Showing posts with label articles. Show all posts
Showing posts with label articles. Show all posts

Friday, February 08, 2008

Gong Xi Fa Cai

Jumlah etnis Cina di Indonesia sekitar 3,5 juta. Ini angka proyeksi. Sensus Penduduk tahun 2000 tidak mencatat angka keseluruhan etnis Cina di Indonesia. Yang dicatat adalah per provinsi. Berdasarkan data itu, Leo Suryadinata dkk.(2003) memperkirakan jumlahnya 3 juta atau 1,5 persen. Sedang jumlah penduduk Indonesia keseluruhan, menurut sensus, 205,8 juta. Dengan menggunakan asumsi tingkat pertumbuhan penduduk 1,37 persen per tahun (periode 1990-2000), angka 3,5 juta terbilang moderat.

Sensus Penduduk tahun 2000 adalah sensus pertama sejak kemerdekaan yang mencacah etinisitas, termasuk etnis Cina. Di masa penjajahan, persisnya 1930, sensus sama pernah dilakukan. Ketika itu tercatat 2,03 persen etnis Cina. Dengan alasan bisa menimbulkan konflik SARA (suku, agama, ras, dan antargolongan), sensus penduduk yang diselenggarakan setiap sepuluh tahun sekali menghilangkan pertanyaan tentang etnisitas.

Angka 1,5 persen atau 3,5 juta tentu terasa kecil. Tapi sensus bukan soal rasa. Suka atau tidak, itulah angkanya. Soal berapa persisnya jumlah etnis Cina di Indonesia memang sudah lama menjadi perdebatan. Banyak pakar dan pengamat membuat proyeksi dan perkiraan. Tak jarang bercampur dengan persepsi.

Maka, misalnya, ada yang mengestimasi jumlahnya antara 2,3 juta dan 2,6 juta (antara 2,40 persen dan 2,70 persen) pada 1961 (Skinner, 1963); pada 1965 berjumlah 2,5 juta (N. Iskandar); pada awal 1970-an berjumlah 3,6 juta atau 2,8 persen (Leo Suryadinata, 1978); pada 1970 berjumlah 3 juta (Mackie, 1976); dan pada 1975 berjumlah 5,0 juta (mantan Menlu Adam Malik).

Dibanding negara tetangga, kecuali Filipina, persentase ini terbilang kecil. Di Thailand, misalnya, persentase etnis Cina 13,0 persen, Brunei Darussalam 25,4 persen, Singapura 76,9 persen, dan Malaysia 33,1 persen (Mely G. Tan, 1985).

Persepsi atas besarnya penduduk etnis Cina di Indonesia lebih disebabkan penguasaan ruang publik. Terutama sejak Reformasi, etnis ini tak lagi dilarang mengekspresikan identitas dan budayanya di ruang publik. Perayaan Imlek, misalnya, beberapa tahun terakhir ini begitu meriah dan dahsyat. Di kota-kota besar di Indonesia, terutama yang memiliki fasilitas ruang publik seperti mal dan hotel, ritus Chun Ciek (pesta musim semi) yang mulanya dirayakan kaum petani ini nyaris mewarnai secara fantastis.

Ruang publik media juga tak kalah dahsyatnya. Menjelang dan tepat pada hari H, televisi di Indonesia memborbardir penontonnya dengan program-program yang berkaitan dengan perayaan mensyukuri berkah alam ini. Iklan-iklan di media cetak dan televisi dari berbagai korporasi besar pun seakan berlomba mengucapkan gong xi fa cai.

Apa yang bisa dibaca dari semua ini? Pertama, jumlah menjadi tidak relevan ketika perayaan identitas mengambil ruang publik. Iklan dan program berbau gong xi fa cai yang menghiasi media itu menjelaskan kekuatan etnis minoritas ini memang sungguh dahsyat baik secara ekonomi maupun budaya. Dalam bidang politik belum terlalu terlihat, memang. Ada satu dua figur dan politisi etnis Cina dalam kabinet dan lembaga perwakilan, juga ada partai politik mengusung sentimen entnis Cina, tapi perannya belum begitu menonjol. Bisa dibayangkan seperti apa hebatnya jika tiga kekuataan– ekonomi, budaya, dan politik–ini kelak bergabung.

Orang Jawa, Sunda, dan Madura sebagai etnis bisa saja besar dalam jumlah. Tapi jika jumlah itu tidak bisa ditransformasikan menjadi sebuah kekuatan, ia akan tidak terasa di ruang publik. Ketiga etnis itu bisa saja punya perayaan rakyat seperti Imlek, tapi jika mereka tidak menguasai ruang publik, perayaan identitas dan budaya itu belum tentu juga bisa semeriah dan sespektakuler perayaan Imlek.

Kedua, kita belum tahu atau belum bisa menebak ke mana arah perkembangan budaya ini. Kita belum tahu bagaimana perasaan etnis non-Cina atas hiruk-pikuk perayaan Imlek setiap tahun ini. Yang kita tahu: kita punya Pancasila dan Bhineka Tunggal Ika. Artinya, di sana ada pengakuan akan pluralitas, tapi juga kebersamaan dan toleransi. Yang kita tahu juga: kita pernah punya sejarah hitam rasialisme dan etnis Cina selalu menjadi korban. Peristiwa Sukabumi tahun 1950-an misalnya, atau Peristiwa Mei 1998 di Jakarta.

Ketiga, kita berharap perayaan Imlek tidak dipahami sebagai perebutan ruang publik secara tidak adil dan berlebihan. Kita ingin Imlek, seperti perayaan hari-hari besar pada etnis lain, seperti Galungan untuk etnis Bali, dianggap sebagai bagian dari perayaan manusia Indonesia baru. Pada titik mana persisnya pemahaman dan anggapan ini bisa diterima, sangat tergantung pada tingkat pencampuran (akulturasi) budaya yang pas dan bertolak dari pengendalian diri yang pas pula dari semua etnis.

Gong Xi Fa Cai
.


Iskandar Siahaan
Kepala Litbang Liputan 6

Tuesday, February 05, 2008

SSH: Best Practices

Introduction


Are you using SSH in the best way possible? Have you configured it to be as limited and secure as possible? The goal of this document is to kick in the new year with some best practices for SSH: why you should use them, how to set them up, and how to verify that they are in place.

All of the examples below assume that you are using EnGarde Secure Linux but any modern Linux distribution will do just fine since, as far as I know, everybody ships OpenSSH.

SSHv2 vs. SSHv1


There are numerous benefits to using the latest version of the SSH protocol, version 2, over it's older counterpart, version 1 and I'm not going into a lot of details on those benefits here - if you're interested, see the URL in the reference below or Google around. That being said if you don't have an explicit reason to use the older version 1, you should always be using version 2.

To use SSHv2 by default but permit SSHv1, locate the "Protocol" line in your sshd_config file and change it to:
Protocol 2,1

When doing 2,1 please note that the protocol selection is left up to the client. Most clients will default to v2 and "fall back" to v1, while legacy clients may continue to use v1. To force everybody to use SSHv2, change it to:
Protocol 2

When you make this change don't forget to generate the appropriate HostKey's as well! SSHv2 requires the following keys:
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

While SSHv1 requires:
# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key

Once your changes are made, restart the SSH daemon:

# /etc/init.d/sshd restart



[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

From another machine, try SSH'ing in. You can use the -v option to see which protocol is being used, and the '-oProtocol=' option to force one or the other - for example, "ssh -v -oProtocol=2 " would force protocol version 2.

