DOCSLIB.ORG

Projects on the Move

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Projects on the Move LINUXCOVERCOMMUNITY USERSTORY SchlagwortSchlagwortFree Software sollte sollte Projectshier hier stehen stehen Schlagwort sollte hier stehen COVER STORY An up-to-date look at free software and its makers PROJECTS ON THE MOVE Free software covers such a diverse range of utilities, applications, and assorted projects that it is sometimes difficult to find the perfect tool. We pick the best of the bunch. This month we cover blogging – the latest buzz, the latest on the DPL elections, and more trouble at Debian. BY MARTIN LOSCHWITZ he EU is entering the second use, install, and configure. For example, extensible. B2 Evolution also has themes round of the battle over software administrators do not need to create a to allow users to design their own blogs. Tpatents. While supporters have database or waste time trying to set one Like the other solutions, Serendipity successfully had the directive passed by up, as Blosxom uses simple text files. [3] aims for ease of use. Themes and the EU Council of Ministers, opponents Entries can be created in the web inter- skins allow users to modify the blog soft- of patents are increasing the pressure face and uploaded via FTP or WebDAV. ware’s appearance. Version 0.8, which is prior to the second reading. The number Plugins add all kinds of functionality to still under development, even supports of pages warning about the danger of Blosxom. The default package supports Smarty framework [4] templates. software patents continues to grow. And RSS feeding of blog entries, and themes Serendipity can also manage multiple it appears unlikely – although by no give the Blosxom blog a pleasing appear- user accounts. The comment function means impossible – that the European ance. adds threading on top of B2 Evolution’s Parliament will pass the directive. offering, and this makes for less clut- Comments Wanted tered, longer discussions. Again, a spam Diaries All Round? The B2 Evolution ([2] blogging applica- filter removes the junk ads from the More and more, communicative people tion is an alternative. In contrast to blog; and if that is not enough, bloggers have adopted the idea of using a blog Blosxom, B2 Evolution can manage mul- can stipulate that they want to view to let other users share their ideas, tiple user accounts and even groups if comments first before manually manu- thoughts, and feelings. Blogs are typi- required. B2 Evolution has been trans- ally approving the comments for pub- cally edited in a browser. The blogging lated to many languages and has a com- lishing. software on the server then creates a ment function that supports interactive website to match the users' entries. communication. A blocker removes the Multi-Language Support Users who prefer to run their blogs on spam put there by pesky robots. The web interface is available in English, their own servers will need blogging B2 Evolution is the result of a com- Czech, Danish, French, German, or software – luckily many free blogging plete overhaul of B2. The software is Spanish. Administrators have a choice of applications are available. slightly more difficult to install than database back-ends, including MySQL, Blosxom, as B2 Evolution needs a PostgreSQL and SQLite, which is quite Flowery Creations MySQL database. Just like Blosxom, B2 simple to install. Serendipity also sup- The authors of Blosxom [1] claim that Evolution can generate an RSS feed from ports a wide selection of output formats. their blog management tool is easy to the blog entry headlines, and it is plugin Rather than just reading blogs in your 92 ISSUE 56 JULY 2005 WWW.LINUX - MAGAZINE.COM SchlagwortFree Software sollte hier Projects stehen COVERCOMMUNITY STORY browser, you can opt for an RSS feed, took several hours for the good news to BB-Code [5] as used by PHP-BB, various hit home. wiki formats, or ASCII text in addition to The Debian developers have put their the standard HTML. trust in Branden as one of six candidates If the word syndicate makes you think who applied for the job of steering the of the Mafia, think again. A syndicate Debian project. Last year there were only can be, and frequently is, a