From yba at tkos.co.il  Wed Jul  2 09:23:01 2014
From: yba at tkos.co.il (Jonathan Ben Avraham)
Date: Wed, 2 Jul 2014 09:23:01 +0300 (IDT)
Subject: [JOB] freelancer for long-term
Message-ID: <alpine.DEB.2.02.1407020848220.5628@tavas.tkos.co.il>

Dear colleages,
TkOS is looking for one or more freelancers or temporary salarieds to do 
short projects. We are interested in long-term relationships. That is, in 
finding people who will be able to do several short term projects per 
year for several years.

Most of the projects require working with customers on-site, so mobility 
is a requirement. "On-site" can be from Rehovot to Carmiel, but is usually 
between Rishon and Netanya. Presentability is also a requirement, meaning 
that you need to be able to make a favorable first impression on a 
customer.

We are looking for people with skills that are focused in one or more of 
the following areas:

1. Linux system administration (Postfix/LDAP) and Perl/Python/Bash 
scripting

2. Embedded Linux design - boot loaders, boot strategies, flash layout, 
root filesystem design, understanding of toolchain technologies

3. Linux IP stack


The ability to organize ideas on paper (yes, *paper*) in a way that 
customers can understand is *essential*.

If you are interested and you think that you might be qualified, please 
reply off-list to me <yba at tkos.co.il>, or to Baruch Siach 
<baruch at tkos.co.il>.

TIA,

  - yba


-- 
  9590 8E58 D30D 1660 C349  673D B205 4FC4 B8F5 B7F9  ~. .~  Tk Open Systems
=}-------- Jonathan Ben-Avraham ("yba") ----------ooO--U--Ooo------------{=
mailto:yba at tkos.co.il tel:+972.52.486.3386 http://tkos.co.il skype:benavrhm


From eli at billauer.co.il  Thu Jul  3 09:03:54 2014
From: eli at billauer.co.il (Eli Billauer)
Date: Thu, 03 Jul 2014 09:03:54 +0300
Subject: Haifux, this Monday, on profiling and tracing
Message-ID: <53B4F24A.5070800@billauer.co.il>

Hello all,

On Monday (July 7th), Haifux will grab the measuring band and look into 
perf tools and ftrace.

The short abstract is at http://www.haifux.org/lectures/326

This is an extra announcement, as the lecture was added recently .

See you,

     Eli

-- 
Web: http://www.billauer.co.il



From shlomif at gmail.com  Fri Jul  4 08:56:06 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Fri, 4 Jul 2014 08:56:06 +0300
Subject: Which company or individual can sponsor me on a summer trip to Europe?
Message-ID: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>

Hi all,

I wish to go on a Summer trip to Europe (flight to Istanbul and then taking
trains) where I:

1. Eat good food and drinks.

2. Have a good company of people I know from Freenode or other social media
outlets, as well as people I just met.

3. Have clean, creative, fun.

At age 37 (I'm 1977 born) I want to start living a little.

For this I need the sponsorship of a company or individual. What I will
give in exchange is:

1. Being proud to be sponsored by the company and speaking its praise.

2. Donate some of the revenues from my activities, such as Stand-up
philosophy ( https://plus.google.com/+ShlomiFish/posts/GUpTuA6641x ),
revenues from screenplays and stories, donations, paid invitations, etc.
back to the sponsor.

3. Contribute to the company's social media presence.

----

For now I think I'll need between 200,000 USD and 500,000 USD, as well as
finding a paid escort/guide. It's also first-come-first-served.

If you or your company can do that, please contact me via E-mail at
shlomif at shlomifish.org or GChat/GTalk/GoogleHangouts at shlomif at gmail.com .

For more information, see my essay and links:

https://plus.google.com/+ShlomiFish/posts/i5Z8XdqTdwE

This took an unexpected turn as it progressed.

Regards and thanks,

-- Shlomi Fish


-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140704/ff0dab96/attachment.html>

From geoffreymendelson at gmail.com  Fri Jul  4 10:35:26 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Fri, 04 Jul 2014 10:35:26 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
Message-ID: <53B6593E.7060905@gmail.com>

On 7/4/2014 8:56 AM, Shlomi Fish wrote:
> Hi all,
>
> I wish to go on a Summer trip to Europe (flight to Istanbul and then 
> taking trains) where I:
>
>

ROTFL.

Not only do I not think this belongs on this list, but it's ridiculous.

If I were in a position to sponsor anyone for more than a felafel at a 
stand up kiosk, I would consider this so unreasonable that it's just 
laughable. As I said, IF I were going to fund someone, I might consider 
a plan that includes 2 $1,000 airplane tickets, and about $1,000 a week 
for hotel, food, transportation within each country and train fare to 
the next country, for a week in a country to give 4-5 FOSS lectures, and 
then move one. You probably could start in the Irish Republic and bounce 
along to the Russian Republic which would take around 15-20 weeks.

Or you could the same thing for about 1.5 times the money in the US, 
which would take an entire year, one week per state.

But not just for a vacation, or for sponsorship opportunity, you would 
have to show off your operating system that lots of people use, or your 
office suite, Nobel Prize, or Olympic Medal.

No use writing an editor, no one is interested in paying RMS to speak, 
especially since he, as president of the FSF, ex ex*/officio/* 
<https://www.google.co.il/search?es_sm=122&q=ex+officio&spell=1&sa=X&ei=yFi2U4mZIIK00wXM_IDQDg&ved=0CBkQvwUoAA>, 
announced he was supporting the Palestinian Boycott of Israel.

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140704/ac9542e6/attachment.html>

From shlomif at gmail.com  Sat Jul  5 07:28:47 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Sat, 5 Jul 2014 07:28:47 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <53B6593E.7060905@gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
Message-ID: <CANy4znW-TRFaPYcx8b0e40hDUkxWnqJTZ+eOCat+9GowuqpkWg@mail.gmail.com>

Hi Geoffrey,

hope you had a great Shabbath by the time you're reading it.

You're raising some interesting points which I'd like to address, and I
apologise if I weren't clear and explicit before.



On Fri, Jul 4, 2014 at 10:35 AM, geoffrey mendelson <
geoffreymendelson at gmail.com> wrote:

>  On 7/4/2014 8:56 AM, Shlomi Fish wrote:
>
>      Hi all,
>
>  I wish to go on a Summer trip to Europe (flight to Istanbul and then
> taking trains) where I:
>
>
>
> ROTFL.
>
> Not only do I not think this belongs on this list, but it's ridiculous.
>

Why do you feel it does not belong on this list? Many people here offer
jobs or ask for jobs, and my offer can provide a lot of promotion and
publicity to a company/individual/organisation who wishes to sponsor me.

Regarding "ridiculous" there is
http://www.shlomifish.org/humour/fortunes/show.cgi?id=same-ideas-as-everybody-else
:

?

 If you have the same ideas as everybody else, but have them one week
earlier than everyone else - then you will be hailed as a visionary. But if
you have them five years earlier, you will be named a lunatic.

?

Some of the things I predicted and/or projected are:

* http://www.advogato.org/article/361.html - world-editable screenplays for
films back in 2001 - I was told it will likely not going to work, but now
there are many screenplay projects which use wiki-style interfaces, and
there quite a many successful world-editable-or-almost-world-editable wikis
out there (e.g: the Wikimedia project, the Wikias,
https://en.wikipedia.org/wiki/TV_Tropes ).

* http://www.shlomifish.org/humour/human-hacking/ - in this story I
describe FOSS (and to a lesser extent open content/culture) geeks, and
especially female geeks, as chic, intelligent, attractive, socially
capable, and sexually assertive, and not only are they mainstream, but they
are the alphas - the constant object of attraction and often jealousy of
their peers.

Back after I finished writing it in 2004 and publicised it for scrutiny on
the linux-elitists mailing list -
http://www.shlomifish.org/humour/human-hacking/conclusions/#review--modus-operandi
- I was criticised for making it look like being a FOSS/open-culture hacker
was a gateway to popularity, but now it is quite common all around the
world, as exemplified by the success of
https://en.wikipedia.org/wiki/The_Big_Bang_Theory , and not only are almost
all attractive female attracted to geeks, but most of them are geeky[Geeky]
themselves, *and* yet they are not socially awkward or sexually inept.

[Geeky] - see http://www.phdcomics.com/comics/archive.php?comicid=401 for
what is a geek , as well as what Paul Graham wrote about amateurs and
hackers.


>
> If I were in a position to sponsor anyone for more than a felafel at a
> stand up kiosk, I would consider this so unreasonable that it's just
> laughable. As I said, IF I were going to fund someone, I might consider a
> plan that includes 2 $1,000 airplane tickets, and about $1,000 a week for
> hotel, food, transportation within each country and train fare to the next
> country, for a week in a country to give 4-5 FOSS lectures, and then move
> on. You probably could start in the Irish Republic and bounce along to the
> Russian Republic which would take around 15-20 weeks.
>

My lectures are not only about FOSS - they are also about free/open
culture/content, and mix and match other topics such as
love/romance/relationships, action, humour, history, science, amateur
philosophy, etc. See:

http://www.shlomifish.org/humour/fortunes/

Anyway, you are right that I probably overestimated the cost and can
survive on much less.

Regarding Ireland -> Russia - I'm not interested only in software
development hubs, but in general - every centre of commerce is game for me:
Rome, Athens, Istanbul, Berlin, London, Madrid, Barcelona, Paris,
Amsterdam, Copenhagen, Oslo, Stockholm, Vienna, Riga, Vilnius, Budapest,
Bucharest, etc. etc.


>
> Or you could the same thing for about 1.5 times the money in the US, which
> would take an entire year, one week per state.
>

I'm:

1. Not going to .us any time soon.

2. Not interested in being 100% comprehensive.


>
> But not just for a vacation, or for sponsorship opportunity, you would
> have to show off your operating system that lots of people use, or your
> office suite, Nobel Prize, or Olympic Medal.
>

I have many stories/screenplays, many aphorisms, quotes, Chuck Norris/etc.
factoids, bits, programs, etc. Many people told me that they recognise my
homepage and especially its EvilPHish emblem (See
http://www.shlomifish.org/meta/FAQ/#evilphish-emblem ) and someone told me
that I also look exactly like he though I would.

And part of the reason why I'm going on tour is to gain more recognition
and to practice my stand-up-philosophy.


>
> No use writing an editor, no one is interested in paying RMS to speak,
> especially since he, as president of the FSF, ex ex *officio*
> <https://www.google.co.il/search?es_sm=122&q=ex+officio&spell=1&sa=X&ei=yFi2U4mZIIK00wXM_IDQDg&ved=0CBkQvwUoAA>,
> announced he was supporting the Palestinian Boycott of Israel.
>
>
I didn't write an editor, but I wrote a lot of other useful software apps:

* http://www.shlomifish.org/open-source/

*
http://blogs.perl.org/users/shlomi_fish/2013/03/ann-my-transition-from-software-developer-to-writerentertaineramateur-philosopherinternet-celebrity.html

Quoting from it:

<<<<<<<<<<<<<<<<<<<<<<<
How to Achieve World Domination

A lot of people think that the proper way to achieve world domination is to
create an architecture that will solve the whole world's problems and then
some <http://www.joelonsoftware.com/articles/fog0000000018.html>. We've
been seeing quite a few of them since *Joel on Software* wrote this
article: Ruby, Google Go, Node.js, Mozilla's Rust, Clojure, Scala, Perl 6,
etc. Some of them have or will mature to something truly nice, or have
inspired a lot of features in other languages, but it's hard for
plain-old-single-you to compete with them, and here is something
interesting: not too many people want them.

What do people want? Chuck Norris/etc. factoids, lolcats and other
captioned images, funny cat videos, parodies of *My Little Pony: Friendship
is Magic* (?), photos of attractive (or even not too attractive) men and
women, screencasts of games or other programs (including many open source
programs), photos of scenery, new and improved recipes for preparing food
(and of course - tasty food itself), new, old or renovated jokes, and some
interesting tales and anecdotes from your life. And naturally - programs
that can will scratch an itch - however small.

Some people told me that my solver for Freecell and other solitaire games,
simply called Freecell Solver <http://fc-solve.shlomifish.org/> is useless,
but it's not - it's just a niche program. And I received hundreds of
E-mails about it. Furthermore, given that Freecell is (or used to be) a big
phenomenon in Israel, where many boys and girls starting from 18 found
themselves playing it on the Israeli military
<http://en.wikipedia.org/wiki/Israel_Defense_Forces> computers out of
boredom, then the fact that I have written a solver for it, has impressed
many people I talked with or met, including some attractive (both
physically and intellectually) young ladies (or what people may refer to as
"hot chicks"), and they ended up asking me about how it was written, and
which algorithms it employed.

So Freecell Solver was one of my most successful programs, not despite
being a niche program, but because of it. Niche programs own. Not only
that, but niche everything is great. Many people whom I referred to my
stories <http://www.shlomifish.org/humour/stories/> helped themselves to
the screenplay Star Trek: "We, the Living Dead"
<http://www.shlomifish.org/humour/Star-Trek/We-the-Living-Dead/> *because*
it contained Star Trek in the name, and because there are quite a few fans
of the *Star Trek* franchise and worlds.

The more of a niche artwork you write, the more a large subset of those who
like it, are likely to pay attention to it, try it out, and enjoy it. For
more information, see Eric Sink's excellent and inspiring essay "How to get
people talking about your product"
<http://www.ericsink.com/articles/Buzz.html>. For example, DuckDuckGo
<http://en.wikipedia.org/wiki/DuckDuckGo> was originally marketed as a
search engine by Perl geeks, and for Perl geeks, and it was a good
marketing decision because the Perl community is small, cohesive and is at
a good strategical position to influence other communities. Now, many
people who are not Perl programmers, are using it, as well as, or even in
preference to Google, but choosing Perl was a good strategical decision. We
can expect that with the future growth of DuckDuckGo, that it will use more
performant technologies than Perl more and more, but it will still owe some
of its initial success to be a Perl product.
>>>>>>>>>>>>>>>>>>

Regarding RMS - I realise he became a persona non-grata in Israel and among
some pro-Israeli Jews or non-Jews, but:

1. He is still a great man and a talented speaker (even if he is a very
quirky fellow - or because of it).

2. His decision was acceptable given the circumstance.

3. I don't want to hold a grudge against him forever, because
vindictiveness is immature. "To err is human, to forgive divine." - see
http://en.wikipedia.org/wiki/Saladin .

4. Other people who wrote competing text editors can still be respected if
their editors are successful. As usual with most programs out there, most
programs fail to gain a critical mass, but a minority of them are
successful. Bram Moolenaar is very respected for writing Vim, which became
the Emacs of vi clones,  and I Respect the developers of Sublime Text even
though I dislike the fact that it is non-FOSS. Some software niches don't
have a visible dominant alternative, e.g: window managers/desktops.

================

Thanks again and I hope I clarified everything now.

Regards,

-- Shlomi Fish


-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140705/8ab2e3a7/attachment-0001.html>

From vordoo at yahoo.com  Sat Jul  5 14:03:27 2014
From: vordoo at yahoo.com (vordoo)
Date: Sat, 05 Jul 2014 14:03:27 +0300
Subject: [JOB] freelancer for long-term
In-Reply-To: <alpine.DEB.2.02.1407020848220.5628@tavas.tkos.co.il>
References: <alpine.DEB.2.02.1407020848220.5628@tavas.tkos.co.il>
Message-ID: <53B7DB7F.4030408@yahoo.com>

An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140705/7b08450e/attachment.html>

From eli at billauer.co.il  Sat Jul  5 20:29:42 2014
From: eli at billauer.co.il (Eli Billauer)
Date: Sat, 05 Jul 2014 20:29:42 +0300
Subject: [HAIFUX LECTURE] Profiling and Tracing -- Nadav Amit
Message-ID: <53B83606.8050001@billauer.co.il>

On Monday, July 7th at 18:30, Haifux will gather to hear a talk by Nadav Amit:

    Profiling and Tracing

Abstract

In this talk we would cover the basics of performance profiling using the Linux perf tool, and tracing using ftrace. The talk will consist mainly of demos.

=================================================================

We meet in Taub building, room 6. For instructions see:
http://www.haifux.org/where.html

Attendance is free, and you are all invited!

==================================================================
Future lectures:

There are no scheduled lectures.


==================================================================

We are always interested in hearing your talks and ideas. If you wish to give a talk, hold a discussion, or just plan some event haifux might be interested in, please contact us atwebmaster at haifux.org

-- 
Web:http://www.billauer.co.il



From yba at tkos.co.il  Sat Jul  5 21:45:51 2014
From: yba at tkos.co.il (Jonathan Ben Avraham)
Date: Sat, 5 Jul 2014 21:45:51 +0300 (IDT)
Subject: [JOB] freelancer for long-term
In-Reply-To: <53B7DB7F.4030408@yahoo.com>
References: <alpine.DEB.2.02.1407020848220.5628@tavas.tkos.co.il>
 <53B7DB7F.4030408@yahoo.com>
Message-ID: <alpine.DEB.2.02.1407052117250.8768@tavas.tkos.co.il>

Hi vordoo,
The projects range in time from one or two days per week for a year, 
to 12 hours a day for two months.

The work is

  * doing a board bring-up for a bleeding edge Broadcom board
  * porting a Windows command and control application to Linux
  * porting a video application from an old ARM SoC to a newer one with a newer kernel
  * write a gtk+2 desktop on LXDE
  * write a PCIe host-to-host bridge driver for a PLX chip
  * writing a high-level packet handling library for DPDK for DPI applications

and similar.
The rationale is that we have more projects than we can currently do, the 
expertise we need is in different areas, and the time frame is limited, so 
it makes sense to develop a pool of freelancers who can meet specific 
needs rather than to try to find a single salaried employee who would try 
to do everything. We would like to have the best of both worlds, meaning 
that we would like to develop a stable pool of consultants for the 
long-term.
Shavua tov,

  - yba



On Sat, 5 Jul 2014, vordoo wrote:

> Date: Sat, 05 Jul 2014 14:03:27 +0300
> From: vordoo <vordoo at yahoo.com>
> To: linux-il at cs.huji.ac.il
> Subject: Re: [JOB] freelancer for long-term
> 
> What kind of projects are you talking about? :
> -doing what?
> -for how long?
> (the where part is clear ;-)
> 
> Thanks!
> ?
> On 2014-07-02 09:23, Jonathan Ben Avraham wrote:
>       Dear colleages,
>       TkOS is looking for one or more freelancers or temporary salarieds to do short projects. We are interested in long-term relationships. That is,
>       in finding people who will be able to do several short term projects per year for several years.
>
>       Most of the projects require working with customers on-site, so mobility is a requirement. "On-site" can be from Rehovot to Carmiel, but is
>       usually between Rishon and Netanya. Presentability is also a requirement, meaning that you need to be able to make a favorable first impression
>       on a customer.
>
>       We are looking for people with skills that are focused in one or more of the following areas:
>
>       1. Linux system administration (Postfix/LDAP) and Perl/Python/Bash scripting
>
>       2. Embedded Linux design - boot loaders, boot strategies, flash layout, root filesystem design, understanding of toolchain technologies
>
>       3. Linux IP stack
> 
>
>       The ability to organize ideas on paper (yes, *paper*) in a way that customers can understand is *essential*.
>
>       If you are interested and you think that you might be qualified, please reply off-list to me <yba at tkos.co.il>, or to Baruch Siach
>       <baruch at tkos.co.il>.
>
>       TIA,
>
>       ?- yba
> 
> 
> 
> 
>

-- 
  9590 8E58 D30D 1660 C349  673D B205 4FC4 B8F5 B7F9  ~. .~  Tk Open Systems
=}-------- Jonathan Ben-Avraham ("yba") ----------ooO--U--Ooo------------{=
mailto:yba at tkos.co.il tel:+972.52.486.3386 http://tkos.co.il skype:benavrhm
-------------- next part --------------
_______________________________________________
Linux-il mailing list
Linux-il at cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il

From ori at helicontech.co.il  Sun Jul  6 06:49:06 2014
From: ori at helicontech.co.il (Ori Idan)
Date: Sun, 6 Jul 2014 06:49:06 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <CANy4znW-TRFaPYcx8b0e40hDUkxWnqJTZ+eOCat+9GowuqpkWg@mail.gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <CANy4znW-TRFaPYcx8b0e40hDUkxWnqJTZ+eOCat+9GowuqpkWg@mail.gmail.com>
Message-ID: <CACyhTRG-LVLX-nM4Aki9RGBXjTZpi+DCu44X0r5ind8N5wuekQ@mail.gmail.com>

Ok, I'll jump on this wagon,
I also want sponsorship, I ask for half the amount that Shlomi is asking.
I will use the money to buy a sailing yacht and sail around the world, Ok
maybe not around the world but at least in the Mediterranean.
In return to this generous sponsorship I will put the name of the company
on the sails of the yacht.
Note that sail areas is around 30 sqr. meters so there is a huge area for a
big add.
Any takers?

N.B. regard this message a humor (although I would not resist to really get
such donation) I already have my own company, however this company's
earnings at this point allow me to sponsor  a little more then Falafel dish
at a Kiosk stand, it still does not allow me to sponsor neither my own
yacht nor Shlomi's trip.