Binding to a Specific Address or Non-Standard Port


If you're running SSH on an internal, firewalled, workstation then you can probably skip this section, but if you're running SSH on a firewall or on a machine with two network interfaces, this section is for you.

<!-- document.write('
'); //-->
if (!window.netshel_ord) { netshel_ord=Math.random()*10000000000000000; } if (!window.netshel_tile) { netshel_tile=1; } document.write(''); netshel_tile++; <!-- document.write('
Remove ads

'); //-->
Remove ads

<!-- document.write('

'); //-->

Out of the box OpenSSH will bind to every available network address; while convenient and suitable for most installations, this is far from optimal. If your machine has two or more interfaces then the odds are that one is "trusted" and the other is "untrusted." If this is the case, and you don't need nor want SSH access coming in on the untrusted interface, then you should configure OpenSSH to listen on a specific interface.

To have OpenSSH only bind to your internal interface, 192.168.0.1 in the example below, locate the following line in your sshd_config file:
ListenAddress 0.0.0.0

and change the 0.0.0.0 to 192.168.0.1:
ListenAddress 192.168.0.1

To verify that this change took, restart OpenSSH and look at netstat:

# /etc/init.d/sshd restart



[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

# netstat -anp | grep sshd


tcp 0 0 192.168.0.1:22 0.0.0.0:* LISTEN 7868/sshd


As you can see, the sshd daemon is now only listening on 192.168.0.1. SSH requests coming in any other interface will be ignored.

Similarly, you may want to change the port that the SSH daemon binds to. Sometimes there is a functional need for this (ie, your employer blocks outbound 22/tcp) but there is also security-through-obscurity value in this as well. While not providing any real security benefit against a determined attacker, moving the SSH daemon off of port 22 protects you against automated attacks which assume that the daemon is running on port 22.

To have OpenSSH bind to a port other than port 22, 31337 in the example below, locate the following line in your sshd_config file:
Port 22

and change the 22 to 31337:
Port 31337

To verify that this change took, restart OpenSSH and, again, look at netstat:

# netstat -anp | grep sshd


tcp 0 0 192.168.0.1:31337 0.0.0.0:* LISTEN 330/sshd


Finally, to SSH into a host whose SSH daemon is listening on a non-standard port, use the -p option:

ssh -p 31337 user@192.168.0.1



Using TCP Wrappers


TCP Wrappers are used to limit access to TCP services on your machine. If you haven't heard of TCP Wrappers you've probably heard of /etc/hosts.allow and /etc/hosts.deny: these are the two configuration files for TCP Wrappers. In the context of SSH, TCP Wrappers allow you to decide what specific addresses or networks have access to the SSH service.

To use TCP Wrappers with SSH you need to make sure that OpenSSH was built with the -with-tcp-wrappers. This is the case on any modern distribution.

As I indicated earlier, TCP Wrappers are configured by editing the /etc/hosts.deny and /etc/hosts.allow files. Typically you tell hosts.deny to deny everything, then add entries to hosts.allow to permit specific hosts access to specific services.

An example:
#
# hosts.deny This file describes the names of the hosts which are
# *not* allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
ALL: ALL
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
sshd: 207.46.236. 198.133.219.25

In the example above, access to SSH is limited to the network 207.46.236.0/24 and the address 198.133.219.25. Requests to any other service from any other address are denied by the "ALL: ALL" in hosts.deny. If you try to SSH into a machine and TCP Wrappers denies your access, you'll see something like this:

ssh_exchange_identification: Connection closed by remote host


This simple configuration change significantly hardens your installation since, with it in place, packets from hostile clients are dropped very early in the TCP session -- and before they can do any real damage to a potentially vulnerable daemon.

Public Key Authentication


The last item I will cover is public key authentication. One of the best things you can do to tighten the security of your SSH installation is to disable password authentication and to use public key authentication instead. Password authentication is suboptimal for many reasons, but mostly because people choose bad passwords and attackers routinely try to brute-force passwords. If the systems administrator has chosen a bad password and he's permitting root logins... game over.

Public key authentication is no silver bullet - similarly, people generate passphrase-less keys or leave ssh-agents running when they shouldn't - but, in my opinion, it's a much better bet.

Just about every distribution ships with public key authentication enabled, but begin by making sure it is:
RSAAuthentication yes
PubkeyAuthentication yes

Both of these options default to "yes" and the "RSAAuthentication" option is for SSHv1 and the "PubkeyAuthentication" option is for SSHv2. If you plan on using this authentication method exclusively, while you're there, you may want to disable password authentication:
PasswordAuthentication no

Before you proceed, make sure you have a terminal open on your target machine. Once you restart the SSH daemon you will no longer be able to log in without a key... which we haven't generated yet!

Once you're sure, restart the SSH daemon:

# /etc/init.d/sshd restart



[ SUCCESSFUL ] Secure Shell Daemon
[ SUCCESSFUL ] Secure Shell Daemon

Now, from your desktop, try to SSH in to your target machine:

$ ssh rwm@brainy


Permission denied (publickey,keyboard-interactive).


We're locked out! This is a good thing. The next step, on your desktop, is to generate a key:

$ ssh-keygen -t dsa -C "Ryan's SSHv2 DSA Key (Jan 2008)"



Generating public/private dsa key pair.
Enter file in which to save the key (/home/rwm/.ssh/id_dsa):
Enter passphrase (empty for no passphrase): **********
Enter same passphrase again: **********
Your identification has been saved in /home/rwm/.ssh/id_dsa.
Your public key has been saved in /home/rwm/.ssh/id_dsa.pub.
The key fingerprint is:
98:4d:50:ba:ee:8b:79:be:b3:36:75:8a:c2:4a:44:4b Ryan's SSHv2 DSA Key (Jan 2008)

A few notes on this:



  • You can generate a DSA (-t dsa), RSA (-t rsa), or SSHv1 (-t rsa1) key. In the example above I'm using dsa.

  • I like to put the date I generated the key in the comment (-C) field, that way I can change it out every so often.

  • You're entering a passphrase, not a password. Use a long string with spaces and punctuation. The longer and more complicated the better!


The command you just ran generated two files - id_dsa, your private key and id_dsa.pub, your public key. It is critical that you keep your private key private, but you can distribute your public key to any machines you would like to access.

Now that you have generated your keys we need to get the public key into the ~/.ssh/authorized_keys file on the target machine. The best way to do this is to copy-and-paste it - begin by concatenating the public key file:

$ cat .ssh/id_dsa.pub



ssh-dss AAAAB3NzaC1kc3MAAACBAL7p6bsg5kK4ES9BWLPCNABl20iQQB3R0ymaPMHK...
... ds= Ryan's SSHv2 DSA Key (Jan 2008)

This is a very long string. Make sure you copy all of it and that you do NOT copy the newline character at the end. In other words, copy from the "ssh" to the "2008)", but not past that.

