DonationCoder.com
Best Of Blog
view older items

Thursday November 27, 2014

Watercolorbot - $300 watercolor painting printer

This looks pretty amazing to me:

"Starting with vector artwork on your computer — or following along as you sketch in real time — the WaterColorBot dips its brush in water, goes and gets the right color of paint, and paints before your eyes... While earlier versions of the WaterColorBot came as a kit (with some assembly required), the WaterColorBot 2.0 comes assembled, tested, and ready to use. It also comes with a starter set of watercolor paints, paper, and a brush. Please see the FAQ below for a more detailed list of the kit contents."

http://shop.evilmadscientist.com/productsmenu/605

posted by mouser donate to mouser - November 27, 2014, 02:18:00 PM
social bookmark this story (permalink)
(read 6 comments)


Friday November 21, 2014

Google Contributor: A New (not so new) way to fund the web

https://www.google.com/contributor/welcome/

Quote
Contributor by Google
An experiment in additional ways to fund the web.
Today’s Internet is mostly funded by advertising. But what if there were a way to directly support the people who create the sites you visit each day?

Introducing Contributor by Google.

My largest problem with this... is that it's by Google.

Quote
The basics

Choose a monthly contribution.

Visit participating sites.

Support the people who make the web.

It seems a lot like patreon.

Quote
Visit participating sites.
When you visit a participating website, part of your contribution goes to the creators of that site. As a reminder of your support, you’ll see a thank you message - often accompanied by a pixel pattern - where you might normally see an ad.

In theory, it seems like a good idea.  In practice... well, Google long ago abandoned the do no evil pledge.

    Continue reading the rest of the entry and discuss..

posted by wraith808 donate to wraith808 - November 21, 2014, 12:10:00 AM
social bookmark this story (permalink)
(read 6 comments)


Thursday November 13, 2014

Experimenting with Other Programming Languages

I've spent most of my life coding C++, and dabbling in other languages (most recently Python).

But the list of programming languages that I've never written a line of code in is starting to get big, and I think it's time I put an end to that.

So I've decided I'm going to try to do a little experimenting with other programming languages, and wanted other coders here to join me, and post your updates here.



For my first stop on the tour, I spent today coding in Go.

I was inspired to write a program to solve a homework assignment given to the daughter of one of our fellow DC members.

The assignment is as follows:
"Given a set of numbers, and a target value, find an expression using + - * / and which uses each of the numbers exactly once, which reaches the target."

For example, given the numbers [2, 3, 6, 15] find an expression that reaches the target value of 7.
Answer: 2+(15/(6-3))



Note that there may be multiple expressions that reach a given target value.  Rather than find a specific solution to a specific problem -- I was more interested in writing a program that would find ALL possible expressions given a set of n numbers, and then looking for particular targets which have few possible solutions, reasoning that these would be nice and hard puzzles to solve.



I started out by trying to calculate a formula for the # of possible expressions of n numbers.  That turned out to be a very fun mathematical journey, and I encourage the mathematically inclined among you to give it a try.  I'll share my formula later so as not to spoil the problem.



Anyway, so today I coded this program in Go.  Looks like about 400 lines of code, and definitely a non-trivial and interesting project.
Speed and memory seemed quite reasonable, no complaints there.  Error messages were reasonable.
I'll post the source code soon after I give anyone else a chance to have some fun.
However, I can't say I really enjoy Go after my day with it.  Some parts of it are ugly and unpleasant, and I don't approve of many of the language design decisions.
In fairness, this wasn't really something that made use of the real strengths of Go, so perhaps it wasn't the fairest of tests.



Here's a test for you if you decide to try coding this program.  I will give out a prize of a free DC mug for anyone who can solve this by writing their own version of this program before I post my source code at the end of the month.
Given the numbers [2 3 4 5 6 7 8], find TWO good, and fundamentally different, solutions that yield the target value of "2741"

    Continue reading the rest of the entry and discuss..

posted by mouser donate to mouser - November 13, 2014, 02:34:00 PM
social bookmark this story (permalink)
(read 8 comments)


Announcing .NET 2015 - .NET as Open Source, .NET on Mac and Linux

Announcing .NET 2015 - .NET as Open Source, .NET on Mac and Linux, and Visual Studio Community

Quote
It's happening. It's the reason that a lot of us came to work for Microsoft, and I think it's both the end of an era but also the beginning of amazing things to come.