-- 
Ori Idan


On Sat, Jul 5, 2014 at 7:28 AM, Shlomi Fish <shlomif at gmail.com> wrote:

> Hi Geoffrey,
>
> hope you had a great Shabbath by the time you're reading it.
>
> You're raising some interesting points which I'd like to address, and I
> apologise if I weren't clear and explicit before.
>
>
>
> On Fri, Jul 4, 2014 at 10:35 AM, geoffrey mendelson <
> geoffreymendelson at gmail.com> wrote:
>
>>  On 7/4/2014 8:56 AM, Shlomi Fish wrote:
>>
>>      Hi all,
>>
>>  I wish to go on a Summer trip to Europe (flight to Istanbul and then
>> taking trains) where I:
>>
>>
>>
>> ROTFL.
>>
>> Not only do I not think this belongs on this list, but it's ridiculous.
>>
>
> Why do you feel it does not belong on this list? Many people here offer
> jobs or ask for jobs, and my offer can provide a lot of promotion and
> publicity to a company/individual/organisation who wishes to sponsor me.
>
> Regarding "ridiculous" there is
> http://www.shlomifish.org/humour/fortunes/show.cgi?id=same-ideas-as-everybody-else
> :
>
> ?
>
>  If you have the same ideas as everybody else, but have them one week
> earlier than everyone else - then you will be hailed as a visionary. But if
> you have them five years earlier, you will be named a lunatic.
>
> ?
>
> Some of the things I predicted and/or projected are:
>
> * http://www.advogato.org/article/361.html - world-editable screenplays
> for films back in 2001 - I was told it will likely not going to work, but
> now there are many screenplay projects which use wiki-style interfaces, and
> there quite a many successful world-editable-or-almost-world-editable wikis
> out there (e.g: the Wikimedia project, the Wikias,
> https://en.wikipedia.org/wiki/TV_Tropes ).
>
> * http://www.shlomifish.org/humour/human-hacking/ - in this story I
> describe FOSS (and to a lesser extent open content/culture) geeks, and
> especially female geeks, as chic, intelligent, attractive, socially
> capable, and sexually assertive, and not only are they mainstream, but they
> are the alphas - the constant object of attraction and often jealousy of
> their peers.
>
> Back after I finished writing it in 2004 and publicised it for scrutiny on
> the linux-elitists mailing list -
> http://www.shlomifish.org/humour/human-hacking/conclusions/#review--modus-operandi
> - I was criticised for making it look like being a FOSS/open-culture hacker
> was a gateway to popularity, but now it is quite common all around the
> world, as exemplified by the success of
> https://en.wikipedia.org/wiki/The_Big_Bang_Theory , and not only are
> almost all attractive female attracted to geeks, but most of them are
> geeky[Geeky] themselves, *and* yet they are not socially awkward or
> sexually inept.
>
> [Geeky] - see http://www.phdcomics.com/comics/archive.php?comicid=401 for
> what is a geek , as well as what Paul Graham wrote about amateurs and
> hackers.
>
>
>>
>> If I were in a position to sponsor anyone for more than a felafel at a
>> stand up kiosk, I would consider this so unreasonable that it's just
>> laughable. As I said, IF I were going to fund someone, I might consider a
>> plan that includes 2 $1,000 airplane tickets, and about $1,000 a week for
>> hotel, food, transportation within each country and train fare to the next
>> country, for a week in a country to give 4-5 FOSS lectures, and then move
>> on. You probably could start in the Irish Republic and bounce along to the
>> Russian Republic which would take around 15-20 weeks.
>>
>
> My lectures are not only about FOSS - they are also about free/open
> culture/content, and mix and match other topics such as
> love/romance/relationships, action, humour, history, science, amateur
> philosophy, etc. See:
>
> http://www.shlomifish.org/humour/fortunes/
>
> Anyway, you are right that I probably overestimated the cost and can
> survive on much less.
>
> Regarding Ireland -> Russia - I'm not interested only in software
> development hubs, but in general - every centre of commerce is game for me:
> Rome, Athens, Istanbul, Berlin, London, Madrid, Barcelona, Paris,
> Amsterdam, Copenhagen, Oslo, Stockholm, Vienna, Riga, Vilnius, Budapest,
> Bucharest, etc. etc.
>
>
>>
>> Or you could the same thing for about 1.5 times the money in the US,
>> which would take an entire year, one week per state.
>>
>
> I'm:
>
> 1. Not going to .us any time soon.
>
> 2. Not interested in being 100% comprehensive.
>
>
>>
>> But not just for a vacation, or for sponsorship opportunity, you would
>> have to show off your operating system that lots of people use, or your
>> office suite, Nobel Prize, or Olympic Medal.
>>
>
> I have many stories/screenplays, many aphorisms, quotes, Chuck Norris/etc.
> factoids, bits, programs, etc. Many people told me that they recognise my
> homepage and especially its EvilPHish emblem (See
> http://www.shlomifish.org/meta/FAQ/#evilphish-emblem ) and someone told
> me that I also look exactly like he though I would.
>
> And part of the reason why I'm going on tour is to gain more recognition
> and to practice my stand-up-philosophy.
>
>
>>
>> No use writing an editor, no one is interested in paying RMS to speak,
>> especially since he, as president of the FSF, ex ex *officio*
>> <https://www.google.co.il/search?es_sm=122&q=ex+officio&spell=1&sa=X&ei=yFi2U4mZIIK00wXM_IDQDg&ved=0CBkQvwUoAA>,
>> announced he was supporting the Palestinian Boycott of Israel.
>>
>>
> I didn't write an editor, but I wrote a lot of other useful software apps:
>
> * http://www.shlomifish.org/open-source/
>
> *
> http://blogs.perl.org/users/shlomi_fish/2013/03/ann-my-transition-from-software-developer-to-writerentertaineramateur-philosopherinternet-celebrity.html
>
> Quoting from it:
>
> <<<<<<<<<<<<<<<<<<<<<<<
> How to Achieve World Domination
>
> A lot of people think that the proper way to achieve world domination is
> to create an architecture that will solve the whole world's problems and
> then some <http://www.joelonsoftware.com/articles/fog0000000018.html>.
> We've been seeing quite a few of them since *Joel on Software* wrote this
> article: Ruby, Google Go, Node.js, Mozilla's Rust, Clojure, Scala, Perl 6,
> etc. Some of them have or will mature to something truly nice, or have
> inspired a lot of features in other languages, but it's hard for
> plain-old-single-you to compete with them, and here is something
> interesting: not too many people want them.
>
> What do people want? Chuck Norris/etc. factoids, lolcats and other
> captioned images, funny cat videos, parodies of *My Little Pony:
> Friendship is Magic* (?), photos of attractive (or even not too
> attractive) men and women, screencasts of games or other programs
> (including many open source programs), photos of scenery, new and improved
> recipes for preparing food (and of course - tasty food itself), new, old or
> renovated jokes, and some interesting tales and anecdotes from your life.
> And naturally - programs that can will scratch an itch - however small.
>
> Some people told me that my solver for Freecell and other solitaire games,
> simply called Freecell Solver <http://fc-solve.shlomifish.org/> is
> useless, but it's not - it's just a niche program. And I received hundreds
> of E-mails about it. Furthermore, given that Freecell is (or used to be) a
> big phenomenon in Israel, where many boys and girls starting from 18 found
> themselves playing it on the Israeli military
> <http://en.wikipedia.org/wiki/Israel_Defense_Forces> computers out of
> boredom, then the fact that I have written a solver for it, has impressed
> many people I talked with or met, including some attractive (both
> physically and intellectually) young ladies (or what people may refer to as
> "hot chicks"), and they ended up asking me about how it was written, and
> which algorithms it employed.
>
> So Freecell Solver was one of my most successful programs, not despite
> being a niche program, but because of it. Niche programs own. Not only
> that, but niche everything is great. Many people whom I referred to my
> stories <http://www.shlomifish.org/humour/stories/> helped themselves to
> the screenplay Star Trek: "We, the Living Dead"
> <http://www.shlomifish.org/humour/Star-Trek/We-the-Living-Dead/> *because*
> it contained Star Trek in the name, and because there are quite a few fans
> of the *Star Trek* franchise and worlds.
>
> The more of a niche artwork you write, the more a large subset of those
> who like it, are likely to pay attention to it, try it out, and enjoy it.
> For more information, see Eric Sink's excellent and inspiring essay "How
> to get people talking about your product"
> <http://www.ericsink.com/articles/Buzz.html>. For example, DuckDuckGo
> <http://en.wikipedia.org/wiki/DuckDuckGo> was originally marketed as a
> search engine by Perl geeks, and for Perl geeks, and it was a good
> marketing decision because the Perl community is small, cohesive and is at
> a good strategical position to influence other communities. Now, many
> people who are not Perl programmers, are using it, as well as, or even in
> preference to Google, but choosing Perl was a good strategical decision. We
> can expect that with the future growth of DuckDuckGo, that it will use more
> performant technologies than Perl more and more, but it will still owe some
> of its initial success to be a Perl product.
> >>>>>>>>>>>>>>>>>>
>
> Regarding RMS - I realise he became a persona non-grata in Israel and
> among some pro-Israeli Jews or non-Jews, but:
>
> 1. He is still a great man and a talented speaker (even if he is a very
> quirky fellow - or because of it).
>
> 2. His decision was acceptable given the circumstance.
>
> 3. I don't want to hold a grudge against him forever, because
> vindictiveness is immature. "To err is human, to forgive divine." - see
> http://en.wikipedia.org/wiki/Saladin .
>
> 4. Other people who wrote competing text editors can still be respected if
> their editors are successful. As usual with most programs out there, most
> programs fail to gain a critical mass, but a minority of them are
> successful. Bram Moolenaar is very respected for writing Vim, which became
> the Emacs of vi clones,  and I Respect the developers of Sublime Text even
> though I dislike the fact that it is non-FOSS. Some software niches don't
> have a visible dominant alternative, e.g: window managers/desktops.
>
> ================
>
> Thanks again and I hope I clarified everything now.
>
> Regards,
>
> -- Shlomi Fish
>
>
> --
> ------------------------------------------
> Shlomi Fish http://www.shlomifish.org/
>
> Chuck Norris helps the gods that help themselves.
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140706/099814a3/attachment-0001.html>

From geoffreymendelson at gmail.com  Sun Jul  6 07:48:03 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Sun, 06 Jul 2014 07:48:03 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>
Message-ID: <53B8D503.1030301@gmail.com>


> But your, Geoff, incendiary remarks re RMS, are quite out of place. 
> RMS' laudable stance on BDS is quite irrelevant to this list, in my 
> opinion.
>

Incendiary or not, his actions did have an effect upon the FOSS community.

Besides any direct effect in relation to RMS , the FSS and project GNU, 
which is debatable, it caused Larry Ellison, who is a big supporter of 
Israel in general and Sderot in particular to look elsewhere for his 
open source aspirations.

By the time Oracle bought SUN, Solaris had become almost another Linux 
distro. It included the SUN UNIX Kernel, and a lot of SUN proprietary 
stuff, but more than half of it was project GNU software. You could see 
that the intention was to replace the UNIX code with the GNU 
alternatives. SUN also released a copy of their UNIX code as open 
source, but not under GNU for legal reasons (most of it was already 
under BSD license).

So Oracle dropped the open source Solaris version, it still exists, but 
there is very little interest or support for it, and the GNU code is 
slowly being replaced with non open source UNIX code or BSD code.

BUT the biggest effect was that Open Office, which was supposed to be 
given to the FSF to help them replace their editor with something 
useful, never happened.

Instead it went to the Apache Foundation and has been released under 
their BSDish license.

So Marc, his actions may have been laudable or not, and my comments may 
have been incendiary or not, but in the end it means that we are even 
more so stuck with that f'ing editor. :-(

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140706/0be16f6c/attachment.html>

From esr+linux-il at g.jct.ac.il  Sun Jul  6 10:45:09 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Sun, 6 Jul 2014 10:45:09 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <53B8D503.1030301@gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>
 <53B8D503.1030301@gmail.com>
Message-ID: <CAHTx_BMXfa49BwYZu6CM4XUa+zCdiMGJ_DG65v7xEWHMz6n1zw@mail.gmail.com>

Re:all
//Taking flamebait... after a crazy topic lets have a crazy flamewar on
Israeli politics because we have nothing better to do with our lives.


2014-07-06 7:48 GMT+03:00 geoffrey mendelson <geoffreymendelson at gmail.com>:

>
>  But your, Geoff, incendiary remarks re RMS, are quite out of place. RMS'
> laudable stance on BDS is quite irrelevant to this list, in my opinion.
>
> I hope that was sarcastic, because his stance is that of a coward.
That said almost anyone with some "Sechel Yashar" knows RMS is bat shit
crazy (just like the BDS movement but that's OT).
Yes, he was part of the start of a great movement and for that we need to
be grateful but we don't need to listen to every word he has to say, if we
did most of the people on this list would probably have to stop using a
considerable amount of their daily digital conveniences.

Flame away,
Eliyahu - ?????

>
> Incendiary or not, his actions did have an effect upon the FOSS community.
>
> Besides any direct effect in relation to RMS , the FSS and project GNU,
> which is debatable, it caused Larry Ellison, who is a big supporter of
> Israel in general and Sderot in particular to look elsewhere for his open
> source aspirations.
>
> By the time Oracle bought SUN, Solaris had become almost another Linux
> distro. It included the SUN UNIX Kernel, and a lot of SUN proprietary
> stuff, but more than half of it was project GNU software. You could see
> that the intention was to replace the UNIX code with the GNU alternatives.
> SUN also released a copy of their UNIX code as open source, but not under
> GNU for legal reasons (most of it was already under BSD license).
>
> So Oracle dropped the open source Solaris version, it still exists, but
> there is very little interest or support for it, and the GNU code is slowly
> being replaced with non open source UNIX code or BSD code.
>
> BUT the biggest effect was that Open Office, which was supposed to be
> given to the FSF to help them replace their editor with something useful,
> never happened.
>
> Instead it went to the Apache Foundation and has been released under their
> BSDish license.
>
> So Marc, his actions may have been laudable or not, and my comments may
> have been incendiary or not, but in the end it means that we are even more
> so stuck with that f'ing editor. :-(
>
> Geoff.
>
> --
> Geoffrey S. Mendelson 4X1GM/N3OWJ
> Jerusalem Israel.
>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140706/952c44b8/attachment.html>

From geoffreymendelson at gmail.com  Mon Jul  7 10:51:35 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Mon, 07 Jul 2014 10:51:35 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <20140706225008.51e27aa8@telaviv1.shlomifish.org>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>	<53B6593E.7060905@gmail.com>	<20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>	<53B8D503.1030301@gmail.com>	<CAHTx_BMXfa49BwYZu6CM4XUa+zCdiMGJ_DG65v7xEWHMz6n1zw@mail.gmail.com>
 <20140706225008.51e27aa8@telaviv1.shlomifish.org>
Message-ID: <53BA5187.8030303@gmail.com>

On 7/6/2014 10:50 PM, Shlomi Fish wrote:
> Anyway, the GPLv3 or whatever licence the GNU sub-projects have does 
> not prevent me from using GNU software, so that's it.
The interesting point is that outside of a relatively small group of 
developers project GNU has no bearing on anything. Free (as in beer) 
software existed long before RMS, open source software, including 
operating systems, existed long before Linux, or even BSD. And it 
continues to exist long after.

I doubt that anyone one this list, or any other list for that matter, 
runs 100% GPL licensed software on their computers. They may be running 
only free and open source software, but I am sure some of it has a BSD 
type, or other license.

So to answer the question someone posed, would we be running the same 
thing as we are now if RMS never existed? Probably not. Something very 
close, YES. Would LINUX have existed? Maybe. Maybe Linus would have 
spent his time improving the free. open source, BSD instead. We actually 
may have been doing better because a lot of time and effort was spent in 
the 1990's producing GPL'ed version of BSD utilites that could have been 
spent elsewhere.

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.



From tzafrir at cohens.org.il  Mon Jul  7 11:57:58 2014
From: tzafrir at cohens.org.il (Tzafrir Cohen)
Date: Mon, 7 Jul 2014 10:57:58 +0200
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <53BA5187.8030303@gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>
 <53B8D503.1030301@gmail.com>
 <CAHTx_BMXfa49BwYZu6CM4XUa+zCdiMGJ_DG65v7xEWHMz6n1zw@mail.gmail.com>
 <20140706225008.51e27aa8@telaviv1.shlomifish.org>
 <53BA5187.8030303@gmail.com>
Message-ID: <20140707085758.GI2552@lemon.cohens.org.il>

On Mon, Jul 07, 2014 at 10:51:35AM +0300, geoffrey mendelson wrote:
> On 7/6/2014 10:50 PM, Shlomi Fish wrote:
> >Anyway, the GPLv3 or whatever licence the GNU sub-projects have
> >does not prevent me from using GNU software, so that's it.
> The interesting point is that outside of a relatively small group of
> developers project GNU has no bearing on anything. Free (as in beer)
> software existed long before RMS, open source software, including
> operating systems, existed long before Linux, or even BSD. And it
> continues to exist long after.
> 
> I doubt that anyone one this list, or any other list for that
> matter, runs 100% GPL licensed software on their computers. They may
> be running only free and open source software, but I am sure some of
> it has a BSD type, or other license.

The GNU system was intended to include X11 and TeX, so I doubt it if
that was actually a goal.

> 
> So to answer the question someone posed, would we be running the
> same thing as we are now if RMS never existed? Probably not.
> Something very close, YES. Would LINUX have existed? Maybe. Maybe
> Linus would have spent his time improving the free. open source, BSD
> instead. We actually may have been doing better because a lot of
> time and effort was spent in the 1990's producing GPL'ed version of
> BSD utilites that could have been spent elsewhere.

There wasn't that much good BSD code out there when the GNU project
started. BSD started provided a complete system at the beginning of the
1990-s. And shortly thereafter it got into a trial with AT&T. Also
shortly after development was halted and much of it moved to proprietary
forks. By then the basic system for Linux to use (sans kernel) was GNU.

-- 
Tzafrir Cohen         | tzafrir at jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir at cohens.org.il |                    |  best
tzafrir at debian.org    |                    | friend


From geoffreymendelson at gmail.com  Mon Jul  7 16:38:53 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Mon, 07 Jul 2014 16:38:53 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <20140707085758.GI2552@lemon.cohens.org.il>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <20B500CB-5491-4590-84BB-0E0D760FDC97@icloud.com>
 <53B8D503.1030301@gmail.com>
 <CAHTx_BMXfa49BwYZu6CM4XUa+zCdiMGJ_DG65v7xEWHMz6n1zw@mail.gmail.com>
 <20140706225008.51e27aa8@telaviv1.shlomifish.org>
 <53BA5187.8030303@gmail.com> <20140707085758.GI2552@lemon.cohens.org.il>
Message-ID: <53BAA2ED.3040708@gmail.com>

On 7/7/2014 11:57 AM, Tzafrir Cohen wrote:
> There wasn't that much good BSD code out there when the GNU project 
> started. BSD started provided a complete system at the beginning of 
> the 1990-s. And shortly thereafter it got into a trial with AT&T. Also 
> shortly after development was halted and much of it moved to 
> proprietary forks. By then the basic system for Linux to use (sans 
> kernel) was GNU. 

All I know is that in 1990 I bought an AT&T UNIX system which included 
the AT&T KERNEL, a lot of closed source software and a lot of open 
source BSD utilities. There was lots of open source programs for UNIX, 
many of them were public domain (similar to the BSD license). It did 
have X windows on it, but with my 2 meg of RAM 386SX, it would not run.

By 1995, I was purchasing CD ROMs, with BSD (scrubbed after the 
lawsuit), which came with a large library of UNIX code, and LINUX 
distros (more than one), which came with the BSD libraries.

GCC did not come into general use (or at all AFAIK) until SUN started 
selling Solaris, because SUNOS required you to compile and link modules 
to change KERNEL parameters, so it came with a C compiler and linker.

System 5 UNIX did not, you had to have a linker, but not a compiler, so 
the C compiler was not included and cost a lot of money. GCC was 
popularized so that people could compile things on their SUNS without 
spending a lot of money for a compiler.

So from my point of view, based on the early 1990's BSD was it, not 
Linux, and the GPL was not really important then. You could happily run 
an open source BSD system without any GPL'ed code, and except for the 
Linux KERNEL. happily run a Linux system without any.  Not counting all 
of those SUN computers that had come one the surplus market when they 
went to SPARC and then went to the pizzabox systems.

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.



From shlomif at gmail.com  Mon Jul  7 20:47:49 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Mon, 7 Jul 2014 20:47:49 +0300
Subject: Fwd: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <20140706233022.3e7a0f28@telaviv1.shlomifish.org>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <53B6593E.7060905@gmail.com>
 <CANy4znW-TRFaPYcx8b0e40hDUkxWnqJTZ+eOCat+9GowuqpkWg@mail.gmail.com>
 <CACyhTRG-LVLX-nM4Aki9RGBXjTZpi+DCu44X0r5ind8N5wuekQ@mail.gmail.com>
 <20140706233022.3e7a0f28@telaviv1.shlomifish.org>
Message-ID: <CANy4znWpx7v2m8iQ4xen4X+9ruLwNoAf_s=-MUpPXUS5RVwvmA@mail.gmail.com>

Silly spam stuff.

---------- Forwarded message ----------
From: Shlomi Fish <shlomif at shlomifish.org>
Date: Sun, Jul 6, 2014 at 11:30 PM
Subject: Re: Which company or individual can sponsor me on a summer trip to
Europe?
To: Ori Idan <ori at helicontech.co.il>
Cc: Shlomi Fish <shlomif at gmail.com>, Linux-IL <linux-il at cs.huji.ac.il>


Hi Ori,

On Sun, 6 Jul 2014 06:49:06 +0300
Ori Idan <ori at helicontech.co.il> wrote:

> Ok, I'll jump on this wagon,
> I also want sponsorship, I ask for half the amount that Shlomi is asking.
> I will use the money to buy a sailing yacht and sail around the world, Ok
> maybe not around the world but at least in the Mediterranean.
> In return to this generous sponsorship I will put the name of the company
> on the sails of the yacht.
> Note that sail areas is around 30 sqr. meters so there is a huge area for
a
> big add.
> Any takers?
>
> N.B. regard this message a humor (although I would not resist to really
get
> such donation)

It was kinda funny, in the same way that my Chuck Norris/etc. factoids (see
http://www.shlomifish.org/humour/fortunes/shlomif-factoids.html ) parody a
lot
of logical or philosophical truisms. And I gently parody Chuck Norris
factoids
themselves, with Summer Glau factoids.

> I already have my own company, however this company's
> earnings at this point allow me to sponsor  a little more then Falafel
dish
> at a Kiosk stand, it still does not allow me to sponsor neither my own
> yacht nor Shlomi's trip.
>

I wouldn't mind an invitation for a meal or a drink (with a chat - see:
https://www.flickr.com/photos/shlomif/14354321309/ ), but perhaps you should
rethink your strategy. A good action hero (a.k.a a "hacker") knows how to
change
direction, perhaps understanding that many beliefs held in the past for
years
or decades are wrong now.

Here are some business models which i believe are sustainable:

1. Collect donations or ask for money for public appearances in advance -
see
https://plus.google.com/+ShlomiFish/posts/GUpTuA6641x .

2. The Flickr model - charge people for a premium model.

3. The Bandcamp/Humble-Bundle model - pay what you want (people can be very
generous).

4. The cloud model - pay for hosting or a MMORPG account
(World-of-Warcraft/etc.) or whatever.

5. Pay to liberate - collect money to make a CC-by-nc-sa work CC-by/etc.

Regards,

-- Shlomi Fish


--
-----------------------------------------------------------------
Shlomi Fish       http://www.shlomifish.org/
Chuck Norris/etc. Facts - http://www.shlomifish.org/humour/bits/facts/

Judaism: God knows you will do shit, does nothing to prevent it, but makes
you
take the blame for it anyways.

Please reply to list if it's a mailing list post - http://shlom.in/reply .



