Wanderings.

I was just made aware of a relatively new sport of French origin called “Parkour” (pronounced:(IPA: /paʁ.’kuʁ/, often abbreviated PK)), and its closely related art, “Freerunning“, by a video Smaug posted to a list I am on. It seems there is a lot of crossover between the two though strictly speaking, they are not the same. A practicer of Parkour is called a Traceur

This video, also available at Google as Russian Climbing, was posted to a list I’m on by Smaug. This is the video:

Urban Freeflow, claims to be the most comprehensive site, however David Belle inspired by his father’s techniques developed in Vietnam as a French soldier, invented Parkour with childhood friends, notably Sebastien Foucan, and has this to say on Parkeur.NET “Powered by Traceurs for Traceurs” :

Paris July 25th 2006

Because of noted abuses and in order to avoid any philosophical and commercial takeover of Parkour, David Belle informs you that he does not guarantee any site, association or company of production pretending they are “official”, where only the name they gave each other is official.

The services which they propose and sell (training courses, images broadcasting…) are only THEIR interpretation of their vision of Parkour.

This kind of activity engages only the responsibility of their authors.

David Belle is neither managed, nor in contract with this type of association.

For all information or contact, you can e-mail David in Parkour.NET, which is currently the only site in charge of the communication of Parkour by David Belle.

From Parkour.NET “Parkour – an art to help you pass any obstacle; to go from point A to point B using only the possibilities of the human body. This art originated with French soldiers in Vietnam and was developed by David Belle, inspired by his father.”

Also from this article at Parkour.NET:

Basically, Parkour is a natural method to train the human body to be able to move forward quickly, making use of the environment that’s around us at any given time. This ‘art of displacement’ requires neither specific structure nor accessory for its practice. The body is the only tool. It’s an athletic discipline accessible to all, because it combines all the natural skills of the human body: running, jumping, climbing… It’s a sport that permits exploration of the potential offered by your body.
It’s about being able to face the obstacles with which you are presented, whether they be in the natural environment or in the urban environment, in a search for movement that combines effectiveness and control.
The necessary equipment is simply a T-shirt, a pair of light jogging-type trousers, and a pair of running shoes.

Le Parkour is also helpful, and has some tutorials.

David has appeared in some movies listed here at imdb, doing stuntwork and acting. The ones I see there today are all French.

I found no mention of Parkour whatsoever on cnn, though I did find some on the BBC.

This is another Test I don’t think comments support pingback, but let’s see. http://kristopherej.com/2006/07/29/this-is-another-test/

Frenzy is a “portable system administrator toolkit,” LiveCD based on FreeBSD. It generally contains software for hardware tests, file system check, security check and network setup and analysis. Size of ISO-image is 200 MBytes (3″ CD) – http://frenzy.org.ua/en/

So says the Project’s homepage, and so it is. I recommend this as a very clean and fast FreeBSD based livecd. It has a lot of Fyodor’s top 100 packaged into the cd as well.  To see some of the other liveCDs I tried out, but haven’t finished writing about yet, look at the other article I wrote about security related BSD liveCDs
For Smaug, I include the following couple of screenshots. Notice the XMMS (it picked up audio on my Dell D610 and just worked), and the browser Opera. Look at some of the other tools on those menus. Download this small 200MByte iso and boot it up. I don’t think you’ll be disappointed at all. All the useful commandline commands are on menus too, so if you click on, it invokes in a shell with the help option so that it tells you how to useit:

(The following thumbnails don’t work, just go here, I don’t want to fix it right now: http://www.justinhaynes.com/gallery2/v/frenzy/ )
31

One more:

