From enobacon at gmail.com Thu Jan 3 15:38:56 2013 From: enobacon at gmail.com (Seven til Seven) Date: Thu, 3 Jan 2013 15:38:56 -0800 Subject: [Pdx-pm] sqitch - January meeting next week Message-ID: <201301031538.56609.enobacon@gmail.com> Thu. January 10th, 6:53pm at FreeGeek ? 1731 SE 10th Ave. speaker: David Wheeler Sane Database Change Management with Sqitch SQL change management is hard. Most ?migration?-style implementations require opaque naming conventions, prefer DSLs that cover a fraction of SQL, and require duplication of code for simple changes to existing functions. Such does not have to be. And now it?s not Introducing Sqitch, simple SQL change management that doesn?t suck. Sqitch doesn?t care what programming language your app is written in. It has no opinions as to what database to use or what its schema should look like. And it doesn?t require sequentially-named migration scripts or the use of any DSL other than SQL. Sqitch lets you to write SQL migration scripts that target your database, and provides a simple, unintrusive interface for specifying dependencies, so that it can run things in the proper order. So come to this talk to learn all about Sqitch: How it works, where to get it, and how to get the most out of managing database deployments. David Wheeler is Senior Data Architect at iovation and an associate at PGExperts. He is responsible, among other things, for PGXN, pgTAP, DesignScene, and way too many CPAN modules. He lives in Portland unless he?s traveling with his family. As usual, the meeting will be followed by social hour at the Lucky Lab. -- --------------------------------------------------- http://pdx.pm.org --------------------------------------------------- From keithl at gate.kl-ic.com Tue Jan 8 20:58:31 2013 From: keithl at gate.kl-ic.com (Keith Lofstrom) Date: Tue, 8 Jan 2013 20:58:31 -0800 Subject: [Pdx-pm] Ruby on Rails exploit Message-ID: <20130109045831.GA32447@gate.kl-ic.com> Via my ISP: http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/ https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion I don't run Rails, but a lot of sites do. I wonder if my bank does? Keith -- Keith Lofstrom keithl at keithl.com Voice (503)-520-1993 From melissa at fastanimals.com Wed Jan 9 09:10:48 2013 From: melissa at fastanimals.com (Melissa Hollingsworth) Date: Wed, 09 Jan 2013 09:10:48 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <20130109045831.GA32447@gate.kl-ic.com> References: <20130109045831.GA32447@gate.kl-ic.com> Message-ID: On Tue, 08 Jan 2013 20:58:31 -0800, Keith Lofstrom wrote: > Via my ISP: > > http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/ > https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion > > I don't run Rails, but a lot of sites do. I wonder if my bank does? This alert has been all over the place. The fix is simple: upgrade to the latest Rails. :) The problem is only potentially widespread because so many people never bothered to do that. -- Melissa Hollingsworth melissa at fastanimals.com +1 512 619 1237 From ronabop at gmail.com Wed Jan 9 03:02:23 2013 From: ronabop at gmail.com (Ronald Chmara) Date: Wed, 9 Jan 2013 03:02:23 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <20130109045831.GA32447@gate.kl-ic.com> References: <20130109045831.GA32447@gate.kl-ic.com> Message-ID: There is raw code. That's usually C. Then there are macro pseudo-language extensions, like C++ and Java, built upon that code. On top of that, there are scripting things, like Perl, PHP, Python, Ruby, etc. Stacked on top of that are things like "frameworks" and "MVC" and other useless crap like Rails and Node.js, which are to programming like an "oil-change technician" is to a "internal combustion engine engineer". -Bop On Tue, Jan 8, 2013 at 8:58 PM, Keith Lofstrom wrote: > Via my ISP: > > > http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/ > > https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion > > I don't run Rails, but a lot of sites do. I wonder if my bank does? > > Keith > > -- > Keith Lofstrom keithl at keithl.com Voice (503)-520-1993 > _______________________________________________ > Pdx-pm-list mailing list > Pdx-pm-list at pm.org > http://mail.pm.org/mailman/listinfo/pdx-pm-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From joshua at keroes.com Wed Jan 9 09:56:54 2013 From: joshua at keroes.com (Joshua Keroes) Date: Wed, 9 Jan 2013 09:56:54 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: References: <20130109045831.GA32447@gate.kl-ic.com> Message-ID: Ronald, I think you forgot to append a tag there. Happy to help, have a nice day! Joshua On Wed, Jan 9, 2013 at 3:02 AM, Ronald Chmara wrote: > There is raw code. That's usually C. Then there are macro pseudo-language > extensions, like C++ and Java, built upon that code. On top of that, there > are scripting things, like Perl, PHP, Python, Ruby, etc. Stacked on top of > that are things like "frameworks" and "MVC" and other useless crap like > Rails and Node.js, which are to programming like an "oil-change technician" > is to a "internal combustion engine