XO laptop

The XO-1, previously known as the $100 Laptop or Children’s Machine, is an inexpensive laptop computer intended to be distributed to children in developing countries around the world, to provide them with access to knowledge, and opportunities to “explore, experiment and express themselves” (constructionist learning). The laptop is developed by the One Laptop per Child (OLPC) social welfare organization, and manufactured by the Taiwanese computer company, Quanta Computer.
– Wikipedia

I stumbled across my first XO laptop in the wild this morning whilst at the Digital Educator seminar. First impressions are that the unit is visually very toy like, in fact if you were to have told me it was styled by Fisher-Price I would believe it.

The locking mechanisms, although not following standard methods from other vendors, was quite intuitive. The keyboard felt quite good with a very comfortable typing response.

During this session I didn’t get much more of an evaluation than powering the unit up and jumping through a few applications. The ‘sugar’ interface takes a little getting use to

[1] OLPC XO-1 [Wikipedia]
[2] Explore the XO [laptopgiving.org]

Ozeconferences (May 2008)

Ozeconferences
Ozeconferences – AARNet has established regular video conference information/sessions aimed at encouraging the use of video technology by testing/demonstrating equipment and applications, and discussing a broad range of ICT, Network, Applications and Service issues and developments. Discussion and questions are encouraged.

The Ozeconferences for May 2008 have been;

Ozeconf – Internet Industry Association Update
Wed 28 May 2008 1PM – 2PM (AEST)

Abstract
The internet arose in an anarchic sort of way. Some of the most compelling applications driving the growth and development of the Net and the ever increasing demand for broadband are provided by intermediaries. Whether we are talking Google, You Tube, Facebook, eBay or ISPs, all have one thing in common. They have little or no control over what their users do once online. The same is true for universities.
At the same time, governments and old economy corporations are struggling to maintain social control or preserve established business models. This tension has played out in legislation, but can it be enforced? And what are the consequences for the internet of exposing intermediaries to ever increasing risk? Find out when you attend Ozeconference on 28 May.

Ozeconf – Video room design essentials
Mon 19th May 2008 4PM – 5PM (AEST).

Abstract
Ulrich Schwenn will address the Ozeconf with a short presentation on his specialties in the video conferencing arena. Ulrich will focus on the evaluation of customer needs, consulting, planning and supervising of installation of high quality multimedia & videoconferencing solutions from small meeting rooms to university lecture halls, with emphasis on specific demands of multi-site organizations.

This talk stems from the recent discussions on the AARNet Voice, Video and Collaboration email list (VVC-l) and is aimed at stimulating an open discussion on the challenges associated with room design and user interaction features for implementing video conferencing in the face of ever increasing user expectations.

Ozeconf – Wireless Security
Wed 14th May 2008 1PM – 2PM (AEST).

Abstract

Despite all of the publicity of the various dangers of obsolete or poorly configured wireless networks, the reality is that typical commercial and even some government WLAN deployments have serious security issues.

The IEEE 802.11 robust security network, or RSN, as defined in IEEE 802.11i, although headlining print and academia, is a far cry from many of the latest live commercial deployments. This presentation discusses and compares the differences between theory and practice — between WEP, WPA, WPA2, IEEE802.11i, RSN and TSN — and their application in private, commercial and government environments.

A brief overview of a series of tests on WPA2 WLANs illustrates the problem of weak configurations of WPA2 WLANs compromising RSN requirements and a discussion of just a few of the many current issues in developing experimental, prototype or laboratory IEEE 802.11 environments leads into some recent advances in deploying true open-source drivers direct to the hardware of the versatile Atheros chipsets, without the constraint of an intervening proprietary hardware abstraction layer.

The Digital Educator – an Education Faculty Focus

The Digital Educator – an Education Faculty Focus.
May 30th. 10:30 – 12:00
There are a number (102 at last count!) of Australian government reports telling us that teacher training is too variable and in some areas a disappointment to both teachers and school management. The Australian Governments’ “Education Revolution” highlights the need to bring educators up to speed on technology integration. The Clark Government has had similar drivers in NZ for some time. As the recent DEST Report “Making Better Connections” states, “the bulk of the literature supports the notion of integrated approaches being superior to separate subjects of instruction in terms of student teachers being able to make meaningful use of ICT in their teaching experiences”. We will look at integration of I.T. across the curriculum and explore how technology can be used in the classroom and teacher training.

