ROOT

ROOT is an object-oriented program and library developed by CERN. It was originally designed for particle physics data analysis and contains several features specific to this field, but it is also used in other applications such as astronomy and data mining. read more at WikiPedia

  • Huuu I am getting old... I was 10 years old...

    CP, Photo de classe de 1983

    and here 9 years old

    Primaire, Photo de classe de 1982

  • Internet search phenomenon Google has overtaken a swathe of venerable rivals to become the world's biggest media company by stock market value.
    ...
    Some analysts believe Google's shares are now overpriced, a rerun of the heady valuations seen during the internet boom of the late 1990s.
    ...
     
    Initially, Google got 10,000 queries per day compared with 200 million today.
    Read more HERE  at BBC news

  • I am currently refactoring my whole PHP code, interfaces, abstract classes, default implementations, factories and a lot of tricks in code will  make joomlacloud maybe the  more advanced  PHP code I&39;ve ever written.
    Concepts are emerging, code is lot less hard coded than 20 lines of PHP (which may also work well)

    • Scanner is responsible for returning a subset of data: can be the whole site, the current article etc...many implementations can be used and or created
    • Analyzer is responsible for analyzing words and take them or not into account: based on length, dictionary etc...
    • Limiter is responsible for limiting size of collection: the top 20, only the first 100 words, sorting etc...many implementations can be used and or created
    • Tokennizer is the process of transforming a list of words into a list of token, etc...many implementations can be used and or created
    • Plugins are responsible on how the list of words are written or displayed, .etc...many implementations can be used and or created
    • Caching factories to save mips on the server...

    This make the code more complex to develop but also a lot  more easy to read or extends...

  •  I wont be able to browse my forum, or respond to any emails inquiries from 4 december 2007 to 16 January 2008, as I will be at the end of the world in Australia. I will carry a lot of gadget stuff with me (GPS, camera and camcorder), in order to be able to map all pictures taken and video on Google Map / Google Earth . So You will have enough to browse beginning of  next year.

    Below You can find the detailled planning of my trip, so you can imagine yourself where I am week per week. Australia is so big, (14 times the size of France), that I am forced to take airplanes (4 companies: Singapour Airlines, Quantas, Virgin Blue and Cathay Pacific)  from city to city....

                        December                      
    Monday     Tuesday     Wed. 5   Thursday 6   Friday 7   Saturday 8   Sunday 9    
          from      Arriving                               
          Zurich 14:00   Sydney
                               
     
        to      7h10                              
          Francfort             sydney     sydney     blue mountains   and around  
          16:00                                    
                                               
    Monday 10   Tuesday 11   Wed. 12   Thursday 13   Friday 14   Saturday 15   Sunday 16    
                                               
                          Sydney Melbourne                  
                                    Melbourne          
      as far as I can go around Sydney                                        
                                               
                                               
    Monday 17   Tuesday 18   Wed. 19   Thursday 20   Friday 21   Saturday 22   Sunday 23    
                                            from  
          cancelled                                 Adelaide 15:55
                 
    961km 13h         Adelaide     Kangaroo island  Adelaide      
                Great ocean
    road by car
                          to  
                                            Sydney 18:20
                                               
    Monday 24   Tuesday 25   Wed. 26   Thursday 27   Friday 28   Saturday 29   Sunday 30    
    Sydney     From                                 From  
      Christmas   Sydney 8:55             1100km- 14h                 hobart 16:40  
      familly                 Tasmania                      
          to                                  To  
          Hobart
    10:45
                                    Sydney 18:30  
                                               
    Monday 31                                        
    Sydney                                          
                                               
      Dayoff                                        
                                               
                                               
                        January                      
    Monday 1   Tuesday 2   Wed. 3   Thursday 4   Friday 5   Saturday 6   Sunday      
    Sydney   From                   from                  
      New Year Sydney 9:55                   alice sp 8:40        738km          
      familly          Alice Spring   Ayers Rocks Kings
    Canyon-
    AliceSprings
      Darwin   kakadu Katherine
           
        to                   to                  
        Alice Spring 11h40                 darwin 10:35                  
                                               
    Monday 7   Tuesday 8   Wed. 9   Thursday 10   Friday 11   Saturday 12   Sunday 13    
    from                                       from  
    darwin 7:00                                     cairns 18:10  
        Cairns   Reef barier   rain forest     around      outback     Islands     City      
    to                                       to  
    Cairns 9:55                                       sydney 22:10  
                                               
    Monday 14   Tuesday 15                                  
    Sydney                                          
          8h30 airport                                  
      Dayoff   Sydney ->
    Singapore ->
    Francfort -> Zürich
                                   
                                               
                                               
  • Still not enough, we were forced to profile the java code and make some big changes.... (from part 1)

    Profiling

    You either profile an application for speed and/or memory usage and/or memory leaks. Our application is fast enough at the moment. Our major concern is optimizing memory usage and thus avoiding disk memory swapping.