neutral word two genuine candidates. Some of this meaning any kind of lobby group. In the year’s candidates election campaigns context of blogs, syndication refers to were fairly similar, although there were the idea of collecting RSS feeds from some diametrically opposed views in blogs and displaying them on a common some cases. Jonathan Walther, who homepage. gained notoriety by propagating conspir- acy theories, came last. Martin Michl- The Syndicate mayr, the previous Debian Leader, did Figure 2: The DPL Branden Robinson beat The Planet Planet [6] project creates syn- not run for re-election. Anthony Towns by a short lead. dicates. It was originally designed to col- Branden Robinson sees the election late and display RSS feeds from blogs result as support for his idea of putting wanting to run Debian on other architec- belonging to a few Debian and Gnome the tasks assigned to the project leader tures would thus be forced to move to developers on the Planet Debian [7] (see into the hands of a team headed by the the unstable tree. Many developers fear Figure 1) and Planet Gnome [8] home DPL [10]. This new idea for organizing that these “second class architectures” pages. the Debian management process will could soon become neglected. Now the software is freely configu- have ample time to prove its value rable and will collate arbitrary feeds. before the next DPL elections take place To be continued… The RSS standard ensures that Planet in April 2006. Projects on the Move will be back – Planet is capable of reading and seam- hopefully with even more sensational lessly integrating feeds generated by Quicker Debian Releases? software from the FOSS scene, but we do blogs or other pages. Many projects use Debian Sarge will be released, some have one request before we go: if you Planet pages for internal communica- time! Until that happens, the release can recommend a program that you tions or for public relations work. managers have put the interim period to would like to see featured in Projects on good use speculating on improvements the Move, why not mail me with your New Debian Project Leader at the fringe of a conference in Vancou- suggestion [12]? I look forward to your Elected ver, Canada, which was initiated by a comments! ■ The perennial number two has finally Norwegian Unix user group. This is made it: Branden Robinson (Figure 2) where they drew up the so called Van- INFO won this year’s election to become the couver Document, which was then Debian Project Leader (DPL). With just a posted on the Debian developer mailing [1] Blosxom: http:// www. blosxom. com short lead over former Debian Release list for discussion [11]. Less important [2] B2 Evolution: http:// b2evolution. net Manager Anthony Towns, Branden Rob- things have led to battles in the past, so [3] Serendipity: http:// www. s9y. org inson took the top notch, and nobody it comes as no surprise that the posting [4] Smarty: http:// smarty. php. net seemed more surprised about the result gave rise to an intensive debate, includ- [5] BB-Code: http:// www. phpbb. com/ than Branden himself. In fact, he said it ing some fairly intense flaming. phpBB/ faq. php?mode=bbcode The bone of conten- [6] Planet Planet: http:// planetplanet. org tion was the idea of not [7] Planet Debian: http:// planet. debian. net offering Debian releases for all eleven of the cur- [8] Planet Gnome: http:// planet. gnome. org rently supported archi- tectures, but restricting [9] Thank you message from Branden the official release to Robinson: http:// lists. debian. org/ debian-project/ 2005/ 04/ msg00087. four architectures in the html current release cycle: the [10] Branden Robinson’s campaign plat- 386 family, the PowerPC, form: http:// www. debian. org/ vote/ Intel’s IA64, and the 2005/ platforms/ branden AMD 64. Although sup- [11] Vancouver Document by Steve Lan- port for other processor gasek: types would not disap- http:// lists. debian. org/ debian-devel- pear completely, it would announce/ 2005/ 03/ msg00012. html no longer be a manda- [12] Tips and suggestions: tory part of the Debian projects@linux-magazine. com Figure 1: Planet pages collect, collate and display RSS feeds. stable release. Users WWW.LINUX - MAGAZINE.COM ISSUE 56 JULY 2005 93.