-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140707/ffead7d3/attachment-0001.html>

From shlomif at gmail.com  Thu Jul 10 08:33:33 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Thu, 10 Jul 2014 08:33:33 +0300
Subject: Which company or individual can sponsor me on a summer trip to
 Europe?
In-Reply-To: <CAA8-RXh0vFi_X4EEbhfZSjowEBsPyAc5oOOFfw-fvjLqXYA-OQ@mail.gmail.com>
References: <CANy4znWPM8XftMjxRZ+=PXsDPZFt-wmfFSY49nWdmpO2rNk2Ww@mail.gmail.com>
 <CAA8-RXh0vFi_X4EEbhfZSjowEBsPyAc5oOOFfw-fvjLqXYA-OQ@mail.gmail.com>
Message-ID: <CANy4znWR6oG=PhwGD1F5wFrq87UkOUV+QBCD_=FoxMVMd4erQg@mail.gmail.com>

Hi Orna,

I'm thinking of renting a room for Stand-up philosophy sessions where
people can donate money at any time.

Thanks for letting me reply to the list . I opted for that.

Regards,

-- Shlomi Fish


On Mon, Jul 7, 2014 at 10:35 PM, Orna Agmon Ben-Yehuda <ladypine at gmail.com>
wrote:

> Shlomi,
>
> You said you were interested in commerce centers. How about making your
> offer directly commercial: instead of asking for a sponsorship in Israel
> (and repay it in a not-well-defined coin), seek a sponsorship from those
>  who wish to attend your talks, and repay them with a hard coin of letting
> them enjoy your talks.
>
> I am writing to you in private, but it is ok if you would like to take
> this back to the list.
>
> Orna
>
>
> On Fri, Jul 4, 2014 at 8:56 AM, Shlomi Fish <shlomif at gmail.com> wrote:
>
>> Hi all,
>>
>> I wish to go on a Summer trip to Europe (flight to Istanbul and then
>> taking trains) where I:
>>
>> 1. Eat good food and drinks.
>>
>> 2. Have a good company of people I know from Freenode or other social
>> media outlets, as well as people I just met.
>>
>> 3. Have clean, creative, fun.
>>
>> At age 37 (I'm 1977 born) I want to start living a little.
>>
>> For this I need the sponsorship of a company or individual. What I will
>> give in exchange is:
>>
>> 1. Being proud to be sponsored by the company and speaking its praise.
>>
>> 2. Donate some of the revenues from my activities, such as Stand-up
>> philosophy ( https://plus.google.com/+ShlomiFish/posts/GUpTuA6641x ),
>> revenues from screenplays and stories, donations, paid invitations, etc.
>> back to the sponsor.
>>
>> 3. Contribute to the company's social media presence.
>>
>> ----
>>
>> For now I think I'll need between 200,000 USD and 500,000 USD, as well as
>> finding a paid escort/guide. It's also first-come-first-served.
>>
>> If you or your company can do that, please contact me via E-mail at
>> shlomif at shlomifish.org or GChat/GTalk/GoogleHangouts at shlomif at gmail.com
>> .
>>
>> For more information, see my essay and links:
>>
>> https://plus.google.com/+ShlomiFish/posts/i5Z8XdqTdwE
>>
>> This took an unexpected turn as it progressed.
>>
>> Regards and thanks,
>>
>> -- Shlomi Fish
>>
>>
>> --
>> ------------------------------------------
>> Shlomi Fish http://www.shlomifish.org/
>>
>> Chuck Norris helps the gods that help themselves.
>>
>> Please reply to list if it's a mailing list post - http://shlom.in/reply
>> .
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
>
> --
> Orna Agmon Ben-Yehuda.
> http://ladypine.org
>



-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/24d0fbb8/attachment.html>

From erez0001 at gmail.com  Thu Jul 10 09:08:40 2014
From: erez0001 at gmail.com (Erez D)
Date: Thu, 10 Jul 2014 09:08:40 +0300
Subject: diff/patch rootfs
Message-ID: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>

hello


i am dealing with rootfs images  i install on embedded linux

from time to time i update the rootfs - add some file, remove other,
update others, mknod etc ...

currently, when i do this, i need to reinstall the image

i am looking to create a patch, i can patch an old rootfs to update it

however, diff does not handle create file, remove file, special files
and binary files very well

i am looking for a tool that can do that.

anyone ?


btw: distro is emdebian/debian on armel

thanks,
erez.


From shlomif at gmail.com  Thu Jul 10 09:22:16 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Thu, 10 Jul 2014 09:22:16 +0300
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson Getting
 Interviewed for a Tech Job" under CC-by
Message-ID: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>

Hi all,

you can find the Indiegogo campaign here:

*
https://www.indiegogo.com/projects/emma-watson-tech-interview-story-make-ccby/x/8136150

* https://twitter.com/shlomif/status/486970414610923520

* https://www.facebook.com/shlomi.fish/posts/10152143825556981

* https://plus.google.com/+ShlomiFish/posts/XSgj2fgYaZ1

Reading from the links:

<<<<<<<<<<<<
Not only about that, but about allowing me to create such future artworks
and essays, while becoming financially independent. I'm OK with getting a
part time job, but I refuse to be a wage slave (and it's mentioned in the
link).
>>>>>>>>>>>>

Please donate even if it's just a dollar or two, and please help spread the
word, if you found my stories, aphorisms, articles and essays (including
the blog/Twitter/G+/Facebook/Reddit/etc. posts) of inspiration and
enlightenment. I want proof that there are good people in the world.

Best regards,

-- Shlomi Fish

P.S: incidentally, some of the people who most needed to read the original
screenplay (= the wage slaves) did not due to "lack of time" , even though
it was not long.

-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/d8278f06/attachment.html>

From pub at goldshmidt.org  Thu Jul 10 09:54:26 2014
From: pub at goldshmidt.org (Oleg Goldshmidt)
Date: Thu, 10 Jul 2014 09:54:26 +0300
Subject: diff/patch rootfs
In-Reply-To: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
Message-ID: <87mwchhffh.fsf@goldshmidt.org>

Erez D <erez0001 at gmail.com> writes:

> hello
>
> i am dealing with rootfs images  i install on embedded linux
>
> from time to time i update the rootfs - add some file, remove other,
> update others, mknod etc ...
>
> currently, when i do this, i need to reinstall the image
>
> i am looking to create a patch, i can patch an old rootfs to update it
>
> however, diff does not handle create file, remove file, special files
> and binary files very well
>
> i am looking for a tool that can do that.
>
> anyone ?
>
> btw: distro is emdebian/debian on armel

Proper (IMHO) solution - package your updates (in .deb in your case, I
presume). This includes modifying existing packages if you need to roll
your own stuff - to avoid clashes.
 
Barring that, rsync is the first thing that comes to my mind. 

I assume I don't need to remind you to be very, very careful, especially
with --delete. ;-)

I suppose if you screw up an update you can still reinstall as today,
right?

Possible enhancements (going on a tangent here):

I don't know your circumstances, nor am I familiar with emdebian, but
personally I'd prefer to get as much as possible packaged from the
distro and not touch rootfs by hand, and keep my own stuff on a separate
partition (that I can clobber, e.g., with rsync, even multiple times if
things go wrong).

I realize this may not be an option, so back to rootfs. Have you
considered having 2 partitions side-by-side and swapping old for new
(that you have, e.g., rsync'ed, etc.) with the possibility of rolling
back?  Once new is running you can update old, too, if it is needed to
prepare for the next upgrade. The second partition will cost you some
space, of course...

-- 
Oleg Goldshmidt | pub at goldshmidt.org


From const at makelinux.co.il  Thu Jul 10 09:54:51 2014
From: const at makelinux.co.il (Constantine Shulyupin)
Date: Thu, 10 Jul 2014 09:54:51 +0300
Subject: diff/patch rootfs
In-Reply-To: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
Message-ID: <CAE7jHC8WgnKb10t9vdiV5uBHfGtCBzYP5WUMTGMQrtKbpKBWzw@mail.gmail.com>

Simple solution:
1. diff -N, --new-file                  treat absent files as empty

Comprehensive solution:
2. create git repository on rootfs and work with git init, commit,
diff, git-format-patch, am

On Thu, Jul 10, 2014 at 9:08 AM, Erez D <erez0001 at gmail.com> wrote:
> hello
>
>
> i am dealing with rootfs images  i install on embedded linux
>
> from time to time i update the rootfs - add some file, remove other,
> update others, mknod etc ...
>
> currently, when i do this, i need to reinstall the image
>
> i am looking to create a patch, i can patch an old rootfs to update it
>
> however, diff does not handle create file, remove file, special files
> and binary files very well
>
> i am looking for a tool that can do that.
>
> anyone ?
>
>
> btw: distro is emdebian/debian on armel
>
> thanks,
> erez.
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il



-- 
Constantine Shulyupin
http://www.MakeLinux.co.il/
Embedded Linux Systems
Tel Aviv


From erez0001 at gmail.com  Thu Jul 10 10:25:36 2014
From: erez0001 at gmail.com (Erez D)
Date: Thu, 10 Jul 2014 10:25:36 +0300
Subject: diff/patch rootfs
In-Reply-To: <87mwchhffh.fsf@goldshmidt.org>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
 <87mwchhffh.fsf@goldshmidt.org>
Message-ID: <CAMUp3wmwXdDEMnN7MUNH9QS+c8sDK3nRjbcJrENCEz9NXH1=ug@mail.gmail.com>

On Thu, Jul 10, 2014 at 9:54 AM, Oleg Goldshmidt <pub at goldshmidt.org> wrote:
> Erez D <erez0001 at gmail.com> writes:
>
>> hello
>>
>> i am dealing with rootfs images  i install on embedded linux
>>
>> from time to time i update the rootfs - add some file, remove other,
>> update others, mknod etc ...
>>
>> currently, when i do this, i need to reinstall the image
>>
>> i am looking to create a patch, i can patch an old rootfs to update it
>>
>> however, diff does not handle create file, remove file, special files
>> and binary files very well
>>
>> i am looking for a tool that can do that.
>>
>> anyone ?
>>
>> btw: distro is emdebian/debian on armel
>
> Proper (IMHO) solution - package your updates (in .deb in your case, I
> presume). This includes modifying existing packages if you need to roll
> your own stuff - to avoid clashes.
interesting idea, altough seems trivial, it never came into mind
however:
1. will take a lot of work (note that i overwrite some of debian's
file with my own, and will need to resove this)
2. will be a big patch (and i pay by the byte, have low flash/ram. and
must be done offline)

currently i need something simpler, which will be small, offline

>
> Barring that, rsync is the first thing that comes to my mind.
that was my first idea, however it need to be done offline.
searched to see if rsync creates diffs,  and never found any info about this ...

>
> I assume I don't need to remind you to be very, very careful, especially
> with --delete. ;-)
sure
>
> I suppose if you screw up an update you can still reinstall as today,
> right?
yes, if i have access to the product (which is not always true)

>
> Possible enhancements (going on a tangent here):
>
> I don't know your circumstances, nor am I familiar with emdebian, but
> personally I'd prefer to get as much as possible packaged from the
> distro and not touch rootfs by hand, and keep my own stuff on a separate
> partition (that I can clobber, e.g., with rsync, even multiple times if
> things go wrong).
no problems with emdebian
>
> I realize this may not be an option, so back to rootfs. Have you
> considered having 2 partitions side-by-side and swapping old for new
> (that you have, e.g., rsync'ed, etc.) with the possibility of rolling
> back?  Once new is running you can update old, too, if it is needed to
> prepare for the next upgrade. The second partition will cost you some
> space, of course...

think of a software patch to a filesystem, like (god forbid ;-)
windows-update ;-)

>
> --
> Oleg Goldshmidt | pub at goldshmidt.org


From linux-il at shimi.net  Thu Jul 10 10:34:16 2014
From: linux-il at shimi.net (shimi)
Date: Thu, 10 Jul 2014 10:34:16 +0300
Subject: diff/patch rootfs
In-Reply-To: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
Message-ID: <CAKnt4U-=kFa5dmWQa5YjWv5wot6HkcFsZK5xQR3WpLc8ik7oVA@mail.gmail.com>

On Thu, Jul 10, 2014 at 9:08 AM, Erez D <erez0001 at gmail.com> wrote:

> hello
>
>
> i am dealing with rootfs images  i install on embedded linux
>
> from time to time i update the rootfs - add some file, remove other,
> update others, mknod etc ...
>
> currently, when i do this, i need to reinstall the image
>
> i am looking to create a patch, i can patch an old rootfs to update it
>
> however, diff does not handle create file, remove file, special files
> and binary files very well
>
> i am looking for a tool that can do that.
>
> anyone ?
>
>
>
If modifying an _image_ is your purpose, and you want to avoid distributing
the whole image, and you can do that 'offline' (i.e. you have two
partitions, one active, second for upgrade and boot from - so you don't
touch a system with a mounted filesystem), and you have your way to manage
this versioning (i.e. you know for a fact what the previous image blob is,
so what you need is really the blocks that changed from it) - maybe take a
look at http://xdelta.org/

-- Shimi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/49a839b9/attachment.html>

From rabin at rabin.io  Thu Jul 10 10:39:59 2014
From: rabin at rabin.io (Rabin Yasharzadehe)
Date: Thu, 10 Jul 2014 10:39:59 +0300
Subject: diff/patch rootfs
In-Reply-To: <CAKnt4U-=kFa5dmWQa5YjWv5wot6HkcFsZK5xQR3WpLc8ik7oVA@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
 <CAKnt4U-=kFa5dmWQa5YjWv5wot6HkcFsZK5xQR3WpLc8ik7oVA@mail.gmail.com>
Message-ID: <CABKuJEDgtyny2AAny2r6PzE6LkwDh-OcsPuaY3zO_jcTYT31VQ@mail.gmail.com>

I was just about to write the same suggesting,
on my current Android ROM (OmniROM) i have update system called OpenDelta
which use xdelta to create the the update images.

you can look at the code in github -
https://github.com/omnirom/android_packages_apps_OpenDelta


*--Rabin*


On Thu, Jul 10, 2014 at 10:34 AM, shimi <linux-il at shimi.net> wrote:

> On Thu, Jul 10, 2014 at 9:08 AM, Erez D <erez0001 at gmail.com> wrote:
>
>> hello
>>
>>
>> i am dealing with rootfs images  i install on embedded linux
>>
>> from time to time i update the rootfs - add some file, remove other,
>> update others, mknod etc ...
>>
>> currently, when i do this, i need to reinstall the image
>>
>> i am looking to create a patch, i can patch an old rootfs to update it
>>
>> however, diff does not handle create file, remove file, special files
>> and binary files very well
>>
>> i am looking for a tool that can do that.
>>
>> anyone ?
>>
>>
>>
> If modifying an _image_ is your purpose, and you want to avoid
> distributing the whole image, and you can do that 'offline' (i.e. you have
> two partitions, one active, second for upgrade and boot from - so you don't
> touch a system with a mounted filesystem), and you have your way to manage
> this versioning (i.e. you know for a fact what the previous image blob is,
> so what you need is really the blocks that changed from it) - maybe take a
> look at http://xdelta.org/
>
> -- Shimi
>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/185b1bf9/attachment.html>

From erez0001 at gmail.com  Thu Jul 10 11:55:53 2014
From: erez0001 at gmail.com (Erez D)
Date: Thu, 10 Jul 2014 11:55:53 +0300
Subject: diff/patch rootfs
In-Reply-To: <CABKuJEDgtyny2AAny2r6PzE6LkwDh-OcsPuaY3zO_jcTYT31VQ@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
 <CAKnt4U-=kFa5dmWQa5YjWv5wot6HkcFsZK5xQR3WpLc8ik7oVA@mail.gmail.com>
 <CABKuJEDgtyny2AAny2r6PzE6LkwDh-OcsPuaY3zO_jcTYT31VQ@mail.gmail.com>
Message-ID: <CAMUp3wnSr6K2_vOa2eRN0JMDjy_+0FK-omvqAXUP55S9t1Mm2Q@mail.gmail.com>

to make it clear:
i need to compare two directory trees - old and new, both holds files,
binaries, special files, symbolic and hard links. and create a patch
file

than, on another system which has a copy of the old dir tree (and
possible some modifications), i need to patch it to make it a 'new'

what i would like to have is somthing like rsync, which can create a
diff file ...

On Thu, Jul 10, 2014 at 10:39 AM, Rabin Yasharzadehe <rabin at rabin.io> wrote:
> I was just about to write the same suggesting,
> on my current Android ROM (OmniROM) i have update system called OpenDelta
> which use xdelta to create the the update images.
>
> you can look at the code in github -
> https://github.com/omnirom/android_packages_apps_OpenDelta
>
> --
> Rabin
>
>
> On Thu, Jul 10, 2014 at 10:34 AM, shimi <linux-il at shimi.net> wrote:
>>
>> On Thu, Jul 10, 2014 at 9:08 AM, Erez D <erez0001 at gmail.com> wrote:
>>>
>>> hello
>>>
>>>
>>> i am dealing with rootfs images  i install on embedded linux
>>>
>>> from time to time i update the rootfs - add some file, remove other,
>>> update others, mknod etc ...
>>>
>>> currently, when i do this, i need to reinstall the image
>>>
>>> i am looking to create a patch, i can patch an old rootfs to update it
>>>
>>> however, diff does not handle create file, remove file, special files
>>> and binary files very well
>>>
>>> i am looking for a tool that can do that.
>>>
>>> anyone ?
>>>
>>>
>>
>> If modifying an _image_ is your purpose, and you want to avoid
>> distributing the whole image, and you can do that 'offline' (i.e. you have
>> two partitions, one active, second for upgrade and boot from - so you don't
>> touch a system with a mounted filesystem), and you have your way to manage
>> this versioning (i.e. you know for a fact what the previous image blob is,
>> so what you need is really the blocks that changed from it) - maybe take a
>> look at http://xdelta.org/
>>
>> -- Shimi
>>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>


From dyasny at gmail.com  Thu Jul 10 16:24:58 2014
From: dyasny at gmail.com (Dan Yasny)
Date: Thu, 10 Jul 2014 09:24:58 -0400
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
Message-ID: <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>

This is the kind of spam that kills an otherwise good and useful mailing
list and community.


On Thu, Jul 10, 2014 at 2:22 AM, Shlomi Fish <shlomif at gmail.com> wrote:

> Hi all,
>
> you can find the Indiegogo campaign here:
>
> *
> https://www.indiegogo.com/projects/emma-watson-tech-interview-story-make-ccby/x/8136150
>
> * https://twitter.com/shlomif/status/486970414610923520
>
> * https://www.facebook.com/shlomi.fish/posts/10152143825556981
>
> * https://plus.google.com/+ShlomiFish/posts/XSgj2fgYaZ1
>
> Reading from the links:
>
> <<<<<<<<<<<<
> Not only about that, but about allowing me to create such future artworks
> and essays, while becoming financially independent. I'm OK with getting a
> part time job, but I refuse to be a wage slave (and it's mentioned in the
> link).
> >>>>>>>>>>>>
>
> Please donate even if it's just a dollar or two, and please help spread
> the word, if you found my stories, aphorisms, articles and essays
> (including the blog/Twitter/G+/Facebook/Reddit/etc. posts) of inspiration
> and enlightenment. I want proof that there are good people in the world.
>
> Best regards,
>
> -- Shlomi Fish
>
> P.S: incidentally, some of the people who most needed to read the original
> screenplay (= the wage slaves) did not due to "lack of time" , even though
> it was not long.
>
> --
> ------------------------------------------
> Shlomi Fish http://www.shlomifish.org/
>
> Chuck Norris helps the gods that help themselves.
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/0b60718a/attachment.html>

From amos.shapira at gmail.com  Thu Jul 10 16:44:41 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Thu, 10 Jul 2014 23:44:41 +1000
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
Message-ID: <CAF9n_WV5dr3DFxea8fvDhoz7wdcxTAOETe+1564SKoY6smVZ5Q@mail.gmail.com>

On 10 July 2014 23:24, Dan Yasny <dyasny at gmail.com> wrote:

> This is the kind of spam that kills an otherwise good and useful mailing
> list and community.
>

+1.


>
>
> On Thu, Jul 10, 2014 at 2:22 AM, Shlomi Fish <shlomif at gmail.com> wrote:
>
>> Hi all,
>>
>> you can find the Indiegogo campaign here:
>>
>> *
>> https://www.indiegogo.com/projects/emma-watson-tech-interview-story-make-ccby/x/8136150
>>
>> * https://twitter.com/shlomif/status/486970414610923520
>>
>> * https://www.facebook.com/shlomi.fish/posts/10152143825556981
>>
>> * https://plus.google.com/+ShlomiFish/posts/XSgj2fgYaZ1
>>
>> Reading from the links:
>>
>> <<<<<<<<<<<<
>> Not only about that, but about allowing me to create such future artworks
>> and essays, while becoming financially independent. I'm OK with getting a
>> part time job, but I refuse to be a wage slave (and it's mentioned in the
>> link).
>> >>>>>>>>>>>>
>>
>> Please donate even if it's just a dollar or two, and please help spread
>> the word, if you found my stories, aphorisms, articles and essays
>> (including the blog/Twitter/G+/Facebook/Reddit/etc. posts) of inspiration
>> and enlightenment. I want proof that there are good people in the world.
>>
>> Best regards,
>>
>> -- Shlomi Fish
>>
>> P.S: incidentally, some of the people who most needed to read the
>> original screenplay (= the wage slaves) did not due to "lack of time" ,
>> even though it was not long.
>>
>> --
>> ------------------------------------------
>> Shlomi Fish http://www.shlomifish.org/
>>
>> Chuck Norris helps the gods that help themselves.
>>
>> Please reply to list if it's a mailing list post - http://shlom.in/reply
>> .
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
 [image: View my profile on LinkedIn]
<http://www.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/9a01c772/attachment-0001.html>

From shlomif at gmail.com  Thu Jul 10 20:00:00 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Thu, 10 Jul 2014 20:00:00 +0300
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
Message-ID: <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>

Hello Dan,

On Thu, Jul 10, 2014 at 4:24 PM, Dan Yasny <dyasny at gmail.com> wrote:

> This is the kind of spam that kills an otherwise good and useful mailing
> list and community.
>
>
1. What makes you feel this is "spam"? I don't see it as unoslicited bulk
E-mail.

2. What makes you feel it kills a good and useful mailing list?

Vague complaints are vague. ;-)

---------

For the record, I tolerate things that are of much lower SNR here like job
offers for which hardly anyone here is qualified or is willing to apply,
and this is on topic here despite (or even due to) being fiction.

Regards,

-- Shlomi Fish

 P.S: next time - please trim your reply.