    Some words about architecture


    It is not possible to profile any applications without having a deep understanding of the architecture behind. The Product Catalog is an innovative product which is a meta model for storing insurances product in a database, a Product is read only and  can derivate instance that we call Policies. Policies are users data holder, containing no text, just values, and sharing a similar structure as the Product. This let the product know everything about (cross) default values, (cross) validations,  multiple texts, attributes order/length/type etc... and thus separate definition (Products) from implementation (Policies). Products and Policies can be fully described  with Bricks, Attributes in a tree manner.

    Reduce the number of object created


    Looking at the code, we have seen that too many Products (17 Products has 15000 objects either Attributes/Bricks/Texts/Value/ValueRange) were loaded in memory. While this is clearly giving a speed advantage on an application server, it is simply killing the offline platform with it 1GB RAM (remember memory really free is 500Mb)
    The problem is that Attributes and Brick are using/can use  a lot of fields/meta data in the database which translate into simple java type (String for UUID, and meta data keys and values) in  memory. We start looking at the profiler and the 100 MB used by the product cache.
    Reducing this amount of object was the first priority, a lot of them are meta data which are common and spread across the Product Tree in memory. Since avoiding creation of unneeded object is always recommended, we decide to remove duplicate element in the tree by singularizing them. This is possible because the product is Read Only and made of identical meta data keys, meta keys value.

    Entropy and cardinality of meta data
    An Attribute may have an unlimited number of meta text (among other things), common meta data keys are  "long", and "short" and "help" text description in 4 languages (en_us, fr_ch, de_ch, it_ch), while this is not a problem in the database, this make the Product  object tree size quite huge  in the Product cache (containing Products Value Object). ..Counting some of them in database for example return stunning result. 
    We found 60000 "long" texts which translate into 60000 String text keys and 60000 String text values (worst case scenario since texts values may not be all reusable). Reducing this number of Objects is done quite easily by not creating new instance of  String, Decimal, Integer object and returning always the right and same Object instance. (we keep them in a MAP and return either a new instance or a previously cache one).

    Large objects cardinality  but a poor entropy
    By running two or three SQL statement and trying to distinguish real distinct values, we found that a lot of these meta data are made of a relative small number of different values. By just storing a limited number of String like "0", "1", "2" to... "99", "default", "long", "short", "de_ch", "fr_ch" we have reach a cache efficiency and reuse of object instance of 99%
    After that "small" change in the way value objects (VO) are created and connected, a java String object containing before "de_ch" and existing 10000 times in memory is now replaced across all  Attributes/Bricks by the same instance!

     The gain is simply phenomenal. Memory gain is bigger than 50%.

    Reducing the number of objects in memory 
    Instead of storing thousands of Products Text String in memory,  we decided to allocate them on disk using  java reflection API and a Dynamic Proxy.

    The idea is to save all String in one or more files on disk, the position of each text and length being saved in the corresponding Value Object. So basically we gain the space used by a String in memory  at the expense of a long (String position in file relative to start of file) and an  int (length of String) primitive type

    References:  Proxy  - InvocationHandler
    Resume: Java String disk based allocation
    Code snippet: soon

    Use better data structures
    Java has a lot of  quality library, commons collections from apache are well known. Javalution is a real time library with real time and reduce garbage collector impact. We have use FastTable and FastMap where it make sense.

    For example the class FastTablehas the following advantages over the widely used java.util.ArrayList:
    • No large array allocation (for large collections multi-dimensional arrays are employed). The garbage collector is not stressed with large chunk of memory to allocate (likely to trigger a full garbage collection due to memory fragmentation).
    • Support concurrent access/iteration without synchronization if the collection values are not removed/inserted

    Different caching strategy
    By design the ProductCatalog is able to use many caching strategy. One is named "Nocache" limit number of object in memory to the bare minimum, and redirect all access to product to database. In a mono user environment, and since products reside in 4 tables only (so only 4 select to read all data from DB and some VO to rebuild the tree are needed), the through output is more than enough.

    More to come...



