Made to Order Software Corporation Logo

tools

Linux to the rescue!

Xtra-PC, a complete ready to go OS on a thumb drive

Doug and I have always thought that Linux would become the primary OS of today.

We've seen it go up and down, but now it's really becoming powerful, between OpenOffice, Chrome, The Gimp, Krita, Audacity, and many other tools, you can do so much that it more and more renders the expense of running MS-Windows less and less viable for most.

Now there is this new company offering a thumb drive with an optimized version of Linux called Xtra-PC which boots really fast and offers all the basics that one needs to run a computer. There is nothing to install, the OS will automatically detect ...

How small are computers getting?

Mini-computer versus Mouse

Click on picture to see on Amazon.com (which I'm an affiliate of).

Computer Stick

Looking at Mini Computers, I found this Fanless Mini PC based on the Intel Atom Z8350 processor by SmallRT. The picture includes a mouse to give you an idea of the size of that thing. It's tiny! Maybe not what you want, but you can already do a lot with that little one.

The connector on the left side is an HDMI plug which spits out 4K of video graphics. It's just totally amazing to me. Of course, we had the Pi3 and now we have the Pi4... but those are computers for hackers. Here we're ...

Docker, an advanced chroot utility

Chasm—just like a Docker creates a chasm between two sets of software

SECURITY WARNING

Before installing Docker and containers with services on your Linux system, make sure to read and understand the risks as mentioned on this Docker and iptables page. Especially, Docker will make all your containers visible to the entire world through your Internet connection. This is great if you want to indeed share that service with the rest of the world, it's very dangerous if you are working on that container service since it could have security issues that need patching and such. Docker documents a way to prevent that behavior by adding the following rule to your firewall:

iptables -I DOCKER-USER -i eth0 ! -s 192.168.1.0/24 -j DROP

This means that unless the IP address matches 192.168.1.0/24, the access is refused. The `eth0` interface name should be replaced with the interface name you use as the external ethernet connection. During development, you should always have such a rule.

That has not worked at all for me because my local network includes many other computers on my LAN and this rule blocks them all. So really not a useful idea.

Instead, I created my own entries based on some other characteristics. That includes the following lines in my firewall file:

*filter
:DOCKER-USER - [0:0]

-A DOCKER-USER -j early_forward
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 80 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8080 --ctdir ORIGINAL -j DROP
-A DOCKER-USER -i eno1 -p tcp -m conntrack --ctorigdstport 8081 --ctdir ORIGINAL -j DROP

My early_forward allows my LAN to continue to work. These are my firewall rules that allow my LAN computers to have their traffic forwarded as expected.

Then I have three rules that block port 80, 8080, and 8081 from Docker.

Docker will add new rules that will appear after (albeit not within the DOCKER-USER list) and will open ports for whatever necessary service you install in your Dockers.

Note that the only ports you have to block are ports that Docker will share and that you have otherwise open on your main server. If Docker opens port 5000 and your firewall does not allow connections to port 5000 from the outside, then you're already safe. On my end I have Apache running so as a result I block quite usual HTTP ports from Docker.

Docker

As we are helping various customers, we encounter new technologies.

In the old days, we used chroot to create a separate environment where you could have your own installation and prevent the software from within that environment access to everything on your computer. This is particularly useful for publicly facing services liek Apache, Bind, etc.

Best C++ Books

Once in a while someone will ask me which book is best to start learning programming. The fact is that I do not know because I'm already an advanced programmer and it's rather difficult for me to get back to the basics (it feels like a waste of my time, sorry...)

That being said, at Made to Order Software, we've mainly been a C++ shop. We also do a lot of C, PHP, JavaScript and touch many other languages as required by the tasks we perform (bash, cmake, perl, C#, Java, etc.)

That being said, I wanted to underline some of the best C++ books available today. Especially, in the last ...

Protect

Tag Info
Tag Number: 
24
Tag Type: 
Define
Tag Flash Version: 
2
Brief Description: 

Disable edition capabilities of the given SWF file. Though this doesn't need to be enforced by an SWF editor, it marks the file as being copyrighted in a way.

WARNING: this tag is only valid in Flash V2.x, V3.x, and V4.x, use the EnableDebugger instead in V5.x and EnableDebugger2 in V6.x and newer movies.

Tag Structure: 
struct swf_protect {
	swf_tag			f_tag;		/* 24, 58 or 64  */
	if(version >= 5) {
		if(tag == ProtectDebug2) {
			unsigned short	f_reserved;1
		}
		/* the password is optional when tag == Protect */
		string		f_md5_password;
	}
};
  • 1. f_reserved must be set to zero.

The protection tag is totally useless. The SWF format is an open format, otherwise how would you have so many players and tools to work with SWF movies? Thus, you can pretend to protect your movies, but anyone with a simple binary editor can transform the tag and make it another which has no such effect. Also, swf_dump and some other tools (such as flasm) can read your movie anyway.

For the sake of defining what you have in each tag, there are the protection tags fully described.

According to Macromedia, you can find some free implementation of the MD5 algorithm by Poul-Henning Kamp in ...

File Header

Tag Info
Tag Number: 
-1
Tag Type: 
Format
Tag Flash Version: 
1
Brief Description: 

Although it isn't a tag per say, we consider the file header as being a tag because it represents a block in the flash file. Since version 8, it can be complemented by the FileAttributes tag.

Tag Structure: 
struct swf_header {1
	unsigned char		f_magic[3];	/* 'FWS' or 'CWS' */
	unsigned char		f_version;
	unsigned long		f_file_length;
}

struct swf_header_movie {2
	swf_rect		f_frame_size;
	unsigned short fixed	f_frame_rate;
	unsigned short		f_frame_count;
};
  • 1. This part is never compressed
  • 2. Although considered part of the header, this part is compressed in the 'CWS' format.

The file header is found at the very beginning of the file. It should be used to determine whether a file is an SWF file or not. Also, it contains information about the frame size, the speed at which is should be played and the version (determining the tags and actions possibly used in the file).

The f_magic[3] array is defined as the characters: 'FWS' (it is going backward probably because it was supposed to be read in a little endian as a long word). A movie can be compressed when the version is set to 6 or more. In this case, the magic characters are: 'CWS'.

The f_version ...

Support

Support at Made to Order Software

Made to Order Software offers support for all of its products.

For our consumer products, please review your options on the corresponding consumer product page.

Business Solutions

CRM and ERP solutions

At Made to Order Software we think that using Open Source software is an incredible leverage for our customers. Plain and simple: if the software is free, you do not need to pay for it. You only need to pay us for installing the software and training you on how to use it.

We currently offer three solutions: Compiere ERP & CRM, SugarCRM and X-Tuple ERP.

Training at Made to Order Software

Made to Order Software is commited in making its products easy to use and ensure maximum performance from its customers' engineers.

All of our products are documented in fine detail, ensuring that your engineers can quickly find the information they need to move forward.

In order to make sure your engineers can make full use of our tools and be able to hit the ground running, we offer tailored on-site training with a Made to Order Software certified instructor for all of our professional products.

About Us

Here you will find a few of the software solutions that have been made possible by Made to Order Software Corporation. Feel free to contact us for more information.

Snap! Websites

Made to Order Software created Snap! Websites, a CMS system, which allows customers to create their own websites, hosted on our servers.

The new version of Snap! is actually Open Source. You can find more information about Snap! Websites Open Source on the Snap! Website a C+ CMS website.

A few customers using our old Snap! offer include:

Order ...