Yubikeys and Enano?

Enano CMS, a project that I am involved in, has recently announced Yubikey support through a plugin in the latest development versions. Now, most people, if not all that read this blog may not have a clue on why Yubikey support is so special. After all, its just another authentication method, right? Wrong!

Let me start off this with a little history on Enano CMS for those who don't know what it is. Enano CMS is a CMS that was started with by Dan Fuhry to replace the antiquated web page setup on the Experience UI project. Well, he was also spurred on by me, who joined him later because I had some bad experiences with Drupal and phpBB, Fully Modded. Each of these projects had good and bad things, though. 

Drupal is incredibly modular, but it had a rather clumsy UI at the time. I am told that the UI has been improved since then, but I digress. phpBB Fully Modded was chock full of features. Too many, in fact. However, it was the only truly reliable way of getting all the features needed working together. 

phpBB, Fully Modded inherits all the security issues of phpBB, as well as some of its architecture faults. For example, in most web systems, people can write plugins to hook into the main software package to provide additional features. This has a limiting factor, but it is modular, allowing for easy removal and installation for testing purposes. phpBB does not have a plugin system. Developers of phpBB depend on a MOD extension system, which is quite literally what it says, modifying phpBB itself to add these features. Essentially, they were patches to phpBB. Dan and I saw a huge issue with this, especially after my phpBB site was literally destroyed by crackers over Thanksgiving day in 2006. 

Enano CMS was Dan's solution to these problems. He saw phpBB's inefficiency with security quite damning for it, but it was really the best supported solution out there as far as forums went. So, when he designed Enano, back then called Midget CMS (it was changed to Enano when it was discovered another CMS package with the name existed already), he designed it with modularity and security in mind. Originally, it used regular old hash signatures, but it did not sanction actual code modification to extend functionality. It had an incredibly flexible plugin API added to it for this purpose. Over time, the API was extended, and Enano's core was modified to increase security. For 1.0RC1, Enano's security was truly new. It used 192-bit industrial strength AES cryptography to secure logins. Diffe-Hellman was later added in 1.1.x development, and finally HMAC-SHA1. Both Diffie-Hellman and HMAC-SHA1 are currently in use in Enano CMS. 

Also, after the first rewrite of Enano, the administration was heavily cleaned up, and redone several times to make it simpler and much more intuitive to the new user. The resulting Admin panel is quite easy for a new user to dive right in and use it. Concepts from Wordpress and phpBB were borrowed for the design of the admin panel, which is evident in the style of the panel. I got more involved with the project around the time of 1.0RC1 and started helping Dan figure out aspects of theming and UI to make sure that it was aesthetically pleasing as well as having high usability. The result was a quite nicely done system that additionally doubled as a wiki that could be secured using ACLs or numerous management shortcuts in the page tools.

Where does the Yubikey come into play here? Unsurprisingly, the security systems employed in Enano CMS make the Yubikey a rather good fit for it. Yubico, the company that developed and is marketing the Yubikey, designed the Yubikey system to use HMAC system which Enano also uses. The result? Enano can take advantage of some of the more powerful features of the Yubikey One Time Password (OTP) system. Dan, the developer, fell in love with the idea of the Yubikey and the OTP system. I pushed him to implement support for the Yubikey into Enano's own authentication system. The end result? The smoothest and quite possibly the most secure way to log into a web system is available for anyone who uses Enano and owns a Yubikey. Enano, being as flexible as it is, can function as a blog, a podcasting publishing site, a wiki, and a traditional CMS, among other things.

The Yubikey is special because it is a one time password system that does not require ANY special software on the local machine. It acts like a HID USB keyboard that just inputs the OTP to log in. Since, to a certain extent, it merely is a validation tool, the OTP system could be used for numerous things. The most popular way is for logins, but it could be a good replacement for CAPTCHAs on a company site where full access available to everyone is not necessary. The sky is the limit with a Yubikey!

More information here.

BitNami Releases First Externally Developed Stack Module

BitNami has released the first externally developed web stack module, Enano CMS. BitNami is a project by BitRock to release open source stacks to make it easy for development/testing/production systems.

read more | digg story

World of Goo, on Linux!

This is a new thing for me, to review Linux games. Really, I am an avid gamer, but because of the Linux gaming chicken-and-egg problem, there really isn't much for Linux that is actually worth playing.

Some of you will argue with the various FOSS games out there, and those are okay, but they are generally multiplayer only, and the few single player ones are rather limited.

In any case, World of Goo is a game that I tried out awhile ago and I found it strangely addicting.

Now, playing it on Linux made me appreciate the awesomeness of the game even more. World of Goo is really a very interesting game.

The performance on World of Goo on Linux is very nice. I didn't even have to disable compositing and Compiz to run it well, even though it was advised! I ran into virtually no issues, which is strange in my experience with commercial games. I am very pleased with the development, polish, and release of World of Goo for Linux.

However, I'm still stuck on the last level of Chapter one. It's annoying that I still  can't figure out how to build that bridge!

I would definitely recommend the game. In fact, I have recommended it to my brothers to play. Hopefully they will find it as addicting as I did.

Back to Blogspot!

I lost my other blog when I stopped paying for my web hosting, so I'm back to here.

Moved to a new location!

Well, I have had been updating at the new location for quite some time now, but I really should be posting the locations of my new blog site. Just in case.....

Back to Blogger, so link is dead

Solaris? Linux? Sun vs. FOSS? Sun with FOSS? OpenSolaris?

Confused yet?

Anyways, I put that there as a culminating topic name. What is the deal with Solaris? What about OpenSolaris?

Well, Solaris is what SVR4/SVR5 implementation of Unix by Sun Microsystems. SunOS, which was its predecessor, was more towards BSD. So, Sun Microsystems does have some background in the OSS community. Solaris is what Sun calls the most advanced OS on the planet. Well, I cannot agree or dispute the claim because I STILL HAVE NOT GOTTEN MY SOLARIS DISCS!!! I ordered them about two or three weeks ago and I still have not gotten them!!! I want to do some work on Solaris especially with QA work of the Enano CMS Project, which I am the QA Manager for that project. I saw a lot of ads for Solaris about their new advanced process isolation systems, and I figured that it would be important enough to test for. Well, I thought, maybe OpenSolaris. The problem is that OpenSolaris is just a bunch source packages…. No binary ISOs to download, though I don’t have the space for Solaris downloading. On top of that, I only download Linux ISOs, but I am being tempted greatly to re-order those DVDs.

The CEO of Sun Microsystems requested some time ago that Linus and himself have dinner at his place to discuss the Linux and Solaris debate and the Openness of Sun. Linus should go there and see, and since I posted so late, it may have already happened, but so far, no results.

ZFS on Linux is already possible thanks to ZFS-FUSE. So, the one thing Linus says that he wants from Solaris is already available, but I think he still wants ZFS in kernel space instead of Userspace. Oh well, to each his own.

I like to keep myself open-minded about the UNIX world, and Solaris is something that piqued my interest. But I am getting mad about that order not going through.

TTFN!

Update on RGW-Net main site restructuring!

I had previously posted about my stupid error in updating the software and the updated software was really messed up. Unfortunately the database restore software would not accept my insanely large SQL file and kept generating ridiculous errors. So, I had set up phpBB3 as an interim install.

Well, I tried out Drupal as a replacement interim, and I have never been more frustrated on working on a CMS than I had been with Drupal. It really doesn’t have a good organization of administration and the system itself is somewhat illogical in my opinion. I mean, why would you make it hard to find permissions stuff and then have forum creation automatically not permissible to most users?! So I said, “Screw this!” and pretty much left alone the current interim phpBB3 site.

It has been a very long time since I last talked about Linux technologies itself (my rpm stuff doesn’t count ) And I will talk about something about that…

RPM.RGW-NET.COM launched! OggConvert package built, signed, and released!

Well, last night, I worked myself to like 4am in the morning setting up a new site, the RGW RPM Repository. I spent quite a bit of time wikifying all the licenses, categorizing them, and having proper legal disclaimers on the bottom of the site. The content on the site by default is dual licensed GFDL and CC-BY-SA 3.0. The RPM packages and specs are by default licensed GNU GPL. In certain conditions, the RPM packaging files and specfiles are licensed under the GNU LGPL. The first package I set up there is OggConvert.

OggConvert is a tiny little pyGTK application that can convert videos and music from any format GStreamer supports to Theora/Vorbis formats. This application is available here and even the author of the actual application, Tristan Brindle, has linked to it on his site! Doesn’t helping out the FOSS community give you a warm, fuzzy feeling inside?

Immense Stupidity! RGW-Net main site destroyed! Horrible Final Exams! PAIN!!!

I cannot believe I actually stupidly upgraded the Fully Modded phpBB system on my site! Now I cannot restore the database because phpMyAdmin AND the mysql tools cannot ‘read’ the file. And sometimes, when it does, it is unable to create the database. Apparently my rights to create databases under phpMyAdmin are gone! So, now I am stuck with a simple phpBB3 forum that is interim between the new setup of the main site and the old phpBBFM site. I cannot say that this was a complete loss. This provides the opportunity I need to start afresh. I still can’t believe that RGW-Net’s phpbbFM system required 193 tables in a single database……

The new system currently does not have a downloads manager that is restricted and controlled by the ACLs in place, so I am designing an impromptu downloads system with my limited knowledge of scripting and programming along with a great friend of mine, who will be porting some of the download ACL systems he wrote for me to the new CMS.

However, this week is exams week, so I will be devoting an unusually large amount of time towards studying for my final exams.

This does not mean that work will completely stop. My friend has been working on the CMS for some time and continues to work on it, while I am preparing our testing systems for the QA which I usually supply for. Also, this new CMS is valid XHTML, valid CSS, and valid RSS! And its quite lightweight.

Though it may seem that all this was sprung at the last moment, I have been planning the replacement of phpBBFM for quite some time.

I have looked into various CMS systems: phpNuke, phpBBFM, plone, drupal, MediaWiki + phpBB2/SMF 1.1.x, etc.

PHPNUKE is out because it has a bad business model and the software itself I would consider on the unstable side.
Plone is a python based system, so its out.
Drupal is out because I did not like the feel of it.
MediaWiki + phpBB2/SMF 1.1.x is out because phpBB3 support is not available to work with MediaWiki.

In the end, I settled on one combination of systems. However, if it is not ready by 5/25/2007-5/27/2007, then I am going to set up an interim Drupal installation until it is. I panicked initally, so that is why phpBB3 is up there. I thought about putting my new planned system, but it just was not ready yet.

And I hurt myself four times today! Sprained my ankle, cut my thigh on the bus rail (how does that happen?), hit my head on the cabinets, and tripped over a cable onto the floor (barely missed the laptop in front of me, lazy housemates)…

Vista down! Up next?

We all know about the damned hype about Windows Vista.

“Oooh! Flip3D!” … ok…. Fedora has the compiz/beryl cube that rotates workspaces showing all your stuff.

“New Aero Glass!” Got me there, however there are better stuff out there, and WindowBlinds produces the exact same effects on XP because Stardock developed the theming engine for Windows XP and Vista. Fedora yet again can produce these effects with Beryl and compiz.

“User Access Control!” Umm, ever heard of limited and root accounts? Linux and UNIX have had them for years, decades before Microsoft even thought about multiuser environments!

Here, though, it is proven that most people don’t see Vista as anything worth a grain of salt. We can see that Microsoft has had it coming. I agree that Microsoft is failing because they don’t hold all the cards anymore. Mac OS X is now officially available on the Intel core, and many have gotten Tiger to work on a regular PC. Linux has been around for years, and recently, Ubuntu Linux (now at Feisty), has many headway on the desktop Linux platform with high usability and flexibility.

More people are seeing the alternatives available. For instance, Microsoft Internet Explorer held complete dominance until Firefox 1.0 came out. It spilled through the internet in waves, more and more people downloading and using it. I remember saying that I would never use Firefox back at its 0.9 release, and here I am now, using Firefox 2.0 to type up this post.

As long as there is demand for more quality, with the consumer in mind, Free/Open Source Software will always be around to try to satisfy these desires. WordPress, the software I am using now for blogging, is considered FOSS software. Many people use WordPress because of its simplicity and extensibility.

People wanted a cheaper alternative to Microsoft Office, and StarOffice was created from this desire. Sun Microsystems purchased StarOffice company and took it under its wing. It was extended, enhanced, and finally, released as FOSS code to improve. Now, we have OpenOffice.org 2.2, which the latest StarOffice suite is based on.

It is only a manner of time before people realize that there are alternatives out there, cheaper and free, just ripe for the picking.