product pitches or strongly vendor
> preferential. Attendance is by invite only and is limited to engineers
> and technical managers. Any area of security is welcome including
> reversing, secure development, new techniques or tools, application
> security, cryptography, etc.
>
> Interested in presenting at a future Forum? Email
> andrew <at> isecpartners.com. Talks should be 20-30 minutes max.
>
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>
> To unsubscribe from further communication regarding iSEC Seattle Open
> Forum, please email andrew <at> isecpartners.com with UNSUBSCRIBE in the
> subject.
>

-- 
Andrew Becherer

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

TWiki.org is looking for contributors

I got a nice note last week from Peter Thoeny wanting to know if I had a 
little spare time at the moment to devote to some particular feature 
enhancements for TWiki, but I don't really. Thought I'd pass it on, in case 
there is anyone out there looking for an open source project to work on.

TWiki has been around for about a decade. It's written in Perl and runs great 
on Linux. :-D There's a GPL'ed version, plus since Peter and a core group 
have written most of the core code there is a bundled version licensed and 
supported as twiki.net. (There is also a fork of the codebase at 
foswiki.org.)

This is probably a good starting page if you're at all interested.

  http://twiki.org/cgi-bin/view/Codev/GettingInvolved

I can answer some questions, I have made some small enhancements/fixes in the 
past. Bear in mind though that I'm only reading my personal e-mail a few 
times a week.

--

Fred Morris

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists

Re: Linux + NonProfits + Volunteers

I concur with most of Brett's observations. Consider the business case, when 
they're getting something "valuable" donated to them (as opposed to FOSS 
software)... "everybody knows Microsoft (and a lot know the Mac)"... and so 
on.

IT is not most non-profit's core business competency, volunteers means high 
staff turnover. Software and hardware is often bought out of petty cash when 
there is a bit to spare or an indisputable need.

There are big players in the space particularly in fundraising, accounting and 
logistics who are selling stuff based on Microsoft. This may seem stupidly 
obvious, but just as software/hardware grows like mushrooms, so oftentimes do 
the business processes: at some point it becomes cheaper to buy a business 
structure OTS than it does to document your own.

NonProfits are often driven by charismatic leaders. There's often a lot of 
politics (external as well as internal). 

I was Northwest Harvest's "ghost in the computer" from around 1990 through 
2000.

It started out with writing them a logistics system running on a donated VAX. 
After a decade I *almost* replaced that with a Linux-based system, but then a 
bunch of software was donated by Microsoft, so we ended up implementing with 
VB + SQLServer. In retrospect the effort organizing a real IT department for 
them and documenting their business processes was probably the most valuable 
part of the exercise. They replaced that with a customized OTS solution (also 
Windows-based) a couple years later.

I didn't do it all for free, but I did do it at a greatly reduced cost (did 
Microsoft donate MSDN subscriptions to me? bwahaha! you've got to be 
kidding!). In fact, I would say: don't be afraid to charge something, 
otherwise you may find yourself wasting your time. That, the poor quality of 
the development tools and a culminating experience in the relationship with 
Microsoft convinced me to toss them entirely, and I haven't looked back 
since.

(Their community affairs director, who evidenced no knowledge of IT practices 
or project management, went on to become the leader of King County's citizen 
election accountability board, the people responsible for explaining away 
problems when King County Elections screws up.)

I wrote (and hosted) the caucus finder used by the Washington State Democratic 
Party for the 2008 election cycle.

I currently host, pro bono, some small web apps for an outfit which isn't a 
nonprofit but is what I consider a good cause. (I charged them to write the 
apps, but that was a few years ago.)

In fact and in closing: I would suggest that having an application which your 
target nonprofit(s) can utilize (at least mostly) over the web or via VPN and 
which you host is probably a good way to achieve the initial penetration you 
seek.

People use Linux all the time... they just don't know it because it's not on 
their desktop getting in the way.

--

Fred Morris

--

-- 
--
Gslug-general mailing list
http://www.gslug.org/wiki/index.php/Mailing_Lists