Load more

Recommended publications
  • Hacker Public Radio
    hpr0001 :: Introduction to HPR hpr0002 :: Customization the Lost Reason hpr0003 :: Lost Haycon Audio Aired on 2007-12-31 and hosted by StankDawg Aired on 2008-01-01 and hosted by deepgeek Aired on 2008-01-02 and hosted by Morgellon StankDawg and Enigma talk about what HPR is and how someone can contribute deepgeek talks about Customization being the lost reason in switching from Morgellon and others traipse around in the woods geocaching at midnight windows to linux Customization docdroppers article hpr0004 :: Firefox Profiles hpr0005 :: Database 101 Part 1 hpr0006 :: Part 15 Broadcasting Aired on 2008-01-03 and hosted by Peter Aired on 2008-01-06 and hosted by StankDawg as part of the Database 101 series. Aired on 2008-01-08 and hosted by dosman Peter explains how to move firefox profiles from machine to machine 1st part of the Database 101 series with Stankdawg dosman and zach from the packetsniffers talk about Part 15 Broadcasting Part 15 broadcasting resources SSTRAN AMT3000 part 15 transmitter hpr0007 :: Orwell Rolled over in his grave hpr0009 :: This old Hack 4 hpr0008 :: Asus EePC Aired on 2008-01-09 and hosted by deepgeek Aired on 2008-01-10 and hosted by fawkesfyre as part of the This Old Hack series. Aired on 2008-01-10 and hosted by Mubix deepgeek reviews a film Part 4 of the series this old hack Mubix and Redanthrax discuss the EEpc hpr0010 :: The Linux Boot Process Part 1 hpr0011 :: dd_rhelp hpr0012 :: Xen Aired on 2008-01-13 and hosted by Dann as part of the The Linux Boot Process series.
    [Show full text]
  • Luigi Documentation Release 2.8.13
    Luigi Documentation Release 2.8.13 The Luigi Authors Apr 29, 2020 Contents 1 Background 3 2 Visualiser page 5 3 Dependency graph example 7 4 Philosophy 9 5 Who uses Luigi? 11 6 External links 15 7 Authors 17 8 Table of Contents 19 8.1 Example – Top Artists.......................................... 19 8.2 Building workflows........................................... 23 8.3 Tasks................................................... 28 8.4 Parameters................................................ 33 8.5 Running Luigi.............................................. 36 8.6 Using the Central Scheduler....................................... 38 8.7 Execution Model............................................. 41 8.8 Luigi Patterns............................................... 43 8.9 Configuration............................................... 48 8.10 Configure logging............................................ 60 8.11 Design and limitations.......................................... 61 9 API Reference 63 9.1 luigi package............................................... 63 9.2 Indices and tables............................................ 248 Python Module Index 249 Index 251 i ii Luigi Documentation, Release 2.8.13 Luigi is a Python (2.7, 3.6, 3.7 tested) package that helps you build complex pipelines of batch jobs. It handles dependency resolution, workflow management, visualization, handling failures, command line integration, and much more. Run pip install luigi to install the latest stable version from PyPI. Documentation for the latest release is hosted on readthedocs. Run pip install luigi[toml] to install Luigi with TOML-based configs support. For the bleeding edge code, pip install git+https://github.com/spotify/luigi.git. Bleeding edge documentation is also available. Contents 1 Luigi Documentation, Release 2.8.13 2 Contents CHAPTER 1 Background The purpose of Luigi is to address all the plumbing typically associated with long-running batch processes. You want to chain many tasks, automate them, and failures will happen.
    [Show full text]
  • Source Code Patterns of Cross Site Scripting in PHP Open Source Projects
    Source Code Patterns of Cross Site Scripting in PHP Open Source Projects Felix Schuckert12, Max Hildner1, Basel Katt2 ,∗ and Hanno Langweg12 1 HTWG Konstanz, Department of Computer Science, Konstanz, Baden-W¨urttemberg, Germany [email protected] [email protected] [email protected] 2 Department of Information Security and Communication Technology, Faculty of Information Technology and Electrical Engineering, NTNU, Norwegian University of Science and Technology, Gjøvik, Norway [email protected] Abstract To get a better understanding of Cross Site Scripting vulnerabilities, we investigated 50 randomly selected CVE reports which are related to open source projects. The vulnerable and patched source code was manually reviewed to find out what kind of source code patterns were used. Source code pattern categories were found for sources, concatenations, sinks, HTML context and fixes. Our resulting categories are compared to categories from CWE. A source code sample which might have led developers to believe that the data was already sanitized is described in detail. For the different HTML context categories, the necessary Cross Site Scripting prevention mechanisms are described. 1 Introduction Cross Site Scripting (XSS) is on the fourth place in Common Weakness Enumeration (CWE) top 25 2011 [3] and on the seventh place in Open Wep Application Security Project (OWASP) top 10 2017 [4]. Accordingly, Cross Site Scripting is still a common issue in web security. To discover the reason why the same vulnerabilities are still occurring, we investigated the vulnerable and patched source code from open source projects. Similar methods, functions and operations are grouped together and are called source code patterns.