31

Download: http://frenzy.org.ua/en/releases/1.0/download.shtml

Sed ut perspiciatis unde omnis iste natus error sit voluptatem accusantium doloremque laudantium, totam rem aperiam, eaque ipsa quae ab illo inventore veritatis et quasi architecto beatae vitae dicta sunt explicabo. Nemo enim ipsam voluptatem quia voluptas sit aspernatur aut odit aut fugit, sed quia consequuntur magni dolores eos qui ratione voluptatem sequi nesciunt. Neque porro quisquam est, qui dolorem ipsum quia dolor sit amet, consectetur, adipisci velit, sed quia non numquam eius modi tempora incidunt ut labore et dolore magnam aliquam quaerat voluptatem. Ut enim ad minima veniam, quis nostrum exercitationem ullam corporis suscipit laboriosam, nisi ut aliquid ex ea commodi consequatur? Quis autem vel eum iure reprehenderit qui in ea voluptate velit esse quam nihil molestiae consequatur, vel illum qui dolorem eum fugiat quo voluptas nulla pariatur?  At vero eos et accusamus et iusto odio dignissimos ducimus qui blanditiis praesentium voluptatum deleniti atque corrupti quos dolores et quas molestias excepturi sint occaecati cupiditate non provident, similique sunt in culpa qui officia deserunt mollitia animi, id est laborum et dolorum fuga. Et harum quidem rerum facilis est et expedita distinctio. Nam libero tempore, cum soluta nobis est eligendi optio cumque nihil impedit quo minus id quod maxime placeat facere possimus, omnis voluptas assumenda est, omnis dolor repellendus. Temporibus autem quibusdam et aut officiis debitis aut rerum necessitatibus saepe eveniet ut et voluptates repudiandae sint et molestiae non recusandae. Itaque earum rerum hic tenetur a sapiente delectus, ut aut reiciendis voluptatibus maiores alias consequatur aut perferendis doloribus asperiores repellat.

This post has the potential to be convoluted, so I’ll try to clearly state why it is flowing out of my fingertips. There are three reasons really. First off, I need a liveCD to recover an administrator password on my laptop, and my KNOPPIX iso seems knackered. Secondly DEFCON is coming up, and I have been interested in all things security lately, so why not get a more security related liveCD. Thirdly, Mike, Jamyn and the late Wayne (he didn’t die, he just left) of the [bs] list are BSD fans as are many others. Maybe others would be interested in BSD live CD. Not to mention the fact that these same people all tend to be security minded as well. BTW, this article is in *NO WAY* intended to be exhaustive, just as complete as practically possible tonight.
As many of you know, DEFCON is coming up soon on August 4-6, and there is a bit of a buzz in the security community this time of year as it approaches. So this is a good time to look for developments in comptuter security.

Kris mentioned that Fyodor has come up with his top 100 security tools. This is done by popularity and is conducted on an nmap list. So, Fyodor left nmap out completely and admits that his audience has more of a bias toward “attack” tools rather than defensive ones. From this top 100, he extracted a Top 5 security related OS page. Of these five entries, there were three that caught were liveCDs: Number 1 of 5 was Backtrack, 2 of 5 was Knoppix, and 4 of 5 was Helix. For more information, go check out his review, but two of the three entries caught my eye. Here are Fyodor’s descriptions:

BackTrack : An Innovative Penetration Testing live Linux distribution
This excellent bootable live-CD Linux distribution comes from the merger of Whax and Auditor. It boasts a huge variety of Security and Forensics tools and provides a rich development environment. User modularity is emphasized so the distribution can be easily customized by the user to include personal scripts, additional tools, customized kernels, etc.

Helix : “Helix has been designed very carefully to NOT touch the host computer in any way and it is forensically sound. Helix will not auto mount swap space, or auto mount any attached devices. Helix also has a special Windows autorun side for Incident Response and Forensics.”

Now, Knoppix is pretty popular, it had a rank of 60/100 overall. Backtrack got 32 and helix got 94 overall. Keep in mind that 1) the survey was based on popularity, and 2) there is a bias toward the offensive. Forensics tend to be more passive. and Knoppix is really popular. Point being I think both Backtrack and Helix deserve some attention. So there were no live BSD CDs. (OpenBSD got #3, but it’s not a live CD). Once again keep in mind that this is based on popularity.

Moving along, Andrei Raevsky wrote an article in DistroWatch called “A comparison of BSD live CDs”. He says, “[he] tested all the BSD live CDs [he] could get [his] hand[s] on: FreeSBIE 1.1, FreeBSD LiveCD 1.2, Frenzy 0.3, AnonymOS 2006, OliveBSD 3.8 and NetBSD Live! 1.6 (editor’s note: a newer release of NetBSD Live!, version 3.99.7, is available from here).” He sums up: “My overall impression was that BSD live CDs are not on par (yet) with their GNU/Linux cousins, but that they are catching up fast. The clear winner from my, admittedly unscientific, evaluation was Frenzy, which was the only distribution to perform (almost) flawlessly on all my machines.” He gives credit where it is due, and in my “unscientific” opinion is fair. He has 4 machines he tested on, and many of them didn’t run on at least 2.