The .NET 2015 wave of releases is upon us. Here's what's happening and we announced it today in New York. There's a lot here, so drink it all in slowly.

Be sure to check out all the blog posts I'm linking to at the end, but here's my personal rollup and take on the situation.

We are serious about open source and cross platform.
.NET Core 5 is the modern, componentized framework that ships via NuGet. That means you can ship a private version of the .NET Core Framework with your app. Other apps' versions can't change your app's behavior.
We are building a .NET Core CLR for Windows, Mac and Linux and it will be both open source and it will be supported by Microsoft. It'll all happen at https://github.com/dotnet.
We are open sourcing the RyuJit and the .NET GC and making them both cross-platform.
ASP.NET 5 will work everywhere.
ASP.NET 5 will be available for Windows, Mac, and Linux. Mac and Linux support will come soon and it's all going to happen in the open on GitHub at https://github.com/aspnet.
ASP.NET 5 will include a web server for Mac and Linux called kestrel built on libuv. It's similar to the one that comes with node, and you could front it with Nginx for production, for example.
Developers should have a great experience.
There is a new FREE SKU for Visual Studio for open source developers and students called Visual Studio Community. It supports extensions and lots more all in one download. This is not Express. This is basically Pro.
Visual Studio 2015 and ASP.NET 5 will support gulp, grunt, bower and npm for front end developers.
A community team (including myself and Sayed from the ASP.NET and web tools team have created the OmniSharp organization along with the Kulture build system as a way to bring real Intellisense to Sublime, Atom, Brackets, Vim, and Emacs on Windows, Linux, and Mac. Check out http://www.omnisharp.net as well as blog posts by team members Jonathan Channon
Even more open source.
Much of the .NET Core Framework 4.6 and its Reference Source source is going on GitHub. It's being relicensed under the MIT license, so Mono (and you!) can use that source code in their .NET implementations.
There's a new hub for Microsoft open source that is hosted GitHub at http://microsoft.github.io.
Open sourcing .NET makes good sense. It makes good business sense, good community sense, and today everyone at Microsoft see this like we do.


Source: http://www.hanselman.com/...isualStudioCommunity.aspx



This could be a MASSIVE game changer...simply...wow.

posted by Stephen66515 donate to Stephen66515 - November 13, 2014, 05:41:00 AM
social bookmark this story (permalink)
(read 23 comments)


Tuesday November 11, 2014

Everything You Need To Start Making Webcomics For Free

Quote
The webcomic is the best storytelling medium for hobbyists. Its visual nature hooks readers faster than written form stories. Its serial nature allows for bite-sized consumption without sacrificing long story arcs. And best of all, it’s a heck of a lot cheaper than making films or writing novels.
Given enough time and determination, anyone can make webcomics for free, and that includes you. Here’s how to get started right away.

Read the full story here: http://www.makeuseof.com/...rt-making-webcomics-free/

posted by Stephen66515 donate to Stephen66515 - November 11, 2014, 11:01:00 AM
social bookmark this story (permalink)
(read 8 comments)


Wednesday November 05, 2014

Spliddit

http://www.spliddit.org/

The item that caught my attention was the algorithm for splitting a payment among multiple participants in a project, by trying to find a fair way to divide it based on participants assessment of others.  The website offers little explanation for the algorithm, but does link to a published paper on the algorithm (written by people other than those who made the website).

posted by Stephen66515 donate to Stephen66515 - November 05, 2014, 06:46:00 PM
discovered on http://boingboing.net/[/center]
social bookmark this story (permalink)
(read 1 comment)


Monday October 27, 2014

Super-sized Newsletter for Oct 25, 2014 - Codename: NANY 2015 Preppers

1. Newsletter Editorial

Greetings. It's been a whopping 156 days since the last newsletter, and in that time..
 New threads started: 1,300.
 New posts: 12,000 (number of those deleted as spam: 468).
 New members who joined: 13,600 (number of those banned for spamming: 700).
 New donors: 714.