    [Show full text]
  • LAMP and the REST Architecture Step by Step Analysis of Best Practice
    LAMP and the REST Architecture Step by step analysis of best practice Santiago Gala High Sierra Technology S.L.U. Minimalistic design using a Resource Oriented Architecture What is a Software Platform (Ray Ozzie ) ...a relevant and ubiquitous common service abstraction Creates value by leveraging participants (e- cosystem) Hardware developers (for OS level platforms) Software developers Content developers Purchasers Administrators Users Platform Evolution Early stage: not “good enough” solution differentiation, innovation, value flows Later: modular architecture, commoditiza- tion, cloning no premium, just speed to market and cost driven The platform effect - ossification, followed by cloning - is how Chris- tensen-style modularity comes to exist in the software industry. What begins as a value-laden proprietary platform becomes a replaceable component over time, and the most successful of these components finally define the units of exchange that power commodity networks. ( David Stutz ) Platform Evolution (II) Example: PostScript Adobe Apple LaserWriter Aldus Pagemaker Desktop Publishing Linotype imagesetters NeWS (Display PostScript) OS X standards (XSL-FO -> PDF, Scribus, OOo) Software Architecture ...an abstraction of the runtime elements of a software system during some phase of its oper- ation. A system may be composed of many lev- els of abstraction and many phases of opera- tion, each with its own software architecture. Roy Fielding (REST) What is Architecture? Way to partition a system in components
    [Show full text]
  • Postgresql Flyer
    PostgreSQL - English Usage Examples Further Information Development system PostgreSQL (2nd Edition), Korry Douglas, Sams Publishing, ISBN: 0672327562 A small system just for developing, running on any supported platform (Unix, Linux, Mac OS, Windows). Beginning Databases with PostgreSQL:From Novice to This system does not need much system resources. Professional, Second Edition, Neil Matthew, Apress, The result can be exported and used in the production ISBN: 1590594789 PostgreSQL system. PostgreSQL Developer's Handbook, Ewald Geschwinde, Sams Publishing, ISBN 0672322609 Beginning PHP and PostgreSQL 8, W. Jason Gilmore, Small to mid-level database server Apress, ISBN 1590595475 A small to mid-level database server has just small PHP and PostgreSQL Advanced Web Programming, hardware requirements. PostgreSQL is not running ex- Ewald Geschwinde and Robert Treat, Sams Publishing, clusive on this system but shares the resources with ISBN 0672323826 other services. A webserver (Blog, CMS) with a data- base backend is a good example. PostgreSQL homepage: www.postgresql.org pgAdmin III: http://www.pgadmin.org Large database server PgFoundry: http://pgfoundry.org phpPgAdmin: http://phppgadmin.sourceforge.net A large database server has extensive hardware re- PostGIS: postgis.refractions.net quirements and is usually dedicated to a single appli- cation or project. PostgreSQL can use the full power Slony: slony.info of the hardware without the need to share resources. PostgreSQL 8.3 What is PostgreSQL? PostgreSQL 8.3, released in early 2008, includes a record PostgreSQL is an object-relational database management number of new and improved features which will greatly system (ORDBMS). It is freely available and usable with- enhance PostgreSQL for application designers, database out licensing fee.