engineer". > > > > -Bop > > > On Tue, Jan 8, 2013 at 8:58 PM, Keith Lofstrom wrote: > >> Via my ISP: >> >> >> http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/ >> >> https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion >> >> I don't run Rails, but a lot of sites do. I wonder if my bank does? >> >> Keith >> >> -- >> Keith Lofstrom keithl at keithl.com Voice (503)-520-1993 >> _______________________________________________ >> Pdx-pm-list mailing list >> Pdx-pm-list at pm.org >> http://mail.pm.org/mailman/listinfo/pdx-pm-list >> > > > _______________________________________________ > Pdx-pm-list mailing list > Pdx-pm-list at pm.org > http://mail.pm.org/mailman/listinfo/pdx-pm-list > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nathan at nathanewilliams.com Wed Jan 9 12:02:13 2013 From: nathan at nathanewilliams.com (Nathan Williams) Date: Wed, 09 Jan 2013 12:02:13 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: References: <20130109045831.GA32447@gate.kl-ic.com> Message-ID: <50EDCCC5.2060701@nathanewilliams.com> I side with this perspective as well; overall, I tend to have a negative reaction to the "frameworks", as their use requires relying on someone else's determination concerning 'best practice'. On the flip side, I see some advantage to communities using common components and working together to enhance them, whether that be security issues or new features... It's definitely something to give thorough consideration to before launching a project. For most of the folks who settle on the frameworks, I think the motives tend to center around using a common code base that developers are familiar with (most developers these days tend to change projects ever year or so), and the ability to get running quickly, where most of the scaffolding is done for you, and your team can immediately get to work on the bits that make your project unique. These are understandable motivations, but I think a lot of folks get caught by the consequences down the road when things go off the tracks and no-one knows why. Node.js is a whole different beast, and I decline to comment on the intelligence of giving frontend engineers control over server-side processes. -- Nathan W On 01/09/2013 03:02 AM, Ronald Chmara wrote: > There is raw code. That's usually C. Then there are macro > pseudo-language extensions, like C++ and Java, built upon that code. > On top of that, there are scripting things, like Perl, PHP, Python, > Ruby, etc. Stacked on top of that are things like "frameworks" and > "MVC" and other useless crap like Rails and Node.js, which are to > programming like an "oil-change technician" is to a "internal > combustion engine engineer". > > > > -Bop > > > On Tue, Jan 8, 2013 at 8:58 PM, Keith Lofstrom > wrote: > > Via my ISP: > > http://arstechnica.com/security/2013/01/extremely-crtical-ruby-on-rails-bug-threatens-more-than-200000-sites/ > https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion > > > I don't run Rails, but a lot of sites do. I wonder if my bank does? > > Keith > > -- > Keith Lofstrom keithl at keithl.com > Voice (503)-520-1993 > _______________________________________________ > Pdx-pm-list mailing list > Pdx-pm-list at pm.org > http://mail.pm.org/mailman/listinfo/pdx-pm-list > > > > > _______________________________________________ > Pdx-pm-list mailing list > Pdx-pm-list at pm.org > http://mail.pm.org/mailman/listinfo/pdx-pm-list From schwern at pobox.com Wed Jan 9 13:32:33 2013 From: schwern at pobox.com (Michael G. Schwern) Date: Wed, 09 Jan 2013 13:32:33 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <50EDCCC5.2060701@nathanewilliams.com> References: <20130109045831.GA32447@gate.kl-ic.com> <50EDCCC5.2060701@nathanewilliams.com> Message-ID: <50EDE1F1.9000106@pobox.com> On 1/9/13 12:02 PM, Nathan Williams wrote: > For most of the folks who settle on the frameworks, I think the motives > tend to center around using a common code base that developers are > familiar with (most developers these days tend to change projects ever > year or so), and the ability to get running quickly, where most of the > scaffolding is done for you, and your team can immediately get to work > on the bits that make your project unique. > > These are understandable motivations, but I think a lot of folks get > caught by the consequences down the road when things go off the tracks > and no-one knows why. I'm sure C programmers were moaning the same refrain at Perl 25 years ago. Could your average, or even above average, Perl programmer debug the regex engine or write a meaningful C program? Have they even looked at the Perl source lately? Do they pour over the code of every CPAN module and all the modules they depend on? Computing is made of layers. Stacking them up and trusting they're reliable is what allows us to progress. We're lucky if we understand and give any attention to even one layer down. Its short sighted and hypocritical to become righteous when $num_layers_i_am_comfortable_with + 1 has a glitch. From ben.prew at gmail.com Wed Jan 9 13:39:11 2013 From: ben.prew at gmail.com (Ben Prew) Date: Wed, 