The important news to tell you about is that our big "New Apps for the New Year (NANY) 2015" event is fast approaching.  You can read all about it below, in the first section of the newsletter. We'd love to have your participation in it.

See you on the forum!
-jesse (mouser)


2. NANY 2015 Event (New Apps for the New Year)

Since 2007 we have held an annual event that we call NANY (New Apps for the New Year), where we ask the coders who hang out on DonationCoder to create some new piece of free software and share it with the world on January 1st of the new year (browse previous year entries here).

There are no winners or losers, it's simply a celebration of programming and creating new software and sharing it with the world.  Everyone who participates gets a commemorative mug.  You can target any operating system (desktop or mobile) or even make a web-based tool.  It can be a game, utility, large application, whatever.



    Click here to read the full newsletter now..

posted by mouser donate to mouser - October 27, 2014, 06:47:15 PM
social bookmark this story (permalink)
(read 19 comments)


10 Web Application Security Scanners To Monitor Your Internet Activity!

1. Netsparker Community Edition

According to their website, Netsparker is the only false-positive-free web application security scanner. Simply point it at your website and it will automatically discover the flaws that could leave you dangerously exposed.

2. Websecurify

The Websecurify Suite is a web application security solution designed to run entirely from your web browser. It packs our awesome web application security framework combined with the power of client-side technologies.

3. Wapiti

This web application security scanner allows you to track the following security vulnerabilities,

- File disclosure
- Database Injection
- XSS (Cross Site Scripting) injection
- Command Execution detection
- CRLF Injection
- XXE (XmleXternal Entity) injection
- Use of know potentially dangerous files
- Weak .htaccess configurations that can be bypassed
- Presence of backup files giving sensitive information

4. N-Stalker

This is a web application security scanner that searches for security loopholes like SQL Injection, XSS and other known attacks.

5. Skipfish

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

6. Scrawlr

Scrawlr, developed by the HP Web Security Research Group in coordination with the MSRC, is short for SQL Injector and Crawler. Scrawlr will crawl a website while simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. Scrawlr is lightning fast and uses our intelligent engine technology to dynamically craft SQL Injection attacks on the fly.

7. Watcher

Watcher is a Fiddler addon which aims to assist penetration testers in passively finding Web-application vulnerabilities. The security field today has several good choices for HTTP proxies which assist auditors and pen-testers.

8. Exploit-Me

Exploit-Me Mobile (EMM) is an open source project demonstrating common mobile application vulnerabilities in the iOS and Android platforms. ExploitMe Mobile is a training platform built based on the common mobile application security pitfalls.

9. WebScarab

WebScarab has a large amount of functionality, and as such can be quite intimidating to the new user. But, for the simplest case, intercepting and modifying requests and responses between a browser and HTTP/S server, there is not a lot that needs to be learned.

10. Acunetix Web Application Security Scanner

According to the company, the features of this security tools includes,

- AcuSensor Technology
- Industry's most advanced and in-depth SQL injection and Cross site scripting testing
- Advanced penetration testing tools, such as the HTTP Editor and the HTTP Fuzzer
- Visual macro recorder makes testing web forms and password protected areas easy
- Support for pages with CAPTCHA, single sign-on and Two Factor authentication mechanisms
- Extensive reporting facilities including PCI compliance reports
- Multi-threaded and lightning fast scanner - processes thousands of pages with ease
- Intelligent crawler detects web server type, application language and smartphone-optimized sites.
- Acunetix crawls and analyzes different types of websites including HTML5, SOAP and AJAX
- Port scans a web server and runs security checks against network services running on the server


Source: http://www.efytimes.com/e....asp?edid=141537&magid=11

posted by Stephen66515 donate to Stephen66515 - October 27, 2014, 06:46:00 PM
social bookmark this story (permalink)
(leave a comment)


A Malicious Del.icio.us?

Quote
Google blacklisted bit.ly several days ago in a move that caught many publishers off guard. We started seeing spotty reports of del.icio.us being blacklisted over the weekend and it has now gone full-blown with all del.icio.us links apparently being blacklisted by Chrome as hosting malware.

