LinuxCabal talk on Python and C

This saturday Patricio Paez gave a talk at Linux cabal on Saturday 28. So the talk main focus is not learning C or Python but a broad view of the interaction between Python and C. The first part was thinking about the way code works. First we will need the following elements:
  1. Language
  2. Platform
  3. Compilers
  4. Libraries

The stack of C will be:

  1. gcc – the compiler
  2. as – the assembler
  3. ld – linker
  4. libc – the C library

Additionally we will need a text editor, and a debugger usually known gdb.

This saturday Patricio Paez gave a talk at Linux cabal on Saturday 28. So the talk main focus is not learning C or Python but a broad view of the interaction between Python and C. The first part was thinking about the way code works. First we will need the following elements:

  1. Language
  2. Platform
  3. Compilers
  4. Libraries

The stack of C will be:

  1. gcc – the compiler
  2. as – the assembler
  3. ld – linker
  4. libc – the C library

Additionally we will need a text editor, and a debugger usually known gdb.

A simple sample would be a Hellow World hola-1.c:

#include <stdio.h>int main(){   printf("Hola Mundon");}

The compilation process would be:

$ gcc -o hola-1.c hola

We will add some changes with the same result:

#include <stdio.h>int main(){   printf("Hola);   printf ("Mundon");}

The result would be the same.

A very importat topic is using version control. Like we went through the last change we had a version 1 of hola and a second version on hola-2.c

To use this versioning we could use some tools mainly:

  1. diff
  2. patch

We can use diff by typing:

]$ diff hola-1.c hola-2.c 5c5,6<          printf("Hola Mundon");--->          printf("Hola);>             printf ("Mundon");

We look at the string 5c5,6 which basically tellus that we have something that says that a change ocurred on line 5 until 6.

The other tool we can see is sdiff what sdiff do is that it will have two areas of codes. This means that we will see the original file and the modified file on the same output side-by-side.

$ sdiff hola-1.c hola-2.c #include <stdio.h>                         #include <stdio.h>int main()                                 int main(){                                         {           printf("Hola Mundon");        |            printf("Hola);                                          >               printf ("Mundon");}                                         }

We can see the > and the | stablishing the change from one file to the next. We will use the -o option to merge the differences. This is also an interactive mode.

For the command line impared there is tkdiff which basically is a gui front end to the difference. tkdiff is available on most distros. Although I couldnt find it and instead have gtkdiff, a curses tool also exist called imediff. imediff2 is a curses based tool which uses colors to quickly see the differences as opposed of using a | and > < characters. Unfortunately I coldn’t find this tool in mandriva.

Finally the most popular is vimdiff, vimdiff is based on the vim editor. Doing vimdiff tools you will see a combination of curses and the vim editor. You will have 2 panes with each file at each side of the window. You will be able to put some of the keys.

  1. dp – delete and put the difference
  2. ctl-w -> / L will switch the left panes.
  3. g – get the changes

Finally a python based is meld, also is pretty nice stylish way. Patch was created by Larry Wall, to use path commonly people will make a diff to a 3rd file.

Media_httpfilesmyoper_dkbbb

diff -o hola-1.c hola-2.c > hola-path.cpatch -p0 < hola-patch.c

To have a versioning systems is another tool which are used on multi-user projects we can use systems like:

  1. rcs – revision control system
  2. cvs – control/concurrent versioning system
  3. svn – subversion

Finally the debugging steps which we can use using some samples which I wont put on this post. However the steps to debugg we will asume we have some files called loop.c.

First we will do some compiling:

# gcc -o loop loop.c# ./loop

now we will have a debugging using the following option:

# gcc -g -o loop loop.c# gdb loop

We will have a second command line, some tools are:

  1. run – will execute the file with errors
  2. start – will
  3. n/next – next will go step by step
  4. arrow bottons – you can go to the next or previous step
  5. step – similar to next but will get within the functions
  6. backtrace – we can see what happened previously
  7. kill – salir del programa de manera emergente
  8. finish – suficientes next hasta terminar
  9. print buff – we can print the current buffer
  10. quit/q – to end the process

Here we can go back to the difference using vi -d or vimdiff we can save having 2 files using on their panes doing:

$vi -d loop-{1,2}.c

There is a document called the linux kernel module programming guide which has a good guide about this kind of tools for those lonely nights.
Python
So now we move into Python and the way to use it:

Python is wonderful!!!

Python is a language that is commonly based on modules. Phython modules are very popular to code a module is rather simple. There is very small diffrerence between a module and a regular file.

python:>> import re>> help(re)>> re.findall('a+', 'abcdefg aabccefg')

We can make extensions in for python in C. This is a bit more challenging but it still possible.

Hactivism: Join the No-OOXML

So I have got deeply rooted to the campaign against OOXML to be corroborate as an ISO standard. Why would proprietary software and proprietary legacy formats should be qualified as an open standard. Users can’t modify the standard, that is leveraged to Microsoft. The format just plainly suck and buying the jury is always not a good sign of openness.

Just to mention some reasons why this sucks:

  1. There is already an ISO standard named ODF (Open Document Format): a dual standard adds cost to industry, government and citizens.
  2. The OOXML specification is protected by multiple patents, where as the patent holder Microsoft corporation does not guarantee not to sue or confer any other rights for competitors. The basic implementation of such standard by the competition can face patent infringement cases around the world. This means a real threat for competitive applications even before the development begins.
  3. The idea of one standard should be clear, easy to implement by any party, with smallest specification possible, it should grant privileges for using such standard in any application, provide for compatibility or better said, interoperability between different applications using the same standard, free of patent infringement. The OOXML specification is 6,000 pages, which makes it a real hard to implement for the competition. An OOXML vendor does not guarantee anything to its competition and can sue or threaten them with patents. The OOXML encapsulates other binary data, not clear what they are, which the compatibility and interoperability features between different competitors cloaks in shadow, as a result of which the competitors will be unable to provide for a 100% compatibility with the binary data.
  4. The OOXML contains binary data for their “backwards compatibility” of their previous office standards, “backwards compatibility” with older Microsoft office documents; however, they do not publish the specification for other parties, which makes them Microsoft the only entity that can fully implement such specification with “backward compatibility”.
  5. From the beginning, office suite applications by Microsoft were benefiting from their proprietary standards, where other parties were unable to implement such standard and make their products compatible. Microsoft decided to ignore the existing open standards, and as we have seen in the past, they are trying to bring upon a new “open” proprietary standard that can be fully integrated only by Microsoft itself. There have been Open Standards for document exchange out there for a longer time, Microsoft had pledged only one step for its implementation, but in the end it turns out to be a third party plug-in which was made by another developer (Sun Microsystems).
  6. To date, the standard has not been implemented by its vendor or the competition. It is clear that the Microsoft product will switch to their “open” standard in a certain time; does this mean competition in the field of standards?
  7. No standard can be backwards compatible; this is an application feature, which can support different versions of one standard.
  8. The OOXML is dependant on the Windows technology platform. Its specification is written to be fully implementable only on the Windows platform, which means other existing platforms cannot implement or use the standard and the customers will be literally stuck on the Windows technology from the first day they start to use OOXML in their Office.
  9. Specification of OOXML is clearly not implementable in its full version for the competitors.

Next you add posts from IBM’s Rob Weir which seems to be more informed about what MS is doing on the background. You have ECMA coming open about their true goals basically saying, we will speed up whatever process as long as you become a $10,000 a year member.

If you think that OOXML should be a standard because everyone uses it, think again, where google the king of the internet give out the results of ODF files available on the web versus the ones available from OOXML it came out with ODF having 149,300 versus only 603 from OOXML.

So what is there to be done

So I called ISO in Mexico and got to the committee that handles the OOXML petition. Finally I landed with this guy:
Subcomite 29 de CMISO
Fernando Solis, del comite mexicano para la atencion de la ISO
fsolis@canieti.net
(+52) 55 52 64 0808 ext. 208

Basically if you want to participate and you live in Mexico you should send a letter of intend to this address and express that you want to be part of it. So far I only got information for people representing a group. I will need to ask for individuals. There is no cost to take part of the group yet there is a lot of documentation we should go through.

You should send the letter to this address:
Culiacan 71
Col Hipodromo condesa
CP. 06100
Delegacion cauhtemoc
Mexico DF.

If you need further information you can always drop me a private message. Please be hacktivist today before we become what happened to Chile.

Security on PHP websites

The talk was about implementing security on websites the talk was on LinuxCabal by Richard.The first part of the talk was about the security that websites require sensitive data to the users. Things like passwords, credit card numbers etc.The first point is the overview of the protocols, while HTTP is the most common protocol to browse the web on port 80. So instead we have the HTTPS protocol which is HTTP over Secure Socket Layer which is a more secure level since it provides encryption using the default port 443.The security is important because even if you are home alone, if you use internet through cable, you are sharing the service with other people on the block.One of the tools we will use with php is forwarding the address from 80 to 443. Another method is when you have a form it will send it through ssl. PHP can also have security when you send data through sessions and how to apply it on permissions. Finally the other method is using cookies. It went through how to talk to servers on a secure way and how to save password on a secure way.Richard showed a repository that he used on earlier course that he did on a training center.One of the examples he showed was a registration page with security enhanced where the it forward us to the HTTPS page and then another security layer which will analyze the input of the password to assure the user is having a secure password.The first step was looking at the code, the code it has a function to generate a couple of tables on a MySQL database. The database will have these two tables related to each others which means that this tables will include different data but will just need to be used once.The next step of the code was about having a forwarder that will redirect the user from a general HTTP protocol to the more secure HTTPS protocol based on the origin of the user. For this we will use the if () function and will take the server variable to redirect users to another server or have them on the same servers. So if you access the page from a foreign location it will send the user to the remote host and the localhost will keep the user on the same server.Next function was about having the latency of the user sessions. These sessions will have a life span and if the user doesn’t do anything on the page, the server will kick the user to authenticate itself again. Here richard calls a different file which includes some server settings such as how long will the lifespan be.  He also added some lines in case is not using a server value but a cookie value instead and used setcookie() to something less than 42000 miliseconds.The next function was about the password validity and is basically a filter that the users will grep the password and have a length of the password and put it into an array. This array will then be subject to a series of filters looking for lower or upper case and then if it has a special character.One of the recommendations from Richard was using the mysqli as opposed to mysql commands. Also that instead of having mysql_connect() but use mysqli_init() and mysqli_real_connect() which provides a better persistent.Other things from the talk was the use and manipulation of the session’s setting the session variables and then finally displaying the content of the web.The code error management was encapsulated into a section of the code so they will be more readable and manageable. We used session variables for the name, password and then display the html and then display the block.

OOo localization update and RHEL study program

So this is a quick post, just to announce that the localization for OOo went smoothly and we got done almost 6 days before the deadline. Also we are looking into some editing time, unfortunately it seems again there won’t be enough time to debug everything. Aridane already complain that there was just too much work on correcting the syntax and that we need to get together and give some training for localizations.On other notes I have been working on liberating the Art project in OOo, however not many artist involved with the discussions.Finally my Red Hat study program is going and I need to be reading more about security however I am concern that there is just too much theory and I need more practicing.  I hope everything works out fine in the end thought.

This saturday at Linux Cabal

So this saturday @ Linux Cabal we had an interesting discussion on the line of Enciclomedia, interesting enough one of the guys was personally involved with the project. He was doing the installation of the hardware and even more interesting the company handling that was the same company I was running in with them.To add to the  a more interesting note we also talk about e-Mexico and the CCD or Digital Community Centers which was another lousy project from the Mexican Government. A good point that was mentioned during the discussion was about how can you say a government is lousy when you can’t compare it to other governments. So I point out at the other government projects in Spain and Brasil and to compare them against them.Finally we also talk about why the technology on Enciclomedia was good but wasn’t worth the price.After this discussion we had a talk about the new event that a local university is doing for the push offree software and open source. This is a great project since they seem to be improving on many aspectsof course this is to be expected since they haven’t even started. We’ll see how it comes out.Today was really good and I hope everything comes out good.

2nd Round on Localization

Media_httpwikiservice_xfygr

Today, Rafaella send us the 2nd round of Localization for the next OOo version. We are dealing with 2,000 words to be translated into Spanish.This time we are more organized and hope to have better timing on translation and reviewing the PO files. So far I already localized one po and in the process to finish the other one.On top of that I also will be more aggressive contacting people regarding the translations and due timeline. This will make space for reviewers so they can provide changes on time before July 26th.A good factor is that this is considerably smaller file size than the earlier one which will go easier on the translation.

Japan Chooses Truly Open Document Fomat (ODF)

The OpenDocument Format Alliance (ODF Alliance), the leading organization advocating for openness and accessibility to government documents and information, today congratulated Japan for adopting a policy under which government ministries and agencies will solicit bids from software vendors whose products support internationally recognized open standard.

Download the PDF here:http://www.odfalliance.org/press/Release20070710.pdfThis is a great announcement since I was a bit down since there has been recent announcements from Massachusetts accepting OOXML and many Linux Distribution like Xandros, TurboLinux, Linspire, and Novell signing deals with Microsoft on OOXML licensing.