-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/8b5864cb/attachment.html>

From dyasny at gmail.com  Thu Jul 10 20:16:34 2014
From: dyasny at gmail.com (Dan Yasny)
Date: Thu, 10 Jul 2014 13:16:34 -0400
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
 <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>
Message-ID: <CALLXwb5b9sbRLRCfWG-74MTpxPg_-2N1nHCbjOyJda1wJ5LR=w@mail.gmail.com>

On Thu, Jul 10, 2014 at 1:00 PM, Shlomi Fish <shlomif at gmail.com> wrote:
>
> 1. What makes you feel this is "spam"? I don't see it as unoslicited bulk
> E-mail.
>

Any email sent to a list is "bulk". And I didn't, in any way, solicit this
Emma Watson bs, nor your pleas for funding or support. The very least you
could do, out of common courtesy (I really hope you know what that is) is
mark your email as offtopic, you know, like everyone in every other LUG
does, with the [OT] marker in the subject? This way I, and anyone else not
interested in anything but the technology this list is about, can filter it
out, and let you keep spamming those who are for some reason interested.


>
> 2. What makes you feel it kills a good and useful mailing list?
>

As soon as a list(/community/forum/etc) turns into an offtopic promoting
medium, the useful and productive community members leave. I've managed
enough forums to see that happen.


>
> Vague complaints are vague. ;-)
>
>
Nothing is vague here. This is off topic, your stories aren't interesting,
aren't funny and would not belong in a LUG, even if they were.


> ---------
>
> For the record, I tolerate things that are of much lower SNR here like job
> offers for which hardly anyone here is qualified or is willing to apply,
> and this is on topic here despite (or even due to) being fiction.
>

Job offers at least, are related to the tech that this list is there to
discuss. I'm not saying everything has to be about technology, but what you
are posting is utterly elsewhere.


>
> Regards,
>
> -- Shlomi Fish
>
>  P.S: next time - please trim your reply.
>
> --
> ------------------------------------------
> Shlomi Fish http://www.shlomifish.org/
>
> Chuck Norris helps the gods that help themselves.
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140710/9ebd9645/attachment.html>

From shlomif at gmail.com  Fri Jul 11 09:34:48 2014
From: shlomif at gmail.com (Shlomi Fish)
Date: Fri, 11 Jul 2014 09:34:48 +0300
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CALLXwb5b9sbRLRCfWG-74MTpxPg_-2N1nHCbjOyJda1wJ5LR=w@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
 <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>
 <CALLXwb5b9sbRLRCfWG-74MTpxPg_-2N1nHCbjOyJda1wJ5LR=w@mail.gmail.com>
Message-ID: <CANy4znXF65oM8vs_prDv-uHcbWamLjKGT7H2GZfaCZpUqLf2ng@mail.gmail.com>

Hello Dan,

thanks for clarifying your position. Let me reply.


On Thu, Jul 10, 2014 at 8:16 PM, Dan Yasny <dyasny at gmail.com> wrote:

>
>
>
> On Thu, Jul 10, 2014 at 1:00 PM, Shlomi Fish <shlomif at gmail.com> wrote:
>>
>> 1. What makes you feel this is "spam"? I don't see it as unoslicited bulk
>> E-mail.
>>
>
> Any email sent to a list is "bulk". And I didn't, in any way, solicit this
> Emma Watson bs, nor your pleas for funding or support.
>

In this case, I may well as argue that a job offer for a Java Enterprise
software developer with 5 years of experience in Java sent to this list is
spam as well, because: 1. It's bulk. 2. I didn't solicit it nor am
interested in it. But I don't argue that is the case.



> The very least you could do, out of common courtesy (I really hope you
> know what that is) is mark your email as offtopic, you know, like everyone
> in every other LUG does, with the [OT] marker in the subject?
>

I don't feel it is offtopic. The fictional interview highlights several
real problems with the software industry. Like I said earlier, some people
get a knee-jerk reaction to fiction, but fiction is not only often an
effective tool as writing an essay, but often superior. A lot of ink was
spilled about how the concept of an Abrahamic God was harmful until this
delivered a swift deathblow to it -
http://www.roflcat.com/ceiling-cat-is-watching-you-masturbate .
Furthermore, there was a significant risk that the USA will get carried
away into unnecessary paranoia during the late 60s until Sesame Street
started airing as a show depicting a happy, safe, carefree street where
children live and have fun together with adults, animated animals and even
cute furry monsters (!!).

Nevertheless, I am willing to mark it as "[Slightly OT]".


> This way I, and anyone else not interested in anything but the technology
> this list is about, can filter it out, and let you keep spamming those who
> are for some reason interested.
>
>
>>
>> 2. What makes you feel it kills a good and useful mailing list?
>>
>
> As soon as a list(/community/forum/etc) turns into an offtopic promoting
> medium, the useful and productive community members leave. I've managed
> enough forums to see that happen.
>
>

There may be a more significant risk of this list becoming overly dry, too
inbred (see
http://www.shlomifish.org/humour/fortunes/show.cgi?id=larry-wall-all-truth-is-gods-truh
), and too routine. We need to constantly seek external influences: from
other operating systems, from other fields of knowledge, from popular and
not so popular culture, from linguistics, history and humanities, from
ancient sources, etc.

Otherwise we risk stagnation. My post was not off-topic, just made use of
some popular culture metaphors. Do you  agree?


>
>> Vague complaints are vague. ;-)
>>
>>
> Nothing is vague here. This is off topic, your stories aren't interesting,
> aren't funny and would not belong in a LUG, even if they were.
>

First of all you're stating these things as facts instead of saying "I
don't find them interesting, funny, etc." or "IMHO, they are non funny".
Like someone once told me "In my opinion, it's a fact.". You'll evoke much
less antagonism if you follow this guideline.

For the record, quite a few people told me that they liked one or more of
the things I wrote, and if you ask me - if one person besides me enjoyed my
work - it was a spectacular success:

https://plus.google.com/+ShlomiFish/posts/UdiPzsSGc66

I don't mind writing a study / midrash of the Emma Watson interview story
for those who are not familiar with its sources and subtleties, but many
people liked it even without that.

------------

I hope I made myself clear. Please reply to the list if you have any
further objections or comments.

Best regards,

-- Shlomi Fish

-- 
------------------------------------------
Shlomi Fish http://www.shlomifish.org/

Chuck Norris helps the gods that help themselves.

Please reply to list if it's a mailing list post - http://shlom.in/reply .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140711/45edcb0e/attachment.html>

From amos.shapira at gmail.com  Fri Jul 11 10:17:46 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Fri, 11 Jul 2014 17:17:46 +1000
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CANy4znXF65oM8vs_prDv-uHcbWamLjKGT7H2GZfaCZpUqLf2ng@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
 <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>
 <CALLXwb5b9sbRLRCfWG-74MTpxPg_-2N1nHCbjOyJda1wJ5LR=w@mail.gmail.com>
 <CANy4znXF65oM8vs_prDv-uHcbWamLjKGT7H2GZfaCZpUqLf2ng@mail.gmail.com>
Message-ID: <CAF9n_WXgP9bya8+4NOcRQrmQ-wO5H+ymgbtkUc5M2OVi1gAB5w@mail.gmail.com>

https://i.chzbgr.com/maxW500/1366510848/h28F3DD64/


On 11 July 2014 16:34, Shlomi Fish <shlomif at gmail.com> wrote:

> Hello Dan,
>
> thanks for clarifying your position. Let me reply.
>
>
> On Thu, Jul 10, 2014 at 8:16 PM, Dan Yasny <dyasny at gmail.com> wrote:
>
>>
>>
>>
>> On Thu, Jul 10, 2014 at 1:00 PM, Shlomi Fish <shlomif at gmail.com> wrote:
>>>
>>> 1. What makes you feel this is "spam"? I don't see it as unoslicited
>>> bulk E-mail.
>>>
>>
>> Any email sent to a list is "bulk". And I didn't, in any way, solicit
>> this Emma Watson bs, nor your pleas for funding or support.
>>
>
> In this case, I may well as argue that a job offer for a Java Enterprise
> software developer with 5 years of experience in Java sent to this list is
> spam as well, because: 1. It's bulk. 2. I didn't solicit it nor am
> interested in it. But I don't argue that is the case.
>
>
>
>> The very least you could do, out of common courtesy (I really hope you
>> know what that is) is mark your email as offtopic, you know, like everyone
>> in every other LUG does, with the [OT] marker in the subject?
>>
>
> I don't feel it is offtopic. The fictional interview highlights several
> real problems with the software industry. Like I said earlier, some people
> get a knee-jerk reaction to fiction, but fiction is not only often an
> effective tool as writing an essay, but often superior. A lot of ink was
> spilled about how the concept of an Abrahamic God was harmful until this
> delivered a swift deathblow to it -
> http://www.roflcat.com/ceiling-cat-is-watching-you-masturbate .
> Furthermore, there was a significant risk that the USA will get carried
> away into unnecessary paranoia during the late 60s until Sesame Street
> started airing as a show depicting a happy, safe, carefree street where
> children live and have fun together with adults, animated animals and even
> cute furry monsters (!!).
>
> Nevertheless, I am willing to mark it as "[Slightly OT]".
>
>
>> This way I, and anyone else not interested in anything but the technology
>> this list is about, can filter it out, and let you keep spamming those who
>> are for some reason interested.
>>
>>
>>>
>>> 2. What makes you feel it kills a good and useful mailing list?
>>>
>>
>> As soon as a list(/community/forum/etc) turns into an offtopic promoting
>> medium, the useful and productive community members leave. I've managed
>> enough forums to see that happen.
>>
>>
>
> There may be a more significant risk of this list becoming overly dry, too
> inbred (see
> http://www.shlomifish.org/humour/fortunes/show.cgi?id=larry-wall-all-truth-is-gods-truh
> ), and too routine. We need to constantly seek external influences: from
> other operating systems, from other fields of knowledge, from popular and
> not so popular culture, from linguistics, history and humanities, from
> ancient sources, etc.
>
> Otherwise we risk stagnation. My post was not off-topic, just made use of
> some popular culture metaphors. Do you  agree?
>
>
>>
>>> Vague complaints are vague. ;-)
>>>
>>>
>> Nothing is vague here. This is off topic, your stories aren't
>> interesting, aren't funny and would not belong in a LUG, even if they were.
>>
>
> First of all you're stating these things as facts instead of saying "I
> don't find them interesting, funny, etc." or "IMHO, they are non funny".
> Like someone once told me "In my opinion, it's a fact.". You'll evoke much
> less antagonism if you follow this guideline.
>
> For the record, quite a few people told me that they liked one or more of
> the things I wrote, and if you ask me - if one person besides me enjoyed my
> work - it was a spectacular success:
>
> https://plus.google.com/+ShlomiFish/posts/UdiPzsSGc66
>
> I don't mind writing a study / midrash of the Emma Watson interview story
> for those who are not familiar with its sources and subtleties, but many
> people liked it even without that.
>
> ------------
>
> I hope I made myself clear. Please reply to the list if you have any
> further objections or comments.
>
> Best regards,
>
> -- Shlomi Fish
>
> --
> ------------------------------------------
> Shlomi Fish http://www.shlomifish.org/
>
> Chuck Norris helps the gods that help themselves.
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
 [image: View my profile on LinkedIn]
<http://www.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140711/2c4ff387/attachment-0001.html>

From esr+linux-il at g.jct.ac.il  Fri Jul 11 11:50:08 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Fri, 11 Jul 2014 11:50:08 +0300
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CAF9n_WXgP9bya8+4NOcRQrmQ-wO5H+ymgbtkUc5M2OVi1gAB5w@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
 <CALLXwb781iFaS_aGEPei7Oj_s-hPSFSRqb=Y69rxsM82QNQnTg@mail.gmail.com>
 <CANy4znU2apSifGWCKj-958Zg8CjxBk9tKbxHSbarydbXw1ENYQ@mail.gmail.com>
 <CALLXwb5b9sbRLRCfWG-74MTpxPg_-2N1nHCbjOyJda1wJ5LR=w@mail.gmail.com>
 <CANy4znXF65oM8vs_prDv-uHcbWamLjKGT7H2GZfaCZpUqLf2ng@mail.gmail.com>
 <CAF9n_WXgP9bya8+4NOcRQrmQ-wO5H+ymgbtkUc5M2OVi1gAB5w@mail.gmail.com>
Message-ID: <CAHTx_BPuir=Xyy0iBWUQ8-p-4f1omxiaTFOvOX2Kq2JswU89qQ@mail.gmail.com>

Shlomi,
I really don't want to flame you or anyone else, I am a more junior member
of this list.
However I am on this list to see things about *nix related technology in
Israel and during some periods also looking for jobs (be it for myself or
for friends).
Your e-mail is not "Slightly OT" it's squarely OT, we aren't here to
discuss philosophy, stand up comedy/philosophy or even to discuss "real
problems in the software industry" through fiction.

I could understand it if one of our member actually got turned down or
something like that for bad reason that they may have wanted to blow of
steam (though I think it would be very unwise since any potential future
employer may see the mail too) and started a discussion about some problem
or other (marked as OT) but this is not that.

Though I found the originally posted story mildly entertaining in the end
of the day I am not on this list to be entertained, I have other sources
for that, I am on this list to educate and be educated, to help and be
helped in the area of *nix and *nix related technologies.

I am sure there are lists out there that appreciate the type of posts you
have been making a lot recently, but I doubt it's linux-il, if you do
choose to continue posting please mark as OT.

Regards and ??? ????,
Eliyahu - ?????


2014-07-11 10:17 GMT+03:00 Amos Shapira <amos.shapira at gmail.com>:

> https://i.chzbgr.com/maxW500/1366510848/h28F3DD64/
>
>
> On 11 July 2014 16:34, Shlomi Fish <shlomif at gmail.com> wrote:
>
>> Hello Dan,
>>
>> thanks for clarifying your position. Let me reply.
>>
>>
>> On Thu, Jul 10, 2014 at 8:16 PM, Dan Yasny <dyasny at gmail.com> wrote:
>>
>>>
>>>
>>>
>>> On Thu, Jul 10, 2014 at 1:00 PM, Shlomi Fish <shlomif at gmail.com> wrote:
>>>>
>>>> 1. What makes you feel this is "spam"? I don't see it as unoslicited
>>>> bulk E-mail.
>>>>
>>>
>>> Any email sent to a list is "bulk". And I didn't, in any way, solicit
>>> this Emma Watson bs, nor your pleas for funding or support.
>>>
>>
>> In this case, I may well as argue that a job offer for a Java Enterprise
>> software developer with 5 years of experience in Java sent to this list is
>> spam as well, because: 1. It's bulk. 2. I didn't solicit it nor am
>> interested in it. But I don't argue that is the case.
>>
>>
>>
>>> The very least you could do, out of common courtesy (I really hope you
>>> know what that is) is mark your email as offtopic, you know, like everyone
>>> in every other LUG does, with the [OT] marker in the subject?
>>>
>>
>> I don't feel it is offtopic. The fictional interview highlights several
>> real problems with the software industry. Like I said earlier, some people
>> get a knee-jerk reaction to fiction, but fiction is not only often an
>> effective tool as writing an essay, but often superior. A lot of ink was
>> spilled about how the concept of an Abrahamic God was harmful until this
>> delivered a swift deathblow to it -
>> http://www.roflcat.com/ceiling-cat-is-watching-you-masturbate .
>> Furthermore, there was a significant risk that the USA will get carried
>> away into unnecessary paranoia during the late 60s until Sesame Street
>> started airing as a show depicting a happy, safe, carefree street where
>> children live and have fun together with adults, animated animals and even
>> cute furry monsters (!!).
>>
>> Nevertheless, I am willing to mark it as "[Slightly OT]".
>>
>>
>>> This way I, and anyone else not interested in anything but the
>>> technology this list is about, can filter it out, and let you keep spamming
>>> those who are for some reason interested.
>>>
>>>
>>>>
>>>> 2. What makes you feel it kills a good and useful mailing list?
>>>>
>>>
>>> As soon as a list(/community/forum/etc) turns into an offtopic promoting
>>> medium, the useful and productive community members leave. I've managed
>>> enough forums to see that happen.
>>>
>>>
>>
>> There may be a more significant risk of this list becoming overly dry,
>> too inbred (see
>> http://www.shlomifish.org/humour/fortunes/show.cgi?id=larry-wall-all-truth-is-gods-truh
>> ), and too routine. We need to constantly seek external influences: from
>> other operating systems, from other fields of knowledge, from popular and
>> not so popular culture, from linguistics, history and humanities, from
>> ancient sources, etc.
>>
>> Otherwise we risk stagnation. My post was not off-topic, just made use of
>> some popular culture metaphors. Do you  agree?
>>
>>
>>>
>>>> Vague complaints are vague. ;-)
>>>>
>>>>
>>> Nothing is vague here. This is off topic, your stories aren't
>>> interesting, aren't funny and would not belong in a LUG, even if they were.
>>>
>>
>> First of all you're stating these things as facts instead of saying "I
>> don't find them interesting, funny, etc." or "IMHO, they are non funny".
>> Like someone once told me "In my opinion, it's a fact.". You'll evoke much
>> less antagonism if you follow this guideline.
>>
>> For the record, quite a few people told me that they liked one or more of
>> the things I wrote, and if you ask me - if one person besides me enjoyed my
>> work - it was a spectacular success:
>>
>> https://plus.google.com/+ShlomiFish/posts/UdiPzsSGc66
>>
>> I don't mind writing a study / midrash of the Emma Watson interview story
>> for those who are not familiar with its sources and subtleties, but many
>> people liked it even without that.
>>
>> ------------
>>
>> I hope I made myself clear. Please reply to the list if you have any
>> further objections or comments.
>>
>> Best regards,
>>
>> -- Shlomi Fish
>>
>> --
>> ------------------------------------------
>> Shlomi Fish http://www.shlomifish.org/
>>
>> Chuck Norris helps the gods that help themselves.
>>
>> Please reply to list if it's a mailing list post - http://shlom.in/reply
>> .
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
>
> --
>  [image: View my profile on LinkedIn]
> <http://www.linkedin.com/in/gliderflyer>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140711/e1af09f1/attachment.html>

From ladypine at gmail.com  Fri Jul 11 16:54:44 2014
From: ladypine at gmail.com (Orna Agmon Ben-Yehuda)
Date: Fri, 11 Jul 2014 16:54:44 +0300
Subject: [Call-for-Action] Indigogo Campaign for Putting "Emma Watson
 Getting Interviewed for a Tech Job" under CC-by
In-Reply-To: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
References: <CANy4znVSYRtoMws+mdBBm+AkZ0bXjjH1NN_4kdaOeaBvrmKA=A@mail.gmail.com>
Message-ID: <CAA8-RXioZAqwDVriannN5i4o_zf_vetBW10EYHjk1J0kz7hg9A@mail.gmail.com>

Shlomi,
it is very simple. There are posting guidelines to the list: "Linux-related
questions and discussions. No newbie questions (use gnubies-il instead)."*
Anything outside this very strict definition is offtopic, and promoting
something unsolicited in bulk is spam. In particular, this list is not
"Shlomi's projects" or "Shlomi getting attention".

Mailing lists are a push-mode media, as opposed to pull-mode (such as
forums). When there is a lot of noise, people unsubscribe. When people
unsubscribe, the community is diminished. And then you have nobody to ask
when you really have a linux issue.

Hence, you are chopping the branch on which you are sitting. Spitting in
the well you drink from. Killing the mailing list you read.

*(See http://www.hamakor.org.il/mailing-lists/linux-il.html)

Orna


On Thu, Jul 10, 2014 at 9:22 AM, Shlomi Fish <shlomif at gmail.com> wrote:

> Hi all,
>
> you can find the Indiegogo campaign here:
>
> *
> https://www.indiegogo.com/projects/emma-watson-tech-interview-story-make-ccby/x/8136150
>
> * https://twitter.com/shlomif/status/486970414610923520
>
> * https://www.facebook.com/shlomi.fish/posts/10152143825556981
>
> * https://plus.google.com/+ShlomiFish/posts/XSgj2fgYaZ1
>
> Reading from the links:
>
> <<<<<<<<<<<<
> Not only about that, but about allowing me to create such future artworks
> and essays, while becoming financially independent. I'm OK with getting a
> part time job, but I refuse to be a wage slave (and it's mentioned in the
> link).
> >>>>>>>>>>>>
>
> Please donate even if it's just a dollar or two, and please help spread
> the word, if you found my stories, aphorisms, articles and essays
> (including the blog/Twitter/G+/Facebook/Reddit/etc. posts) of inspiration
> and enlightenment. I want proof that there are good people in the world.
>
> Best regards,
>
> -- Shlomi Fish
>
> P.S: incidentally, some of the people who most needed to read the original
> screenplay (= the wage slaves) did not due to "lack of time" , even though
> it was not long.
>
> --
> ------------------------------------------
> Shlomi Fish http://www.shlomifish.org/
>
> Chuck Norris helps the gods that help themselves.
>
> Please reply to list if it's a mailing list post - http://shlom.in/reply .
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
Orna Agmon Ben-Yehuda.
http://ladypine.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140711/29ad86fc/attachment.html>

From erez0001 at gmail.com  Sun Jul 13 09:17:49 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 13 Jul 2014 09:17:49 +0300
Subject: diff/patch rootfs
In-Reply-To: <CAF9n_WXNr9uT=GD7QRoK-=oRqtb22+V0uqBmBmCKhVSnp7Gq5Q@mail.gmail.com>
References: <CAMUp3w=ae9ox+iDhyigjdnf+8-X0r1ueU5nzy8O-=kwJPuuGjQ@mail.gmail.com>
 <CAKnt4U-=kFa5dmWQa5YjWv5wot6HkcFsZK5xQR3WpLc8ik7oVA@mail.gmail.com>
 <CABKuJEDgtyny2AAny2r6PzE6LkwDh-OcsPuaY3zO_jcTYT31VQ@mail.gmail.com>
 <CAMUp3wnSr6K2_vOa2eRN0JMDjy_+0FK-omvqAXUP55S9t1Mm2Q@mail.gmail.com>
 <CAF9n_WXNr9uT=GD7QRoK-=oRqtb22+V0uqBmBmCKhVSnp7Gq5Q@mail.gmail.com>
Message-ID: <CAMUp3w=wpGLbY3XAr41xMjr10WRbm46=xK+n8aPs6kxU5CYgdQ@mail.gmail.com>

On Thu, Jul 10, 2014 at 4:50 PM, Amos Shapira <amos.shapira at gmail.com>
wrote:

> How about rsync's --only-write-batch/--read-batch?
>

great
this is the closest as it gets to what i wanted
only caveat, is that if the system is modified, it will not merge like
'patch' does
however, i can live with this

thanks,
erez.