    [Show full text]
  • Introduction Points
    Introduction Points Ahmia.fi - Clearnet search engine for Tor Hidden Services (allows you to add new sites to its database) TORLINKS Directory for .onion sites, moderated. Core.onion - Simple onion bootstrapping Deepsearch - Another search engine. DuckDuckGo - A Hidden Service that searches the clearnet. TORCH - Tor Search Engine. Claims to index around 1.1 Million pages. Welcome, We've been expecting you! - Links to basic encryption guides. Onion Mail - SMTP/IMAP/POP3. ***@onionmail.in address. URSSMail - Anonymous and, most important, SECURE! Located in 3 different servers from across the globe. Hidden Wiki Mirror - Good mirror of the Hidden Wiki, in the case of downtime. Where's pedophilia? I WANT IT! Keep calm and see this. Enter at your own risk. Site with gore content is well below. Discover it! Financial Services Currencies, banks, money markets, clearing houses, exchangers. The Green Machine Forum type marketplace for CCs, Paypals, etc.... Some very good vendors here!!!! Paypal-Coins - Buy a paypal account and receive the balance in your bitcoin wallet. Acrimonious2 - Oldest escrowprovider in onionland. BitBond - 5% return per week on Bitcoin Bonds. OnionBC Anonymous Bitcoin eWallet, mixing service and Escrow system. Nice site with many features. The PaypalDome Live Paypal accounts with good balances - buy some, and fix your financial situation for awhile. EasyCoin - Bitcoin Wallet with free Bitcoin Mixer. WeBuyBitcoins - Sell your Bitcoins for Cash (USD), ACH, WU/MG, LR, PayPal and more. Cheap Euros - 20€ Counterfeit bills. Unbeatable prices!! OnionWallet - Anonymous Bitcoin Wallet and Bitcoin Laundry. BestPal BestPal is your Best Pal, if you need money fast. Sells stolen PP accounts.
    [Show full text]
  • Hierarchical Categorisation of Web Tags for Delicious
    HIERARCHICAL CATEGORISATION OF WEB TAGS FOR DELICIOUS J. Parra-Arnau, A. Perego, E. Ferrari, J. Forné and D. Rebollo-Monedero1 INTRODUCTION In the scenario of social bookmarking, a user browsing the Web bookmarks web pages and assigns free-text labels (i.e., tags) to them according to their personal preferences. The benefits of social tagging are clear – tags enhance Web content browsing and search. However, since these tags may be publicly available to any Internet user, a privacy attacker may collect this information and extract an accurate snapshot of users’ interests or user profiles, containing sensitive information, such as health-related information, political preferences, salary or religion. In order to hinder attackers in their efforts to profile users, this report focuses on the practical aspects of capturing user interests from their tagging activity. More accurately, we study how to categorise a collection of tags posted by users in one of the most popular bookmarking services, Delicious (http://delicious.com). METHODOLOGY As frequently done in collaborative tagging sites, the profile of a user is modelled as a tag cloud, that is, a visual representation where tags are weighted according to their frequency of use. Note that tag clouds are in essence equivalent to normalized histograms of tags. Nevertheless, the representation of a user profile as a cloud, or equivalently as a normalized histogram, of all the tags submitted by users is clearly an inappropriate approach; not only because of the intractability of the profile, but also because it makes it difficult to have a quick overview of the user interests. For example, for users posting the tags “welfare”, “Dubya” and “Katrina” it would be preferable to have a higher level of abstraction that enables us to conclude, directly from the inspection of the user profile, that these users are interested in politics.