    References
  • FaF (File Anomaly Finder) is a wrapper for the *nix 'find' utility. It generates audit reports for data matching specific characteristics; such data as setgid/setuid, unowned, and more. The objectives are simply to create a simple anomaly finder that identifies common flawed permissions or otherwise suspicious file system characteristics.

    The main features of FaF are:
    • simplistic and to the point audit reports
    • easy setup and configuration
    • audits emailed to customizable address or user
    • ideal for web servers or general purpose workstations
    • audits of setgid/setuid, hidden, unowned, & world writable data
    • very portable
     http://www.r-fx.org/faf.php # wget http://www.r-fx.ca/downloads/faf-current.tar.gz
    # tar xvf  faf-current.tar.gz

    # cd faf*
    # ./install.sh

    Install path:     /usr/local/faf/
    Config path:     /usr/local/faf/conf.faf
    Executable path: /usr/local/sbin/faf


    Why do you need such tool?
    Never trust anyone, including sometimes yourself ;-) this tool correctly used just insured You that You will never forget any files with too much permissions. It may also reveal a hacker, putting some new files under the user nobody...

    What to do with the output?

    You'll have to react differently for each occurrence in the report....

    SUID/SGID Binaries

    Sticky bit was used on executables in linux (which was used more often) so that they would remain in the memory more time after the initial execution, hoping they would be needed in the near future. But since today we have more sophisticated memory accessing techniques and the bottleneck related to primary memory is diminishing, the sticky bit is not used today for this. Instead, it is used on folders, to imply that a file or folder created inside a sticky bit-enabled folder could only be deleted by the creator itself. A nice implementation of sticky bit is the /tmp folder,where every user has write permission but only users who own a file can delete them. Remember files inside a folder which has write permission can be deleted even if the file doesn't have write permission. The sticky bit comes useful here.

    SUID or SetUID bit, the executable which has the SUID set runs with the ownership of the program owner. That is, if you own an executable, and another person issues the executable, then it runs with your permission and not his. The default is that a program runs with the ownership of the person executing the binary.

    Consider also reading:
    What are the SUID, SGID and the Sticky Bits?

    You can find them also manually by entering:
    # find / -type f \( -perm -04000 -o -perm -02000 \;
    The SGID bit is the same as of SUID, only the case is that it runs with the permission of the group. Another use is it can be set on folders,making nay files or folders created inside the SGID set folder to have a common group ownership.

    files in/srv  (http root folder)
       You should accept NO files with SUID/SGID in http root folder. Remove them all 
            # find /srv -type f \( -perm -04000 -o -perm -02000 \) -exec  chmod \;

    No Owner/Group
    May also be an indication an intruder has accessed your system...
    Can also be found manually by typing:
    # find / \( -nouser -o -nogroup \) -print
    files in/srv (http root folder)

    Permissions and ownership are linked together to make your server work peacefully. The basic idea is always to give the minimum rights to the file.

    A rule for thumbs would be:
    read only for all file, r--r--r-- or r---------
    read, execute for all directory r-xr-xr-xor r-x------
    The problem is that apache and PHP also run under their own user...

    A very informative article explaining the problem on a concrete example (Gallery2) can be found at  http://codex.gallery2.org/Gallery2:Security

    At least (worst),when apache run as wwwrun user in www group, in your HTTP directory
    # chown -R wwwrun .
    # chgrp  -R www .
    then all files has to be  rw- --- --- and directory r-x------
    Advantages:you can use Joomla! administrator panel
    BUT: any bug in PHP code, attack can read or overwrite any files! -> highly insecure

    Better would be for all files/dir in your HTTP directory to changes accordingly to the right web user!
    # chown -R cedric .
    # chgrp  -R psacln  .
    Change all files/directories that has to be written  by apache (cache directories) to
    # chown -R wwwrun cache
    # chgrp  -R www cache
    Advantages: a bug in apache/php, or attack can not touch any of your files.
    BUt: if PHP do not run under your user, the Joomla! panel wont be usable, as Apache/PHP wont be able to install any new components/images.