Now is the time to focus on existing investments in educational technology to return maximum benefits in learning and achievement. The easiest, most effective, and least expensive way to do that is to leverage existing technical infrastructure by providing network services that support teaching and learning.

Communication and collaboration services enable the creation of learning communities ‹ teachers and students engaged in conversation or groups of students collaborating on an assignments. We’ll be looking at essential communication and collaboration services such as WIKI Server, Podcasting Producer, and various third party solutions among others.

This 90 minute seminar aims to illustrate such solutions, look at some of the challenges in the classroom, and the challenge this brings in teacher training. The presenters have both worked as educators as well as university technologists.

It’s all about using the most appropriate technology to engage students. — via Apple Education Seminars & Events

Continue reading ‘The Digital Educator – an Education Faculty Focus’

Firefox 3 – Download Day 2008

The Firefox community is always up to some cool, collaborative way to declare their passion for Firefox. What better way to do this than band together to set a Guinness World Record for the most software downloaded in 24 hours?! — The Mozilla Blog [1]

Sounds like a good deal, right? All you have to do is get Firefox 3 during Download Day to help set the record for most software downloads in 24 hours – it’s that easy. We’re not asking you to swallow a sword or to balance 30 spoons on your face, although that would be kind of awesome.
By the way, the official date for the launch of Firefox 3 will be posted here soon – so check back! Join our community and this effort by pledging today. — Download Day 2008 [2]

Sound like fun

[1] Set a Firefox World Record! (2008-May-28 ) [The Mozilla Blog]
[2] Download Day 2008 (2008-May-28 ) [Spread Firefox]
[3] Firefox 3 Release Candidate 1 is available 3.0rc1 (2008-May-28 ) [Mozilla]

Security Update 2008-003

Only one is needed, either Security Update 2008-003 or Mac OS X v10.5.3.

Security Update 2008-003
Security Update 2008-003 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update. (Not required if you have updated to Mac OS X 10.5.3)

Mac OS X 10.5.3 Update
The Mac OS X 10.5.3 Update is recommended for Mac OS X 10.5, 10.5.1, and 10.5.2 Leopard. It includes general operating system improvements that enhance the stability, compatibility, and security of your Mac. To update to Mac OS X 10.5.3, use Software Update or the standalone installer.

Available for:
Update is recommended for Mac OS X 10.5, 10.5.1, and 10.5.2 Leopard
* PPC [72MB]
* Server PPC [88.9MB]
* Server Universal [118MB]
* Intel [111MB]

Security Update 2008-003 / Mac OS X v10.5.3

• AFP Server : CVE-ID: CVE-2008-1027
• Apache : CVE-ID: CVE-2005-3352, CVE-2005-3357, CVE-2006-3747, CVE-2007-1863, CVE-2007-3847, CVE-2007-4465, CVE-2007-5000, CVE-2007-6388
• AppKit : CVE-ID: CVE-2008-1028
• Apple Pixlet Video : CVE-ID: CVE-2008-1577
• ATS : CVE-ID: CVE-2008-1575
• CFNetwork : CVE-ID: CVE-2008-1580
• CoreFoundation : CVE-ID: CVE-2008-1030
• CoreGraphics : CVE-ID: CVE-2008-1031
• CoreTypes : CVE-ID: CVE-2008-1032
• CUPS : CVE-ID: CVE-2008-1033
• Flash Player Plug-in : CVE-ID: CVE-2007-5275, CVE-2007- 6243, CVE-2007- 6637, CVE-2007-6019, CVE-2007-0071, CVE-2008-1655, CVE-2008-1654
• Help Viewer : CVE-ID: CVE-2008-1034
• iCal : CVE-ID: CVE-2008-1035
• International Components for Unicode : CVE-ID: CVE-2008-1036
• Image Capture : CVE-ID: CVE-2008-1571
• Image Capture : CVE-ID: CVE-2008-1572
• ImageIO : CVE-ID: CVE-2008-1573
• ImageIO : CVE-ID: CVE-2007-5266, CVE-2007-5268, CVE-2007-5269
• ImageIO : CVE-ID: CVE-2008-1574
• Kernel : CVE-ID: CVE-2008-0177
• Kernel : CVE-ID: CVE-2007-6359
• LoginWindow
• Mail : CVE-ID: CVE-2008-1576
• ruby : CVE-ID: CVE-2007-6612
• Single Sign-On : CVE-ID: CVE-2008-1578
• Wiki Server : CVE-ID: CVE-2008-1579