>
>
>
> On 10 July 2014 18:55, Erez D <erez0001 at gmail.com> wrote:
>
>> to make it clear:
>> i need to compare two directory trees - old and new, both holds files,
>> binaries, special files, symbolic and hard links. and create a patch
>> file
>>
>> than, on another system which has a copy of the old dir tree (and
>> possible some modifications), i need to patch it to make it a 'new'
>>
>> what i would like to have is somthing like rsync, which can create a
>> diff file ...
>>
>> On Thu, Jul 10, 2014 at 10:39 AM, Rabin Yasharzadehe <rabin at rabin.io>
>> wrote:
>> > I was just about to write the same suggesting,
>> > on my current Android ROM (OmniROM) i have update system called
>> OpenDelta
>> > which use xdelta to create the the update images.
>> >
>> > you can look at the code in github -
>> > https://github.com/omnirom/android_packages_apps_OpenDelta
>> >
>> > --
>> > Rabin
>> >
>> >
>> > On Thu, Jul 10, 2014 at 10:34 AM, shimi <linux-il at shimi.net> wrote:
>> >>
>> >> On Thu, Jul 10, 2014 at 9:08 AM, Erez D <erez0001 at gmail.com> wrote:
>> >>>
>> >>> hello
>> >>>
>> >>>
>> >>> i am dealing with rootfs images  i install on embedded linux
>> >>>
>> >>> from time to time i update the rootfs - add some file, remove other,
>> >>> update others, mknod etc ...
>> >>>
>> >>> currently, when i do this, i need to reinstall the image
>> >>>
>> >>> i am looking to create a patch, i can patch an old rootfs to update it
>> >>>
>> >>> however, diff does not handle create file, remove file, special files
>> >>> and binary files very well
>> >>>
>> >>> i am looking for a tool that can do that.
>> >>>
>> >>> anyone ?
>> >>>
>> >>>
>> >>
>> >> If modifying an _image_ is your purpose, and you want to avoid
>> >> distributing the whole image, and you can do that 'offline' (i.e. you
>> have
>> >> two partitions, one active, second for upgrade and boot from - so you
>> don't
>> >> touch a system with a mounted filesystem), and you have your way to
>> manage
>> >> this versioning (i.e. you know for a fact what the previous image blob
>> is,
>> >> so what you need is really the blocks that changed from it) - maybe
>> take a
>> >> look at http://xdelta.org/
>> >>
>> >> -- Shimi
>> >>
>> >>
>> >> _______________________________________________
>> >> Linux-il mailing list
>> >> Linux-il at cs.huji.ac.il
>> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >>
>> >
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>
>
>
> --
>  [image: View my profile on LinkedIn]
> <http://www.linkedin.com/in/gliderflyer>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140713/74d81d1c/attachment-0001.html>

From slitt at troubleshooters.com  Tue Jul 15 04:22:59 2014
From: slitt at troubleshooters.com (Steve Litt)
Date: Mon, 14 Jul 2014 21:22:59 -0400
Subject: Backing up to encrypted Blu-rays
Message-ID: <20140714212259.13ef4b6a@mydesq2.domain.cxm>

Hi all,

I just wrote the following documentation on backing up to encrypted
Blu-rays:

http://troubleshooters.com/lpm/201408/201408.htm

When your backup discs are encrypted, offsite backups are much safer.
Everything in the documentation applies equally to dvd backups.

Hope you enjoy it.

Thanks,

SteveT

Steve Litt                *  http://www.troubleshooters.com/
Troubleshooting Training  *  Human Performance



From esr+linux-il at g.jct.ac.il  Wed Jul 16 00:30:42 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Wed, 16 Jul 2014 00:30:42 +0300
Subject: Backing up to encrypted Blu-rays
In-Reply-To: <20140714212259.13ef4b6a@mydesq2.domain.cxm>
References: <20140714212259.13ef4b6a@mydesq2.domain.cxm>
Message-ID: <CAHTx_BPqnf-1kiBywj234Fw0CspFi73UxcQ_Aapb-yQu-pNvsg@mail.gmail.com>

I more recently stopped ripping my DVDs in favor of just downloading movies
other people already encoded and only ripping the Hebrew dubs/subs and then
joining the lot with mkvtoolnix.
Saves hours of encoding work.

2014-07-15 4:22 GMT+03:00 Steve Litt <slitt at troubleshooters.com>:

> Hi all,
>
> I just wrote the following documentation on backing up to encrypted
> Blu-rays:
>
> http://troubleshooters.com/lpm/201408/201408.htm
>
> When your backup discs are encrypted, offsite backups are much safer.
> Everything in the documentation applies equally to dvd backups.
>
> Hope you enjoy it.
>
> Thanks,
>
> SteveT
>
> Steve Litt                *  http://www.troubleshooters.com/
> Troubleshooting Training  *  Human Performance
>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140716/e7732a77/attachment.html>

From amos.shapira at gmail.com  Wed Jul 16 07:45:07 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Wed, 16 Jul 2014 14:45:07 +1000
Subject: Backing up to encrypted Blu-rays
In-Reply-To: <CAHTx_BPqnf-1kiBywj234Fw0CspFi73UxcQ_Aapb-yQu-pNvsg@mail.gmail.com>
References: <20140714212259.13ef4b6a@mydesq2.domain.cxm>
 <CAHTx_BPqnf-1kiBywj234Fw0CspFi73UxcQ_Aapb-yQu-pNvsg@mail.gmail.com>
Message-ID: <CAF9n_WXrrROvjt1TYXMLaf1U-f6iXZY=ZbbaBgisuA92vpCfgQ@mail.gmail.com>

There's even no need for that - there are web sites for subtitles and all
media players I use (currently almost exclusively XBMC) will automatically
use the subtitles files if they find it next to the movie file (if it's
somewhere else then you can tell it where it is).
On 16 Jul 2014 07:31, "E.S. Rosenberg" <esr+linux-il at g.jct.ac.il> wrote:

> I more recently stopped ripping my DVDs in favor of just downloading
> movies other people already encoded and only ripping the Hebrew dubs/subs
> and then joining the lot with mkvtoolnix.
> Saves hours of encoding work.
>
> 2014-07-15 4:22 GMT+03:00 Steve Litt <slitt at troubleshooters.com>:
>
>> Hi all,
>>
>> I just wrote the following documentation on backing up to encrypted
>> Blu-rays:
>>
>> http://troubleshooters.com/lpm/201408/201408.htm
>>
>> When your backup discs are encrypted, offsite backups are much safer.
>> Everything in the documentation applies equally to dvd backups.
>>
>> Hope you enjoy it.
>>
>> Thanks,
>>
>> SteveT
>>
>> Steve Litt                *  http://www.troubleshooters.com/
>> Troubleshooting Training  *  Human Performance
>>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140716/5aafbdbd/attachment.html>

From esr+linux-il at g.jct.ac.il  Wed Jul 16 11:10:29 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Wed, 16 Jul 2014 11:10:29 +0300
Subject: Backing up to encrypted Blu-rays
In-Reply-To: <CAF9n_WXrrROvjt1TYXMLaf1U-f6iXZY=ZbbaBgisuA92vpCfgQ@mail.gmail.com>
References: <20140714212259.13ef4b6a@mydesq2.domain.cxm>
 <CAHTx_BPqnf-1kiBywj234Fw0CspFi73UxcQ_Aapb-yQu-pNvsg@mail.gmail.com>
 <CAF9n_WXrrROvjt1TYXMLaf1U-f6iXZY=ZbbaBgisuA92vpCfgQ@mail.gmail.com>
Message-ID: <CAHTx_BONqKe=tC=4xLNZHaYhVA=a8XXp3SkFzHgxk5bW7TRqGg@mail.gmail.com>

I find the "unprofessionally" produced subtitles often contain errors,
require me to re-encode them utf-8 and often contain glory statements which
make it look like I just downloaded the movie to which some people in the
family object.
So when it is for a movie I downloaded for myself but want to let someone
who doesn't speak English enjoy I use those sites to get subs, when it's
for a movie I downloaded to prevent myself ripping a DVD I'll taks bot subs
and hebrew dub from the DVD.


2014-07-16 7:45 GMT+03:00 Amos Shapira <amos.shapira at gmail.com>:

> There's even no need for that - there are web sites for subtitles and all
> media players I use (currently almost exclusively XBMC) will automatically
> use the subtitles files if they find it next to the movie file (if it's
> somewhere else then you can tell it where it is).
> On 16 Jul 2014 07:31, "E.S. Rosenberg" <esr+linux-il at g.jct.ac.il> wrote:
>
>> I more recently stopped ripping my DVDs in favor of just downloading
>> movies other people already encoded and only ripping the Hebrew dubs/subs
>> and then joining the lot with mkvtoolnix.
>> Saves hours of encoding work.
>>
>> 2014-07-15 4:22 GMT+03:00 Steve Litt <slitt at troubleshooters.com>:
>>
>>> Hi all,
>>>
>>> I just wrote the following documentation on backing up to encrypted
>>> Blu-rays:
>>>
>>> http://troubleshooters.com/lpm/201408/201408.htm
>>>
>>> When your backup discs are encrypted, offsite backups are much safer.
>>> Everything in the documentation applies equally to dvd backups.
>>>
>>> Hope you enjoy it.
>>>
>>> Thanks,
>>>
>>> SteveT
>>>
>>> Steve Litt                *  http://www.troubleshooters.com/
>>> Troubleshooting Training  *  Human Performance
>>>
>>>
>>> _______________________________________________
>>> Linux-il mailing list
>>> Linux-il at cs.huji.ac.il
>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>
>>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140716/f1b671ae/attachment.html>

From gil at cs.technion.ac.il  Fri Jul 18 10:13:04 2014
From: gil at cs.technion.ac.il (Gili Granot)
Date: Fri, 18 Jul 2014 10:13:04 +0300
Subject: [JOB] Looking for software developers
Message-ID: <53C8C900.6000408@cs.technion.ac.il>

Hi.

Broadcom Yakum is looking for great software developers


If you are very good at software development, and want to write C code 
controlling cutting edge products in the networking world, this may be 
the place for you.

We currently have positions for a wide range of experience levels, from 
outstanding university graduates to top developers with many years of 
experience.
Experience in embedded software, or networking knowledge would be an
advantage.

We are a very successful company, located in Yakum which is between 
Herzlia and Netanya.

If you think you are suitable, please send me your CV.

TIA
Gili


From subhish at sparksupport.com  Fri Jul 18 14:13:58 2014
From: subhish at sparksupport.com (Subhish N)
Date: Fri, 18 Jul 2014 16:43:58 +0530
Subject: SparkSupport's Dedicated Linux/Windows Server Support - 24/7 * 365
 days
Message-ID: <CAN6Tys8v6VG=YatwtoiTUqAe8hcC07Ojvzoe3F6nOCfbuc_N0g@mail.gmail.com>

*SparkSupport's Dedicated Linux/Windows Server Support*

Hi,
Are you looking for a linux/windows/cloud server engineer,if so our*
Dedicated Personal Plan *would be your right choice !

SparkSupport provides a complete range of professional services to help you
get and keep your Linux server systems up and running. With a world-class
cadre of Linux consultants and engineers, more than 5 years experience in
designing, implementing and maintaining Linux, and with strong ties to the
Linux open Source development community , SparkSupport has been clearly
recognized as the Linux Remote server maintenance leader.

Key features of *Dedicated Personal Plan* :

    The staff who work on your support are dedicated to you and operate as
your staff except they are situated in another office. That means they
become very familiar with your way of working, your support policies and
the way your servers are set up.
    You can choose between 8x7, 16x7 or 24x7 cover
    Upgrade when you need to. That means going from 8x7 to 16x7 or from
16x7  to 24x7. You can also have multiple staff on the busier shifts
    Handling of both Support board as well as Live Chat by the same person
/ team depending on the traffic on both
    Support for unlimited customer issues every month
    30 minutes first response guarantee with 4 hours resolution time
    24x7 Server monitoring with a detailed monthly status report
    Daily day end / shift end reports to your team
    Direct communication with your DC over phone or email for server issues
if needed
    Direct communication with you or your team over Instant Messenger
    Weekly / Fortnightly conferences with the project manager / operations
head for performance analysis
    Monthly QA activities followed by training sessions / certifications
for continuous improvement in processes and services


If you are just looking for a one time server setup,or configuration
also,SparkSupport engineers are ready for hire !

If you are interested,please mail me at subhish at sparksupport.com, or skype
me at spark.subhish to discuss our offers and rates !

Thanks,



Warm Regards,  Subhish N
Business Development Executive
 subhish at sparksupport.com


*Email :  subhish at sparksupport.com <subhish at sparksupport.com>   |   Skype
:  spark.subhishIndia Phone: +91-9567091666 | US Phone : +14086001449*
<http://www.sparksupport.com/> <http://www.sparkmycloud.com/>
<https://www.facebook.com/sparksupport>
<http://www.linkedin.com/company/244846>  <https://twitter.com/sparksupport>
3rd Floor, Leela Infopark, Phase -2,Kakanad, Kochi-30, Kerala, India  *US
Phone: *+14086001449 India *Phone*:+91 484 65616 , *Mobile*:91-9037436499.
*Confidentiality Notice:* Information in this e-mail is proprietary to
SparkSupport. and is intended for use only by the addressed, and may
contain information that is privileged, confidential or exempt from
disclosure. If you are not the intended recipient, you are notified that
any use of this information in any manner is strictly prohibited. Please
delete this mail & notify us immediately at info at sparksupport.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140718/08e36d9e/attachment-0001.html>

From eli at billauer.co.il  Fri Jul 18 17:23:48 2014
From: eli at billauer.co.il (Eli Billauer)
Date: Fri, 18 Jul 2014 17:23:48 +0300
Subject: Haifux, this Monday, on crypto-hell
Message-ID: <53C92DF4.8030805@billauer.co.il>

Hello all,

On Monday (July 21st), Haifux will mock those who had good intentions 
but poor crypto wisdom, and deserved their position in the shameful list 
of security fails. And also discuss why they got it wrong...

The short abstract is at http://www.haifux.org/lectures/328

This is an extra announcement, as the lecture was added recently.

See you,

     Eli

-- 
Web: http://www.billauer.co.il



From baruch at tkos.co.il  Fri Jul 18 17:28:04 2014
From: baruch at tkos.co.il (Baruch Siach)
Date: Fri, 18 Jul 2014 17:28:04 +0300
Subject: Haifux, this Monday, on crypto-hell
In-Reply-To: <53C92DF4.8030805@billauer.co.il>
References: <53C92DF4.8030805@billauer.co.il>
Message-ID: <20140718142804.GE4914@tarshish>

Hi Eli,

On Fri, Jul 18, 2014 at 05:23:48PM +0300, Eli Billauer wrote:
> On Monday (July 21st), Haifux will mock those who had good intentions but
> poor crypto wisdom, and deserved their position in the shameful list of
> security fails. And also discuss why they got it wrong...
> 
> The short abstract is at http://www.haifux.org/lectures/328

This should be http://www.haifux.org/lectures/327/.

baruch

> 
> This is an extra announcement, as the lecture was added recently.
> 
> See you,
> 
>     Eli

-- 
     http://baruch.siach.name/blog/                  ~. .~   Tk Open Systems
=}------------------------------------------------ooO--U--Ooo------------{=
   - baruch at tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il -


From eli at billauer.co.il  Sat Jul 19 20:55:19 2014
From: eli at billauer.co.il (Eli Billauer)
Date: Sat, 19 Jul 2014 20:55:19 +0300
Subject: [HAIFUX LECTURE] The Book of Bad Crypto Decisions -- Orr Dunkelman
Message-ID: <53CAB107.30607@billauer.co.il>

On Monday, July 21st at 18:30, Haifux will gather to hear a talk by Orr Dunkelman:

    The Book of Bad Crypto Decisions (part 1 of 1,000,000)

Abstract

The borderline between cryptography and computer security (or "How to 
use cryptography") was, is, and will be, a place for many problems. In 
this talk we shall go over several of the (many) examples to "what might 
get wrong", and discuss how to avoid them (and how to mitigate them).

The examples will cover GSM's security (with several lessons), issues 
with random number generation, how PKI can be misused, etc.

=================================================================

We meet in Taub building, room 6. For instructions see:
http://www.haifux.org/where.html

Attendance is free, and you are all invited!

==================================================================
Future lectures:

04/08/14 Cedalion: A Democracy Awaiting the People: Boaz Rosenan


==================================================================

We are always interested in hearing your talks and ideas. If you wish to give a talk, hold a discussion, or just plan some event haifux might be interested in, please contact us atwebmaster at haifux.org

-- 
Web:http://www.billauer.co.il



From erez0001 at gmail.com  Sun Jul 20 11:36:46 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 10:36:46 +0200
Subject: reverse ssh
Message-ID: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>

hello

i have a linux machine with a private ip connected to the internet
i have a public ip and need to ssh to the linux box

any tools for that ?


From kaplanlior at gmail.com  Sun Jul 20 11:39:44 2014
From: kaplanlior at gmail.com (Lior Kaplan)
Date: Sun, 20 Jul 2014 11:39:44 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
Message-ID: <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>

ssh itself ?

http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/

Kaplan


On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:

> hello
>
> i have a linux machine with a private ip connected to the internet
> i have a public ip and need to ssh to the linux box
>
> any tools for that ?
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/7f3b0782/attachment.html>

From erez0001 at gmail.com  Sun Jul 20 12:03:15 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 11:03:15 +0200
Subject: reverse ssh
In-Reply-To: <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
Message-ID: <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>

On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com> wrote:
> ssh itself ?
>
> http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
nice, however this requires me to give access to my server, which i do
not want ...
(or, can i give people permission to ssh to my server only for reverse
tunnels and no shell ?)

>
> Kaplan
>
>
> On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
>>
>> hello
>>
>> i have a linux machine with a private ip connected to the internet
>> i have a public ip and need to ssh to the linux box
>>
>> any tools for that ?
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


From kaplanlior at gmail.com  Sun Jul 20 12:06:59 2014
From: kaplanlior at gmail.com (Lior Kaplan)
Date: Sun, 20 Jul 2014 12:06:59 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
Message-ID: <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>

Didn't check it, but login in with a user who has /bin/true might do the
trick.

Kaplan


On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:

> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
> wrote:
> > ssh itself ?
> >
> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> nice, however this requires me to give access to my server, which i do
> not want ...
> (or, can i give people permission to ssh to my server only for reverse
> tunnels and no shell ?)
>
> >
> > Kaplan
> >
> >
> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
> >>
> >> hello
> >>
> >> i have a linux machine with a private ip connected to the internet
> >> i have a public ip and need to ssh to the linux box
> >>
> >> any tools for that ?
> >>
> >> _______________________________________________
> >> Linux-il mailing list
> >> Linux-il at cs.huji.ac.il
> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/301335de/attachment.html>

From vordoo at yahoo.com  Sun Jul 20 12:15:37 2014
From: vordoo at yahoo.com (vordoo)
Date: Sun, 20 Jul 2014 12:15:37 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
Message-ID: <53CB88B9.3050400@yahoo.com>

An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/2f05bff2/attachment.html>

From erez0001 at gmail.com  Sun Jul 20 12:16:08 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 11:16:08 +0200
Subject: reverse ssh
In-Reply-To: <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
Message-ID: <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>

On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com> wrote:
> Didn't check it, but login in with a user who has /bin/true might do the
> trick.
you are correct, it works.
however it is still a security risk, as this means the client may
listen on unused port ...

>
> Kaplan
>
>
> On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
>>
>> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
>> wrote:
>> > ssh itself ?
>> >
>> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> nice, however this requires me to give access to my server, which i do
>> not want ...
>> (or, can i give people permission to ssh to my server only for reverse
>> tunnels and no shell ?)
>>
>> >
>> > Kaplan
>> >
>> >
>> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
>> >>
>> >> hello
>> >>
>> >> i have a linux machine with a private ip connected to the internet
>> >> i have a public ip and need to ssh to the linux box
>> >>
>> >> any tools for that ?
>> >>
>> >> _______________________________________________
>> >> Linux-il mailing list
>> >> Linux-il at cs.huji.ac.il
>> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >
>> >
>
>


From rabin at rabin.io  Sun Jul 20 12:38:58 2014
From: rabin at rabin.io (Rabin Yasharzadehe)
Date: Sun, 20 Jul 2014 12:38:58 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
Message-ID: <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>

you can add a port-knocking tool like fwknop to add a dynamic rule to
forward your connection into the privet machine.


*--Rabin*


On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:

> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
> wrote:
> > Didn't check it, but login in with a user who has /bin/true might do the
> > trick.
> you are correct, it works.
> however it is still a security risk, as this means the client may
> listen on unused port ...
>
> >
> > Kaplan
> >
> >
> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
> >>
> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
> >> wrote:
> >> > ssh itself ?
> >> >
> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> >> nice, however this requires me to give access to my server, which i do
> >> not want ...
> >> (or, can i give people permission to ssh to my server only for reverse
> >> tunnels and no shell ?)
> >>
> >> >
> >> > Kaplan
> >> >
> >> >
> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
> >> >>
> >> >> hello
> >> >>
> >> >> i have a linux machine with a private ip connected to the internet
> >> >> i have a public ip and need to ssh to the linux box
> >> >>
> >> >> any tools for that ?
> >> >>
> >> >> _______________________________________________
> >> >> Linux-il mailing list
> >> >> Linux-il at cs.huji.ac.il
> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >
> >> >
> >
> >
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/d3f5416c/attachment.html>

From geoffreymendelson at gmail.com  Sun Jul 20 12:45:55 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Sun, 20 Jul 2014 12:45:55 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
Message-ID: <53CB8FD3.4030505@gmail.com>

On 7/20/2014 12:03 PM, Erez D wrote:
> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com> wrote:
>> ssh itself ?
>>
>> http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> nice, however this requires me to give access to my server, which i do
> not want ...
> (or, can i give people permission to ssh to my server only for reverse
> tunnels and no shell ?)
What I did is to run a second SSH server listening on a port that no one 
would expect SSH connections and ONLY allow connections with key 
exchanges. So someone could connect to that port randomly or with a 
scan, but would be unable to do anything with it.

The regular SSH server, which ran on port 22, allowed much looser 
connections, root connections, etc, but port 22 was NOT forwarded out 
the firewall. This allowed me to do RSYNC, etc locally as root or a user 
with no restrictions.
Once the SSH connection is established, it can be used to tunnel anything.

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.



