I should admit - I shamelessly borrowed part of the title for this post from Tyler.
I had exactly same feeling after upgrading from Ubuntu 7.10 to 8.04.

I’ve been meaning to write about this upgrade for almost two months now. Right after Ubuntu 8.04 was released I upgraded two of my laptops from Ubuntu 7.10 to 8.04. I know, I know, never download software on the release date, wait for a couple of months before all major bugs are fixed and it starts working somehow. But anyway…

Read the rest of this entry »

Even if you are not Sampo bank’s customer, but live in Finland, you have most probably heard by now about continuous problems Sampo had with their web-bank system.

When Sampo launched the new system this Easter, they took into use Java-based authentication system. Of course it didn’t work in my Ubuntu 7.10, but after removing Open JDK and installing latest Sun JDK it started functioning again - at least log in worked. This Java solution raised a lot of concerns in internet community.

Read the rest of this entry »

Yes, for the second time in my life. First time it was still in my university years. In those times if you had internet access at home, you were priveleged. Companies were paying quite a lot of money to get a slow 28K dial-up connection, and internet providers were charging per minute, not by gigabyte. I set up access to the university internet connection via modem in our lab - I was running FIDO net node on the same machine. One guy (I later on found him) noticed that there’s a PPP connection attempt before FIDO mail software kicks in and successfully brute forced the password. I should admit that I didn’t bother that much when I was setting the password - it was not the default one, but pretty close. It was quite easy to spot the attack - phone line was busy all the time. What the attacker didn’t know is that the modem I used was a sophisticated US Robotics Sportster model with CallerID detection, so it was rather easy to trace the attacker.

But that was more than 10 years ago. Now I noticed that something is wrong when I started recieving a lot of comment spam from this blog. Captcha plugin was doing an excellent job before, so I decided to check what’s going on. Somehow all plugins were disabled. Re-enabling them solved the problem with comment spam, but then Goolge started generating weird excerpts for ivankuznetsov.com search results. That’s when I started digging deeper and discovered that a hidden div with advertisments was inserted into WordPress PHP scripts.

Dreamhost support was kind enough to point me to the description of the attack that was used to break my blog. This particular problem, as well as some other security issues have been fixed in the latest Word Press release - 2.5.1. Lesson learned - update software on time and make backups.

If you are using WordPress older than 2.5.1 I would recommend you to upgrade ASAP.

After upgrading Ubuntu to 8.04 I decided it would be a good idea to finally move /home folder to a separate partition. It makes it much easier to make backups and reinstall operating system if all data/configurations are safely stored on their own partition.

Without installing additional hard drive (which would be impractical for laptop user anyway) the only source for extra space was Vista partition. Vista comes preinstalled with most modern laptops, but there’s no need for it to exist taking up to 40Gb of hard drive space, when Ubuntu is the primary OS.

WARNING: Before executing any of the belowmentioned steps, it is highly recommended to make a full backup of your data.
Read the rest of this entry »

Easter weekend didn’t start well - I decided to upgrade Joomla on one of my sites to version 1.5.1 from 1.0 and upgrade just totally ruined the entire site - content was lost, template wasn’t compatible with version 1.5.1. At first I thought that the reason is Dreamhost’s automatic one-click upgrade that I used, but even after manual reinstall Joomla kept giving weird “Fatal error: Call to a member function name() on a non-object in helper.php on line 219″ error in Control Panel, and legacy mode for old template didn’t work.

(To be fare I should say that Dreamhost provides excellent value for money. If you are looking for a good hosting - use IVANKUZNETSOV promocode and get a $50 discount when setting up an account on Dreamhost)

A thought of reinstalling all modules and reconfiguring Joomla from scratch was simply too depressive, so I decided to try another CMS. As a Ruby on Rails convert and a strong believer in open-source ideology I decided to go for Radiant - open-source CMS written in RoR. It is still in beta (latest release is 0.6.4), but it is surprisingly stable and powerful. Take a look at the footer of www.ruby-lang.org - official Ruby programming language web site - it is powered by Radiant

Installation of Radiant was rather easy - thanks to this guide and my prior experience with RoR applications deployment on Dreamhost. It took me a couple of hours to figure out how to actually create sites with Radiant - there are not that many tutorials available yet, so it is pretty much  “make by example”. Split into pages, snippets and layouts makes a lot of sense onse you get your head around it.

From my experience Joomla is an overkill for most of the small sites, and despite being WYSIWYG, it still requires a professional or at least a tech savvy to configure it. After Radiant is set up and configured it is no more difficult to add content there than to edit a wiki page because of its Textile support. But it is so much simpler and easier to use than Joomla.

I managed to restore the ruined site in a day’s time - fetched most of the lost content from Google cache, converted Joomla template into Radiant’s layouts and recreated the pages (well, it was a small site after all). First time I dealt with Joomla - I spent several days trying to figure out where are the settings that I actually need in the endless menus.

Radiant is clearly following “less is better” principle. If you want to try Radiant - there’s a live demo where you can do whatever you want with the content.

I bought myself a new laptop - Lenovo T61 (15.4″ WSXGA+ TFT, Intel GMA X3100 GM965 integrated graphics, 100Gb 7200rpm HDD, 2Gb RAM, Core 2 Duo T7500 2.2GHz CPU, integrated bluetooth, Intel PRO/Wireless 3945ABG). I was really tempted by MacBook Pro, but Lenovo with similar configuration was almost twice as cheap, and still provided everything I need. And after all what is the point of running Linux in Parallels on Mac, when you need to develop for Maemo?

Unfortunately when I bought it in February there was no option to get it without Vista preinstalled, so the first thing I had to do was to install the proper OS. Now Lenovo offers an option to get T-series laptops with SUSE Linux preinstalled.

Ubuntu 7.10 installation worked as a dream - I didn’t have to hack anything at all - everything worked out of the box. Of course I had to configure the system to my needs, but user interface was sufficient for that.

Looking forward to Ubuntu 8.04 release now:

Today the new generation Lifeblog - Nokia Photos 1.0 application was released by Nokia.

To quote Nseries web site: “Nokia Photos is a PC application designed to let you do more with your images. Just download the application to your compatible PC and you’re ready to edit, back-up, organize, print, convert, and share all the pictures and videos from your compatible PC to your device, as well as your favorite online photofeeds. And you can stop worrying about formats, codecs, resizing, or the other headaches of photo and video management. It’s easy to use, works with all Nokia Nseries devices, and is completely free to download - both as an individual application and as part of the Nokia Nseries PC Suite 2.0.”

After all I wrote about Lifeblog I really wanted to try the new release, so I dug out a computer with WinXP to install Nokia Photos 1.0.232.0.

Read the rest of this entry »

The long awaited Google phone turned out to be just an OS. What does it mean for us, mobile software developers?

Personally, I think this is great news. An open mobile platform is something that was long due to stir up the world of RIM-Windows-Symbian.

Android managed to get many things right from the very beginning, things that took several years for S60. While S60 initially took Microsoft-style approach to development community - with multi-level support, exclusive club membership with access to the source code, signing and licensing, Android is quite open and democratic.

When Google announced Android SDK - my first thoughts were - it’s a smart move to release SDK before devices are available. Google’s name alone would be enough to attract developers and hackers to this new platform, so they can create a developer community by the time devices are shipping. Then Google announced developer challenge with $10mln in awards.

Read the rest of this entry »

I used Ubuntu 7.04 on my Dell Inspiron 9100 for quite a long time. Unfortunately attempt to upgrade to 7.10 failed miserably - after reboot all I got from Gnome was gray screen (which I managed to go past by explicitly selecting session type at logon), but then “HAL failure” and other problems forced me to just make a clean install (having a separate partition for /home helped a great deal).

Read the rest of this entry »

(Via: Gábor Török and Antony Pranata)

Well, hacked - sort of. Apparenlty it is possible to obtain AllFiles capability for your applications by changing a few lines in Nokia Software Update files and flashing your phone, as described here.

For developers that means that with certain amount of effort they will be able to make their life a bit easier and explore previously hidden features of SymbianOS.

For hackers that means that they can access data cages of all applications on a stolen phone (e.g. with Y-Browser with AllFiles capability) and extract passwords from configuration files (e.g. e-mail, IM client, browser, virtually all applications that access internet services and store passwords on the mobile without encryption)

This is the first publicly available evidence of a possibility for 3rd parties to obtain AllFiles and other capabilities available only to phone manufacturers. Symbian Platform Security was considered to be “unbreakable” by far, and technically it still is - the blunder is really on NSU part.