    Files in /must generally only be available to root
    # chown -R root /etc
    #chgrp  -R root /etc
    # find /etc -f -exec chmod 600 {} /;

    World Writable

    files in/srv
    must be avoid at any costs! This line remove the world writable bit to  all files in /srv
    # find /srv -f -exec chmod o-w {} /;
    This line remove the world writable bit to  all directories in /srv
    # find /srv -d -exec chmod o-w {} /;
    Files in /
    You should ignores /proc files, /dev files (hundreds of these are correctly world writable),
    Symbolic (soft) links (which should have mode 777), directories with the sticky (save text) bit on, and
    sockets, as that is relatively safe.
    Hidden Files/Paths

    You should normally have no such files! try to understand why (look in google), open them and/or move/delete them
  • Computer Sciences Corp. (CSC) has published a 96-page reporton Open Source software and its potential benefits to business and government. This whitepaper provides an introduction to the report and its findings.
  • Ive played lego but NEVER come to the idea or imagine such power in so small lego bricks

    Scanning A book involves picking up the book from the scanner Carefully so that you won't change the current pages and and turning pages precisely. These activities are as easy as breakfast for human beings. However and our sophisticated biomachienery owe A lot to the Evolution. Without its support, the activities are far too difficult for robots.
    Read More Here
  • 2 interesting articles...

    For as long as most technologists can remember, there has been "Wintel," the $250 billion industry dominated by Microsoft's Windows operating systems and Intel's microprocessors. But "Lintel," or the Linux operating system and Intel, is now encroaching on this empire, and behind it is the entire open-source software movement, which threatens to overthrow the Windows industry. Faced with this challenge, Microsoft is showing classic symptoms of "incumbents' disease." Rather than remaking itself, Microsoft is using legal threats, short-term deals, and fear, uncertainty, and doubt to fortify its position. But this strategy probably won't work. The Linux operating system and the open-source model for software development are far from perfect, but they look increasingly likely to depose Microsoft....By Charles Ferguson. Read more HERE at www.technologyreview.com

    and the feature article column  ("Linux vs. Windows: Why Linux will win" ) of www.librenix.com


  • Joomla! 1.0.10 is now available at www.joomla.org

    All existing Joomla! users MUST UPGRADE to this version, due to several High Level vulnerabilities that affect ALL Previous versions of Joomla! 

    1.0.10 contains the following important security fixes:

    • 03 High Level Security Fixes
    • 01 Medium Level Security Fixes
    • 05 Low Level security
    • 40+ General bug fixes
    And onebusiness day after (Ive done my homework), I release:

    Joomla 1.0.10 support for SecurityImages
    these files are from the 1.0.10 distributions plus all changes required to support securityimages in

    • com_contact  "The contact Us section"
    • com_login for the login module
    • com_registration  all registration functions
    Please Note:
    1. this is a FTP patch!
    2. There is now way to deactivate securityimages in com_contact (other than deactivating securityimages sitewide) 

    Do yourself a favor use the latest securityimages version 3.0.5 :-)
    Files are available at Joomla forge in file release and or in my download section. 
     
  • Joomla! 1.0.12 [ Sunfire ] is available as of Monday the 25th of December 2006 1:00 UTC fordownload here.

    We suggest that all Joomla! users upgrade to this version.

    Joomla! 1.0.12 features:

    • 140+ General Bug Fixes
    • Several low level security fixes
    • A full security audit of SQL queries
    • SSL switchover support

    Although this release contains several security fixes, as they are of a low level nature, this release is still being characterized as a Stability Release.  If you are running a version of Joomla! older than 1.0.11, you should upgrade immediately to at least Joomla! 1.0.11 as that release addressed several important security issues.  If you are using Joomla! 1.0.11, we recommend that you upgrade to 1.0.12 as it addresses several long standing bugs and several low level security issues.

     From Joomla.org
  • PDFCreator easily creates PDFs from any Windows program. Use it like a printer in Word, StarCalc or any other Windows application. In fact all you have to do is to print to a special device: a sort of printer which create file (PDF) on your disk
    • Development Status: 5 - Production/Stable
    • Intended Audience: End Users/Desktop
    • License: GNU General Public License (GPL)
    • Operating System: 32-bit MS Windows (95/98), All 32-bit MS Windows (95/98/NT/2000/XP)
    • Programming Language: Visual Basic
    • Topic: Office Suites, Printing
    • Translations: English, German
    • User Interface: Win32 (MS Windows)
  • Finally I will soon release Akocomment 2.2.5 (the one which is working on my homepage) with comment tracking among other new functionalities...

    Please use the tracker at sourceforge and give me (us) ideas of what kind of functionalities You want to see in it. If You want to avoid the hassle of creating an account or do not know how to, You can also use this thread to submit ideas as comments.