9 Jan 2013 13:39:11 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <50EDE1F1.9000106@pobox.com> References: <20130109045831.GA32447@gate.kl-ic.com> <50EDCCC5.2060701@nathanewilliams.com> <50EDE1F1.9000106@pobox.com> Message-ID: http://xkcd.com/378/ --Ben On Wed, Jan 9, 2013 at 1:32 PM, Michael G. Schwern wrote: > On 1/9/13 12:02 PM, Nathan Williams wrote: >> For most of the folks who settle on the frameworks, I think the motives >> tend to center around using a common code base that developers are >> familiar with (most developers these days tend to change projects ever >> year or so), and the ability to get running quickly, where most of the >> scaffolding is done for you, and your team can immediately get to work >> on the bits that make your project unique. >> >> These are understandable motivations, but I think a lot of folks get >> caught by the consequences down the road when things go off the tracks >> and no-one knows why. > > I'm sure C programmers were moaning the same refrain at Perl 25 years ago. > > Could your average, or even above average, Perl programmer debug the > regex engine or write a meaningful C program? Have they even looked at > the Perl source lately? Do they pour over the code of every CPAN module > and all the modules they depend on? > > Computing is made of layers. Stacking them up and trusting they're > reliable is what allows us to progress. We're lucky if we understand > and give any attention to even one layer down. > > Its short sighted and hypocritical to become righteous when > $num_layers_i_am_comfortable_with + 1 has a glitch. > _______________________________________________ > Pdx-pm-list mailing list > Pdx-pm-list at pm.org > http://mail.pm.org/mailman/listinfo/pdx-pm-list From keithl at gate.kl-ic.com Wed Jan 9 14:58:28 2013 From: keithl at gate.kl-ic.com (Keith Lofstrom) Date: Wed, 9 Jan 2013 14:58:28 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: References: <20130109045831.GA32447@gate.kl-ic.com> <50EDCCC5.2060701@nathanewilliams.com> <50EDE1F1.9000106@pobox.com> Message-ID: <20130109225828.GA3412@gate.kl-ic.com> On Wed, Jan 09, 2013 at 01:39:11PM -0800, Ben Prew wrote: > http://xkcd.com/378/ > --Ben Real programmers use solder. -- Steve Ciarcia Mediated through butterflies. -- Randall Munroe? BTW, I posted the original comment because the consequences could affect some people here, and others of us might be able to help, not because RoR programmers are bad. Keith -- Keith Lofstrom keithl at keithl.com Voice (503)-520-1993 From enobacon at gmail.com Wed Jan 9 18:16:52 2013 From: enobacon at gmail.com (Seven til Seven) Date: Wed, 9 Jan 2013 18:16:52 -0800 Subject: [Pdx-pm] tomorrow: sqitch Message-ID: <201301091816.52973.enobacon@gmail.com> Thu. January 10th, 6:53pm at FreeGeek ? 1731 SE 10th Ave. (if you don't get this until tomorrow, that's "tonight!") speaker: David Wheeler Sane Database Change Management with Sqitch SQL change management is hard. Most ?migration?-style implementations require opaque naming conventions, prefer DSLs that cover a fraction of SQL, and require duplication of code for simple changes to existing functions. Such does not have to be. And now it?s not Introducing Sqitch, simple SQL change management that doesn?t suck. Sqitch doesn?t care what programming language your app is written in. It has no opinions as to what database to use or what its schema should look like. And it doesn?t require sequentially-named migration scripts or the use of any DSL other than SQL. Sqitch lets you to write SQL migration scripts that target your database, and provides a simple, unintrusive interface for specifying dependencies, so that it can run things in the proper order. So come to this talk to learn all about Sqitch: How it works, where to get it, and how to get the most out of managing database deployments. David Wheeler is Senior Data Architect at iovation and an associate at PGExperts. He is responsible, among other things, for PGXN, pgTAP, DesignScene, and way too many CPAN modules. He lives in Portland unless he?s traveling with his family. As usual, the meeting will be followed by social hour at the Lucky Lab. -- --------------------------------------------------- http://pdx.pm.org --------------------------------------------------- From enobacon at gmail.com Wed Jan 9 18:31:00 2013 From: enobacon at gmail.com (Eric Wilhelm) Date: Wed, 9 Jan 2013 18:31:00 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <20130109225828.GA3412@gate.kl-ic.com> References: <20130109045831.GA32447@gate.kl-ic.com> <20130109225828.GA3412@gate.kl-ic.com> Message-ID: <201301091831.00775.enobacon@gmail.com> # from Keith Lofstrom on Wednesday 09 January 2013: >On Wed, Jan 09, 2013 at 01:39:11PM -0800, Ben Prew wrote: >> http://xkcd.com/378/ >> --Ben > >Real programmers use solder. -- Steve Ciarcia > >Mediated through butterflies. -- Randall Munroe? > >BTW, I posted the original comment because the consequences >could affect some people here, and others of us might be >able to help, not because RoR programmers are bad. http://xkcd.com/303/ Seriously though, 