Although he was dissapointed with OliveBSD which is OpenBSD based, others have had plenty of luck with it, he says. I’m going to count that a security option just because it is OpenBSD based, though there may or may not be security or network related tools. Also of note, Frenzy boots really fast and the project defines itself as more Security and Network related. 1.0 of Frenzy was only just released in June so people really haven’t had a chance to try it yet. Anonym.OS has a privacy focus, using some tools few have heard about like Tor (or try the Tor Wikipedia article) which is a lot like the old Crowds. That’s beyond the scope of this article, so I won’t go fully into it here.

I’ll try Frenzy, and maybe the other two, time permitting. I’d be interested to hear anyone elses experiences or opinions after having tried it. I’ll post on my experiences as time and I permit.

Gopher is a internet phenomonon most people know nothing about, and for good reason – it is old and outdated. So why care? Well besides nostalgia, it does still have a use or two, so I decided to write about it.

Originating from the University of Minnesota, whose mascot is the gopher, it predated the web and was much like the web with a few key differences:

1. It was, and is, still all text based and menu based, so it is rigid and inflexible compared to www and http, though it is *seriously fast*
2. It defines each file’s type on the serverside rather than have the client handle it, so it is rigid and inflexible, but very consistent.
3. it is seriously fast.
4. Google doesn’t index it. That’s an important difference, isn’t it?

Wikipedia has an excellent article on gopher as well as on Veronica and Veronica-2 which are the most popular search engines for gopher. If you are really interested in gopher, you should read that article.
So how do you browse gopher? Well, I’m so glad you asked! In a nutshell, Firefox will do it natively. Opera never supported it. IE used to, but it was broken and vulnerable, so they disabled it by default. You can put it back with a registry fix. There are also lots of console/text based browsers as you might expect, and a few popular ones that ran on Windows 95. I’ll stop there.

So if you are using firefox, IE with the registry mod, or some ancient relic, go try Veronica-2. Veronica-2 is a new and improved Veronica that has over 6,000,000 resources indexed, which is a whole heck of a lot for gopher. By the way, also on Floodgap which is who hosts Veronica-2, is a heirarchical list of all known gopher servers in the world, which are presumably the only ones they index.
Did you notice how fast the search engine was? If not, go back and try it – and visit some of the links. (longer phrases take longer to search). We are used to speed with Google of course, but keep in mind, this is *one server* searching many entries.
OK, so on to my point.  Here are some things that might cause you to want to use gopher over a webserver:

1. obscurity – no one will find it unless they really really want to, and maybe not even then.  I’m not suggesting it is inherently more secure.  I’m sure a skilled hacker can take the now open source UMN gopher server and find exploits.  They have in the past.  But it probably won’t get much traffic.
2. speed – it is hella fast for downloading files, which is about all it is well suited for.
3. files – ftp files up to the directory just like you would with a directory listing in apache, but you have the option of putting more description about the files without having to write an index.html for each directory manually
4. No CMS – CMS is nice for some situations.  But it isn’t fast, and generally (tell me if you know better), you can’t upload stuff in bulk and do taxonomy at the same time.

Want to try it out?  There is an old school computer server/community you can find at http://sdf-eu.org.  You can sign up at that website.  They offer gopherspace, web, telnet, ssh, several servers to compile and develop on and much more.  It is a free service, with donations encouraged, hardware is nice (All DEC Alphas it seems), and the people seem pretty cool.  Apparently they have a band too.

As for installing the server software itself, there are more than just the reference UMN gopherd server now.  Pygopherd seems to be the way to go for functionality, and it is in the FreeBSD ports tree.  Running on python, it might take a performance hit, but the Pygopherd site is running pygopherd and it is pretty snappy.

I have been flying Frontier Airlines back and forth to Denver and Houston.  They are the ones with the “Whole Different Animal” campaign.  There is a different animal on the tail of each airplane.

They have a short film festival on their Wild Blue Yonder channel, which you can watch on the TV screens that are on the back of each of the seats.  You can watch all the films they show online as well.

My favorite is “My Name Is Yu Ming”:

It occurs to me that the new title of this blog is much more appropriate than anything subsequent. Not to say that I don’t have any direction at all in life. If that were the case I would be in bed all day like Sloth from Seven.

By saying there is no direction however, there is a Zenlike dynamic at work. A clearing has been created. I have created a clearing in which to create free from any guilt about *not* fulfilling on promises I have made. Have I broken a few to myself and others? of course. have I cleaned up the ones with myself? yes. Have I cleaned up them with others? Well, I’m willing to clean up anything I missed. Please let me know if you are reading this and have any quarells with me. I’ll put your eye out. Just kidding. About the eye I mean.