    My ideas Are:

    1Since
    • Hashcash is not intrusive, user has nothing to do to enter a comment (the cryptographic anti spammer check occur in the background)
    • SecurityImages use captcha, and so force user to enter character he has read in an image
    I was thinking since a long time of using a 3rd party authority with is more smarter than me in oder to determine if the comment is a real spam, and I found this:
    Akismet Automatic Kismet (Akismet for short) is a collaborative effort to make comment and trackback spam a non-issue and restore innocence to blogging, so you never have to worry about spam again. When a new comment, trackback, or pingback comes to your blog it is submitted to the Akismet web service which runs hundreds of tests on the comment and returns a thumbs up or thumbs down. With Akismet, you're always protected up-to-the-second from the latest dirty tricks of spammers. There's no maintenance, no upgrading, no hassle.
    This work as webservice, so code changes are minimal and quite easy to do
    2A Plugin system to allow extensions more easily (Plugin can be registered in a linked list or similar) at runtime

    Get inspiration from existing commenting systems, or simply be creative!
    Please submit ideas fast! I will then assign priority them in the tracker
  •  Securityimages 4.0.0 release "enhanced Security "

    This version is now running with:
    • PHP.ini safe mode ON
    • Joomla RG Global Emulation O 
    • PHP.ini register global = Off
    Bugs solved:
    artf4021: php safe mode & com_securityimages
    artf1411: Save setting button changes if config.securiyimages.php is not writable
    artf4989: register_globals Off patch
    artf3206: com_contact
    artf2777: No text displayed in security Image  

    API  changes
    Will work only with new release of akcomment, akobook, etc...

    securityimages < 4.0.0
    in PHP <form>

    <?php include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php'); ?>
    <?php echo insertSecurityImage("security_refid"); ?>
    <?php echo getSecurityImageText("security_try"); ?>
    <?php echo getSecurityImageTextHeader(); ?> 
    <?php echo getSecurityImageTextHelp(); ?>
    <?php echo getSecurityImageField("security_try"); ?> 
     

    The code above insert the image, and the text,
    You page normally submit information to the server for processing.
    Most of the time, the last 2 lines are inserted in a <form>

    in PHP code checking the <form>

    include ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');

    $checkSecurity = checkSecurityImage($security_refid, $security_try);

    if $checkSecurity = true //then the user has entered the right text.



    securityimages >= 4.0.0 Introducing a captcha hidden field visibility name
    in PHP <form> include($mosConfig_absolute_path.'/administrator/components/com_securityimages/client.php');
    $packageName = 'securityimage_newpass';
     echo "<tr><td>".getSecurityImageTextHeader()." *</td><td>".insertSecurityImage($packageName).
    "<br/>".getSecurityImageTextHelp().""
    .getSecurityImageField($packageName)."</td></tr>";
    in PHP code checking the <form> $securityimage_newpass_refid     = mosGetParam( $_POST, securityimage_newpass_refid', '' );
    $securityimage_newpass_try     = mosGetParam( $_POST, 
    securityimage_newpass_try', '' );
    $securityimage_newpass_reload     = mosGetParam( $_POST, '
    securityimage_newpass_reload', '' );         
    include_once ($mosConfig_absolute_path.'/administrator/components/com_securityimages/server.php');
    $checkSecurity &= checkSecurityImage($securityimage_newpass_refid, $securityimage_newpass_try, $securityimage_newpass_reload);


    New!
    HNCAPTCHA: now color background is fully configurable


  • Since I am facing performance problem due to the load of visitors and a badly configured server, I decide today to document my findings in this new series of articles.

    As soon as PHP run as FastCGI and no more inside an Apache module (mod_php4.so is not multi threaded), You should be able to switch the default MPM setting of Apache from MPM prefork to MPM worker.

    So, what's the difference between prefork and worker?

    Quoting from the Apache MPM Prefork page: http://httpd.apache.org/docs/2.0/mod/prefork.html
    MPM Prefork implements a non-threaded, pre-forking web server that handles requests in a manner similar to Apache 1.3.

    And for the Apache MPM Worker says: http://httpd.apache.org/docs/2.0/mod/worker.html
    MPM Worker implements a hybrid multi-process multi-threaded server. By using threads to serve requests, it is able to serve a large number of requests with less system resources than a process-based server.


    Server: Strato (www.strato.de)
    Operating system: SuSE / openSuSE
    Requirements: root access and basic Unix knowledge

    1 Edit the file  
    # vi /etc/sysconfig/apache2

    and change the key:

    APACHE_MPM=" "


    to

    APACHE_MPM="worker"


    2 You can now tune also  default parameters in file /etc/apache2/server-tuning.conf
    Here are my settings, these are still the default setting of Apache

    vi/etc/apache2/server-tuning.conf

    # worker MPM

    <IfModule worker.c>
        ServerLimit 16
        # initial number of server processes to start
        StartServers         2
        # minimum number of worker threads which are kept spare
        MinSpareThreads     25
        # maximum number of worker threads which are kept spare
        MaxSpareThreads     75
        # maximum number of simultaneous client connections
        MaxClients       150
        # constant number of worker threads in each server process
        ThreadsPerChild     25
        # maximum number of requests a server process serves
        MaxRequestsPerChild  6000
    </IfModule>




    3 start
    # apache2-reconfigure-mpm
    this recreate the file  /etc/apache2/sysconfig.d/loadmodule.conf
    and restart apache automatically. Test Your site to ensure everything still work as expected.