'include("http://example.com/root_me.php")' was never a good idea. This one has a few more layers in it, but still: Take a standard household robot, attach an ethernet connection, assign a public IP, hand it the soldering iron, and walk away. What do you expect? --Eric -- --------------------------------------------------- http://scratchcomputing.com --------------------------------------------------- From keithl at gate.kl-ic.com Wed Jan 9 19:57:33 2013 From: keithl at gate.kl-ic.com (Keith Lofstrom) Date: Wed, 9 Jan 2013 19:57:33 -0800 Subject: [Pdx-pm] Ruby on Rails exploit In-Reply-To: <201301091831.00775.enobacon@gmail.com> References: <20130109045831.GA32447@gate.kl-ic.com> <20130109225828.GA3412@gate.kl-ic.com> <201301091831.00775.enobacon@gmail.com> Message-ID: <20130110035733.GA3919@gate.kl-ic.com> On Wed, Jan 09, 2013 at 01:39:11PM -0800, Ben Prew wrote: > http://xkcd.com/378/ On Wed, Jan 09, 2013 at 06:31:00PM -0800, Eric Wilhelm wrote: > http://xkcd.com/303/ Will this turn into a discussion of WWW::Comic::Plugin::XKCD ? Sadly, that only returns the most recent comic. There should be a CPAN module that you can feed an array of keywords, and it will return the /most appropriate/ xkcd cartoon. This may be a solvable problem, as it could datamine http://forums.xkcd.com/viewforum.php?f=7 and match against strings in that. And may I suggest the creation of WWW::Exploit, which, given a URL, returns an exploit for the site? Keith -- Keith Lofstrom keithl at keithl.com Voice (503)-520-1993 From ben.hengst at gmail.com Fri Jan 18 16:08:06 2013 From: ben.hengst at gmail.com (benh) Date: Fri, 18 Jan 2013 16:08:06 -0800 Subject: [Pdx-pm] Fwd: Code Today: Outsource Yourself, iPad Potty Seat, and Old Skool Pop Q In-Reply-To: <1358549682.10387.0.762688@post.oreilly.com> References: <1358549682.10387.0.762688@post.oreilly.com> Message-ID: ---------- Forwarded message ---------- From: O'Reilly Media Date: Fri, Jan 18, 2013 at 2:54 PM Subject: Code Today: Outsource Yourself, iPad Potty Seat, and Old Skool Pop Q To: ben.hengst at gmail.com ** View in browser. [image: O'Reilly OSCON - Newsletter Header] Greetings Developers, The annual tech toy fest that is the *Consumer Electronics Show* is over, leaving thousands of dazed revlers wondering how the world ever got along without a iPad-connected potty seat . But amid all the hype and iPhone cases, do you think that there was anything that really will make a difference? Are *phablet*s the next hot mobile platform? Will ultra-HD displays make TV more real? We wonder:* Did you hear of anything at CES that made you take notice?* Let us know at code-newsletter at oreilly.com. We're glad to gift all respondents a free O'Reilly ebook of choice. Cheers, The Code newsletter team ------------------------------ OSCON 2013 Call for Speakers Is Open for OSCON 2013 [image: OSCON Images] We're looking for speakers to be part of the program for the 15th edition of OSCON, happening July 22-26, 2013, in Portland, Oregon. If you have a new idea, a better way to do something, an interesting and instructive case study (battle scars optional), or the desire to pass on your hard-won knowledge, submit a proposal to lead sessions or tutorials. Find Out More ? ------------------------------ Open Dialog What the Open Source Community Is Talking About A Broken Link [image: Aaron Swartz]The big story this week was the deathof RSS and Reddit w?nderkind *Aaron Swartz*, who apparently committed suicide amidst a controversial federal prosecution for allegedly stealing research papers from a digital repository at MIT. Swartz was a true prodigy, and a vocal advocate for open access to research and government data. He is missed. Open Source Datacenter Facebook, Intel, and Rackspace were just a few of the computing giants involved in unveiling more detailsof their *Open Compute* project. Standardizing data center hardware could help a lot in terms of designing more efficient power and cooling to go with it. Future Perfect What are the essential skills that programmers need for the coming decade, how should you focus your learning, and what are the short-term trends and long-term shifts you should know about? These are just some of the questions that O'Reilly's *Edd Dumbill* addresses as he begins a new seriesfocused on the art and business of programming. Through Google-Colored Glasses Now that Google has announced their augmented reality glass project, they're looking for a few good apps. If you want to try your chances, there are upcoming SF and NYC hackathonsplanned for the end of the month. For Reals [image: RedHat]Yes, Virginia, you can make money with open source. Because the *Harvard Business Review* says so . ------------------------------ Pop! The Weekly Quiz Old-School Tagging [image: Those Obnoxious Aliens!]This week's puzzler comes from the annals of history. Where can you find a famous piece of graffiti that complains of the lack of bathroom facilities at an inn? Think you know? Write code-newsletter at oreilly.comwith your answer. The first correct respondent is welcome to choose a free ebook from the