    [Show full text]
  • A Framework for Working with Cross-Application Social Tagging Data
    TECHNISCHE UNIVERSITÄT MÜNCHEN FAKULTÜT FÜR INFORMATIK Forschungs- und Lehreinheit XI Angewandte Informatik / Kooperative Systeme A Framework for Working with Cross-Application Social Tagging Data Walter Christian Kammergruber Vollständiger Abdruck der von der Fakultät für Informatik der Technischen Universität München zur Erlangung des akademischen Grades eines Doktors der Naturwissenschaften (Dr. rer. nat.) genehmigten Dissertation. Vorsitzender: Univ.-Prof. Dr. Helmut Krcmar Prüfer der Dissertation: 1. Univ.-Prof. Dr. Johann Schlichter 2. Univ.-Prof. Dr. Florian Matthes Die Dissertation wurde am 26.06.2014 bei der Technischen Universität München eingere- icht und durch die Fakultät für Informatik am 26.11.2014 angenommen. Zusammenfassung Mit dem zunehmenden Erfolg des Web 2.0 wurde und wird Social-Tagging immer beliebter, und es wurde zu einem wichtigen Puzzle-Stück dieses Phänomens. Im Unterschied zu ausgefeilteren Methoden um Ressourcen zu organisieren, wie beispielsweise Taxonomien und Ontologien, ist Social-Tagging einfach einzusetzen und zu verstehen. Bedingt durch die Einfachheit finden sich keine expliziten und formalen Strukturen vor. Das Fehlen von Struktur führt zu Problemen beim Wiederaufinden von Informationen, da beispielsweise Mehrdeutigkeiten in Suchanfragen nicht aufgelöst werden können. Zum Beispiel kann ein Tag „dog“ (im Englischen) für des Menschen bester Freund stehen, aber auch für das Lieblingsessen mancher Personen, einem Hot Dog. Ein Bild einer Katze kann mit„angora cat“, „cat“, „mammal“, „animal“oder „creature“getagged sein. Die Art der Tags hängt sehr stark vom individuellen Nutzer ab. Weiterhin sind Social-Tagging-Daten auf verschiedene Applikationen verteilt. Ein gemeinsamer Mediator ist nicht vorhanden. Beispielsweise kann ein Nutzer auf vielen verschiedenen Applikationen Entitäten taggen. Für das Internet kann das Flickr, Delicious, Twitter, Facebook and viele mehr sein.
    [Show full text]
  • Folksonomies - Cooperative Classification and Communication Through Shared Metadata
    Folksonomies - Cooperative Classification and Communication Through Shared Metadata Adam Mathes Computer Mediated Communication - LIS590CMC Graduate School of Library and Information Science University of Illinois Urbana-Champaign December 2004 Abstract This paper examines user-generated metadata as implemented and applied in two web services designed to share and organize digital me- dia to better understand grassroots classification. Metadata - data about data - allows systems to collocate related information, and helps users find relevant information. The creation of metadata has generally been approached in two ways: professional creation and author creation. In li- braries and other organizations, creating metadata, primarily in the form of catalog records, has traditionally been the domain of dedicated profes- sionals working with complex, detailed rule sets and vocabularies. The primary problem with this approach is scalability and its impracticality for the vast amounts of content being produced and used, especially on the World Wide Web. The apparatus and tools built around professional cataloging systems are generally too complicated for anyone without spe- cialized training and knowledge. A second approach is for metadata to be created by authors. The movement towards creator described docu- ments was heralded by SGML, the WWW, and the Dublin Core Metadata Initiative. There are problems with this approach as well - often due to inadequate or inaccurate description, or outright deception. This paper examines a third approach: user-created metadata, where users of the documents and media create metadata for their own individual use that is also shared throughout a community. 1 The Creation of Metadata: Professionals, Con- tent Creators, Users Metadata is often characterized as “data about data.” Metadata is information, often highly structured, about documents, books, articles, photographs, or other items that is designed to support specific functions.