  [1] About the security content of Security Update 2008-003 / Mac OS X 10.5.3 (2008-May-28 ) [Apple]
  [2] Mac OS X 10.5.3 Combo Update (2008-May-28 ) [Apple]
  [3] About the Mac OS X 10.5.3 Update (2008-May-28 ) [Apple]

55th Anniversary of the first ascent of Mount Everest

It is fifty five years since Edmund Hillary and Sherpa Tenzing Norgay reached the summit of Everest at 11:30 a.m. local time on May 29, 1953 via the South Col Route.

Mount Everest: The historic ascent of 1953
(…) On the 28th the ridge camp was established at 27,900 feet (8,500 metres) by Hillary, Tenzing, Lowe, Gregory, and Ang Nyima, and Hillary and Tenzing passed the night there. The two set out early on the morning of May 29, reaching the South Summit by 9:00 AM. The first challenge on the final approach to the summit of Everest was a fairly level ridge of rock some 400 feet (120 metres) long flanked by an ice “cornice”; to the right was the East (Kangshung) Face, and to the left was the Southwest Face, both sheer drop-offs. The final obstacle, about halfway between the South Summit and the summit of Everest, was a steep spur of rock and ice—now called the Hillary Step. Though it is only about 55 feet (17 metres) high, the formation is difficult to climb because of its extreme pitch and because a mistake would be deadly. Climbers now use fixed ropes to ascend this section, but Hillary and Tenzing had only ice-climbing equipment. First Hillary and then Tenzing tackled the barrier much as one would climb a rock chimney—i.e., they inched up a little at a time with their backs against the rock wall and their feet wedged in a crack between the rock and ice.

They reached the summit of Everest at 11:30 AM. Hillary turned to Tenzing, and the men shook hands; Tenzing then embraced Hillary in a hug. Hillary took photos, and the two searched for but did not find signs that Mallory and Irvine had been to the summit. Tenzing, a Buddhist, made an offering of food for the mountain; Hillary left a crucifix Hunt had given him. The two men ate some sweets and then headed down. They had spent about 15 minutes on the top of the world. (…)
– www.britannica.com

“Well, we knocked the bastard off !”
– Edmund Hillary, on first climbing Mount Everest

Adobe Flash Player v9.0.124.0 Vulnerability?

A vulnerability has been reported in Adobe Flash Player versions 9.0.124.0 and older, which is the current version available for download now. Adobe has not yet released a patch nor an official advisory. Stay tuned for further developments. [1]

Symantec have now seen this exploit in the wild;

The ThreatCon is currently at Level 2: Elevated.
The DeepSight ThreatCon is currently at Level 2 in response to the discovery of in-the-wild exploitation of a vulnerability affecting Adobe Flash Player. The flaw occurs when processing a malicious SWF file. Originally this issue was believed to be unpatched and unknown, but further technical analysis has revealed that it is the previously reported Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability (BID 28695), discovered by Mark Dowd of IBM. Adobe has released an official statement noting that Flash Player versions 9.0.124.0 aren’t affected by these attacks and confirming that the SWF files are in fact leveraging this flaw. We are continuing to investigate our findings as well, because we seem to be observing crashing on some 9.0.124.0 versions. — 2007-May-29 Symantec [2]

The vulnerability is disputed by Adobe PSIRT;

The exploit appears to be taking advantage of a known vulnerability, reported by Mark Dowd of the ISS X-Force and wushi of team509, that was resolved in Flash Player 9.0.124.0 (CVE-2007-0071). This exploit does NOT appear to include a new, unpatched vulnerability as has been reported elsewhere – customers with Flash Player 9.0.124.0 should not be vulnerable to this exploit. — Adobe PSIRT [5]

MITIGATION:

Update to a non-vulnerable version of the Flash player.
* Upgrade to Flash Player 9.0.124.0 (?)