O'Reilly catalog. *LAST TIME*, *Taper Wickel *knew that you could find an assortment of oddball characters in the anime series "Urusei Yatsura" (Those Obnoxious Aliens). ------------------------------ Q's A'd The Interactive Bit The Year That Was [image: signpost]Last week, we asked for your 2012 highlights. As always, we regret that we can only reprint a small sample of your responses here. Let's begin with our favorite, care of *Jason Cameron*, who makes our day by responding that he doesn't mean to be a suck-up, but that "OSCON was my highlight of last year. Learning about open badges, SLC, and other advances in edtech was awesome!" We love you, Jason. "The world didn't end," observes *Rich McGee*, "and my company didn't force us to switch to Windows 8!" *Dewald Esterhuizen* merely became immortal last year. He reports: "I changed completely from maintaining ultra high privacy online to completely embracing social media. Within a short space of time I literally flooded the internet with my true identity . . . . Once something/someone becomes part of the internet it becomes virtually impossible to erase those online references. I am part of the internet, I am therefore immortal. . . ." The Olympics were *Jose's* favorite part of last year; *Nishant* "created and successfully deployed an enterprise point of sale app for a major fashion retailer in U.S."; *Moshe* welcomed a new grandbaby; *Ntaskas*cites a "new, 4mm-thick 55-inch, OLED 3D HDTV that's thinner than a smartphone"; and *Dave* says that his highlight "was moving completely off the Windows platform." A fine year was had by all! ------------------------------ tail -f /dev/newsletter All Good Things Must End Creative Outsourcing Anyone doing software development in a large corporation knows the fear that his o[image: Bar Code Boy]r her job may be outsourced to India or China. One enterprising developer decided to be proactive, and outsource his job himself. By overnighting his SecureID token to a consulting firm in China, he was able to keep 80% of his salary for himself, while sitting around all day working on personal projects and surfing the web. Meanwhile, the Chinese company churned out his code for him. Alas, his scheme was foiled when corporate security noticed twice-daily VPN connections from his computer to a network in China, but before he was caught, he had managed to create a reputation as one of the best programmers in the company. All the story needs to be completely ironic would be to find out that the Chinese company was outsourcing it back to an unemployed American developer, but no such luck. In this Issue: - CES 411 - OSCON Call for Speakers - Yes, Virginia - Old-School Tagging - The Year That Was - Inter-Continental-Tele-Commuting ------------------------------ Follow us: [image: Twitter] [image: YouTube] [image: Slideshare] [image: Facebook] [image: LinkedIn] ------------------------------ Free Webcasts: Meet experts online. [image: Matt Richardson] So you got a Raspberry Pi for the Holidays Jan. 23, 10am PT [image: Register Now Button] [image: Alistair Croll] Five Things You Need To Know About Startup Analytics Mar. 6, 10am PT [image: Register Now Button] More Webcasts ? ------------------------------ New Titles: [image: 802.11ac: A Survival Guide] 802.11ac: A Survival Guide [image: Asterisk: The Definitive Guide] Asterisk: The Definitive Guide [image: Designing Evolvable Web APIs with ASP.NET] Designing Evolvable Web APIs with ASP.NET More New Titles ? ------------------------------ Upcoming Events: [image: Fluent Conference] Fluent Conference May 28-30 2013 S.F., CA [image: OSCON Conference] OSCON July 22-26, 2013 Portland, OR More Events ? Development & Programming O'Reilly Code You are receiving this message because you attended a previous OSCON Conference or have expressed a strong interest in a open?source related technology. Keep up on all things O'Reilly by signing up for our email newsletters, product alerts, and promotions at elists.oreilly.com. To ensure delivery to your inbox (not bulk or junk folders), please add oreilly at post.oreilly.com to your address book. To unsubscribe from all email announcements from O'Reilly, click here. O'Reilly Media, Inc. 1005 Gravenstein Highway North, Sebastopol, CA 95472 (800) 889?8969 or (707) 827?7019 -- benh~ http://about.notbenh.info Stability is not a Regression. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben.hengst at gmail.com Fri Jan 25 15:09:54 2013 From: ben.hengst at gmail.com (benh) Date: Fri, 25 Jan 2013 15:09:54 -0800 Subject: [Pdx-pm] Fwd: Code Today: OS Envy, Harpooning Narwhal, None of Your Business, CES 411, and Other Stories In-Reply-To: <1359154553.8381.0.136175@post.oreilly.com> References: <1359154553.8381.0.136175@post.oreilly.com> Message-ID: ---------- Forwarded message ---------- From: O'Reilly Media Date: Fri, Jan 25, 2013 at 2:55 PM Subject: Code Today: OS Envy, Harpooning Narwhal, None of Your Business, CES 411, and Other Stories To: ben.hengst at gmail.com ** View in browser. [image: O'Reilly OSCON - Newsletter Header] Greetings Developers, Making it official on Google+this week, developer *Alan Cox*, second only to the great *Linus Torvalds* himself, announced his resignation from Intel, assuring that the old "family reasons" chestnut might this time be true. Before leaving, however, Cox reamed former employerRed Hat over its Fedora 18 system, saying he'd stick to Ubuntu instead. Now that we've got your head spinning with thoughts of Linus and kernels and red hats and fedoras and Ubuntu (originailly known as a southern African humanist philosophy), we merely want to know: *What's your preferred Linux distribution system and why?* Write to us at code-newsletter at oreilly.com. We're glad to gift all respondents a free O'Reilly ebook of choice. Cheers, The Code newsletter team ------------------------------ OSCON 2013 Call for Speakers Is Open for OSCON 2013 [image: OSCON Images] We're looking for speakers to be part of the program for the 15th edition of OSCON, happening July 22-26, 2013, in Portland, Oregon. If you have a new idea, a better way to do something, an interesting and instructive case study (battle scars optional), or the desire to pass on your hard-won knowledge, submit a proposal to lead sessions or tutorials. Find Out More ? ------------------------------ Open Dialog What the Open Source Community Is Talking About Open Source OS [image: Firefox Fone]Evidently feeling browser OS envy, *Mozilla* has announced plans to release a smartphone with Firefoxas the operating system. It's slated to serve Brazil first, establishing itself as a less expensive next-gen phone. Das ist nicht dein Bier!* *The city of *Munich* has been a poster child for Linux adoption in government, but Microsoft claims that the German metropolis could have saved more by staying with their OS. The only problem? MS won't releasethe study that claims to prove it. Harpooning Narwhal [image: OFA]When you hire a bunch of open source programmers to code your election software, you might expect them to open source the results. This is an interesting fight . Leaky Java The Good Ship Java keeps springing leaks faster than *Captain Ellison* can patch them. After working overtime to fix a major vulnerability last week, the gang from Oracle was surely dismayed to have two morecrop up this week. ------------------------------ Pop! The Weekly Quiz The Question Is Academic Here's a collegiate quiz that could score you an ebook. *What do West Las Vegas University and Boston Bay College have in common?* Think you know? Write code-newsletter at oreilly.comwith your answer. The first correct respondent is welcome to choose a free ebook from the O'Reilly catalog. *[image: Latrinalia]LAST TIME*, *Andrew Wilson* was first to answer with the correct location of graffitiscratched out by inn patrons who, lacking a chamber pot, had simply wet the bed. Naturally, they were hotel guests in the ancient city of *Pompeii*. ------------------------------ Q's A'd The Interactive Bit ?Caliente! [image: Phone in Water]Last week, we nattered on about the recent Consumer Electronics Show and wondered if you had seen or read about anything hot emerging from its littered Vegas floor. As always, we regret being unable to reprint all of your smart answers. "The buzz around here," says *Abigail*, "has been about the *Sony Xperia Z phone*, which doesn't seem like something?out of all the gadgetry at CES?that would be the pick item. But we're quite interested in its ability to natively display 1920x1080 pixels with such a small, thin form factor." *Robert Stephenson* found two items of interest, first citing "*Securify's Almond+ touchscreen router*." His second pick? "*Syntellia's Fleksy keyboard for cellphones*." He explains: "Besides the usual dictionary correction, the key positions on the screen are also adaptive so if, for example, you start typing on the home row but shifted one key to the left, it will type the correct letters even though every letter you typed was wrong. They demoed typing correctly on a touchscreen with their eyes closed. Now in beta for Android." We want this item! "What made me take the most notice was the proliferation of wearable tech," says *Simon*. "I purchased a *Nike Fuel Band* for my father [as] an incentive for him to be more active. I love the idea of these small unobtrusive sensors able to collect data for you." And *Blaed* adds, "I thought that *Corning's willow glass* holds some interesting possibilities, and the *Luminae keyboard* looks promising!" ------------------------------ tail -f /dev/newsletter All Good Things Must End Dating's in the Details [image: Amy & Hubby]After a long-term relationship ended, *Amy Webb* wasn't willing to dilly-dally with her heart. Instead, she reverse-engineered her online dating profile using analytics to create a super-profile. What she discovered is painful and fascinating. If you're a woman looking to meet a man, it's best to have straight hair, not curly; don't mention your job or sport if they might be deemed "complicated"; answer a message 20 to 23 hours after receiving it; and keep your self-description to 500 words or less. And that's just the beginning. Dang right Amy found her man. See how she did it. In this Issue: - Linus + Linux + Cox - OSCON CFP 2013 - OS Envy - Collegiate Quiz - CES 411 - Game of Love ------------------------------ Follow us: [image: Twitter] [image: YouTube] [image: Slideshare] [image: Facebook] [image: LinkedIn] ------------------------------ Free Webcasts: Meet experts online. [image: Jeff Burtoft] Battle of the Hackers Mar. 27, 10am PT [image: Register Now Button] More Webcasts ? ------------------------------ Upcoming Events: [image: Fluent Conference] Fluent Conference May 28-30 2013 S.F., CA [image: OSCON Conference] OSCON July 22-26, 2013 Portland, OR More Events ? Development & Programming O'Reilly Code You are receiving this message because you attended a previous OSCON Conference or have expressed a strong interest in a open?source related technology. Keep up on all things O'Reilly by signing up for our email newsletters, product alerts, and promotions at elists.oreilly.com. To ensure delivery to your inbox (not bulk or junk folders), please add oreilly at post.oreilly.com to your address book. To unsubscribe from all email announcements from O'Reilly, click here. O'Reilly Media, Inc. 1005 Gravenstein Highway North, Sebastopol, CA 95472 (800) 889?8969 or (707) 827?7019 -- benh~ http://about.notbenh.info Stability is not a Regression. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben.hengst at gmail.com Wed Jan 30 16:42:22 2013 From: ben.hengst at gmail.com (benh) Date: Wed, 30 Jan 2013 16:42:22 -0800 Subject: [Pdx-pm] Fwd: Last chance to submit a proposal to speak at OSCON 2013 In-Reply-To: <1359586535.11741.0.258201@post.oreilly.com> References: <1359586535.11741.0.258201@post.oreilly.com> Message-ID: ---------- Forwarded message ---------- From: O'Reilly Open Source Convention Date: Wed, Jan 30, 2013 at 2:55 PM Subject: Last chance to submit a proposal to speak at OSCON 2013 To: ben.hengst at gmail.com ** If you cannot read the information below, view in browser. [image: O'Reilly Open Source Convention] Share your expertise at OSCON 2013 Submit your proposal by February 4 This summer, we?ll celebrate 15 years of *OSCON*, and we?re inviting you to be part of the celebration by joining the ranks of esteemed OSCON speakers. Open source has come a long way--from the early days when a handful of visionaries were working to make the case for free and open software (imagine wanting access to your source code!) to today, when open source is the standard for everyday programming languages, databases, utilities, and operating systems. These days, *who doesn?t work with open source*? *Speaking at OSCON is a great way to give back to the community* The OSCON *call for participation*will wrap up on Monday, February 4. When you speak at OSCON, you not only share your knowledge with your peers, but you get your projects, ideas, and your company in front of a savvy and connected audience. You don?t need to be a guru or experienced speaker; it?s enough to have something worthwhile to share and the desire to communicate it to others. This year, make it happen. Let us hear from you by February 4. *See a list of suggested topics and submission guidelines* . Get help writing your proposal OSCON chair Matthew McCullough will be hosting a free webcast Thursday, January 31 at 11:00am PT to give tips, pointers, and advice on *Building Proposals for Conferences *. If you can't join the live event, *register * for the webcast to receive a link to the recording afterward. Looking forward to hearing from you! *Sarah Novotny, Edd Dumbill, and Matthew McCullough* * OSCON Program Chairs* *Speak at OSCON* *- Proposals Due Feb 4 -* *Find Out More * Premier Diamond Sponsors - [image: Bluehost] - [image: Citrix Systems] Diamond Sponsors - [image: HP] - [image: Media Temple, Inc.] - [image: Shared Learning Collaborative] Titanium Sponsor - [image: OpenStack] Platinum Sponsor - [image: Google] You are receiving this message because you attended a previous OSCON Conference or have expressed a strong interest in a open source related technology. Keep up on all things O'Reilly by signing up for our email newsletters, product alerts, and promotions at elists.oreilly.com. To ensure delivery to your inbox (not bulk or junk folders), please add oreilly at post.oreilly.com to your address book. To unsubscribe from all email announcements from O'Reilly, click here. O'Reilly Media, Inc. 1005 Gravenstein Highway North, Sebastopol, CA 95472 (800) 889-8969 or (707) 827-7019 -- benh~ http://about.notbenh.info Stability is not a Regression. -------------- next part -------------- An HTML attachment was scrubbed... URL: From jonathan at leto.net Thu Jan 31 13:37:27 2013 From: jonathan at leto.net (Jonathan "Duke" Leto) Date: Thu, 31 Jan 2013 13:37:27 -0800 Subject: [Pdx-pm] Let's play the blame game Message-ID: Howdy folks, Would anybody like to chime in about who is actually to blame for this Github issue on Math::GSL ? : https://github.com/leto/math--gsl/issues/43 This seems like the system Perl on Ubuntu 12.04 is not quite configured correctly, but please (please!) tell me I am wrong. Duke -- Jonathan "Duke" Leto Leto Labs LLC http://labs.leto.net 209.691.DUKE http://dukeleto.pl -------------- next part -------------- An HTML attachment was scrubbed... URL: From enobacon at gmail.com Thu Jan 31 18:17:21 2013 From: enobacon at gmail.com (Eric Wilhelm) Date: Thu, 31 Jan 2013 18:17:21 -0800 Subject: [Pdx-pm] Let's play the blame game In-Reply-To: References: Message-ID: <201301311817.21623.enobacon@gmail.com> # from Jonathan "Duke" Leto on Thursday 31 January 2013: >Howdy folks, > >Would anybody like to chime in about who is actually to blame for this >Github issue on Math::GSL ? : > >https://github.com/leto/math--gsl/issues/43 > >This seems like the system Perl on Ubuntu 12.04 is not quite >configured correctly, but please (please!) tell me I am wrong. I had no problems building on mint 13 (ubuntu 12 upstream), though I had to install pkg-config and libgsl0-dev. "EXTERN.h no such file" should be solved by -I/usr/lib/perl/5.14/CORE My ExtUtils::Embed does not have that -I. Your report does. Go figure. CBuilder problem? (Mine is 0.280203 + tested 0.280205) Is libperl-dev not installed? BTW, `./Build clean` eats the lib dir (generated?) pm files. xs/BLAS_wrap.c doesn't exist in 0.27. --Eric -- --------------------------------------------------- http://scratchcomputing.com --------------------------------------------------- From enobacon at gmail.com Thu Jan 31 18:31:58 2013 From: enobacon at gmail.com (Seven til Seven) Date: Thu, 31 Jan 2013 18:31:58 -0800 Subject: [Pdx-pm] February social meeting next week, and maybe also on the 21st Message-ID: <201301311831.58623.enobacon@gmail.com> Hey all, Saint Valentine's birthday happens to be on the second Thursday and I hear that he'll shoot me with a diamond-tipped, chocolate-filled arrow if I schedule a meeting on his special day. So, we are rescheduling to the Lucky Lab on the first and third Thursdays (7th and 21st) this month (and you are welcome to drink beer without me on the 14th even!) We'll resume our regularly scheduled meetings in March with 7 rants about meta-object programming systems (Moe, Moose, Mo, Moo, Mouse, Zeus, and Seuss) sung in a round. --Eric -- --------------------------------------------------- http://pdx.pm.org --------------------------------------------------- From dave.merrill at frontier.com Thu Jan 31 17:25:41 2013 From: dave.merrill at frontier.com (David Merrill) Date: Thu, 31 Jan 2013 17:25:41 -0800 Subject: [Pdx-pm] Might be a job Message-ID: <510B1995.7090607@frontier.com> Hello, Perl Mongers, I'm working with someone who wants a fairly straightforward database system to process web-based applications for people who aspire to put on their stage shows in his theatre festivals. Here's the notice he posted on LinkedIn: Online database wanted I produce theatre festivals in NYC. I use Constant Contact for E-blasts. I created an online application form using their survey tools, which is a step up from having people print and fill out a paper application form, which we then need to enter into a spreadsheet and share with our staff. I'm looking to make another step up. I need the following features: * Share application form on Web site. * Allow applicants to save their work and go back to it. * Maintain applicants' privacy (from each other). * Allow upload of supporting materials in PDF, DOC, JPEG, MP3, etc. format. * Branching to different pages depending on input. * Pay different application fees depending on plan chosen, preferably with PayPal interface. * Save results, supporting materials, and payment records in manageable formats (spreadsheet, separate folders, master file, etc.). Any and all suggestions welcome! John Chatterton Executive producer, Midtown International Theatre Festival, Midwinter Madness Short Play Festival, Short Play Lab He also wants a kind of intranet access to the application data for his various staff, each of which may need to narrow their view to see a subset of the application fields. While working with him to redesign his web site (midtownfestival.org), I proposed a Perl/mySQL solution, but he seems to have an aversion to Perl, preferring a more direct use of the SQL language. I frankly didn't understand what he was asking for, but he was quite specific and seems to have had Perl experience. So I'm passing this on to any of you who do understand. It might seem odd that I would propose a specifically non-Perl job on this list, but I'm hoping some of you may have encountered an SQL alternative that can be used for this purpose. I certainly have not. If you're interested, you can contact him at midtownfestival at gmail.com. If you have questions, I'll be glad to answer them. -- *David Merrill, Clarient Solutions * /"I am always doing that which I cannot do, in order that I may learn how to do it." -- Pablo Picasso/ /"By three methods we may learn wisdom: First, by reflection, which is noblest; Second, by imitation, which is easiest; and third by experience, which is the bitterest." -- Confucius/ -------------- next part -------------- An HTML attachment was scrubbed... URL: