fak3r

Blog

Best music of 2009

live photo of Part Chimp courtesy of Last.FM

Well 2009 was another stellar year for music if you ask me, and as usual, my yearly ‘top’ list is going on a month late. I always have these grand designs of writting a short paragragh about each selection, why I picked it, how I first heard it, etc, but you know how that goes. I will say that this year, while I’ve gotten into many bands the way I have in years past (trolling record stores, randomly listening to anything I can find online), I’ve also found things I wouldn’t have found thanks to my Twitter account. While those who don’t get Twitter think it’s just folks updating what they had for breakfast, if you stick around, dig deeper and find the right people to follow, it’s amazing wealth of information. Not requiring the effort of say a blog post allows rapid, unvarnished opinions, spouted out between people’s day to day tasks, which I always prefer since I feel I’m more lucid after a few cups of coffee while something is blaring in my ears. New this year is the reissues section, what with things like OK Computer and Young Team being reissued, I can’t help but highlight them.

As always I want to give a hat tip to the fabulous folks at my neighborhood record store, Euclid Records, where I bought almost all of these discs over the past year. I also want to recognize people like Ryan, Anthony, Mary, @fcervantes, @plasmatron, @koppper @crankin and Yvonne for a continued stream of what has their attention at any particular time – grabbing stuff and listening to it later when I have more time always reveals new sounds to me, so thanks for that. Also, as always, this list will be added to my ever expanding Noise page here, listing my favs from 2001 to the present.

Ok enough of this babble, hell, I already have a couple of possible contenders for next years list! (more…)

Feb 05, 2010 | Categories: media, music | Tags: 2009, best cds of 2009, black sheep boy, bleach, Born Like This, danger mouse, Dark Night of the Soul, david lynch, disfear, doom, Earthly Delights, elipse, imogean heap, Lightning Bolt, live the storm, mogwai, morrissey, mountain goats, music, neko case, nirvana, now we can see, ok computer, okkervil river, part chimp, phoenix, radiohead, remember severed head, rufus wainwright, sparklehorse, the clues, The Life of the World to Come, the thermals, thriller, Tornado, Wolfgang Amadeus Phoenix, years of refusal, young team | Comments

Upcoming live release from Mogwai

This year Mogwai will release a live cd and album, Special Moves, and a dvd, Burning, covering a three night set during the 2009 shows in Brooklyn. Here they are doing Mogwai Fear Satan, which while from the same tour, is not from the film, but is shot by the same people (thanks for the info Stuart, pictured above) so it’s a good look into what to expect. If it’s all like this it looks like the perfect live film in my opinion, focused on the band interactions and movement, not the audience. To find out more, and get a free mp3 download of 2 Rights Make 1 Wrong from the set, visit Special Moves. Can’t wait to see/hear this, after taking a long time to get into The Hawk Is Howling, I’m ready to see them live again. I was still ‘digesting’ the re-release of Young Team that I bought in London last year, but it’s been a long time since I’ve seen them live as they haven’t toured St. Louis, and the Austin gigs were too long ago to count. Just can’t wait for this release. (more…)

Jan 22, 2010 | Categories: movies, music | Tags: burning, live video, mogwai, mogwai fear satan, music, scotland, special moves, vimeo | Comments

HOWTO securely delete files in OS X on the commandline

So I’ve had my MacBook Pro for a few months now, and since I have a 500 Gig harddrive, I haven’t bothered to empty my trash yet. Now I’m on a work trip in China, and it makes me think about the privacy (internet and otherwise) that I have in the US, that I don’t expect here. In fact, since we’re blocked from posting to either Facebook or Twitter, I know this post will only make it there because this site will post if for me after I post it to my site (again, not something you’d think about just living in most other parts of the world). So what a good time to learn how to securely emptying my trash! The first thing I did was use the ‘Secure delete’ feature of the OS X trash folder, but with over 190,000 files to remove, it sat there at 0% while the fan spun up for about 15 minutes. That was it for me, it was clear it was going to take years for this to happen, so canceled that and hit Google to learn the right way to do it via the commandline. One of the best pages talks about srm a secure file deletion for posix systems that is installed by default on OS X. I’ve crafted my srm command to use the nice command to reduce the amount of overhead the process causes (again, the GUI version was taking over the system and heating things up quickly) and the sudo command to ensure all files would be deleted regardless of permission/ownership. In the end in looks like this:

nice -19 srm -rfv ~/.Trash/*

Yeah, while the -v flag will slow things down slightly, I prefer to have ‘verbose’ output from the command to understand exactly what it’s doing. Does anyone have better/more secure way to do this? Leave a message in the comments if you do, I’d love to learn more about this.

Jan 12, 2010 | Categories: geek, howto, travel | Tags: China, Facebook, google, Mac OS X, POSIX, posix systems, Srm, Sudo, twitter, United States | Comments

HOWTO run Chromium OS on a Dell Mini 9 with wifi

While I still really dig my Dell Mini 9, even with 2Gig of RAM it feels kinda sluggish when I have my normal 50 tabs open, and I’ve always known someone could do better (since I’m too lazy to recompile a kernel for it like I would have in the past). With all the focus on netbooks it was bound to be addressed, and while Android looks promising, it’s currently still more of a phone OS than something you’d be able to use on your netbook. I’ve run it off a USB drive on the Mini 9 just to check it out, it was cool, but again, not really usable enough for a ‘top – maybe that’s not the target. Another I want to check is Moblin, Intel’s effort using Ubuntu as a base, but I haven’t seen a Mini 9 HOWTO (maybe I’ll have to write my own…) for that. So, enter Google Chrome OS, Google’s idea of how to not only address this problem, but perhaps lay out how we will use these computers in the future. It’s always funny when I start talking about cloud and thin clients, it takes me back to dumb terminals talking to mainframes, but I digress. The point is, thanks to great posts at jasongriffey.net and Lifehacker, it’s really easy to install Google’s Chrome OS on a Dell Mini 9, the only thing I really have to add is that you have to use ChromeOS Zero from the hexxeh.net site. After all, this is an open source project, so folks are going to make changes/fix things and share with everyone. Looking at the site they had a new release, yesterday (gotta love it!) The last time I tried a build the wifi on my Mini just worked, so it looks like those problems are a thing of the past.

Jan 12, 2010 | Categories: featured, geek, headline, linux | Tags: android, Chrome OS, Dell, Dell Inc., Dell Inspiron Mini Series, Embedded Linux, google, Google Chrome OS, Google Inc., hexxeh.net site, http://chromeos.hexxeh.net/mac.html, http://www.jasongriffey.net/wp/2009/11/25/google-chrome-os-on-a-dell-mini9, Intel, Intel Corporation, Moblin, Netbooks, ubuntu | Comments

HOWTO defend databases from SQL attacks with GreenSQL

UPDATE: as if to underscore the importance of this tool and approach, yesterday a story hit about a SQL Injection attack infecting over 132,000 systems in short order. Net-Security have the full details on this attack, including how it probes the host via JavaScript to check for known vulnerabilities, how it exploits them, and how it ultimately downloads a back-door trojan to get the game going. It’s really amazing to see how complicated and professional these things have gotten, and just adds to the reasoning that we have to step up to the plate and learn how to better defend against them.

I’ve been privy to some log dumps showing real, and successful, SQL attacks on some MSSQL servers before, and they weren’t pretty. Of course a SQL injection attack has little to do with the database (well, as long as it’s still SQL based at least (nod to CouchDB and MongoDB)), and more with the code that calls it, and how that code deals with sanitizing inputs. For this reason MySQL is just as vulnerable, after all, bad code is bad code. While a client of mine opted for a firewall ‘module’ they had to buy an additional licence for, that set them back many thousands of dollars, I knew there had to be cheaper/better ways to address this kind of vulnerability. One way of course is to fix the code, but with legacy sites that no one has touched for years, this may be impractcal (I didn’t say this, I only heard it), and the other idea is to proxy the SQL and ‘clean’ it before it hits the database. The advantage of this approach is that it protects against known attacks, as well as unknown attacks, since it limits so much of what an attack is allowed to accomplish when trying to get its’ foot in the door. This approach is what the folks over at GreenSQL have done, and it’s very impressive. They sum things up nice and sweet with, “GreenSQL is an Open Source database firewall used to protect databases from SQL injection attacks. GreenSQL works as a proxy for SQL commands and has built in support for MySQL & PostgreSQL . The logic is based on evaluation of SQL commands using a risk scoring matrix as well as blocking known db administrative commands (DROP, CREATE, etc). GreenSQL is distributed under the GPL license.” (more…)

Dec 10, 2009 | Categories: commerce, geek, linux | Tags: data retention, Database, firewall, linux, mysql, network security, open source, opensource, postgresql, privacy, sql attacks | Comments