If you have a vulnerable version of the Flash player.
* Avoid browsing to untrustworthy sites.
* Consider disabling or uninstalling Flash until patches are available.
* Deploy script-blocking mechanisms, such as NoScript for Firefox, to explicitly prevent SWFs from loading on all but explicitly trusted sites.
* Temporarily set the kill bit until patches availability is confirmed.
CLSID d27cdb6e-ae6d-11cf-96b8-444553540000

[1] Adobe flash player vuln (2008-May-27 ) [SANS]
[2] ThreatCon (2008-May-29 ) [Symantec]
[3] Retired: Adobe Flash Player SWF File Remote Code Execution Vulnerability (2008-May-27 ) [SecurityFocus]
[4] Potential Flash Player issue (2008-May-27 ) [Adobe PSIRT]
[5] Potential Flash Player issue – update (2008-May-28 ) [Adobe PSIRT]
[6] Followup to Flash/swf stories (2008-May-28 ) [SANS]
[7] Malicious swf files? (2008-May-27 ) [SANS]
[8] Adobe Flash Player Unspecified Vulnerability (2008-May-28- ) [Secunia]

You can’t do ‘that’ research in the UK!

Proving once again that the terrorists just need to stand back and watch, the UK Government is stomping over its citizens rights yet again. This time we see a clear assault on academic freedom.

Despite his Nottingham University supervisors insisting the materials were directly relevant to his research, Rizwaan Sabir, 22, was held for nearly a week under the Terrorism Act, accused of downloading the materials for illegal use. The student had obtained a copy of the al-Qaida training manual from a US government website for his research into terrorist tactics. — Polly Curtis and Martin Hodgson [1]

And the University rushes to support the academics? Well, not quite … it was the University that requested police action.

A spokesman for Nottingham University said it had a duty to inform police of “material of this nature”. The spokesman said it was “not legitimate research material”, but later amended that view, saying: “If you’re an academic or a registered student then you have very good cause to access whatever material your scholarship requires. But there is an expectation that you will act sensibly within current UK law and wouldn’t send it on to any Tom, Dick or Harry.” [1]

Remember, we are talking about a document publicly hosted on a US Department of Justice server!

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” – Benjamin Franklin

[1] Student researching al-Qaida tactics held for six days (2008-May-24) [The Guardian]
[2] UK Academics Arrested For Researching al-Qaida (2008-May-26) [Slashdot]
[3] UK set to deport Master’s student whose Master’s degree research led him to look up Al Qaeda info – ratted out by Nottingham University (2008-May-26) [BoingBoing]
[4] Stop the Deportation of Hicham Yezza [Wordpress Blog]
[5] Student was ‘studying terrorism’ (2008-May-23) [BBC]

This weeks links (2008-05-26)

Well, that beats BigBrother?
French explorer and adventurer Xavier Rosset is about to embark on a 300 day trip to live alone on a remote tropical island in the South Pacific. His adventures will be filmed and used for a 52 minute documentary.
Xavier’s only luggage will be a Swiss army knife, machete video camera and a solar panel for charging the camera. He will spend 10 months alone on an island to develop another way of life through an exciting adventure, a return to the elemental sources. Xavier will survive alone on an island without human interference and without polluting emissions.
The ambition of this documentary is to make a reflection on our lifestyle, our current system and our relationship to nature. And the most important thing is to put the dream and emotion at the heart of adventure natural. …
the Private Islands Blog

Rutherglen Winery Walkabout 2008
Rutherglen will once again be the place to be on the June long weekend for the annual Rutherglen Winery Walkabout.
Rutherglen Winery Walkabout
For 2008, you’ll receive the Winery Walkabout wine glass, glass holder and for the first time, the Rutherglen Wine Region Passport all included for just $20.
2008 Rutherglen Winery Walkabout program (PDF)

Potter prequel
JK Rowling has written an 800-word prequel to the Harry Potter series which is likely to raise hundreds of thousands of pounds for charity at auction.
Rowling pens Potter prequel for charities (2008-May-29) [Guardian]

Ravenlore
Gary Waidson’s Ravenlore Bushcraft and Wilderness Skills are well worth a look over, and his photography site Waylandscape shows his fine Art landscape photography of Britain and Scandinavia. As a starting point, jump in at old collection.

Recent books …

A bit of an overview of my recent reading material, lots of young adult and high-primary/low-secondary level material as I have been given a bundle of material to read through.

Continue reading ‘Recent books …’