From moish at mln.co.il  Sun Jul 20 12:53:32 2014
From: moish at mln.co.il (Moish)
Date: Sun, 20 Jul 2014 12:53:32 +0300
Subject: reverse ssh
In-Reply-To: <53CB8FD3.4030505@gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <53CB8FD3.4030505@gmail.com>
Message-ID: <53CB919C.7040303@mln.co.il>


On 20/07/2014 12:45, geoffrey mendelson wrote:
> On 7/20/2014 12:03 PM, Erez D wrote:
>> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com> 
>> wrote:
>>> ssh itself ?
>>>
>>> http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> nice, however this requires me to give access to my server, which i do
>> not want ...
>> (or, can i give people permission to ssh to my server only for reverse
>> tunnels and no shell ?)
> What I did is to run a second SSH server listening on a port that no 
> one would expect SSH connections and ONLY allow connections with key 
> exchanges. So someone could connect to that port randomly or with a 
> scan, but would be unable to do anything with it.
>
> The regular SSH server, which ran on port 22, allowed much looser 
> connections, root connections, etc, but port 22 was NOT forwarded out 
> the firewall. This allowed me to do RSYNC, etc locally as root or a 
> user with no restrictions.
> Once the SSH connection is established, it can be used to tunnel 
> anything.
>
> Geoff.
>
Well, that's the essence of port knocking, isn't it :)

-- 
Moish



From erez0001 at gmail.com  Sun Jul 20 13:31:55 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 12:31:55 +0200
Subject: reverse ssh
In-Reply-To: <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
Message-ID: <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>

looks a little complicated - extra ssh server, firewall with port knocking
all this for a ssh connection ...

On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io> wrote:
> you can add a port-knocking tool like fwknop to add a dynamic rule to
> forward your connection into the privet machine.
>
> --
> Rabin
>
>
> On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
>>
>> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
>> wrote:
>> > Didn't check it, but login in with a user who has /bin/true might do the
>> > trick.
>> you are correct, it works.
>> however it is still a security risk, as this means the client may
>> listen on unused port ...
>>
>> >
>> > Kaplan
>> >
>> >
>> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
>> >>
>> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
>> >> wrote:
>> >> > ssh itself ?
>> >> >
>> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> >> nice, however this requires me to give access to my server, which i do
>> >> not want ...
>> >> (or, can i give people permission to ssh to my server only for reverse
>> >> tunnels and no shell ?)
>> >>
>> >> >
>> >> > Kaplan
>> >> >
>> >> >
>> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com> wrote:
>> >> >>
>> >> >> hello
>> >> >>
>> >> >> i have a linux machine with a private ip connected to the internet
>> >> >> i have a public ip and need to ssh to the linux box
>> >> >>
>> >> >> any tools for that ?
>> >> >>
>> >> >> _______________________________________________
>> >> >> Linux-il mailing list
>> >> >> Linux-il at cs.huji.ac.il
>> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >
>> >> >
>> >
>> >
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


From linux-il at didi.bardavid.org  Sun Jul 20 14:30:13 2014
From: linux-il at didi.bardavid.org (Yedidyah Bar David)
Date: Sun, 20 Jul 2014 14:30:13 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
Message-ID: <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>

If you just want an ssh connection you can simply redirect connection
attempts to some port on the
Internet-accessible machine to port 22 on the private-ip one - using
whatever tool that fits you best -
iptables, xinetd, redir, probably many others.
-- 
Didi


2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:

> looks a little complicated - extra ssh server, firewall with port knocking
> all this for a ssh connection ...
>
> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io>
> wrote:
> > you can add a port-knocking tool like fwknop to add a dynamic rule to
> > forward your connection into the privet machine.
> >
> > --
> > Rabin
> >
> >
> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
> >>
> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
> >> wrote:
> >> > Didn't check it, but login in with a user who has /bin/true might do
> the
> >> > trick.
> >> you are correct, it works.
> >> however it is still a security risk, as this means the client may
> >> listen on unused port ...
> >>
> >> >
> >> > Kaplan
> >> >
> >> >
> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
> >> >>
> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
> >> >> wrote:
> >> >> > ssh itself ?
> >> >> >
> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> >> >> nice, however this requires me to give access to my server, which i
> do
> >> >> not want ...
> >> >> (or, can i give people permission to ssh to my server only for
> reverse
> >> >> tunnels and no shell ?)
> >> >>
> >> >> >
> >> >> > Kaplan
> >> >> >
> >> >> >
> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com>
> wrote:
> >> >> >>
> >> >> >> hello
> >> >> >>
> >> >> >> i have a linux machine with a private ip connected to the internet
> >> >> >> i have a public ip and need to ssh to the linux box
> >> >> >>
> >> >> >> any tools for that ?
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> Linux-il mailing list
> >> >> >> Linux-il at cs.huji.ac.il
> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >> >
> >> >> >
> >> >
> >> >
> >>
> >> _______________________________________________
> >> Linux-il mailing list
> >> Linux-il at cs.huji.ac.il
> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
> >
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/35e0171d/attachment.html>

From erez0001 at gmail.com  Sun Jul 20 14:33:44 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 13:33:44 +0200
Subject: reverse ssh
In-Reply-To: <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
Message-ID: <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>

On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David
<linux-il at didi.bardavid.org> wrote:
> If you just want an ssh connection you can simply redirect connection
> attempts to some port on the
> Internet-accessible machine to port 22 on the private-ip one - using
> whatever tool that fits you best -
> iptables, xinetd, redir, probably many others.
> --
> Didi

i do not understand what do you mean
>
>
> 2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:
>>
>> looks a little complicated - extra ssh server, firewall with port knocking
>> all this for a ssh connection ...
>>
>> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io>
>> wrote:
>> > you can add a port-knocking tool like fwknop to add a dynamic rule to
>> > forward your connection into the privet machine.
>> >
>> > --
>> > Rabin
>> >
>> >
>> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
>> >>
>> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
>> >> wrote:
>> >> > Didn't check it, but login in with a user who has /bin/true might do
>> >> > the
>> >> > trick.
>> >> you are correct, it works.
>> >> however it is still a security risk, as this means the client may
>> >> listen on unused port ...
>> >>
>> >> >
>> >> > Kaplan
>> >> >
>> >> >
>> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com> wrote:
>> >> >>
>> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <kaplanlior at gmail.com>
>> >> >> wrote:
>> >> >> > ssh itself ?
>> >> >> >
>> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> >> >> nice, however this requires me to give access to my server, which i
>> >> >> do
>> >> >> not want ...
>> >> >> (or, can i give people permission to ssh to my server only for
>> >> >> reverse
>> >> >> tunnels and no shell ?)
>> >> >>
>> >> >> >
>> >> >> > Kaplan
>> >> >> >
>> >> >> >
>> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com>
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> hello
>> >> >> >>
>> >> >> >> i have a linux machine with a private ip connected to the
>> >> >> >> internet
>> >> >> >> i have a public ip and need to ssh to the linux box
>> >> >> >>
>> >> >> >> any tools for that ?
>> >> >> >>
>> >> >> >> _______________________________________________
>> >> >> >> Linux-il mailing list
>> >> >> >> Linux-il at cs.huji.ac.il
>> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >> >
>> >> >> >
>> >> >
>> >> >
>> >>
>> >> _______________________________________________
>> >> Linux-il mailing list
>> >> Linux-il at cs.huji.ac.il
>> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >
>> >
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


From esr+linux-il at g.jct.ac.il  Sun Jul 20 16:37:05 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Sun, 20 Jul 2014 16:37:05 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
Message-ID: <CAHTx_BPYRkcbss7TVxR67pUQSc2kRWEMw4fgs-goGGskRz728w@mail.gmail.com>

Re:all
You can have something running on the machine you want to SSH to that
updates the machine with a fixed IP what its' IP is and have a firewall
rule or some other way to redirect specific traffic like for instance
traffic to TCP:22222 from that machine to the IP that it was updated to
be....


2014-07-20 14:33 GMT+03:00 Erez D <erez0001 at gmail.com>:

> On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David
> <linux-il at didi.bardavid.org> wrote:
> > If you just want an ssh connection you can simply redirect connection
> > attempts to some port on the
> > Internet-accessible machine to port 22 on the private-ip one - using
> > whatever tool that fits you best -
> > iptables, xinetd, redir, probably many others.
> > --
> > Didi
>
> i do not understand what do you mean
> >
> >
> > 2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:
> >>
> >> looks a little complicated - extra ssh server, firewall with port
> knocking
> >> all this for a ssh connection ...
> >>
> >> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io>
> >> wrote:
> >> > you can add a port-knocking tool like fwknop to add a dynamic rule to
> >> > forward your connection into the privet machine.
> >> >
> >> > --
> >> > Rabin
> >> >
> >> >
> >> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
> >> >>
> >> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
> >> >> wrote:
> >> >> > Didn't check it, but login in with a user who has /bin/true might
> do
> >> >> > the
> >> >> > trick.
> >> >> you are correct, it works.
> >> >> however it is still a security risk, as this means the client may
> >> >> listen on unused port ...
> >> >>
> >> >> >
> >> >> > Kaplan
> >> >> >
> >> >> >
> >> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com>
> wrote:
> >> >> >>
> >> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan <
> kaplanlior at gmail.com>
> >> >> >> wrote:
> >> >> >> > ssh itself ?
> >> >> >> >
> >> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> >> >> >> nice, however this requires me to give access to my server, which
> i
> >> >> >> do
> >> >> >> not want ...
> >> >> >> (or, can i give people permission to ssh to my server only for
> >> >> >> reverse
> >> >> >> tunnels and no shell ?)
> >> >> >>
> >> >> >> >
> >> >> >> > Kaplan
> >> >> >> >
> >> >> >> >
> >> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com>
> >> >> >> > wrote:
> >> >> >> >>
> >> >> >> >> hello
> >> >> >> >>
> >> >> >> >> i have a linux machine with a private ip connected to the
> >> >> >> >> internet
> >> >> >> >> i have a public ip and need to ssh to the linux box
> >> >> >> >>
> >> >> >> >> any tools for that ?
> >> >> >> >>
> >> >> >> >> _______________________________________________
> >> >> >> >> Linux-il mailing list
> >> >> >> >> Linux-il at cs.huji.ac.il
> >> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >> >> >
> >> >> >> >
> >> >> >
> >> >> >
> >> >>
> >> >> _______________________________________________
> >> >> Linux-il mailing list
> >> >> Linux-il at cs.huji.ac.il
> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >
> >> >
> >>
> >> _______________________________________________
> >> Linux-il mailing list
> >> Linux-il at cs.huji.ac.il
> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
> >
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/1ce82887/attachment.html>

From erez0001 at gmail.com  Sun Jul 20 18:46:12 2014
From: erez0001 at gmail.com (Erez D)
Date: Sun, 20 Jul 2014 17:46:12 +0200
Subject: reverse ssh
In-Reply-To: <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
Message-ID: <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>

On Sun, Jul 20, 2014 at 3:36 PM, E.S. Rosenberg <esr at g.jct.ac.il> wrote:
> You can have something running on the machine you want to SSH to that
> updates the machine with a fixed IP what its' IP is and have a firewall rule
> or some other way to redirect specific traffic like for instance traffic to
> TCP:22222 from that machine to the IP that it was updated to be....
>
still do not understand what you mean, and how it will let me connect
to a machine with a private ip
>
> 2014-07-20 14:33 GMT+03:00 Erez D <erez0001 at gmail.com>:
>
>> On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David
>> <linux-il at didi.bardavid.org> wrote:
>> > If you just want an ssh connection you can simply redirect connection
>> > attempts to some port on the
>> > Internet-accessible machine to port 22 on the private-ip one - using
>> > whatever tool that fits you best -
>> > iptables, xinetd, redir, probably many others.
>> > --
>> > Didi
>>
>> i do not understand what do you mean
>> >
>> >
>> > 2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:
>> >>
>> >> looks a little complicated - extra ssh server, firewall with port
>> >> knocking
>> >> all this for a ssh connection ...
>> >>
>> >> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io>
>> >> wrote:
>> >> > you can add a port-knocking tool like fwknop to add a dynamic rule to
>> >> > forward your connection into the privet machine.
>> >> >
>> >> > --
>> >> > Rabin
>> >> >
>> >> >
>> >> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com> wrote:
>> >> >>
>> >> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <kaplanlior at gmail.com>
>> >> >> wrote:
>> >> >> > Didn't check it, but login in with a user who has /bin/true might
>> >> >> > do
>> >> >> > the
>> >> >> > trick.
>> >> >> you are correct, it works.
>> >> >> however it is still a security risk, as this means the client may
>> >> >> listen on unused port ...
>> >> >>
>> >> >> >
>> >> >> > Kaplan
>> >> >> >
>> >> >> >
>> >> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com>
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan
>> >> >> >> <kaplanlior at gmail.com>
>> >> >> >> wrote:
>> >> >> >> > ssh itself ?
>> >> >> >> >
>> >> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> >> >> >> nice, however this requires me to give access to my server, which
>> >> >> >> i
>> >> >> >> do
>> >> >> >> not want ...
>> >> >> >> (or, can i give people permission to ssh to my server only for
>> >> >> >> reverse
>> >> >> >> tunnels and no shell ?)
>> >> >> >>
>> >> >> >> >
>> >> >> >> > Kaplan
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com>
>> >> >> >> > wrote:
>> >> >> >> >>
>> >> >> >> >> hello
>> >> >> >> >>
>> >> >> >> >> i have a linux machine with a private ip connected to the
>> >> >> >> >> internet
>> >> >> >> >> i have a public ip and need to ssh to the linux box
>> >> >> >> >>
>> >> >> >> >> any tools for that ?
>> >> >> >> >>
>> >> >> >> >> _______________________________________________
>> >> >> >> >> Linux-il mailing list
>> >> >> >> >> Linux-il at cs.huji.ac.il
>> >> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >> >> >
>> >> >> >> >
>> >> >> >
>> >> >> >
>> >> >>
>> >> >> _______________________________________________
>> >> >> Linux-il mailing list
>> >> >> Linux-il at cs.huji.ac.il
>> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >
>> >> >
>> >>
>> >> _______________________________________________
>> >> Linux-il mailing list
>> >> Linux-il at cs.huji.ac.il
>> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >
>> >
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


From esr+linux-il at g.jct.ac.il  Sun Jul 20 23:54:31 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Sun, 20 Jul 2014 23:54:31 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
Message-ID: <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>

I think we need to reset here for a minute...

Is your goal to connect to a machine with a IP on a private range where
there exists a gateway machine or router with a (known) public IP?
In that case the solution is very simple: port-forwarding
However I would not do that without also running fail2ban and maybe also
fwknop so that evil SSH traffic would have a harder time at getting at my
server.

Or is your goal to connect to a machine reachable via a dynamic IP and you
have a machine with a fixed IP that you can route via?
In that case solutions are more complex, most of the solutions above
related to that scenario I think.

So please clear up for us what your exact goal is.
Regards,
Eliyahu - ?????


2014-07-20 18:46 GMT+03:00 Erez D <erez0001 at gmail.com>:

> On Sun, Jul 20, 2014 at 3:36 PM, E.S. Rosenberg <esr at g.jct.ac.il> wrote:
> > You can have something running on the machine you want to SSH to that
> > updates the machine with a fixed IP what its' IP is and have a firewall
> rule
> > or some other way to redirect specific traffic like for instance traffic
> to
> > TCP:22222 from that machine to the IP that it was updated to be....
> >
> still do not understand what you mean, and how it will let me connect
> to a machine with a private ip
> >
> > 2014-07-20 14:33 GMT+03:00 Erez D <erez0001 at gmail.com>:
> >
> >> On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David
> >> <linux-il at didi.bardavid.org> wrote:
> >> > If you just want an ssh connection you can simply redirect connection
> >> > attempts to some port on the
> >> > Internet-accessible machine to port 22 on the private-ip one - using
> >> > whatever tool that fits you best -
> >> > iptables, xinetd, redir, probably many others.
> >> > --
> >> > Didi
> >>
> >> i do not understand what do you mean
> >> >
> >> >
> >> > 2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:
> >> >>
> >> >> looks a little complicated - extra ssh server, firewall with port
> >> >> knocking
> >> >> all this for a ssh connection ...
> >> >>
> >> >> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe <rabin at rabin.io
> >
> >> >> wrote:
> >> >> > you can add a port-knocking tool like fwknop to add a dynamic rule
> to
> >> >> > forward your connection into the privet machine.
> >> >> >
> >> >> > --
> >> >> > Rabin
> >> >> >
> >> >> >
> >> >> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com>
> wrote:
> >> >> >>
> >> >> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan <
> kaplanlior at gmail.com>
> >> >> >> wrote:
> >> >> >> > Didn't check it, but login in with a user who has /bin/true
> might
> >> >> >> > do
> >> >> >> > the
> >> >> >> > trick.
> >> >> >> you are correct, it works.
> >> >> >> however it is still a security risk, as this means the client may
> >> >> >> listen on unused port ...
> >> >> >>
> >> >> >> >
> >> >> >> > Kaplan
> >> >> >> >
> >> >> >> >
> >> >> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com>
> >> >> >> > wrote:
> >> >> >> >>
> >> >> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan
> >> >> >> >> <kaplanlior at gmail.com>
> >> >> >> >> wrote:
> >> >> >> >> > ssh itself ?
> >> >> >> >> >
> >> >> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
> >> >> >> >> nice, however this requires me to give access to my server,
> which
> >> >> >> >> i
> >> >> >> >> do
> >> >> >> >> not want ...
> >> >> >> >> (or, can i give people permission to ssh to my server only for
> >> >> >> >> reverse
> >> >> >> >> tunnels and no shell ?)
> >> >> >> >>
> >> >> >> >> >
> >> >> >> >> > Kaplan
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D <erez0001 at gmail.com
> >
> >> >> >> >> > wrote:
> >> >> >> >> >>
> >> >> >> >> >> hello
> >> >> >> >> >>
> >> >> >> >> >> i have a linux machine with a private ip connected to the
> >> >> >> >> >> internet
> >> >> >> >> >> i have a public ip and need to ssh to the linux box
> >> >> >> >> >>
> >> >> >> >> >> any tools for that ?
> >> >> >> >> >>
> >> >> >> >> >> _______________________________________________
> >> >> >> >> >> Linux-il mailing list
> >> >> >> >> >> Linux-il at cs.huji.ac.il
> >> >> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >> >> >> >
> >> >> >> >> >
> >> >> >> >
> >> >> >> >
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> Linux-il mailing list
> >> >> >> Linux-il at cs.huji.ac.il
> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >> >
> >> >> >
> >> >>
> >> >> _______________________________________________
> >> >> Linux-il mailing list
> >> >> Linux-il at cs.huji.ac.il
> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >> >
> >> >
> >>
> >> _______________________________________________
> >> Linux-il mailing list
> >> Linux-il at cs.huji.ac.il
> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140720/8f814bb1/attachment-0001.html>

From erez0001 at gmail.com  Mon Jul 21 11:18:54 2014
From: erez0001 at gmail.com (Erez D)
Date: Mon, 21 Jul 2014 11:18:54 +0300
Subject: reverse ssh
In-Reply-To: <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
Message-ID: <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>

On Sun, Jul 20, 2014 at 11:54 PM, E.S. Rosenberg
<esr+linux-il at g.jct.ac.il> wrote:
> I think we need to reset here for a minute...
>
> Is your goal to connect to a machine with a IP on a private range where
> there exists a gateway machine or router with a (known) public IP?
> In that case the solution is very simple: port-forwarding
> However I would not do that without also running fail2ban and maybe also
> fwknop so that evil SSH traffic would have a harder time at getting at my
> server.
>
> Or is your goal to connect to a machine reachable via a dynamic IP and you
> have a machine with a fixed IP that you can route via?
> In that case solutions are more complex, most of the solutions above related
> to that scenario I think.
it is not even a dynamic ip, it is a private ip behind a dynamic one
>
> So please clear up for us what your exact goal is.
> Regards,
> Eliyahu - ?????
>
>
> 2014-07-20 18:46 GMT+03:00 Erez D <erez0001 at gmail.com>:
>
>> On Sun, Jul 20, 2014 at 3:36 PM, E.S. Rosenberg <esr at g.jct.ac.il> wrote:
>> > You can have something running on the machine you want to SSH to that
>> > updates the machine with a fixed IP what its' IP is and have a firewall
>> > rule
>> > or some other way to redirect specific traffic like for instance traffic
>> > to
>> > TCP:22222 from that machine to the IP that it was updated to be....
>> >
>> still do not understand what you mean, and how it will let me connect
>> to a machine with a private ip
>> >
>> > 2014-07-20 14:33 GMT+03:00 Erez D <erez0001 at gmail.com>:
>> >
>> >> On Sun, Jul 20, 2014 at 1:30 PM, Yedidyah Bar David
>> >> <linux-il at didi.bardavid.org> wrote:
>> >> > If you just want an ssh connection you can simply redirect connection
>> >> > attempts to some port on the
>> >> > Internet-accessible machine to port 22 on the private-ip one - using
>> >> > whatever tool that fits you best -
>> >> > iptables, xinetd, redir, probably many others.
>> >> > --
>> >> > Didi
>> >>
>> >> i do not understand what do you mean
>> >> >
>> >> >
>> >> > 2014-07-20 13:31 GMT+03:00 Erez D <erez0001 at gmail.com>:
>> >> >>
>> >> >> looks a little complicated - extra ssh server, firewall with port
>> >> >> knocking
>> >> >> all this for a ssh connection ...
>> >> >>
>> >> >> On Sun, Jul 20, 2014 at 11:38 AM, Rabin Yasharzadehe
>> >> >> <rabin at rabin.io>
>> >> >> wrote:
>> >> >> > you can add a port-knocking tool like fwknop to add a dynamic rule
>> >> >> > to
>> >> >> > forward your connection into the privet machine.
>> >> >> >
>> >> >> > --
>> >> >> > Rabin
>> >> >> >
>> >> >> >
>> >> >> > On Sun, Jul 20, 2014 at 12:16 PM, Erez D <erez0001 at gmail.com>
>> >> >> > wrote:
>> >> >> >>
>> >> >> >> On Sun, Jul 20, 2014 at 11:06 AM, Lior Kaplan
>> >> >> >> <kaplanlior at gmail.com>
>> >> >> >> wrote:
>> >> >> >> > Didn't check it, but login in with a user who has /bin/true
>> >> >> >> > might
>> >> >> >> > do
>> >> >> >> > the
>> >> >> >> > trick.
>> >> >> >> you are correct, it works.
>> >> >> >> however it is still a security risk, as this means the client may
>> >> >> >> listen on unused port ...
>> >> >> >>
>> >> >> >> >
>> >> >> >> > Kaplan
>> >> >> >> >
>> >> >> >> >
>> >> >> >> > On Sun, Jul 20, 2014 at 12:03 PM, Erez D <erez0001 at gmail.com>
>> >> >> >> > wrote:
>> >> >> >> >>
>> >> >> >> >> On Sun, Jul 20, 2014 at 10:39 AM, Lior Kaplan
>> >> >> >> >> <kaplanlior at gmail.com>
>> >> >> >> >> wrote:
>> >> >> >> >> > ssh itself ?
>> >> >> >> >> >
>> >> >> >> >> > http://www.thegeekstuff.com/2013/11/reverse-ssh-tunnel/
>> >> >> >> >> nice, however this requires me to give access to my server,
>> >> >> >> >> which
>> >> >> >> >> i
>> >> >> >> >> do
>> >> >> >> >> not want ...
>> >> >> >> >> (or, can i give people permission to ssh to my server only for
>> >> >> >> >> reverse
>> >> >> >> >> tunnels and no shell ?)
>> >> >> >> >>
>> >> >> >> >> >
>> >> >> >> >> > Kaplan
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >> > On Sun, Jul 20, 2014 at 11:36 AM, Erez D
>> >> >> >> >> > <erez0001 at gmail.com>
>> >> >> >> >> > wrote:
>> >> >> >> >> >>
>> >> >> >> >> >> hello
>> >> >> >> >> >>
>> >> >> >> >> >> i have a linux machine with a private ip connected to the
>> >> >> >> >> >> internet
>> >> >> >> >> >> i have a public ip and need to ssh to the linux box
>> >> >> >> >> >>
>> >> >> >> >> >> any tools for that ?
>> >> >> >> >> >>
>> >> >> >> >> >> _______________________________________________
>> >> >> >> >> >> Linux-il mailing list
>> >> >> >> >> >> Linux-il at cs.huji.ac.il
>> >> >> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >> >> >> >
>> >> >> >> >> >
>> >> >> >> >
>> >> >> >> >
>> >> >> >>
>> >> >> >> _______________________________________________
>> >> >> >> Linux-il mailing list
>> >> >> >> Linux-il at cs.huji.ac.il
>> >> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >> >
>> >> >> >
>> >> >>
>> >> >> _______________________________________________
>> >> >> Linux-il mailing list
>> >> >> Linux-il at cs.huji.ac.il
>> >> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >> >
>> >> >
>> >>
>> >> _______________________________________________
>> >> Linux-il mailing list
>> >> Linux-il at cs.huji.ac.il
>> >> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>> >
>> >
>
>


From guy1gold at gmail.com  Mon Jul 21 17:52:10 2014
From: guy1gold at gmail.com (Guy Gold)
Date: Mon, 21 Jul 2014 10:52:10 -0400
Subject: reverse ssh
In-Reply-To: <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
Message-ID: <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>

Hi Erez,

On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:

>
> it is not even a dynamic ip, it is a private ip behind a dynamic one
>

Then,  what Eliyahu wrote should serve you a perfect solution.