The next step is to append this key to the end of the ~/.ssh/authorized_keys file on your target machine. Remember that terminal I told you to keep open a few steps ago? Type the following command into it, pasting the key you've just copied into the area noted KEY:

echo "KEY" >> ~/.ssh/authorized_keys


For example:

echo "ssh-dss AAAA5kS9BWLPCN...s= Ryan's SSHv2 DSA Key (Jan 2008)" >> ~/.ssh/authorized_keys


Now, try to SSH in again. If you did this procedure correctly then instead of being denied access, you'll be prompted for your passphrase:

$ ssh rwm@brainy



Enter passphrase for key '/home/rwm/.ssh/id_dsa':
Last login: Thu Jan 10 14:37:14 2008 from papa.engardelinux.org
[rwm@brainy ~]$

Viola! You're now logged in using public key authentication instead of password authentication.

In Summary...


SSH is a wonderful tool and is every systems administrators second best friend (Perl, of course, being the first :). It allows you to read your email from anywhere, provided you still use a terminal-based mail reader. It allows you to tunnel an xterm or X11 application from your home server to your desktop at work. It provides you a far superior alternative to FTP in SFTP and SCP.

SSH is great but just like any tool, it's only as good as you use it. I hope that you found value in some of my best practices and if you have any of your own, leave them in the comments!

Before I go, here are some additional resources on SSH:

Wednesday, January 02, 2008

50 Cunnilingus Tips from Women

We've received thousands of cunnilingus tips over the years. Here are some of the best tips we've received from women. Men, listen up!

  1. Use smooth, steady, slow rhythmic licks. Slow and steady wins the race

  2. I am new to this whole oral sex thing. My husband decided to eat me out the other night. He made these motions with his tongue and told me to guess what he was spelling against my clit. I thought it would be weird to have him do that but it really relaxed me and I had fun with it. So guys: Spell out little messages like "I love you" or "You taste good." It will take any hesitation away from your girl while she's decoding your playful messages.

  3. At Wal-Mart they have these little ice trays that make tubular ice for bottles. They sell the trays for a dollar each. Get small pieces of (what my husband and I now refer to as) Cooter Ice. Slip them around the clit and into the vaginal opening. It makes for wicked sensation.

  4. In regard to oral sex in particular, you MUST know your lover's sensitivity level. I, for one, am ultra-sensitive. If someone just dives in and attacks my clit, uses teeth, has no variation in technique, then I will probably still orgasm; however, I will be too sore to go again for hours or even days. This is extremely irritating!

  5. If I start moving toward your tongue, it's because you and I have found the exact "spot"...let ME move, don't you move.

  6. The secret is to soften the tongue and work around the clitoral area rather than aggressively attacking the clit. Variation of pattern is also important. Once I'm truly horny, an occasional flick of the tongue is ok--but only occasionally. I also think that stimulation of the G-spot, which is basically adjacent to the clit on the inside of the vagina, is important as it creates a much deeper, more intense orgasm.

  7. Nothing is more erotic than being held open with gentle loving hands. It gives direct access to the clit and he works it so well. I melt every time! When his elbows are planted at shoulder width (my lover's shoulders are quite wide) and he has me open and exposed, working away, there is no way I am able to get away.

  8. I totally agree with starting slow and looking her in the eyes. That drives me crazy. Another thing that makes me crazy is when my guy moans or growls while kissing and licking my pussy. The reverberations from the deepness of his voice drive me wild! Not to mention hearing him enjoy himself gets me off even harder.

  9. If you boys start it... KNOW that it may take awhile! Finish what you started and once you've found her hot spot, stay there!

  10. If I know I'm going to get a good eating from my man, I will eat pineapple throughout the day. He says it makes me taste unbelievable! I've also heard watermelon and celery will change the taste of your juices.

  11. Having had my pussy licked, sucked, eaten, and savored by both men and women, I can tell you that the best way to find out what she likes is to get her to play with herself. Follow her lead, and it will change each time. Sometimes my pussy wants it hard, really hard, and sometimes only the slightest feather touch will make me explode.

  12. Keep a steady rhythm going, and keep your tongue relaxed! Pointed tongues are too harsh on the clit, and actually desensitize. Another thing to keep in mind is that just because she's moaning louder doesn't mean she suddenly wants you to start going faster, make crazy figure eights, or gnaw on it. It means she likes EXACTLY what you've been doing. When a guy is doing something I really like, I'll usually say, "Don't stop," which means, "Don't stop exactly what you're doing right now."

  13. I find that just the tip of my partner's finger inserted in my pussy after he's been eating me out for little while - barely moving, just sort of tickling the entrance - makes me go nuts. Pussy eating is a delicate matter, so don't thrust your finger too vigorously. You're just trying to gently tickle her into coming!

  14. I like a guy to ask me how I like my pussy licked so I can help him find that awesome combination that makes me squirt without worrying about hurting his feelings or making him think I don't enjoy his moves. It takes a really great and confident lover to ask for feedback during hot sex. It makes me crazy!

  15. I like my man to slip his fingers into my cunt while he is paying attention to my clit! Men, if you look like you are really enjoying yourself, too, it makes all the difference. A former boyfriend used to growl into my pussy when he went down on me which was unbelievably erotic and made me feel really wanted!

  16. Don't forget about using the nose too! I love feeling my man's nose nuzzling my clit, and feeling his breathing on me, especially the moaning exhaling and him inhaling (smelling) me. Also, I don't know why, but the "wet" sound turns me on... the creamy, squishy, squelching noises.

  17. Don't bite the clit. Men don't like having their dicks bitten and we don't like having our clits bitten either. It hurts and will very quickly get us out of the mood.

  18. Don't drool and don't make loud sucking sounds. It's disgusting. A major turn off.

  19. Popsicles are a good idea. They make a guy's tongue cold and the sensation is amazing. That, and the taste will be better for the guy. It's a win-win situation.

  20. Deep kiss her clit. I love my partner deep kissing my clit, taking both lips of my vagina. I want him/her to suck on them for a long time before concentrating on my clitoris.

  21. Tongue fucking is what rocks my world. Clit play is nice to get me hot, but after that, I want your tongue flicking across my hole for a while, teasing me with the idea of going in, then giving it all to me. Clit play gets boring after awhile and many women are too sensitive there anyhow.

  22. Don't forget to warm us up first. Just like BJs aren't that great if we take your pants off and deep throat you off the bat, we like to be teased with the idea for a while, and get really, really aroused before you get started. It makes the orgasm THAT much harder.

  23. I hate the finger penetration while sucking on the clit...it's distracting. Most guys just suck the life out of you because they think it's wonderful. Licking is wonderful too. Try it. The most important thing is to watch her reaction. If she's just lying there quiet, then she is bored and wishes you would stop.

  24. Don't forget to be patient. It's not like in a porn movie - most women do not have an orgasm with in a minute or two. Like any good thing in life, it takes time and is worth waiting for.

  25. Stop and make her need it. Finger her now, slowly at first, and kiss her thighs. Start again by flicking her clit with your tongue, light pressure, then experiment with other pressure and movement. Everything on the clit feels good, but some moves feel GREAT! Play around with tongue pressure and fingering and ass fingering or ass tickling/licking (if she wants it).

  26. Use your entire face. Nothing is more frustrating than a hesitant tongue. The chin rubbing on the opening to the vagina adds to the pleasure. Also, let her know you enjoy it as well. Moan a little. A woman can tell if it's a chore.

  27. Definitely start off with light kissing and slow deliberate strokes of the tongue. Then do some circling. If your girlfriend feels your tongue is too rough when you start off, you can tell because her movements will be too jerky and squirmish. That's your hint to either slow down, decrease pressure, or find another place to lick for a few minutes till she warms up.

  28. Once I'm warmed up, I like spreading my legs wide and enjoying the hot wet lickage. What turns me on the most is talking dirty. I like asking my dude if he likes my pussy. So tell her some stuff (in between licks) that will blow her mind and enjoy what is bound to come next.

  29. My tip to all men is don't put a whole lot of saliva in her when you're licking her. It feels better when there isn't a loogie inside us we can feel.

  30. Don't shake your face - no one likes that! Also, complimenting her on her appearance down there boosts sexual confidence, which could lead to bigger and better things.

  31. There is nothing I love more than his mouth on my clit and two fingers inside me. It doesn't really matter if his tongue moves back and forth, side to side, or in circles. All that matters is that once he chooses a method he sticks to it and DOESN'T CHANGE OR STOP. After a little of this I'm begging and pleading for his fingers inside me at the same time. They don't need to thrust because everything is already so sensitive. He just slides his fingers in and does a slight "come here" type motion while continuing to use his mouth on my clit and I usually respond by coming quickly indeed!

  32. Ask your girl while you are downtown, "Right here?" and have her guide you. And once she says "YES, right there," don't stop. Don't change technique or location unless she asks you to. Too many times I have been right on the verge of cumming and the guy changes positions, my clit goes into spasms and I didn't even get to enjoy it. Damn, that pisses me off.

  33. A rigid pointy tongue is horrible, but a soft flat tongue is amazing.

  34. Enjoy it! We always get more pleasure if we feel that the guy is REALLY having fun. If I see that my boyfriend is doing it under pressure, I won't enjoy it either.

  35. I like to lay on my back while he rests his head on my left leg and begins to kiss, lick and suck me. He purses his lips as if he is saying "OOOH" and grasps my clit with his mouth, thrusting his tongue through his lips and rolling it around my button. Sometimes he goes back and forth and then around, always doing this very gently at first, then with more pressure as I began to go crazy. In Asia they call this cunnilingus technique "polishing her pearl."

  36. My boyfriend does this thing right on the clit, kind of like he is saying "LA LA LA LA!" really fast and then slowly licks up every once in awhile. Oh my god! It's great! People, I have had multiple orgasms from this little technique! And boys, I advise trying this on your girl!

  37. I like it when my lover's tongue slowly takes the tour of my labia then moves up to my clitoris, and while their tongue is concentrating there, their lower lip moist from saliva and my love juices is brushing gently around my perineum, with an occasional glance across my anus. It makes my asshole pucker and the sphincter response sends ripples through my vagina.

  38. Just because she has cum does not mean that you are done. Don't be afraid to give her clit a gentle massage with your tongue and lips as if you're calming it down just to get all worked up again.

  39. Make noises when you're eating the pussy. You want her to believe that eating her pussy is the best thing you ever tasted. Think of your favorite food and pretend the pussy is just that.

  40. That other girl was right about the "tongue fucking." Generally tongues aren't long enough to stimulate the area really well. The general entrance isn't all that sensitive and it won't really accomplish much. I'm not saying to only stick to the clit...by all means, have a wander, especially in the beginning. But just don't spend too much time trying to "tongue fuck" unless you're Gene Simmons.

  41. I love it when my boyfriend hums on my pussy. No songs, just a hum. It feels like a vibrator while he is licking on my pussy

  42. My boyfriend wasn't confident he was getting the right spot to start with, so we found it helped to place a CD over my vagina so the hole matched the position of the clitoris. That way he couldn't go wrong.

  43. Some women like a consistent rhythm when getting eaten out. Don't just dive in. Pay attention to where you are licking, how fast, and how your tongue is shaped when you do it. I personally find that a flat tongue against my clit at a steady pace (usually medium speed to start and gradually faster as I get closer to an orgasm) is most satisfying, especially if you are a beginner.

  44. There is nothing worse than a guy who finds a licking technique that the woman likes and then changes his speed or tongue position mid-lick because he is afraid she is getting bored. Really your girl is just going to get frustrated and it is going to be harder to make her cum. If she acts as if she likes what you are doing - STICK WITH IT!!! Don't change your technique because your guy friends tell you that it is best to try a bunch of tricks all in the same session. Just pay attention to her!

  45. Focus on the clit! Guys usually just want to lick all over, but that's never going to get the girl to orgasm anytime soon. Just focus on licking the clit in a solid motion or in circles, and then simultaneously finger her in her vagina. Do both of those at the same time, and she'll be reaching orgasm and begging for more!

  46. I like when my man spreads my legs wide then takes both hands to hold my lips apart while he licks around my pussy, gently flicking my clit, slowly at first then faster and faster until I cum. It drives me wild. It really makes me feel like he is so into eating me out and that there's no other place he'd rather be.

  47. We have something like 5 times the nerve endings as men do "down there." So more pressure, more motion, etc., really isn't more. It's just distracting and/or painful.

  48. As a woman, the best thing I can say is, don't just start going at it! It is uncomfortable and it helps if you set the mood first. Teasing and blowing really feels good. Let your mouth do the work, not your hands!

  49. I love it when my man uses ice cubes. He gets a cup and fills it full of ice and then slowly pushes them in one by one. When they're in, he starts to lick and kiss my clit, and once they're melted a little, he'll suck them out one by one. It's an amazing combination of the two temperatures and gives me an amazing orgasm.

  50. Ask her what she wants! We are all different and like it different ways. What worked for your last lady might not be on the list for your next. I like a tongue soft and light on my clit until I tell you to suck it! WE will let you know what feels good. Just ask!

Saturday, June 23, 2007

Brain/Machine Interfaces Approaching Usefulness

Gary writes with a link to a Wired article about a brain-machine interface that may eventually have practical purposes. Though right now it simply allows a user to move a train on a track by performing math in their head, someday it may result in more serious applications. "Honda, whose interface monitors the brain with an MRI machine like those used in hospitals, is keen to apply the interface to intelligent, next-generation automobiles. The technology could one day replace remote controls and keyboards and perhaps help disabled people operate electric wheelchairs, beds or artificial limbs. Initial uses would be helping people with paralyzing diseases communicate even after they have lost all control of their muscles. Since 2005, Hitachi has sold a device based on optical topography that monitors brain activity in paralyzed patients so they can answer simple questions - for example, by doing mental calculations to indicate 'yes' or thinking of nothing in particular to indicate 'no.'"


 




Hitachi: Move the Train With Your Brain
















AP Photo
AP Photo/Shizuo Kambayashi











Technology Video












































Buy AP Photo Reprints






















HATOYAMA, Japan (AP) -- Forget the clicker: A new technology in Japan could let you control electronic devices without lifting a finger simply by reading brain activity.


The "brain-machine interface" developed by Hitachi Inc. analyzes slight changes in the brain's blood flow and translates brain motion into electric signals.


A cap connects by optical fibers to a mapping device, which links, in turn, to a toy train set via a control computer and motor during one recent demonstration at Hitachi's Advanced Research Laboratory in Hatoyama, just outside Tokyo.


"Take a deep breath and relax," said Kei Utsugi, a researcher, while demonstrating the device on Wednesday.


At his prompting, a reporter did simple calculations in her head, and the train sprang forward - apparently indicating activity in the brain's frontal cortex, which handles problem solving.


Activating that region of the brain - by doing sums or singing a song - is what makes the train run, according to Utsugi. When one stops the calculations, the train stops, too.