    [Show full text]
  • Serendipity in Recommender Systems JYVÄSKYLÄ STUDIES in COMPUTING 281
    JYVÄSKYLÄ STUDIES IN COMPUTING 281 Denis Kotkov Serendipity in Recommender Systems JYVÄSKYLÄ STUDIES IN COMPUTING 281 Denis Kotkov Serendipity in Recommender Systems Esitetään Jyväskylän yliopiston informaatioteknologian tiedekunnan suostumuksella julkisesti tarkastettavaksi yliopiston Agora-rakennuksen Alfa-salissa kesäkuun 7. päivänä 2018 kello 12. Academic dissertation to be publicly discussed, by permission of the Faculty of Information Technology of the University of Jyväskylä, in building Agora, Alfa hall, on June 7, 2018 at 12 o’clock noon. UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄ 2018 Serendipity in Recommender Systems JYVÄSKYLÄ STUDIES IN COMPUTING 281 Denis Kotkov Serendipity in Recommender Systems UNIVERSITY OF JYVÄSKYLÄ JYVÄSKYLÄ 2018 Editors Marja-Leena Rantalainen Faculty of Information Technology, University of Jyväskylä Pekka Olsbo, Ville Korkiakangas Publishing Unit, University Library of Jyväskylä Permanent link to this publication: http://urn.fi/URN:ISBN:978-951-39-7438-1 URN:ISBN:978-951-39-7438-1 ISBN 978-951-39-7438-1 (PDF) ISBN 978-951-39-7437-4 (nid.) ISSN 1456-5390 Copyright © 2018, by University of Jyväskylä Jyväskylä University Printing House, Jyväskylä 2018 ABSTRACT Kotkov, Denis Serendipity in Recommender Systems Jyväskylä: University of Jyväskylä, 2018, 72 p. (+included articles) (Jyväskylä Studies in Computing ISSN 1456-5390; 281) ISBN 978-951-39-7437-4 (nid.) ISBN 978-951-39-7438-1 (PDF) Finnish summary Diss. The number of goods and services (such as accommodation or music streaming) offered by e-commerce websites does not allow users to examine all the avail- able options in a reasonable amount of time. Recommender systems are auxiliary systems designed to help users find interesting goods or services (items) on a website when the number of available items is overwhelming.
    [Show full text]
  • Fuzzy Attacks on Web Logs
    Institut für Technische Informatik und Kommunikationsnetze Laura Peer Fuzzy Attacks on Web Logs Group Thesis (GA)-2011-09 August 2011 to September 2011 Tutor: David Gugelmann Co-Tutor: Dr. Stephan Neuhaus Supervisor: Prof. Dr. Bernhard Plattner 2 Abstract Oftentimes, weaknesses in web applications arise because input is not properly validated. Web programmers can make mistakes or may simply not conceive of every possible input scenario provided to their application. In this thesis we use the method of fuzzing, the automated process of feeding pseudo random input data to a program, to test web applications for bugs. Our target applications are web logs. With the help of a small program which was written for our specific task, we have discovered a number of problems and vulnerabilities. 3 4 Contents 1 Introduction 7 1.1 Motivation........................................7 1.2 The Task........................................7 1.3 Related Work......................................8 1.4 Overview........................................9 2 Background 11 2.1 Fuzzing......................................... 11 2.1.1 The Fuzzing Process............................. 11 2.1.2 Random Data Generation........................... 11 2.1.3 Vulnerabilities.................................. 12 2.2 Fuzzing the HTTP Protocol.............................. 16 2.2.1 Client to Server Transmission Analysis.................... 16 2.2.2 Server Response and Detection Methods.................. 18 2.3 Web Application Input................................. 19 3 Design 21 3.1 Analyzing the Web Log with a Web Crawler..................... 23 3.2 The HTTP Communication Interface......................... 23 3.3 Fuzzed Data Generation................................ 24 3.4 The Main Program Loop................................ 24 3.4.1 Working with the Web Sniffer Output..................... 24 3.4.2 The FuzzField Class.............................. 25 3.5 Error Detection Mechanisms............................
    [Show full text]
  • New Business Models in the Digital Age
    New business models in the digital age A dosdoce.com study sponsored by CEDRO 0. INTRODUCTION ...................................................... 3 1. DIGITAL BUSINESS MODELS ........................................... 5 1.1. Micropayments. Fragmented Content .....................................................6 1.2. Pay-Per-Use. Streaming/Pay-Per-View ...................................................11 1.3. Subscription .......................................................................17 1.4. Membership .......................................................................24 1.5. Freemium/Premium ..................................................................25 1.6. Embedded advertising ................................................................28 1.7. Open Access .......................................................................29 1.8. P2P – MOOCs ......................................................................32 2. NEW MODELS: SOMEWHERE BETWEEN EXPERIMENTING AND RATIONALIZATION .............................................. 36 2.1. Pay-what-you-want ..................................................................37 2.2. Bundling ..........................................................................39 2.3. Crowdfunding ......................................................................41 2.4. Gamification .......................................................................46 2.5. Direct selling .......................................................................49 2.6. Self-publishing ......................................................................53
    [Show full text]