PyCon Brasil 2008

August 28, 2008

PyCon Brasil 2008

Fedora servers compromised =(

August 22, 2008

I received this email today:

From: "Paul W. Frields" <stickster@gmail.com>
To: fedora-announce-list <fedora-announce-list@redhat.com>
Subject: Infrastructure report, 2008-08-22 UTC 1200

Last week we discovered that some Fedora servers were illegally
accessed. The intrusion into the servers was quickly discovered,
and the servers were taken offline.

Security specialists and administrators have been working since
then to analyze the intrusion and the extent of the compromise
as well as reinstall Fedora systems. We are using the requisite
outages as an opportunity to do other upgrades for the sake of
functionality as well as security. Work is ongoing, so please
be patient. Anyone with pertinent information relating to this
event is asked to contact fedora-legal@redhat.com.

One of the compromised Fedora servers was a system used for
signing Fedora packages. However, based on our efforts, we have
high confidence that the intruder was not able to capture the
passphrase used to secure the Fedora package signing key. Based
on our review to date, the passphrase was not used during the
time of the intrusion on the system and the passphrase is not
stored on any of the Fedora servers.

While there is no definitive evidence that the Fedora key has
been compromised, because Fedora packages are distributed via
multiple third-party mirrors and repositories, we have decided
to convert to new Fedora signing keys. This may require
affirmative steps from every Fedora system owner or
administrator. We will widely and clearly communicate any such
steps to help users when available.

Among our other analyses, we have also done numerous checks of
the Fedora package collection, and a significant amount of
source verification as well, and have found no discrepancies
that would indicate any loss of package integrity. These
efforts have also not resulted in the discovery of additional
security vulnerabilities in packages provided by Fedora.

Our previous warnings against further package updates were based
on an abundance of caution, out of respect for our users. This is
also why we are proceeding with plans to change the Fedora package
signing key. We have already started planning and implementing other
additional safeguards for the future. At this time we are confident
there is little risk to Fedora users who wish to install or upgrade
signed Fedora packages.

In connection with these events, Red Hat, Inc. detected an intrusion
of certain of its computer systems and has issued a communication to
Red Hat Enterprise Linux users which can be found at
http://rhn.redhat.com/errata/RHSA-2008-0855.html. This communication
states in part, "Last week Red Hat detected an intrusion on certain
of its computer systems and took immediate action. While the
investigation into the intrusion is on-going, our initial focus was
to review and test the distribution channel we use with our customers,
Red Hat Network (RHN) and its associated security measures. Based on
these efforts, we remain highly confident that our systems and
processes prevented the intrusion from compromising RHN or the
content distributed via RHN and accordingly believe that customers who
keep their systems updated using Red Hat Network are not at risk. We
are issuing this alert primarily for those who may obtain Red Hat
binary packages via channels other than those of official Red Hat
subscribers."

It is important to note that the effects of the intrusion on Fedora
and Red Hat are *not* the same. Accordingly, the Fedora package
signing key is not connected to, and is different from, the one used
to sign Red Hat Enterprise Linux packages. Furthermore, the Fedora
package signing key is also not connected to, and is different from,
the one used to sign community Extra Packages for Enterprise Linux
(EPEL) packages.

We will continue to keep the Fedora community notified of any
updates.

Thank you again for your patience.

Art and Open Source

August 17, 2008

Today, I was reading tools that need to be converted or to be packaged into Solaris/OpenSolaris. One of the tools most awaited is Inkscape.

Well, now, I’m trying to compile Inkscape (svn version [1]) into my OpenSolaris. I thought to follow this tutorial, but it must be overcome and it’d take much of my time. =D

If I can compile and ran Inkscape binaries, I’ll notice in my blog and I’ll upload the package to OpenSolaris repositories.

Remember that Open Source is not only coding, visit this site and give a change to yourself: http://codefree-mag.org/

Think, breath and contribute in different ways and how you can to open source projects. We need you.

[1] – https://inkscape.svn.sourceforge.net/svnroot/inkscape/inkscape/trunk

That’s all folks.

Updating OpenSolaris

August 15, 2008

Hello all,

in my last post I have wrote about Firefox 3 on OpenSolaris. Björn corrected me about it. Firefox3 is already  in snv_95 image.

Currently, OpenSolaris 2008.05 livecd has been with environment snv86. So, let’s learn how to update your OpenSolaris image.

• Update package list

pkg refresh

• Upgrade your environment: it will create a new image to preserve and secure your current image

pkg image-update

• After some cups of coffee (a big and boring download :/), you will see this message:

A clone of opensolaris exists and has been updated and activated.
On next boot the Boot Environment opensolaris-1 will be mounted on '/'.
Reboot when ready to switch to this updated BE.

• To see your environments, just do it:

beadm list

• Now, let’s notice the grub about the changes:

pfexec mount -F zfs rpool/ROOT/opensolaris-1 /mnt

pfexec /mnt/boot/solaris/bin/update_grub -R /mnt/

• Reboot and choice “Solaris 2008.11 snv_95 X86“

OpenSolaris

August 14, 2008

Finally, I’ve decide to install OpenSolaris on my Sony Vaio laptop. It functions perfectly…video, audio, flashplayer and wireless.

I installed the OpenSolaris 2008.05 in a 50GB partition. Then, I think I have enough space to make my experiences.

And now, I’ll install Firefox3 on my OpenSolaris box. This package can be find here.

Let’s turn {on|off} TV

August 1, 2008

I am not a TV addicted, but sometimes I like to watch movies on TV. As I don’t have money to spend with Pay-per-view or Cable TV, so before turn on mine TV and tune on some channel, I search at Folha Ilustrada for good films.

I think the Folha Ilustrada is better to consult, because in there all movies are classified as good, bad, not so bad, etc..

Yesterday, I was already bored to put the URL in my Firefox browser to go Folha Ilustrada and find something intersting. Then, I make a python script to bring to me the informations, look:

#!/usr/bin/python

import urllib2
import datetime
import re
from textwrap import TextWrapper
from BeautifulSoup import BeautifulSoup

class Films():

 _url          = 'http://www1.folha.uol.com.br/folha/ilustrada/filmes/'

 _today        = datetime.date.today().strftime('%A')

 _days_of_week = { 'Monday':'segunda',
 'Tuesday':'terca',
 'Wednesday':'quarta',
 'Thursday':'quinta',
 'Friday':'sexta',
 'Saturday':'sabado',
 'Sunday':'domingo'
 }

 def __init__(self):
     self.view_films()

 def view_films(self):
     regex = re.compile('localItem*')
     clean_tags = re.compile('<(/|)(div|p|h1|h3|b|i)(| class=".*")>')

     text_wrapper = TextWrapper()
     text_wrapper.width = 72

     page = self._url + self._days_of_week[self._today] + '.shtml'
     resp = urllib2.urlopen(page)
     html = resp.read()
     resp.close()

     for i in BeautifulSoup(''.join(html)).findAll('div'):
         try:
             if re.match(regex,i['class']):
                 formatted = text_wrapper.wrap(re.sub(clean_tags,'',i.__str__()))
                 for paragraph in formatted:
                     print paragraph.decode('utf8')
                 print '\n'
         except:
             pass

if __name__ == "__main__":
    Films()

Bye.