[...]

Delicious has changed hands several times over the years and recently was re-sold earlier this year to Science Inc. They also rebranded several years ago to delicious.com which is not blacklisted, but there are likely a large number of legacy .us links out there. [Edit: Thanks Kelson]

Bit.ly has now been removed from Google’s Safe Browsing list which is the list that Google maintains of known malicious websites that engage in malware distribution and phishing. [Edit: Correction, we are still seeing bit.ly links being flagged by Google's GSB and Chrome] It’s also one of the data sources that Wordfence uses to scan your site’s files, posts and comment for malicious activity and infections.

http://www.wordfence.com/...0/a-malicious-del-icio-us

posted by app103 donate to app103 - October 27, 2014, 06:46:00 PM
social bookmark this story (permalink)
(read 1 comment)


Friday October 24, 2014

Gitbook.io

In one of the best things I've seen in a long time, especially as an aspiring writer.

https://www.gitbook.io/

from https://www.gitbook.io/about (stripped of pretty formatting)

Quote
GitBook makes it easy to publish great books.

Discover gorgeous books from the community.

Publish your books easily thanks to a great workflow.

Monetize your paid books in less than 5 minutes.

Simple to update, publish and update your books easily using Git or the editor.

Responsive, books can be read on all devices, laptops, tablets, phones, kindles, etc.

Editor, use the GitBook editor to write beautiful books, on Mac, Windows or Linux.

Git, books are versionned and collaborative using the GIT scm.

Markdown, books are written using the markdown syntax.

Open Source, built on top of the open source GitBook technology.

o more thanks to powerful integrations.

E-book readers, books are readable on the Amazon Kindle, Nook and other readers.

iBooks, books are readable on iPad, iPhone and Mac using iBooks.

GitHub, write your book on GitHub and publish it in seconds through GitBook.

Monetize your books

Choose your own minimum and suggested prices, from $0 (or free) to $100.

Let everybody buy your book easily. GitBook accepts most credit & debit cards.

You keep the rights to your book, not us. So you can do a deal with a publisher at any time.

GitBook charges 20% per transaction.


I'm cautiously optimistic...  could also be a big middle finger to the traditional publishing model...

Update: So, following my own advice to do more investigation on open-source projects I find interesting.

So far, I see that Gitbook is owned by FriendCode.  Haven't done a corporate search, but a little cursory searching led me to Codebox (https://www.codebox.io/about).  They are owned by FriendCode also, so I assume at this point some correlation.

There is also a concerning bit in their TOS- the use of real names, and the ability to terminate accounts.

Quote
Violation of any of the terms below will result in the termination of your Account. While FriendCode prohibits such conduct and Content on the Service, you understand and agree that FriendCode cannot be responsible for the Content posted on the Service and you nonetheless may be exposed to such materials. You agree to use the Service at your own risk.

Account Terms
  • You must be a human, bots are not allowed
  • You must be 10 years or older to use this Service.
  • You must provide your legal full name (as name) and a valid email address (as email)
  • You are responsible for maintaining the security of your account and password.
  • You are responsible for all Content posted and activity that occurs under your account (even when Content is posted by others who have accounts under your account).
  • One person may not maintain more than one free account.
  • You may not use the Service for any illegal or unauthorized purpose. You must not, in the use of the Service, violate any laws in your jurisdiction
  • Your use of the Service is at your sole risk
  • You must not modify, adapt or hack the Service

I wrote an e-mail, and am waiting to hear back.

Quote
Hi,

I'm a prospective user of gitbook.io, and I had a concern.  I don't want to write under my real name.  I have business concerns that I use my real name for, and don't want any contract or other issues, which is why I don't use my real name for either my hobby coding nor writing concerns.

However, it seems that things published must be connected to my legal name?  Or I'm subject to summary termination of account?

I just wanted to make sure of what was actually meant, i.e. was this absolute?  Especially in publishing where people ghost write and use pseudonyms, it seems that this is a bit short sighted.

Thanks for your time, and any response!

Update: I received a response today, which I've posted below.

Quote
Hi,

If your book is a paid book, you have to use your legal name, because otherwise we can't legally transfer you the money.

But if the book is a free or private book, feel free to use a pseudonym, we'll suspend the book only if the content is a stolen or illegal content.

You can only signup using twitter or github, so if you want to use a pseudonym, please make sure that your real name is not written on your Twitter/Github user profile.

So it seems that you can publish free content under a pseudonym, but not paid content.

posted by wraith808 donate to wraith808 - October 24, 2014, 05:32:00 PM
social bookmark this story (permalink)
(read 2 comments)


Massive malvertising campaign on Yahoo, AOL and other sites delivers ransomware

Massive malvertising campaign on Yahoo, AOL and other sites delivers ransomware


One of the sites effected is apparently CNet, as one of our customers got nailed by this while trying to download the latest copy of Avast AV (which is hosted on CNet). The customer in question is a hyper vigilant old schooler who doesn't like, trust, or use the internet for anything unless absolutely necessary. So they most likely got burnt by the idiotic marketing practice of having multiple unidentified huge green download buttons that infest CNet.

posted by Stoic Joker donate to Stoic Joker - October 24, 2014, 10:01:00 AM
social bookmark this story (permalink)
(read 16 comments)


Wednesday October 15, 2014

Drupal Fixes Highly Critical SQL Injection Flaw

Quote
Drupal has patched a critical SQL injection vulnerability in version 7.x of the content management system that can allow arbitrary code execution. The flaw lies in an API that is specifically designed to help prevent against SQL injection attacks. "Drupal 7 includes a database abstraction API to ensure that queries executed against the database are sanitized to prevent SQL injection attacks," the Drupal advisory says. "A vulnerability in this API allows an attacker to send specially crafted requests resulting in arbitrary SQL execution. Depending on the content of the requests this can lead to privilege escalation, arbitrary PHP execution, or other attacks."

http://it-beta.slashdot.o...itical-sql-injection-flaw

posted by Stephen66515 donate to Stephen66515 - October 15, 2014, 09:58:00 PM
social bookmark this story (permalink)
(leave a comment)


SSL broken, again, in POODLE attack

Quote
From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that's used to secure Internet traffic from eavesdroppers both government and criminal.

Calling the new attack POODLE—that's "Padding Oracle On Downgraded Legacy Encryption"—the attack allows a man-in-the-middle, such as a malicious Wi-Fi hotspot or a compromised ISP, to extract data from secure HTTP connections. This in turn could let that attacker do things such as access online banking or e-mail systems. The flaw was documented by Bodo Möller, Thai Duong, and Krzysztof Kotowicz, all of whom work at Google. Thai Duong, working with Juliano Rizzo, described the similar BEAST attack in 2011 and the CRIME attack in 2012.

The attack depends on the fact that most Web servers and Web browsers allow the use of the ancient SSL version 3 protocol to secure their communications. Although SSL has been superseded by Transport Layer Security, it's still widely supported on both servers and clients alike and is still required for compatibility with Internet Explorer 6. SSLv3, unlike TLS 1.0 or newer, omits validation of certain pieces of data that accompany each message. Attackers can use this weakness to decipher an individual byte and time of the encrypted data, and in so doing, extract the plain text of the message byte by byte.

As with previous attacks of this kind against SSL, the most vulnerable application is HTTP. An example attack scenario would work something like this. An adversary (typically in cryptography literature known as Mallory) sets up a malicious Wi-Fi hotspot. That Wi-Fi hotspot does two things. On non-secure HTTP connections, it injects a piece of JavaScript. And on secure HTTP connections, it intercepts the outgoing messages and reorganizes them.

http://arstechnica.com/se...en-again-in-poodle-attack

posted by app103 donate to app103 - October 15, 2014, 08:56:00 PM
social bookmark this story (permalink)
(read 18 comments)


view older items

Where are the ads? DonationCoder.com is funded by donations from readers like you. If you find this site useful, please consider becoming a supporting member by making a small one-time donation, in the amount of your choice.

DonationCoder.com | About Us