Underlying Hitachi's brain-machine interface is a technology called optical topography, which sends a small amount of infrared light through the brain's surface to map out changes in blood flow.


Although brain-machine interface technology has traditionally focused on medical uses, makers like Hitachi and Japanese automaker Honda Motor Co. have been racing to refine the technology for commercial application.


Hitachi's scientists are set to develop a brain TV remote controller letting users turn a TV on and off or switch channels by only thinking.


Honda, whose interface monitors the brain with an MRI machine like those used in hospitals, is keen to apply the interface to intelligent, next-generation automobiles.


The technology could one day replace remote controls and keyboards and perhaps help disabled people operate electric wheelchairs, beds or artificial limbs.


Initial uses would be helping people with paralyzing diseases communicate even after they have lost all control of their muscles.


Since 2005, Hitachi has sold a device based on optical topography that monitors brain activity in paralyzed patients so they can answer simple questions - for example, by doing mental calculations to indicate "yes" or thinking of nothing in particular to indicate "no."


"We are thinking of various kinds of applications," project leader Hideaki Koizumi said. "Locked-in patients can speak to other people by using this kind of brain machine interface."


A key advantage to Hitachi's technology is that sensors don't have to physically enter the brain. Earlier technologies developed by U.S. companies like Neural Signals Inc. required implanting a chip under the skull.


Still, major stumbling blocks remain.


Size is one issue, though Hitachi has developed a prototype compact headband and mapping machine that together weigh only about two pounds.


Another would be to tweak the interface to more accurately pick up on the correct signals while ignoring background brain activity.


Any brain-machine interface device for widespread use would be "a little further down the road," Koizumi said.


He added, however, that the technology is entertaining in itself and could easily be applied to toys.


"It's really fun to move a model train just by thinking," he said.

How to Dominate The Sky in Future Warfare

The Dominator, the future terror of the sky


By: Lucian Dorneanu, Science Editor



Boeing’s Air Dominator
Enlarge picture

The future of air combat will make the classical dogfight obsolete. The times of air aces like the Red Baron – the most successful fighter pilot of f World War I, credited with 80 confirmed air combat victories – are gone, and the next flying aces will be unmanned drones, hunting and killing ground enemies while being remote controlled from a safe distance, or even capable of taking decisions on their own.

More and more scientists,



militarists, and governments are investing large amounts of resources in an intriguing, futuristic technology: fleets of small unmanned aerial vehicles (UAVs). The main reason for investing in UAV technology lies in the replacement of the traditional, open battleground with the urban theater of war.

Boeing’s Air Dominator is a 100 lb drone with a 12-foot span which looks like a model aircraft. It will have a special lightweight fuel cell, that could bring its endurance to over 40 hours, and there are plans for a sophisticated new vision system for mid-air refueling to increase endurance even further.

The Dominator drone will carry a payload of three explosive charges, each warhead firing an explosively-formed projectile triggered by a two-color infrared sensor. It won't operate alone, but rather in swarms of tens of drones, along with a few 'gateway' vehicles providing networked communications and refueling.

In the JITSA scheme, Dominators would be packed in pallets of twenty on a C-17 transport plane, with thirty pallets in all – that’s a total of six hundred drones. They will be able to wirelessly communicate with each other, to confirm the destruction of a target, so that ammunition is not wasted two times on the same target.

As a last resort, once the drone had fired all three warheads, it will also be able to make the ultimate sacrifice and plunge kamikaze-style into a target, creating a small blast powerful enough to destroy a terrestrial vehicle.

The manufacturers estimate that any target in the kill zone could be hit within 2-4 minutes maximum. None of those fleeting targets would escape, so this UAV will fully deserve the name of Dominator of tomorrow's sky.

NANO-BIOTECHNOLOGY


New Laser Technique Could Redefine Absolute Zero and the Kelvin


- A new and improved definition of the Kelvin unit of temperature


By: Lucian Dorneanu, Science Editor



A colorized lattice of tornado-like vortices within a spinning Bose Enstein condensate of rubidium atoms, only a few hundred billionths of degree above absolute zero
Enlarge picture

The kelvin (K) is a unit of temperature, one of the seven base units, along with the Celsius and Fahrenheit degrees. Absolute zero on the Kelvin scale is defined as being equivalent to zero kelvin (0 K). The magnitude of the kelvin unit is precisely 1 part in 273.16 parts the difference between absolute zero and the triple point of water.

Now, a group of French physicists were able to perform the first direct measurement of the Boltzmann constant, using a technique



known as laser spectroscopy, whose accuracy could help in creating a new and improved definition of the kelvin unit of temperature.

The Boltzmann constant (k or kB) is the physical constant relating temperature to energy, in fact a bridge between macroscopic and microscopic physics, relating the kinetic energy of an ensemble of microscopic particles, like gas molecules, to its temperature.

Only one technique can, so far, determine the constant to an accuracy of about 2 parts-per-million (ppm), but the new one – currently less accurate, but easily improvable – could surpass the present degree of accuracy.

This promised accuracy is welcomed by the Paris-based International Committee for Weights and Measures (CIPM), which is planning to redefine the kelvin in 2011 using kB. They want to define the kelvin and other SI units in terms of each other and the fundamental constants; more specifically, they want to define the absolute temperature involving a time unit, the second, which is known to an extremely high degree of accuracy of about one part in 1016.

The new alternative way of measuring kB to ppm accuracy, the laser spectroscopy technique, was developed by Christian Chardonnet and colleagues at Université Paris 13 - Institut Galilée, and is based on the fact that the thermal motion of a molecule – ammonia in Chardonnet’s experiment – smears out peaks in its optical absorption spectrum in a process called thermal broadening.

This phenomenon is determined by kB, but also by the pressure and temperature of the gas and the frequency of the light being absorbed, so one only needs to measure the width of the broadening as a function of pressure at a fixed temperature and frequency, to determine kB to an accuracy of about two parts in ten thousand.

Although not completely reliable yet, the researchers say this applications could be improved to 1 ppm.

Monday, April 30, 2007

Gnome 2.19.1 Released

Gnome desktop screenshot
Enlarge picture

On the road to 2.20.0 Gnome has just reached the 2.19.1 release. What does it bring new compared to 2.18? Well, first of all it brings new documentation and translations (maybe just in case the previous were not enough), new features and new bug-fixes. This is a development release though; so many modules still need improvements. The Gnome developers encourage Linux lovers to compile and test this new release and offer some for download and for some compiling tools. For example for compiling Gnome 2.19.1 you can use Garnome, which can be found here and the release should be found here along with the release notes.



The Gnome 2.19.1 developers announced this release as a snapshot of development code that is mainly intended for testing and hacking purposes. The release is though buildable and usable. You can join the Gnome project too. Any Linux fan willing to help with the Gnome development is more than welcomed here. You do not have to be a programmer to join this project, as there are also a lot of things to be improved that do not require programming knowledge.

The Gnome project aims to create an easy-to-use computing platform out of completely free software. The Gnome project gathers a lot of software and it is used in conjunction with an operating system such as Linux or Solaris. It is also part of the GNU operating system, being its official desktop environment.

Gnome was set-up in August 1997 by the GNU project as an alternative to the KDE software desktop environment that relied on the Qt widget toolkit, which did not use a free software license at that time. Gnome was intended to create a new desktop without making use of the Qt libraries. Thus, instead of Qt Gnome uses GTK+ toolkit under the GNU Lesser Public License (LPGL).

Geographic Records of the Water

The Angel Falls (Venezuela)
Enlarge picture

Water is the blood of planet Earth and its circuit maintains it alive.

And this cycle implies rivers, lakes, seas and oceans.

Here are some of their records.

The largest running water


in the world is the Amazon river. Each second, this enormous river disgorges 150,000 cubic meters of water into the Atlantic Ocean (3,120 cubic km annually).

Amazon is also the longest river in the world (4,195 mi or 6,750 km), 50 mi (80 km) longer than the Nile, and it also has the largest river basin in the world: 7,050,000 square km (2/3 of Europe or double of the sum for Mississippi and Nile).

The second river is Congo and the third by debit is Ganges.

The largest river delta in the world is that formed by the Ganges and Brahmaputra (Bangladesh and northeastern India): 7,800,000 hectares.

The longest river estuary is that of Obi (Siberia): 450 mi (720 km).

The largest lake in the world is the Caspian Sea: 424,800 square km and 975 m maximum depth.

The deepest lake in the world is Baikal (Siberia): 1,620 m. It has 23,000 cubic km of water, and harbors 1,200 animal species and 700 plant species.

The largest gulf in the world is the Gulf of Mexico: 615,000 square mi (1.6 million square km).

The shortest known river is D.River, in Oregon, that enters into the Pacific after just 132 m (440 ft).

The highest waterfall in the world is the Angel Falls (Venezuela): 979 m (3,212 ft) tall.

The biggest geyser in the world is “Old Faithful” from Yellowstone National Park (Wyomong, US): its water column is 30-54 m (100-180 ft) tall and erupts from 21 to 65 minutes.

The saltiest ocean is the Atlantic: 3.5 % salts, and amongst the seas, the record is detained by the Red Sea : 4 %.

The warmest seawater is that of the Persian Gulf: 35 degrees C, followed by the Red Sea: 32 degrees C.

The coldest seawater is that of the Ross and Weddell seas (Antarctica).

The strongest marine current is the Gulf Stream: it carries 82 million cubic meters of water per second.

The widest strait is the Yucatan Channel between Yucatan peninsula (Mexico) and Cuba: 220 km (360 mi).

It is also the deepest: 2,000 m (6,660 ft).

The longest strait is the Straits of Malacca, between Sumatra Island and Malacca peninsula: 805 km (500 mi) long.

The narrowest intercontinental strait is Bosporus (between Europe and Asia): 700-750 m wide (0.5 mi) and 80 km (50 mi) long.

The narrowest navigable strait in the world is Khalkis (Aegean Sea), between the Balkan peninsula and Eubea island: 40 m (133 ft).

The largest fjord in the world is Northwestern, located in ...eastern Greenland: 313 km (195 mi) long.

Geographic Records of the Water

The Angel Falls (Venezuela)
Enlarge picture

Water is the blood of planet Earth and its circuit maintains it alive.

And this cycle implies rivers, lakes, seas and oceans.

Here are some of their records.

The largest running water


in the world is the Amazon river. Each second, this enormous river disgorges 150,000 cubic meters of water into the Atlantic Ocean (3,120 cubic km annually).

Amazon is also the longest river in the world (4,195 mi or 6,750 km), 50 mi (80 km) longer than the Nile, and it also has the largest river basin in the world: 7,050,000 square km (2/3 of Europe or double of the sum for Mississippi and Nile).

The second river is Congo and the third by debit is Ganges.

The largest river delta in the world is that formed by the Ganges and Brahmaputra (Bangladesh and northeastern India): 7,800,000 hectares.

The longest river estuary is that of Obi (Siberia): 450 mi (720 km).

The largest lake in the world is the Caspian Sea: 424,800 square km and 975 m maximum depth.

The deepest lake in the world is Baikal (Siberia): 1,620 m. It has 23,000 cubic km of water, and harbors 1,200 animal species and 700 plant species.

The largest gulf in the world is the Gulf of Mexico: 615,000 square mi (1.6 million square km).

The shortest known river is D.River, in Oregon, that enters into the Pacific after just 132 m (440 ft).

The highest waterfall in the world is the Angel Falls (Venezuela): 979 m (3,212 ft) tall.

The biggest geyser in the world is “Old Faithful” from Yellowstone National Park (Wyomong, US): its water column is 30-54 m (100-180 ft) tall and erupts from 21 to 65 minutes.

The saltiest ocean is the Atlantic: 3.5 % salts, and amongst the seas, the record is detained by the Red Sea : 4 %.

The warmest seawater is that of the Persian Gulf: 35 degrees C, followed by the Red Sea: 32 degrees C.

The coldest seawater is that of the Ross and Weddell seas (Antarctica).

The strongest marine current is the Gulf Stream: it carries 82 million cubic meters of water per second.

The widest strait is the Yucatan Channel between Yucatan peninsula (Mexico) and Cuba: 220 km (360 mi).

It is also the deepest: 2,000 m (6,660 ft).

The longest strait is the Straits of Malacca, between Sumatra Island and Malacca peninsula: 805 km (500 mi) long.

The narrowest intercontinental strait is Bosporus (between Europe and Asia): 700-750 m wide (0.5 mi) and 80 km (50 mi) long.

The narrowest navigable strait in the world is Khalkis (Aegean Sea), between the Balkan peninsula and Eubea island: 40 m (133 ft).

The largest fjord in the world is Northwestern, located in ...eastern Greenland: 313 km (195 mi) long.

Tiny Machines Made of Microbes

Fossilized silica shells of diatom algae
Enlarge picture

Biomimetics employs organisms as models for building new machines.

But now new machines could be made of organisms. In fact, tiny machines from microorganisms.

The single-celled Spirostomum, a Paramecium-related protozoan, resembling a tiny brown worm, can contract its 0.5 mm-long body to 25% of its length


in a millisecond: this is the fastest known movement in a microorganism.

Many microorganisms are integrated in MEMS (Microelectromechanical Systems) technology, the so-called “biotic-MEMS,” developing micron-level machines.

A team of University of Washington has realized a catalogue of the most promising microorganisms (all less than 1 mm long and made of one or few cells) for MEMS systems, and which can boost the conventional MEMS technology. “Tools and concepts have been increasingly borrowed from biology to solve technology problems. Biological concepts such as self-assembly are under serious consideration by technologists now for making highly integrated nano and micro systems”, said co-author Babak Parviz, an electrical engineer.

The microorganisms were assigned into four employment fields: material synthesis, precise structure formation, as functional devices, and integrated into controllable systems. Through biomineralization, a process detected in 700 million years old rocks, microorganisms can produce at least 64 different inorganic materials employed in MEMS technology, like silicon dioxide, biogenic calcite, magnets, gold and silver crystals.

Magnetic bacteria produce magnetosome crystals, crucial for the heading of their water movements.

Unlike industrial MEMS synthesis methods, requiring high temperatures, corrosive gases, vacuums and plasma, microorganisms produce the materials at room temperature, at near-neutral pH, in water solutions.

These structures made by microbes can develop into three dimensions and can be changed with nanoscale or macroscopic (visible scale) precision.

The spicules in the skeleton walls of one deep-sea sponge have excellent fiber-optical properties.

The fields of the chemical and biological sensors (for food and environmental monitoring) could employ microorganisms, as they evolved to detect specific chemicals. “One of the most interesting applications of MOs [microorganisms] in MEMS is to directly use them for detecting chemicals. MOs can be genetically engineered to have various receptors. All the transduction and amplification machinery is already in MOs. I think integration of these MOs into MEMS platforms can generate extremely powerful chemical/biological analysis systems”, said Parviz.

There are microbes that turn chemical energy into electrical energy, like the environmentally-friendly Microbial Fuel Cells for powering robotics and biomedical devices, and for economic hydrogen production, replacing small conventional batteries.

The biggest challenge by now is to integrate these devices into controllable micron-scale systems. “Our ability to manipulate small organisms and produce platforms that can interface with them one cell at a time is brand new. It is yet to be seen how researchers will take advantage of these new capabilities”, Parviz added.

Linux Kernel 2.6.21 Released

Tux
Enlarge picture

After two and a half months from the last release, Linus Torvalds has just announced today the final and stable release of the Linux kernel, version 2.6.21. The biggest change in 2.6.21 is all the timer changes to support a tickless system:


"If the goal for 2.6.20 was to be a stable release (and it was), the goal for 2.6.21 is to have just survived the big timer-related changes and some of the other surprises (just as an example: we were apparently unlucky enough to hit what looks like a previously unknown hardware errata in one of the ethernet drivers that got updated etc). [...] So the big change during 2.6.21 is all the timer changes to support a tickless system (and even with ticks, more varied time sources). Thanks (when it no longer broke for lots of people ;) go to Thomas Gleixner and Ingo Molnar and a cadre of testers and coders." - says Linus Torvalds.

Highlights of this release include:

• VMI (Virtual Machine Interface)
• KVM updates
• Dynticks and Clockevents
• ALSA System on Chip (ASoC) layer
• Dynamic kernel command-line
• Optional ZONE_DMA
• devres (optional subsystem for drivers)
• GPIO API

Here come the new drivers:

Graphics:

• Add fbdev driver for the old S3 Trio/Virge
• Driver for the Silicon Motion SM501 multifunction device framebuffer subsystem,

Storage devices:

• Add two drivers for the it8213 IDE device, one using the old IDE stack, and other using libata
• Add IDE Driver for Delkin/Lexar/etc.. cardbus CF adapter
• Add IDE driver for Toshiba TC86C001 (old IDE stack)
• Add SCSI driver for SNI RM 53c710
• Add driver for Initio 162x SATA devices

Networking devices

• Add driver for the latest 1G/10G Chelsio adapter, T3,
• Add driver for the Attansic L1 ethernet device
• Add driver for the Gigaset M101 wireless ISDN device
• Add PC300too alternative WAN driver
• Add driver for Silan SC92031 device
• Add driver for the Davicom DM9601 USB 1.1 ethernet device

Various

• Add driver to charge USB blackberry devices
• Add driver for iowarrior USB devices.
• Add support for the GTCO CalComp/InterWrite USB tablet
• New driver for the Analog Devices ADM1029 hardware monitoring driver

For a full change-log with all the new features, drivers and improvements, please visit this website.

The Linux Kernel is the essential part of all Linux Distributions, responsible for resource allocation, low-level hardware interfaces, security, simple communications, and basic file system management.

Linux is a clone of the operating system Unix, initially written from scratch by Linus Torvalds with assistance from a loosely-knit team of hackers across the Net. It aims towards POSIX and Single UNIX Specification compliance.

You can download the Linux kernel now from Softpedia.

Tuesday, March 13, 2007

Cell Broadband Engine

IBM Cell Processor
IBM Cell Processor
Photo: www.ibm.com

'A long way from the console games that processor has come, indeed,’ (Yoda would comment on the subject), and now on to the dark side. Not having much success with the PS3, Sony is in quite a bad spot right now. Not to mention the exploding batteries phase they went through, it looks like they're not going to pull out very soon. The Wii


console had a performance on the market similar to a magic trick, now you see it, now you don't. This little detail didn't help one bit in bringing them back to business. Perhaps this is why they want to reduce costs no matter what.

This is where IBM Microelectronics steps in with the beginning of production of Cell microprocessors on a new 65nm manufacturing process. The processor is developed by IBM, Sony and Toshiba and should reduce manufacturing costs by permitting more processors to be fitted onto a single wafer. Along side the reduced manufacturing costs, other benefits of the processors built on the 65nm manufacturing process include lower power consumption and less dissipated heat. Other uses for this processor have been the introduction into IBM's BladeCenter servers.

Cell is a shorthand for Cell Broadband Engine Architecture and it combines the benefits of Power Architecture with streamlined coprocessing elements which accelerate multimedia and vector processing applications. It's composed of a dual-threaded PowerPC core and eight Synergistic Processing Engines (SPE) which are able to realize floating-point calculations. The core has 32KB L1 cache and 512KB L2 cache, and 2MB of cache are spread evenly between the eight SPEs. It also features a Rambus XDRAM Memory Interface able to sustain data transfers from 3.20GHz to 8GHz, an I/O controller and a Rambus FlexIO processor bus able to run up to 6.40GHz.

Monday, March 05, 2007

MOPB reports old hole in new version of PHP

Report of 04.03.2007 18:25

The initiators of the Month of PHP Bugs (MOPB) have published vulnerabilities in the Zend engine, PHP4, and the current developer version of the script language. Software updates have already been provided for a few of these7 flaws.










Advertisement







One of the flaws reported concerns PHP version 4.4.3 up to the current version 4.4.6. The phpinfo() function provides information about the PHP environment, including the content of variables transmitted during the request. A vulnerability to cross-site scripting (XXS) occurs when these variables are not correctly filtered. The developers already attempted to remedy the flaw in PHP 4.4.1, but they apparently missed something by incompletely backporting the correct functions from PHP5 into PHP4, leaving PHP4 still vulnerable to XSS.

In the developer version (CVS) of PHP, the developers opened up a new hole when they tried to improve insecure function calls, such as by replacing strncpy or sprintf with strlcpy or spprintf. They then made a mistake in the WDDX functions, which are used to share data between web applications. The use of strlcpy instead of strlcat can cause a buffer overflow in the processing of specially prepared WDDX packets.

As a "bonus", two security holes are marked in the Zend platform. Thanks to insecure file rights, attackers can escalate their privileges up to the root level, for instance, when they penetrate the server through a hole in PHP. In addition, another vulnerability allows php.ini to be modified so that attackers can again escalate their rights. The flaws are found in version 2.2.3 of the Zend platform and previous. Updating to version 3 solves the problem.

Also see:

Eric Raymond: Yes, "open source" is still meaningful

Mar. 01, 2007

Writing in O'Reilly's Radar, Nat Torkington argues that the term "open source" is becoming meaningless. He points to SugarCRM's badgeware, through which, he claims, only two-thirds of their code is downloadable, and rPath and MontaVista, which "sell software that works on Linux but the software itself isn't actually open source."

Open-source leader Eric S. Raymond replied to Torkington's essay in a letter to O'Reilly and several journalists, in which he asserted that the open source "label is still valid and important. I'm a pragmatist, so I'm not going to wave any flags or sing any anthems to argue this, just point out what has worked and continues to work."

"First of all, let's be clear about what 'open source' means," Raymond writes. "Software is 'open source' when it is issued under a license compliant with the Open Source Definition (OSD). Nothing any clueless or malevolent corporate marketer does can change that, because the term originated in the open-source developer community and only we have the authority to redefine it.

"If this seems excessively prescriptive to some readers, consider what would happen if a marketer tried to redefine the term 'electron' to mean 'proton', or 'big lump of green cheese', or something. This would instantly be recognized as absurd -- physicists own that term, and only they have the authority to redefine it," continues Raymond.

"Many of you know I'm a lexicographer as well as a hacker," Raymond has for many years been the maintainer of The New Hacker's Dictionary, which is available both online and from MIT Press. "I can tell you what people who make dictionaries think about controversies like this -- that technical terms of art belong to the expert communities that define them. Only *we*, the open-source community, get to redefine 'open source'," continued Raymond.

"And, occasionally, we do redefine it. OSI, the Open Source Initiative, added a tenth clause to the OSD a few years back to deal with click-wrap licensing. Right now, OSI is contemplating changes to deal with badgeware licenses of the kind Nat complains about. In doing so, OSI serves our entire community, and anyone get involved in the process through its license-discuss list."

Some companies, such as Alfresco Software, are already moving away from badgeware versions of the MPL (Mozilla Public License). In its case, Alfresco is going to the GPLv2.

"Normal evolution of the term within its defining community is one thing," explained Raymond. "Accidental or deliberate abuse of the term is another, and should be recognized and treated as such through education and persuasion and the occasional smack upside the head. Abuse is not a reason to abandon the term 'open source' any more than some fool babbling about big lumps of green cheese would be a reason to abandon the term 'electron'."

"Rather, abuse is a reason to *defend* and *explain* the term, so that it will continue to have a useful meaning. OSI does that. Nat's post amounts to asking if the community should give up the effort. I say certainly not. The only reason to abandon the term 'open source' would be if it no longer served a useful purpose, and there are at least two very large useful purposes that it does serve," said Raymond.

The OSI, which has been rather quiet lately, is becoming more active in attacking those who misuse the term.

According to Intel's senior director of open-source strategy and the OSI's secretary/treasurer, Danese Cooper, the OSI is aware that "Open Source is a big buzzword again now, and yes there are those (as there have been from the beginning) who are trying to understand how they can embroider over the edges of Open Source to achieve business goals nearly but perhaps not perfectly aligned with the spirit of the Open Source Definition."

Raymond continued: "Do we really need a reminder of why lots of people jumped on it in 1998? We had an image problem with people outside our community, especially businesses and governments. 'Free software' frightened them away; I thought 'open source' might attract them. Those of us who originally took the initiative in pushing it promoted 'open source' as a cold-blooded exercise in rebranding, and that worked; our community has ridden the label to levels of acceptance we barely could have dreamed of nine years ago."

"And guess what -- 'free software' *still* has an image problem, if only because the Free Software Foundation (FSF) has responded to the success of the 'open source' label by taking a position that is more purist, more territorial, *and thus more frightening*. By doing this FSF has ironically ensured that 'open source' would remain a necessary marketing hack in our community's relations with the rest of the world," declared Raymond.

Raymond isn't the only one who sees the FSF in this way. Some of the Linux kernel core developers strongly object to the FSF's proposed GPLv3. Others, such as Linux observer Bill Weinberg, believe that the GPLv3 threatens to fork GNU projects and marginalize the FSF.

Raymond continued, "But I think the more important purpose of the term 'open source' is not as a marketing hack but as a deliberately inclusive term for the entirety of a history and a culture that transcends any of our narrow internecine disputes about licensing and propaganda. Neither the FSF nor the OSI is the axis of that history."

"Our community didn't spring full-blown from Linus Torvalds's head, nor from Richard Stallman's, nor (perish the thought!) from mine," added Raymond. It includes 'free software' developers, but also tribes like those around BSD and X that are not centered on the GPL and rejected the term 'free software' with all its ideological baggage. And it includes many more to whom the GPL/anti-GPL dispute matters only a little if at all."

"'Open source' also properly includes a lot of pre-FSF history like the early IETF [Internet Engineering Task Force] and the Tech Model Railroad Club," continued Raymond. "It's now used retrospectively by people who lived that history. I have gradually come to understand that year zero of our movement wasn't 1985, the year FSF was founded. I now think perhaps it was 1961, the year MIT took delivery of the first PDP-1 and the earliest group of self-described 'hackers' coalesced around it."

Steven Levy's Hackers: Heroes of the Computer Revolution, is the best history of this period. It covers from those early days of the Tech Model Railroad Club to the first hackers, to Stallman, who Levy called the last of the true hackers.

"Adopting a more inclusive term for all this was good magic; it pulled people together, helping them recognize common ground and a common way of thinking and working," Raymond added. "I think this (unanticipated) effect on the hacker community's conception of itself turned out to be as important as the rebranding effects on the rest of the world, if not more so."

Raymond concluded, "The flip side is that if not for 'open source', the community we cherish would be a significantly poorer, smaller, and more fractured place today. That's reason enough to keep it."


-- Steven J. Vaughan-Nichols

Tuesday, February 27, 2007

How Do We Detect Temperature?

We know how light sensation or sound sensation take place, how we smell, how we taste, but till a recent research we did not understand how we feel temperature. "For a long time, we didn’t know how temperature sensing was being carried out in animals," said Jie Zheng, assistant professor in the Department of Physiology and Membrane Biology at the UC Davis School of Medicine.

“Huge progress was made in the last decade, when scientists discovered four ion channels sensitive to heat and two cold-sensitive ones. But, it was still unclear how only six temperature-sensor channels could cover wide ranges of temperature and still discriminate subtle



differences," Zheng said.

Zheng's team employed a new technique to deal with the problem, revealing that the subunits of one channel can come together with subunits from another channel or co-assemble in laboratory cell cultures to make new functioning channels. “Assuming this process also happens in normal cells, it suggests a likely mechanism for the thermosensitivity seen in all animal cells. We found that, by reassembling subunits we potentially have a lot more than six channel types responsible for the sensing of temperature," he said.

Ion channels are tubular proteins from the cell membrane that can open and close, controlling the ions flow and the electrical charge difference between the inside and outside of the living cells. The team investigated the transient receptor potential (TRP) channels, 6 out of 20 being the channels involved in sensing temperature. “Previous studies concluded that different thermosensitive TRP channel subunits did not coassemble”, Zheng said.

The team employed a 2006 technology named spectra FRET (spectroscopy-based fluorescence resonance energy transfer) to observe interactions between different channel subunits under a microscope. "This technique allows us to look at the channel subunit composition in real-time in live cells," Zheng said. "Using spectra FRET, we were able to focus on just the signal from the plasma membrane," Zheng explained.

"What we found was that the subunits of one kind of heat-sensitive channel coassembled with subunits of other heat-sensitive channels to form new channels. This means that instead of four heat-sensitive channels we have a potential of 256 heat-sensitive channels with potentially different temperature sensitivity ranges. Using these single-molecule recordings, we see many different channel types. The next question we are trying to address is whether they really have different temperature sensitivity. We believe the answer is ‘yes,’ but we have to show that." said Zheng. “The cold- and heat-sensing subunits, however, do not seem to coassemble,” he said.

As the thermosensitive cells also detect pain, the research of these channels could prove useful for novel pain remedies. “We have to re-examine everything from how people acclimate to hot climates to how they respond to spicy food based on the understanding that there are many more kinds of channels involved," Zheng said.