Also, there's not much advantage in the point of hiding behind the
"security by obscurity" method (i.e serve SSH at port 9000. or whichever).
The increase to security by using  that method is in doubt - when taking
under consideration  tools used by "bad guys (and girls)" nowadays .
If you must do it, that's fine, but don't let it be a reason for not using
much better methods, as Eliyahu suggested.

-- 
Guy Gold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140721/a1548271/attachment.html>

From amos.shapira at gmail.com  Tue Jul 22 01:11:06 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Tue, 22 Jul 2014 08:11:06 +1000
Subject: reverse ssh
In-Reply-To: <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
Message-ID: <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>

On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:

> Hi Erez,
>
> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>
>>
>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>
>
> Then,  what Eliyahu wrote should serve you a perfect solution.
>
> Also, there's not much advantage in the point of hiding behind the
> "security by obscurity" method (i.e serve SSH at port 9000. or whichever).
>
 The increase to security by using  that method is in doubt - when taking
> under consideration  tools used by "bad guys (and girls)" nowadays .
> If you must do it, that's fine, but don't let it be a reason for not using
> much better methods, as Eliyahu suggested.
>

>From personal experience - there is a huge advantage in picking a random
port for external SSH (and external HTTP). I always had port scanners on my
standard, dynamic ISP ADSL addresses until I moved them to different
non-standard ports. Since then my logs are clean, and I'm talking about
over 5 years of experience (I don't remember exactly when I did the switch).

This is of course not the only measure I take for security. I still treat
them as vulnerable etc. But after years of not having a single probe on the
new ports I have to say that it removed the threat of pretty much 100% of
the probes on my home network.

Perhaps they are more thorough on static ip addresses, known targets etc.,
but in my experience this is a very successful step.


>
>
> --
> Guy Gold
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
 [image: View my profile on LinkedIn]
<http://www.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/5687511d/attachment.html>

From esr+linux-il at g.jct.ac.il  Tue Jul 22 01:21:40 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Tue, 22 Jul 2014 01:21:40 +0300
Subject: reverse ssh
In-Reply-To: <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
Message-ID: <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>

Any decent port scanner (nmap for instance) will find the SSH service
regardless of the port its' on, while the likelihood of a firewall blocking
access to random non-standard ports is very high.

I use fail2ban to prevent brute forcing and generally also try to have some
form of port knocking (knockd and fwknop are good options) to prevent
initial access to the SSH server to "unidentified" machines.


2014-07-22 1:11 GMT+03:00 Amos Shapira <amos.shapira at gmail.com>:

> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>
>> Hi Erez,
>>
>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>
>>>
>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>
>>
>> Then,  what Eliyahu wrote should serve you a perfect solution.
>>
>> Also, there's not much advantage in the point of hiding behind the
>> "security by obscurity" method (i.e serve SSH at port 9000. or whichever).
>>
>  The increase to security by using  that method is in doubt - when taking
>> under consideration  tools used by "bad guys (and girls)" nowadays .
>> If you must do it, that's fine, but don't let it be a reason for not
>> using much better methods, as Eliyahu suggested.
>>
>
> From personal experience - there is a huge advantage in picking a random
> port for external SSH (and external HTTP). I always had port scanners on my
> standard, dynamic ISP ADSL addresses until I moved them to different
> non-standard ports. Since then my logs are clean, and I'm talking about
> over 5 years of experience (I don't remember exactly when I did the switch).
>
> This is of course not the only measure I take for security. I still treat
> them as vulnerable etc. But after years of not having a single probe on the
> new ports I have to say that it removed the threat of pretty much 100% of
> the probes on my home network.
>
> Perhaps they are more thorough on static ip addresses, known targets etc.,
> but in my experience this is a very successful step.
>
>
>>
>>
>> --
>> Guy Gold
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
>
> --
>  [image: View my profile on LinkedIn]
> <http://www.linkedin.com/in/gliderflyer>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/2beb6190/attachment-0001.html>

From amos.shapira at gmail.com  Tue Jul 22 03:07:38 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Tue, 22 Jul 2014 10:07:38 +1000
Subject: reverse ssh
In-Reply-To: <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
Message-ID: <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>

Whatever.

I'm speaking from personal experience that I didn't find this necessary.



On 22 July 2014 08:21, E.S. Rosenberg <esr+linux-il at g.jct.ac.il> wrote:

> Any decent port scanner (nmap for instance) will find the SSH service
> regardless of the port its' on, while the likelihood of a firewall blocking
> access to random non-standard ports is very high.
>
> I use fail2ban to prevent brute forcing and generally also try to have
> some form of port knocking (knockd and fwknop are good options) to prevent
> initial access to the SSH server to "unidentified" machines.
>
>
> 2014-07-22 1:11 GMT+03:00 Amos Shapira <amos.shapira at gmail.com>:
>
>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>
>>> Hi Erez,
>>>
>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>
>>>>
>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>
>>>
>>> Then,  what Eliyahu wrote should serve you a perfect solution.
>>>
>>> Also, there's not much advantage in the point of hiding behind the
>>> "security by obscurity" method (i.e serve SSH at port 9000. or whichever).
>>>
>>  The increase to security by using  that method is in doubt - when
>>> taking under consideration  tools used by "bad guys (and girls)" nowadays .
>>> If you must do it, that's fine, but don't let it be a reason for not
>>> using much better methods, as Eliyahu suggested.
>>>
>>
>> From personal experience - there is a huge advantage in picking a random
>> port for external SSH (and external HTTP). I always had port scanners on my
>> standard, dynamic ISP ADSL addresses until I moved them to different
>> non-standard ports. Since then my logs are clean, and I'm talking about
>> over 5 years of experience (I don't remember exactly when I did the switch).
>>
>> This is of course not the only measure I take for security. I still treat
>> them as vulnerable etc. But after years of not having a single probe on the
>> new ports I have to say that it removed the threat of pretty much 100% of
>> the probes on my home network.
>>
>> Perhaps they are more thorough on static ip addresses, known targets
>> etc., but in my experience this is a very successful step.
>>
>>
>>>
>>>
>>> --
>>> Guy Gold
>>>
>>> _______________________________________________
>>> Linux-il mailing list
>>> Linux-il at cs.huji.ac.il
>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>
>>>
>>
>>
>> --
>>  [image: View my profile on LinkedIn]
>> <http://www.linkedin.com/in/gliderflyer>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>


-- 
 [image: View my profile on LinkedIn]
<http://www.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/13afaecb/attachment.html>

From erez0001 at gmail.com  Tue Jul 22 11:20:44 2014
From: erez0001 at gmail.com (Erez D)
Date: Tue, 22 Jul 2014 11:20:44 +0300
Subject: reverse ssh
In-Reply-To: <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
Message-ID: <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>

although port scanners can scan every port, it takes x 65536 times more
than scanning only port 22
and there are enough available port 22s,

so using a non-standard port is a smart move
as long as it is not the only one.


On Tue, Jul 22, 2014 at 3:07 AM, Amos Shapira <amos.shapira at gmail.com>
wrote:

> Whatever.
>
> I'm speaking from personal experience that I didn't find this necessary.
>
>
>
> On 22 July 2014 08:21, E.S. Rosenberg <esr+linux-il at g.jct.ac.il> wrote:
>
>> Any decent port scanner (nmap for instance) will find the SSH service
>> regardless of the port its' on, while the likelihood of a firewall blocking
>> access to random non-standard ports is very high.
>>
>> I use fail2ban to prevent brute forcing and generally also try to have
>> some form of port knocking (knockd and fwknop are good options) to prevent
>> initial access to the SSH server to "unidentified" machines.
>>
>>
>> 2014-07-22 1:11 GMT+03:00 Amos Shapira <amos.shapira at gmail.com>:
>>
>>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>>
>>>> Hi Erez,
>>>>
>>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>>
>>>>>
>>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>>
>>>>
>>>> Then,  what Eliyahu wrote should serve you a perfect solution.
>>>>
>>>> Also, there's not much advantage in the point of hiding behind the
>>>> "security by obscurity" method (i.e serve SSH at port 9000. or whichever).
>>>>
>>>  The increase to security by using  that method is in doubt - when
>>>> taking under consideration  tools used by "bad guys (and girls)" nowadays .
>>>> If you must do it, that's fine, but don't let it be a reason for not
>>>> using much better methods, as Eliyahu suggested.
>>>>
>>>
>>> From personal experience - there is a huge advantage in picking a random
>>> port for external SSH (and external HTTP). I always had port scanners on my
>>> standard, dynamic ISP ADSL addresses until I moved them to different
>>> non-standard ports. Since then my logs are clean, and I'm talking about
>>> over 5 years of experience (I don't remember exactly when I did the switch).
>>>
>>> This is of course not the only measure I take for security. I still
>>> treat them as vulnerable etc. But after years of not having a single probe
>>> on the new ports I have to say that it removed the threat of pretty much
>>> 100% of the probes on my home network.
>>>
>>> Perhaps they are more thorough on static ip addresses, known targets
>>> etc., but in my experience this is a very successful step.
>>>
>>>
>>>>
>>>>
>>>> --
>>>> Guy Gold
>>>>
>>>> _______________________________________________
>>>> Linux-il mailing list
>>>> Linux-il at cs.huji.ac.il
>>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>>
>>>>
>>>
>>>
>>> --
>>>  [image: View my profile on LinkedIn]
>>> <http://www.linkedin.com/in/gliderflyer>
>>>
>>> _______________________________________________
>>> Linux-il mailing list
>>> Linux-il at cs.huji.ac.il
>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>
>>>
>>
>
>
> --
>  [image: View my profile on LinkedIn]
> <http://www.linkedin.com/in/gliderflyer>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/be02e5b3/attachment.html>

From guy1gold at gmail.com  Tue Jul 22 15:47:50 2014
From: guy1gold at gmail.com (Guy Gold)
Date: Tue, 22 Jul 2014 08:47:50 -0400
Subject: reverse ssh
In-Reply-To: <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
 <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
Message-ID: <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>

>
>>>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>>>
>>>>> Hi Erez,
>>>>>
>>>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>>>
>>>>>>
>>>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>>>
>>>>>
>>>>> Then,  what Eliyahu wrote should serve you a perfect solution.
>>>>>
>>>>
Although this can become a flame-war :)

Source:
https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/

==Begin quote ==

But there are more reasons why this is a bad idea and one of the most
important reason has to do with a bit of the (Linux) way of handling TCP/IP
ports. When you are logged onto a system as a non-root user (anyone not
being uid 0), you cannot create a listing TCP or UDP port below 1024. This
is because port numbers below 1024 are so-called privileged ports and can
only be opened by root or processes that are running as root. So for
instance, when your webserver (apache, nginx etc) will start, it will do so
as the privileged root user in order to open up a listening connection to
port 80 (the port that by default will be used for HTTP traffic). Now, as
soon as the port is opened and everything that needs to be done as root is
done, the webserver will fall back to a non-privileged user (either the
www-data, apache, or nobody user). From that point, when something bad is
happening, it is only limited to the rights that that user has.

Now, back to SSH: when we start SSH on port 22, we know for a fact that
this is done by root or a root-process since no other user could possibly
open that port. But what happens when we move SSH to port 2222? This port
can be opened without a privileged account, which means I can write a
simple script that listens to port 2222 and mimics SSH in order to capture
your passwords. And this can easily be done with simple tools commonly
available on every linux system/server. So running SSH on a non-privileged
port makes it potentially LESS secure, not MORE. You have no way of knowing
if you are talking to the real SSH server or not. This reason, and this
reason alone makes it that you should NEVER EVER use a non-privileged port
for running your SSH server.
==End quote==

Reading the whole page is recommended.

Though, some of Joshua Thijssen's points can be argued against (not by
myself, but I'm sure some folks can find some caveats in his article). I
tend to agree with what he points out.

I do acknowledge that SBO (security by...) divides quite a bit sysadmins
apart. Some live by it, and some, well, ridicule it, and for them, seeing
another sysadmin use such method is a tell sign of anachronism.  The beauty
is that we can all choose, and what is important is  being informed.

-- 
Guy Gold
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/78067a51/attachment-0001.html>

From pub at goldshmidt.org  Tue Jul 22 20:35:15 2014
From: pub at goldshmidt.org (Oleg Goldshmidt)
Date: Tue, 22 Jul 2014 20:35:15 +0300
Subject: reverse ssh
In-Reply-To: <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
 <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
 <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
Message-ID: <87lhrl8ffw.fsf@goldshmidt.org>

Guy Gold <guy1gold at gmail.com> writes:

> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-
> than-22-is-bad-idea/

Should be titled, "Why Putting SSH on a Non-Privileged Port is a Bad
Idea."

Nothing there is relevant to SSH on port 234 (just picking something
easy to remember and not in /etc/services) or similar.

[NB: The poor corporate sysadmin who does not want to deal with every
machine running SSH on a different port - another problem mentioned
there - is a non-issue. In a corporate setting, if a non-standard port
is chosen for anything at all, it will be uniform and documented. And
not every Tom, Dick, and Harry will have root access to modify
sshd_config without adult supervision.]

I am not arguing for or against using a non-standard port. Just pointing
out that "non-standard" and "non-privileged" are two different things.

-- 
Oleg Goldshmidt | pub at goldshmidt.org


From rabin at rabin.io  Tue Jul 22 22:56:29 2014
From: rabin at rabin.io (Rabin Yasharzadehe)
Date: Tue, 22 Jul 2014 22:56:29 +0300
Subject: Looking for a recommendation for Triple LCD Stand Desk
Message-ID: <CABKuJEA=_AiWX3gKJ8hQB=3LNp1aUiCnQh5A3eHnafpkHXFyTA@mail.gmail.com>

Hello all,

Is any one the list have any recommendation or experience with
multi-monitor stands,
I'm talking about something like this

-
http://www.ebay.com/itm/Deluxe-Triple-Monitor-Stand-Desktop-Clamp-up-to-28-/171370687459?pt=US_Monitor_Mounts_Stands&hash=item27e67d2be3#

Any thing i should know before buying one ?
Local vs overseas ?
Is there a cheaper way to achieve this like a DIY project ?

Thanks in advance,


*--Rabin*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/8f16dd39/attachment.html>

From asaf.halili at gmail.com  Tue Jul 22 23:24:56 2014
From: asaf.halili at gmail.com (ASAF HALILI)
Date: Tue, 22 Jul 2014 23:24:56 +0300
Subject: Looking for a recommendation for Triple LCD Stand Desk
In-Reply-To: <CABKuJEA=_AiWX3gKJ8hQB=3LNp1aUiCnQh5A3eHnafpkHXFyTA@mail.gmail.com>
References: <CABKuJEA=_AiWX3gKJ8hQB=3LNp1aUiCnQh5A3eHnafpkHXFyTA@mail.gmail.com>
Message-ID: <CAJ-ei_ekqWtJUj=HjMnPu5Sk61a=1D1YCRmcJg04QU+xDpGuQw@mail.gmail.com>

Why not to put the 3 screens on a desk?
the simplest and best solution, as I see it.

unless you have big lack of space of course..


On Tue, Jul 22, 2014 at 10:56 PM, Rabin Yasharzadehe <rabin at rabin.io> wrote:

> Hello all,
>
> Is any one the list have any recommendation or experience with
> multi-monitor stands,
> I'm talking about something like this
>
> -
> http://www.ebay.com/itm/Deluxe-Triple-Monitor-Stand-Desktop-Clamp-up-to-28-/171370687459?pt=US_Monitor_Mounts_Stands&hash=item27e67d2be3#
>
> Any thing i should know before buying one ?
> Local vs overseas ?
> Is there a cheaper way to achieve this like a DIY project ?
>
> Thanks in advance,
>
>
> *--Rabin*
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
Regards, Asaf.
CpMaster.net <http://cpmaster.net> - Professional Blog
Dev.org.il <http://www.Dev.org.il> - Questions & Answers about Web
Development
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/ea582955/attachment.html>

From rabin at rabin.io  Tue Jul 22 23:30:26 2014
From: rabin at rabin.io (Rabin Yasharzadehe)
Date: Tue, 22 Jul 2014 23:30:26 +0300
Subject: Looking for a recommendation for Triple LCD Stand Desk
In-Reply-To: <CAJ-ei_ekqWtJUj=HjMnPu5Sk61a=1D1YCRmcJg04QU+xDpGuQw@mail.gmail.com>
References: <CABKuJEA=_AiWX3gKJ8hQB=3LNp1aUiCnQh5A3eHnafpkHXFyTA@mail.gmail.com>
 <CAJ-ei_ekqWtJUj=HjMnPu5Sk61a=1D1YCRmcJg04QU+xDpGuQw@mail.gmail.com>
Message-ID: <CABKuJEATRHHdpNbbnv80fYMN+5z8Fsddpi-4z1Drw17Zh58xDg@mail.gmail.com>

I have a small desk in a small room :)


*-- Rabin*


On Tue, Jul 22, 2014 at 11:24 PM, ASAF HALILI <asaf.halili at gmail.com> wrote:

> Why not to put the 3 screens on a desk?
> the simplest and best solution, as I see it.
>
> unless you have big lack of space of course..
>
>
>  On Tue, Jul 22, 2014 at 10:56 PM, Rabin Yasharzadehe <rabin at rabin.io>
> wrote:
>
>>  Hello all,
>>
>> Is any one the list have any recommendation or experience with
>> multi-monitor stands,
>> I'm talking about something like this
>>
>> -
>> http://www.ebay.com/itm/Deluxe-Triple-Monitor-Stand-Desktop-Clamp-up-to-28-/171370687459?pt=US_Monitor_Mounts_Stands&hash=item27e67d2be3#
>>
>> Any thing i should know before buying one ?
>> Local vs overseas ?
>> Is there a cheaper way to achieve this like a DIY project ?
>>
>> Thanks in advance,
>>
>>
>> *--Rabin*
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
>
> --
> Regards, Asaf.
> CpMaster.net <http://cpmaster.net> - Professional Blog
> Dev.org.il <http://www.Dev.org.il> - Questions & Answers about Web
> Development
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140722/75d2e785/attachment.html>

From erez0001 at gmail.com  Wed Jul 23 11:44:09 2014
From: erez0001 at gmail.com (Erez D)
Date: Wed, 23 Jul 2014 11:44:09 +0300
Subject: reverse ssh
In-Reply-To: <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
 <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
 <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
Message-ID: <CAMUp3w=6p-p5Hu8=F1E++EHOW5LWX0Q6Eg-dep84_b0i1tTF0g@mail.gmail.com>

1. only refer to non-privileged ports
2. btw, ssh will warn you if the server cert changes, so if someone
takes the port for it's ssh server, you will know

i'll still stick with a non standard privileged port.

On Tue, Jul 22, 2014 at 3:47 PM, Guy Gold <guy1gold at gmail.com> wrote:
>
>>>>>
>>>>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>>>>>
>>>>>> Hi Erez,
>>>>>>
>>>>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>>>
>>>>>>
>>>>>> Then,  what Eliyahu wrote should serve you a perfect solution.
>
>
> Although this can become a flame-war :)
>
> Source:
> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
>
> ==Begin quote ==
>
> But there are more reasons why this is a bad idea and one of the most
> important reason has to do with a bit of the (Linux) way of handling TCP/IP
> ports. When you are logged onto a system as a non-root user (anyone not
> being uid 0), you cannot create a listing TCP or UDP port below 1024. This
> is because port numbers below 1024 are so-called privileged ports and can
> only be opened by root or processes that are running as root. So for
> instance, when your webserver (apache, nginx etc) will start, it will do so
> as the privileged root user in order to open up a listening connection to
> port 80 (the port that by default will be used for HTTP traffic). Now, as
> soon as the port is opened and everything that needs to be done as root is
> done, the webserver will fall back to a non-privileged user (either the
> www-data, apache, or nobody user). From that point, when something bad is
> happening, it is only limited to the rights that that user has.
>
> Now, back to SSH: when we start SSH on port 22, we know for a fact that this
> is done by root or a root-process since no other user could possibly open
> that port. But what happens when we move SSH to port 2222? This port can be
> opened without a privileged account, which means I can write a simple script
> that listens to port 2222 and mimics SSH in order to capture your passwords.
> And this can easily be done with simple tools commonly available on every
> linux system/server. So running SSH on a non-privileged port makes it
> potentially LESS secure, not MORE. You have no way of knowing if you are
> talking to the real SSH server or not. This reason, and this reason alone
> makes it that you should NEVER EVER use a non-privileged port for running
> your SSH server.
>
> ==End quote==
>
> Reading the whole page is recommended.
>
> Though, some of Joshua Thijssen's points can be argued against (not by
> myself, but I'm sure some folks can find some caveats in his article). I
> tend to agree with what he points out.
>
> I do acknowledge that SBO (security by...) divides quite a bit sysadmins
> apart. Some live by it, and some, well, ridicule it, and for them, seeing
> another sysadmin use such method is a tell sign of anachronism.  The beauty
> is that we can all choose, and what is important is  being informed.
>
> --
> Guy Gold
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>


From erez0001 at gmail.com  Wed Jul 23 11:55:06 2014
From: erez0001 at gmail.com (Erez D)
Date: Wed, 23 Jul 2014 11:55:06 +0300
Subject: reverse ssh
In-Reply-To: <CAMUp3w=6p-p5Hu8=F1E++EHOW5LWX0Q6Eg-dep84_b0i1tTF0g@mail.gmail.com>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAEsznC4q6iX7piH-3Phfuapjpbh=Q6_0eDa5_MzycLw9kdQDiA@mail.gmail.com>
 <CAMUp3wkRbY2VnkZiAVcHvnUGC3GnP9BY1byxHDnPZDevw+u2cQ@mail.gmail.com>
 <CAEsznC7_VBT4=O0o+dqvaYtoRXjpsqcT4DsEbTGpfCMU0oomMg@mail.gmail.com>
 <CAMUp3wkyMWHAAb7EbOO2z+t6nqzSG+V_TgvqvU9FGO6Fx26x-g@mail.gmail.com>
 <CABKuJEB+p2hAu+jRsdtvWrZY9d4D7FwLYPbo-mVu6DuroDcHgg@mail.gmail.com>
 <CAMUp3wnJh+YkFbGj-iRP_tBUUZno2Rhg7RwB2+33g5zu+eqznA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
 <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
 <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
 <CAMUp3w=6p-p5Hu8=F1E++EHOW5LWX0Q6Eg-dep84_b0i1tTF0g@mail.gmail.com>
Message-ID: <CAMUp3wnKu5t7jiSXrAum2tZKuPS11az+YD4H+c-7bRSGyO0XVQ@mail.gmail.com>

and i forgot:
what if my router redirect any port to my computer's port 22 ?
this can be a non priviledge port

if only i have access to the router settings ...

On Wed, Jul 23, 2014 at 11:44 AM, Erez D <erez0001 at gmail.com> wrote:
> 1. only refer to non-privileged ports
> 2. btw, ssh will warn you if the server cert changes, so if someone
> takes the port for it's ssh server, you will know
>
> i'll still stick with a non standard privileged port.
>
> On Tue, Jul 22, 2014 at 3:47 PM, Guy Gold <guy1gold at gmail.com> wrote:
>>
>>>>>>
>>>>>> On 22 July 2014 00:52, Guy Gold <guy1gold at gmail.com> wrote:
>>>>>>>
>>>>>>> Hi Erez,
>>>>>>>
>>>>>>> On Mon, Jul 21, 2014 at 4:18 AM, Erez D <erez0001 at gmail.com> wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>> it is not even a dynamic ip, it is a private ip behind a dynamic one
>>>>>>>
>>>>>>>
>>>>>>> Then,  what Eliyahu wrote should serve you a perfect solution.
>>
>>
>> Although this can become a flame-war :)
>>
>> Source:
>> https://www.adayinthelifeof.nl/2012/03/12/why-putting-ssh-on-another-port-than-22-is-bad-idea/
>>
>> ==Begin quote ==
>>
>> But there are more reasons why this is a bad idea and one of the most
>> important reason has to do with a bit of the (Linux) way of handling TCP/IP
>> ports. When you are logged onto a system as a non-root user (anyone not
>> being uid 0), you cannot create a listing TCP or UDP port below 1024. This
>> is because port numbers below 1024 are so-called privileged ports and can
>> only be opened by root or processes that are running as root. So for
>> instance, when your webserver (apache, nginx etc) will start, it will do so
>> as the privileged root user in order to open up a listening connection to
>> port 80 (the port that by default will be used for HTTP traffic). Now, as
>> soon as the port is opened and everything that needs to be done as root is
>> done, the webserver will fall back to a non-privileged user (either the
>> www-data, apache, or nobody user). From that point, when something bad is
>> happening, it is only limited to the rights that that user has.
>>
>> Now, back to SSH: when we start SSH on port 22, we know for a fact that this
>> is done by root or a root-process since no other user could possibly open
>> that port. But what happens when we move SSH to port 2222? This port can be
>> opened without a privileged account, which means I can write a simple script
>> that listens to port 2222 and mimics SSH in order to capture your passwords.
>> And this can easily be done with simple tools commonly available on every
>> linux system/server. So running SSH on a non-privileged port makes it
>> potentially LESS secure, not MORE. You have no way of knowing if you are
>> talking to the real SSH server or not. This reason, and this reason alone
>> makes it that you should NEVER EVER use a non-privileged port for running
>> your SSH server.
>>
>> ==End quote==
>>
>> Reading the whole page is recommended.
>>
>> Though, some of Joshua Thijssen's points can be argued against (not by
>> myself, but I'm sure some folks can find some caveats in his article). I
>> tend to agree with what he points out.
>>
>> I do acknowledge that SBO (security by...) divides quite a bit sysadmins
>> apart. Some live by it, and some, well, ridicule it, and for them, seeing
>> another sysadmin use such method is a tell sign of anachronism.  The beauty
>> is that we can all choose, and what is important is  being informed.
>>
>> --
>> Guy Gold
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>


From vordoo at yahoo.com  Wed Jul 23 12:09:22 2014
From: vordoo at yahoo.com (vordoo)
Date: Wed, 23 Jul 2014 12:09:22 +0300
Subject: reverse ssh
In-Reply-To: <87lhrl8ffw.fsf@goldshmidt.org>
References: <CAMUp3wnqL3j2+hE3M74KLEfF9ZMp0-j6drkmrFdBwMOJno=BHA@mail.gmail.com>
 <CAGtcZ6tGv0+bteykBYrDY2+_uJ=ji8wyjKj+ADX7TYyjkpvsYA@mail.gmail.com>
 <CAMUp3wkHKbtk-SSP62ipQ9GxW1PofKULR9qmX06q7dcAgizxzQ@mail.gmail.com>
 <CAHTx_BMvRpCvNeJrfDDAbNC=9FE_VCh3zp9Kc2J=a=0gc34tug@mail.gmail.com>
 <CAMUp3wnhgSVh08zSqLGv_gnr4pG6PUWruq1KaO_TjsiogJmK_A@mail.gmail.com>
 <CAHTx_BPcOo9iVbBsQzY+sh_r7EQ6KA4OmWUwm4JA20SbYn-Ozg@mail.gmail.com>
 <CAMUp3wksXrsEe1bg8FnxCzw0U18ob5naNzs6fbe7LrqdA9qE5A@mail.gmail.com>
 <CALQ72QETrY8Y9UJy1Si6AX1jqkx+ADWJC-f3RYebuRuskrjGXQ@mail.gmail.com>
 <CAF9n_WWD1Uu282+u8=EXN4-_iQHHLQhF3EJPuRHfvw9UjhNwUw@mail.gmail.com>
 <CAHTx_BO97BU+2QGVgtg2WRp8g1+JvwCWE2heDwUs6bvbNdk7UQ@mail.gmail.com>
 <CAF9n_WVKvZx7f=Ga8Z2=GqFQ_jRFH6K4VW2AbZdmz7o1Uvekmw@mail.gmail.com>
 <CAMUp3wkiEXGM1z2UfqRiCQ3YnAjCD3RHXJbnv4PcS1s3J5Z=OA@mail.gmail.com>
 <CALQ72QEqQo3UHSkeA=02uPAt4OEPjMxgWc1O9zXtqoKMiCZBwA@mail.gmail.com>
 <87lhrl8ffw.fsf@goldshmidt.org>
Message-ID: <53CF7BC2.5030004@yahoo.com>

An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140723/e7df0941/attachment.html>

From amos.shapira at gmail.com  Sat Jul 26 14:00:51 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Sat, 26 Jul 2014 21:00:51 +1000
Subject: better antenna for a USB DVB-T dongle?
Message-ID: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>

Hi,

I'm asking here since I saw that quiet a few members here mentioned using
things like this in the past.

I bought a USB DVB dongle for my Cubox-I running OpenELEC (here is the item
on ebay: http://www.ebay.com.au/itm/251537079924) and although it's well
supported and the kernel recognises it without a hitch, scanning for
channels (both through tvheadend and command line w_scan) can't lock on any
channels.

I live less than 2 km from the antennas which broadcast to all of Sydney
(~80km radius service area).

According to the instructions at http://baratel.com/guides/mythTV.htm, the
internal antenna which comes with such dongles is worthless for more than
500m.

But the antenna input socket is not the standard wide one (e.g. like the
one you can see in this wikipedia image:
http://en.wikipedia.org/wiki/Coaxial_cable#mediaviewer/File:N_Connector.jpg)
but something that looks like 1 mm headphone jack with an itsy bitsy hole
in the middle.

Does anyone know how can I extend the reception for this baby?

I think of two main options:

1. Connect it to "normal"/"common" coaxial wall socket, so I can take
advantage of the antenna on the roof.
2. Buy a bigger internal antenna which can connect to this weird jack.

Any pointers would be appreciated.

Thanks,

--Amos
-- 
 <http://au.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140726/30eee647/attachment.html>

From vordoo at yahoo.com  Sat Jul 26 18:00:58 2014
From: vordoo at yahoo.com (vordoo)
Date: Sat, 26 Jul 2014 18:00:58 +0300
Subject: better antenna for a USB DVB-T dongle?
In-Reply-To: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
References: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
Message-ID: <53D3C2AA.60409@yahoo.com>

An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140726/a7591271/attachment.html>

From tomer at gmx.net  Sat Jul 26 18:09:16 2014
From: tomer at gmx.net (Tomer Cohen)
Date: Sat, 26 Jul 2014 18:09:16 +0300
Subject: better antenna for a USB DVB-T dongle?
In-Reply-To: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
References: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
Message-ID: <CAFrSoReYFicYXbOotRGUT4yX=f0GhY3q_qTifh4t7=3NzPTb5Q@mail.gmail.com>

Roof antenna could not be very helpful in your case, but you can buy an
active antenna or place the current one near a window. As for the antenna
connector, you can buy a cheap adapter; I bought this one:
http://www.dx.com/p/lwj-023-mcx-male-to-tv-female-antenna-adapter-cable-black-17-5cm-207418


On Sat, Jul 26, 2014 at 2:00 PM, Amos Shapira <amos.shapira at gmail.com>
wrote:

> Hi,
>
> I'm asking here since I saw that quiet a few members here mentioned using
> things like this in the past.
>
> I bought a USB DVB dongle for my Cubox-I running OpenELEC (here is the
> item on ebay: http://www.ebay.com.au/itm/251537079924) and although it's
> well supported and the kernel recognises it without a hitch, scanning for
> channels (both through tvheadend and command line w_scan) can't lock on any
> channels.
>
> I live less than 2 km from the antennas which broadcast to all of Sydney
> (~80km radius service area).
>
> According to the instructions at http://baratel.com/guides/mythTV.htm,
> the internal antenna which comes with such dongles is worthless for more
> than 500m.
>
> But the antenna input socket is not the standard wide one (e.g. like the
> one you can see in this wikipedia image:
> http://en.wikipedia.org/wiki/Coaxial_cable#mediaviewer/File:N_Connector.jpg)
> but something that looks like 1 mm headphone jack with an itsy bitsy hole
> in the middle.
>
> Does anyone know how can I extend the reception for this baby?
>
> I think of two main options:
>
> 1. Connect it to "normal"/"common" coaxial wall socket, so I can take
> advantage of the antenna on the roof.
> 2. Buy a bigger internal antenna which can connect to this weird jack.
>
> Any pointers would be appreciated.
>
> Thanks,
>
> --Amos
> --
>  <http://au.linkedin.com/in/gliderflyer>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
Tomer Cohen
http://tomercohen.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140726/9f7350b6/attachment.html>

From nad.oby at gmail.com  Sat Jul 26 22:25:50 2014
From: nad.oby at gmail.com (Evgeniy Ginzburg)
Date: Sat, 26 Jul 2014 22:25:50 +0300
Subject: better antenna for a USB DVB-T dongle?
In-Reply-To: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
References: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
Message-ID: <CALRpzn9m7v1dCRcs=QNyzCxk0JybMLzoyBQuSnP12V2a7w-Jbg@mail.gmail.com>

TV dongles use MCX connector.
Truy one of those to connect to wal plug
http://www.ebay.com/sch/i.html?_nkw=mcx+to+Belling-Lee
There is can be impedance mismach but
with one of such connectors you also can buy bigger antennae that connect
to standart jack if roof antenna won't work good.

And when you tired of TV use oyur dongle as SDR it's uch more fun.


On Sat, Jul 26, 2014 at 2:00 PM, Amos Shapira <amos.shapira at gmail.com>
wrote:

> Hi,
>
> I'm asking here since I saw that quiet a few members here mentioned using
> things like this in the past.
>
> I bought a USB DVB dongle for my Cubox-I running OpenELEC (here is the
> item on ebay: http://www.ebay.com.au/itm/251537079924) and although it's
> well supported and the kernel recognises it without a hitch, scanning for
> channels (both through tvheadend and command line w_scan) can't lock on any
> channels.
>
> I live less than 2 km from the antennas which broadcast to all of Sydney
> (~80km radius service area).
>
> According to the instructions at http://baratel.com/guides/mythTV.htm,
> the internal antenna which comes with such dongles is worthless for more
> than 500m.
>
> But the antenna input socket is not the standard wide one (e.g. like the
> one you can see in this wikipedia image:
> http://en.wikipedia.org/wiki/Coaxial_cable#mediaviewer/File:N_Connector.jpg)
> but something that looks like 1 mm headphone jack with an itsy bitsy hole
> in the middle.
>
> Does anyone know how can I extend the reception for this baby?
>
> I think of two main options:
>
> 1. Connect it to "normal"/"common" coaxial wall socket, so I can take
> advantage of the antenna on the roof.
> 2. Buy a bigger internal antenna which can connect to this weird jack.
>
> Any pointers would be appreciated.
>
> Thanks,
>
> --Amos
> --
>  <http://au.linkedin.com/in/gliderflyer>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>


-- 
So long, and thanks for all the fish.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140726/0c15df8d/attachment-0001.html>

From geoffreymendelson at gmail.com  Sat Jul 26 23:00:23 2014
From: geoffreymendelson at gmail.com (geoffrey mendelson)
Date: Sat, 26 Jul 2014 23:00:23 +0300
Subject: better antenna for a USB DVB-T dongle?
In-Reply-To: <CALRpzn9m7v1dCRcs=QNyzCxk0JybMLzoyBQuSnP12V2a7w-Jbg@mail.gmail.com>
References: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
 <CALRpzn9m7v1dCRcs=QNyzCxk0JybMLzoyBQuSnP12V2a7w-Jbg@mail.gmail.com>
Message-ID: <53D408D7.4070904@gmail.com>

On 7/26/2014 10:25 PM, Evgeniy Ginzburg wrote:
> TV dongles use MCX connector.
> Truy one of those to connect to wal plug
> http://www.ebay.com/sch/i.html?_nkw=mcx+to+Belling-Lee
> There is can be impedance mismach but
> with one of such connectors you also can buy bigger antennae that 
> connect to standart jack if roof antenna won't work good.
>
> And when you tired of TV use oyur dongle as SDR it's uch more fun.
>

While they are officially called Belling-Lee connectors, they are called 
PAL connectors outside of the UK. In the UK they are called Aerial 
connectors. Probably the same thing in OZ.

They got that name because PAL TVs used them, in comparison to F 
connectors used by US TVs.

Geoff.

-- 
Geoffrey S. Mendelson 4X1GM/N3OWJ
Jerusalem Israel.



From amos.shapira at gmail.com  Sun Jul 27 01:06:04 2014
From: amos.shapira at gmail.com (Amos Shapira)
Date: Sun, 27 Jul 2014 08:06:04 +1000
Subject: better antenna for a USB DVB-T dongle?
In-Reply-To: <CAFrSoReYFicYXbOotRGUT4yX=f0GhY3q_qTifh4t7=3NzPTb5Q@mail.gmail.com>
References: <CAF9n_WU_D5tpgw0X1u-JQg2cGBOz8bCXhLnZosnTO8FgOWR-kQ@mail.gmail.com>
 <CAFrSoReYFicYXbOotRGUT4yX=f0GhY3q_qTifh4t7=3NzPTb5Q@mail.gmail.com>
Message-ID: <CAF9n_WXT=gcRBHTMU0M2qtK_3BAVLcBR81hJAV7HOyO2_Vy+bQ@mail.gmail.com>

Thanks everyone for chipping in.

Once I learned the name of the connector (MCX) and based on this and
finding that the "regular" plug is called also "Type N" I found a "pig
tail" converter and ordered it (http://www.ebay.com.au/itm/121310526140).

Tomer - why wouldn't the roof antenna be useful. Is it about the TV signal
type? Antenna type? Or is it because I live so close to the transmitter
that you expect that the signal strength is not the issue?

BTW - so far I tested the dongle facing the transmitter almost directly -
next to the front balcony glass door, with perhaps only the balcony rail
blocking it from direct line of sight.

Cheers,

--Amos


On 27 July 2014 01:09, Tomer Cohen <tomer at gmx.net> wrote:

> Roof antenna could not be very helpful in your case, but you can buy an
> active antenna or place the current one near a window. As for the antenna
> connector, you can buy a cheap adapter; I bought this one:
> http://www.dx.com/p/lwj-023-mcx-male-to-tv-female-antenna-adapter-cable-black-17-5cm-207418
>
>
> On Sat, Jul 26, 2014 at 2:00 PM, Amos Shapira <amos.shapira at gmail.com>
> wrote:
>
>> Hi,
>>
>> I'm asking here since I saw that quiet a few members here mentioned using
>> things like this in the past.
>>
>> I bought a USB DVB dongle for my Cubox-I running OpenELEC (here is the
>> item on ebay: http://www.ebay.com.au/itm/251537079924) and although it's
>> well supported and the kernel recognises it without a hitch, scanning for
>> channels (both through tvheadend and command line w_scan) can't lock on any
>> channels.
>>
>> I live less than 2 km from the antennas which broadcast to all of Sydney
>> (~80km radius service area).
>>
>> According to the instructions at http://baratel.com/guides/mythTV.htm,
>> the internal antenna which comes with such dongles is worthless for more
>> than 500m.
>>
>> But the antenna input socket is not the standard wide one (e.g. like the
>> one you can see in this wikipedia image:
>> http://en.wikipedia.org/wiki/Coaxial_cable#mediaviewer/File:N_Connector.jpg)
>> but something that looks like 1 mm headphone jack with an itsy bitsy hole
>> in the middle.
>>
>> Does anyone know how can I extend the reception for this baby?
>>
>> I think of two main options:
>>
>> 1. Connect it to "normal"/"common" coaxial wall socket, so I can take
>> advantage of the antenna on the roof.
>> 2. Buy a bigger internal antenna which can connect to this weird jack.
>>
>> Any pointers would be appreciated.
>>
>> Thanks,
>>
>> --Amos
>> --
>>  <http://au.linkedin.com/in/gliderflyer>
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
>
> --
> Tomer Cohen
> http://tomercohen.com
>



-- 
<http://au.linkedin.com/in/gliderflyer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140727/07fb43d0/attachment.html>

From esr+linux-il at g.jct.ac.il  Sun Jul 27 14:57:16 2014
From: esr+linux-il at g.jct.ac.il (E.S. Rosenberg)
Date: Sun, 27 Jul 2014 14:57:16 +0300
Subject: Looking for a recommendation for Triple LCD Stand Desk
In-Reply-To: <CABKuJEATRHHdpNbbnv80fYMN+5z8Fsddpi-4z1Drw17Zh58xDg@mail.gmail.com>
References: <CABKuJEA=_AiWX3gKJ8hQB=3LNp1aUiCnQh5A3eHnafpkHXFyTA@mail.gmail.com>
 <CAJ-ei_ekqWtJUj=HjMnPu5Sk61a=1D1YCRmcJg04QU+xDpGuQw@mail.gmail.com>
 <CABKuJEATRHHdpNbbnv80fYMN+5z8Fsddpi-4z1Drw17Zh58xDg@mail.gmail.com>
Message-ID: <CAHTx_BNwk2fDfN1Pp=AmOXRAXFTf0-bX8E1V=y13sAZzQnqM4g@mail.gmail.com>

If you know market traders they usually use 3-6 monitors they probably can
tell you a bit about it.....


2014-07-22 23:30 GMT+03:00 Rabin Yasharzadehe <rabin at rabin.io>:

> I have a small desk in a small room :)
>
>
> *-- Rabin*
>
>
> On Tue, Jul 22, 2014 at 11:24 PM, ASAF HALILI <asaf.halili at gmail.com>
> wrote:
>
>> Why not to put the 3 screens on a desk?
>> the simplest and best solution, as I see it.
>>
>> unless you have big lack of space of course..
>>
>>
>>  On Tue, Jul 22, 2014 at 10:56 PM, Rabin Yasharzadehe <rabin at rabin.io>
>> wrote:
>>
>>>  Hello all,
>>>
>>> Is any one the list have any recommendation or experience with
>>> multi-monitor stands,
>>> I'm talking about something like this
>>>
>>> -
>>> http://www.ebay.com/itm/Deluxe-Triple-Monitor-Stand-Desktop-Clamp-up-to-28-/171370687459?pt=US_Monitor_Mounts_Stands&hash=item27e67d2be3#
>>>
>>> Any thing i should know before buying one ?
>>> Local vs overseas ?
>>> Is there a cheaper way to achieve this like a DIY project ?
>>>
>>> Thanks in advance,
>>>
>>>
>>> *--Rabin*
>>>
>>> _______________________________________________
>>> Linux-il mailing list
>>> Linux-il at cs.huji.ac.il
>>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>>
>>>
>>
>>
>> --
>> Regards, Asaf.
>> CpMaster.net <http://cpmaster.net> - Professional Blog
>> Dev.org.il <http://www.Dev.org.il> - Questions & Answers about Web
>> Development
>>
>> _______________________________________________
>> Linux-il mailing list
>> Linux-il at cs.huji.ac.il
>> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>>
>>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20140727/16baea3e/attachment.html>