  • This module controls the setting of the Expires HTTP header and the max-age directive of the Cache-Control HTTP header in server responses. The expiration date can set to be relative to either the time the source file was last modified, or to the time of the client access.

    These HTTP headers are an instruction to the client about the document's validity and persistence. If cached, the document may be fetched from the cache rather than from the source until this time has passed. After that, the cache copy is considered "expired" and invalid, and a new copy must be obtained from the source.

    How to activate mod_expires.so
    # vi /etc/apache2/conf.d/mod_expires.conf

    config is rough right now, but it is better than nothing,put the following in the file

    LoadModule evasive20_module     /usr/lib/apache2/mod_expires.so
    <IfModule mod_expires.c>
     ExpiresActive On

     ExpiresDefault "access plus 1 month"
     ExpiresByType text/html "access plus 1 month 15 days 2 hours"
     ExpiresByType image/gif "modification plus 1 month"
     ExpiresByType image/png "modification plus 1 month"
     ExpiresByType image/jpg "modification plus 1 month"
     ExpiresByType text/css "access plus 1 month 15 days 2 hours"
     ExpiresByType text/javascript "access plus 1 month 15 days 2 hours"
    </IfModule>

    You can also set the expire header by type, but it wa snot working in my case, that is why I use the ExpiresDefault directive

  • joomla_cms

    Since my server is still suffering, Ive decide today to take some actions.

    user: changes can be done on shared hosting with limited user rights.
    root. changes require a full access to the server (root access with secure shell ssh)

    I have currently per months, 160.000 visitors and 2 Millions Hits.or per day 8000 visitors and 24000 pages view.
    Server has only 1GB RAM.

    UPDATE: I found one/THE reason why my host is slowing down...SPAMMERS!

    click read more

    user: Joomla! settings
    • I switch enable gzip compression OFF. Since this is meant to reduce the usage of bandwidth, not the load on my  server. The server has to encode all the files in order to send them, which only puts additional load on your page.
    • I switch Joomla!! statistics off, as AWSTATS is providing a much better job.
    user: MySQL maintenance

    I Optimize (repair, refresh statistics) MySQL tables through MySQL admin, but It can be done through PLESK
    user: Tune Joomla!! cache

    I Increase Joomla! cache lifetime from 900seconds to 24 hours as it better reflect the way I update my site (daily)
    user: keep pages small

    • Reduce size of banner, using GIMP so they are using a web palette, most of them were shrink from 40kb to 7kb
    • I remove all un-needed space from the main templates file (index.php), an action which will help first users visitors only.
    • Attention, it is a never ending task...
    user: Hunting software bugs
    By switching the site to debug mode, I notice some nasty queries (select count(*) from), all created by my statistics module ( Content Statistics on right side), In fact Joomla!! module do not inherit from Joomla!! cache automatically. I fix value in this module since I do not want to program cache support in it right now.
    root One morecache

    I decide to install a PHP accelerator: PHPA from  http://www.php-accelerator.co.uk/
    " The ionCube PHP Accelerator is an easily installed PHP Zend engine extension that provides a PHP cache, and is capable of delivering a substantial acceleration of PHP scripts without requiring any script changes, loss of dynamic content, or other application compromises."

    Install is straightforward: just copy library into /usr/local/lib/php_accelerator_1.3.3r2.so
    and add these lines to /etc/php.ini

    ; PHP Accelerator extension
    zend_extension="/usr/local/lib/php_accelerator_1.3.3r2.so"
    phpa = on
    phpa.c0_size = 64
    phpa.cache_dir = /tmp
    phpa.c0_logging = on


    ;The shm_stats_check_period is the minimum interval between checks of the
    ;cache for expired scripts. The first server request after the interval has
    ;elapsed will trigger a scan of the cache for expired scripts, and remove
    ;any entries that it finds.
    phpa.c0_stats_check_period = 5m

    ;The shm_ttl value is the value used to set the
    ;time-to-expiry value when a script is accessed. Put another way, the shm_ttl
    ;value is the period after which an unaccessed script expires.
    phpa.c0_ttl = 12h

    ;phpa.ignore_files = ""
    ;phpa.ignore_dirs = ""

    I use that tool: HTTP Viewer to check if my page now contains a headerX-Accelerated-By:·PHPA/1.3.3r2

    Reduce surface of attack: I found my components that were not used by Joomla! (very old code and uused components . So go through all directories with FTp/SCP and remove any un-needed code....


    Review table data directly in the database...
    This is how I found 27 000 spams in my gallery (Zoom gallery)
    solution:
    • I remove all entries
    • Disallow comments operations (in Zoom gallery admin panel),
    but spammers were still able to insert comments, so I edit the file components/com_zoom/lib/image.class.php
    //add because of spammers
    header("HTTP/1.0 403 Forbidden");
    //$database->setQuery("INSERT INTO __zoom_comments (imgid,cmtname,cmtcontent,cmtdate) VALUES ('".mysql_escape_str

    Note: I  recommend You to use also mod_evasive and mod_security  (root access needed), see aprevious article on my site



    Some links, where I borrow some ideas:


    http://www.primakoala.com/tutorials/guides/speeding_up_joomla.html
    http://forum.joomla.org/index.php/topic,50278.0.html
    http://forum.joomla.org/index.php/topic,54175.0.html


  • I was also this year at the Swiss-Moto show 2007 and I take some pictures...

    Billion of horsepower that we can (and should not) use on open road...what a shame!

    I was sitting on maybe one of my next motorcycle, in no particular order: Honda CBR1000, Suzuki GSXR 1000 (horrible exhaust), Yamaha R1, Kawasaki Ninja Zx-10R

    The Ducati 1098 being too expensive for what it has to offer (27000 and 32 000 CHF).

    Asimo(Honda robotic flagship) was also this year replacing Luthi, unfortunetaly Asimowas not speaking swiss german...

    RDV in the gallery HERE to see them all and some others.
    ...




  • Nothing seems to stop the open source shift

    LinuxDevices is reporting that non-profit public policy research group, Committee for Economic Development, has released a 72-page report that takes a look at open standards, open source software, and 'open innovation.' From the article: 'The report concludes that openness should be promoted as a matter of public policy, in order to foster innovation and economic growth in the U.S. and world economies.' The full text [PDF] of the report is also available for download from the CED site."




  • Joomla! 1.0.11 [Sunbird ] is now available as ofMonday 28th August 2006 24:00 UTC fordownload here. and is being designated aCritical Security Release.

    All existing Joomla! users MUST UPGRADE to this version, due to several High Level vulnerabilities that affect ALL Previous versions of Joomla! 

    1.0.11 contains the following critical security fixes:

    • 04 High Level Security Fixes
    • 04 Medium Level Security Fixes
    • 18 Low Level security
    • 25 General bug fixes

    If you are using ANY previous version of Joomla!, you need to upgrade to 1.0.11 as soon as possible.

    Project Joomla! is and has always been fully committed to aSecurity First Principle and new intiatives have and will continue to be started to reinforce and continue this principle.  Joomla! 1.0.11 highlights a redoubled effort to put Security at the forefront of everyones lexicon. 
  • Portovenere, Italian Riviera
    Province: La Spezia

    The Ligurian coast between Cinque Terre and Portovenere is a cultural landscape of great scenic and cultural value. The layout and disposition of the small towns and the shaping of the surrounding landscape, overcoming the disadvantages of a steep, uneven terrain, encapsulate the continuous history of human settlement in this region over the past millennium.


    In front of Cape San Pietro there are Palmaria island and the islands of Tino and Tinetto, originally linked to the mainland

    Portovenere was an important military base first under the Roman domination, then under the Bizantini.

    History of portovenere




    tower-houses


    Although Portovenere is not one of the village in the Cinque Terre, it is very close and as beautiful if not nicer...
    The Castle, S. Lawrence (16th century)

    Catholic church in Portovenere

    Used to be a temple to Venus Erycina (From which the name Portus Veneris derives). The temple was then transformed during the first years of Christianity into a Christian temple. In 1256 ad. The Genoese built the church over the early Christian temple, to thank the inhabitants of Porto Venere for their help in taking Lerici castle.
    Chapel

    A church of the 13th century, with black-and-white stripe exterior and interior that it is recognizable from far out at the sea. The interior is simple with windows opening to the blue sea of the Italian Riviera.

    Visiting Portovenere

    • Museums:
      • ANTIQUARIUM DELLA VILLA ROMANA DEL VARIGNANO
      • MUSEO E TESORO DELLA CHIESA DI SAN LORENZO
  •  

    The Conversion kit contains:
    • Longer Tail Pipe (anodized blue)
    • Longer Tail belt
    • Solid engine mounts (anodized blue) in 2 parts
    • Clutch shaft to suit 46-50 engine.
    Where to Buy it?
    You also need to have:
    • 600mm Main Rotor Blades.
    • 46-50 size engine like TT50 or OS50 (<- recommended because of consistency)
    • 46-50 size muffler, tuned pipe
    Attention:
    • The conversion put a lot more stress on the rotor head, so check after each flight the plastic main grips but you may want to acquire a metal head from Quick-uk or Correct

    It is recommended to have the following upgrades:

    • Metal clutch as it may disperse better the heat produce by the slipping and is less prone to deformation than the plastic clutch.
    • A better cooling fan like the one from Quick-uk or Correct because the .50 create a lot more heat.
    • Radio flexing mods and good servo to have a tighter control system.
    • Use a governor to avoid rotor overspeeding during descent or when the pitch is near 0°
    • Aside from a metal swashplate and washout...
    • Fuel consumption is 55% more than a .30
    Conclusions

    If you do not stress your heli with hard 3D, this mod is useless and the total cost of conversion (if you have no metal upgrades) can decide you to buy a real .50 class like the Raptor 50 or even a .60 class.

    Reviews:
  •  Mainsoft Corporation's porting solution, Visual MainWin, enables software developers to recompile their Windows source code (ASP.net, VB .NET) to java bytecode and let it run on Linux, Unix, HPUx/Itanium, Macintosh

    As you know, when you compile an application in Visual Studio .NET, it generates Microsoft Intermediate Language (MS IL), which executes on the Microsoft Common Language Runtime (CLR) .NET framework. Grasshopper is a plug-in to Visual Studio .NET, which takes this MS IL and converts it into Java Byte Code, which executes on a Java Virtual Machine. Grasshopper also includes J2EE implementations of ASP.NET, ADO.NET, and the most common .NET namespaces, so the required dependencies are available on your J2EE platform.

    Read more at http://www.mainsoft.com/,

  • Nespresso_Coffee_like_capsules_00

    "Nespresso-like" capsules are quite good, at least to ME!
    From Left to Right: Original Nespresso – Denner Capsules – Casino

    Nespresso_Coffee_like_capsules_01

    Denner capsules are individually packed. They are not air-tight as on opening the packing one is greeted with the fragrance of coffee. They are made of plastic  not aluminium for most of it like Nespresso ones.

    The coffee do NOT take longer to fill up the cup, and I use the cheapest Magimix Essenza Nespresso Machine. I will soon make a video to prove it.

    Nespresso_magimix_m100

    I bought three different types of the four on offer and they all taste very good and strong with a lot of aroma. You save more or less 25% per cup compare to Nespresso capsules

    Casino capsules  are the one I dislike the most, not enough foam, do not taste like an espresso to me.

    My Conclusions

    Buy one packages of each to try, don’t listen to forums entries around the internetsince a lot of entries are being written by professional blogger paid for manipulating YOU. They are driven among other by Community Manager (and they act in all domains). Try and decide yourself! I will personally continue to buy both brand. I will update this page as soon as I went through more than 100 cups of coffee.

     

    Cheap packaging, but hey why would you like to pay more for a box that will end up anyway in the waste?

    Nespresso_Coffee_like_capsules_04

    and the capsules packaging:

    Nespresso_Coffee_like_capsules_03

    Others Capsules on the market, not tested

  • Now the funny question! :-)

    Is Google under attack by a BOTNET or is it just real users seeking for solution ???

    google.flood.vista

    Note: this is how I land to that page, it seems that other query lead to the same results, but randomly.. so it look like Google was under attack. After the jump, the original text

    Here is also the query that lead to this page

    We're sorry...

    ... but your query looks similar to automated requests from a computer virus or spyware application. To protect our users, we can't process your request right now.

    We'll restore your access as quickly as possible, so try again soon. In the meantime, if you suspect that your computer or network has been infected, you might want to run a virus checker or spyware remover to make sure that your systems are free of viruses and other spurious software.

    If you're continually receiving this error, you may be able to resolve the problem by deleting your Google cookie and revisiting Google. For browser-specific instructions, please consult your browser's online support center.

    If your entire network is affected, more information is available in the Google Web Search Help Center.

    We apologize for the inconvenience, and hope we'll see you again on Google.

    To continue searching, please type the characters you see below: