分类目录归档:歪嘴鱼

GoogleCode,我们会想你的。

Bidding farewell to Google Code

Posted: Thursday, March 12, 2015

When we started the Google Code project hosting service in 2006, the world of project hosting was limited. We were worried about reliability and stagnation, so we took action by giving the open source community another option to choose from. Since then, we’ve seen a wide variety of better project hosting services such as GitHub and Bitbucket bloom. Many projects moved away from Google Code to those other systems. To meet developers where they are, we ourselves migrated nearly a thousand of our own open source projects from Google Code to GitHub.

As developers migrated away from Google Code, a growing share of the remaining projects were spam or abuse. Lately, the administrative load has consisted almost exclusively of abuse management. After profiling non-abusive activity on Google Code, it has become clear to us that the service simply isn’t needed anymore.

Beginning today, we have disabled new project creation on Google Code. We will be shutting down the service about 10 months from now on January 25th, 2016. Below, we provide links to migration tools designed to help you move your projects off of Google Code. We will also make ourselves available over the next three months to those projects that need help migrating from Google Code to other hosts.

  • March 12, 2015 – New project creation disabled.
  • August 24, 2015 – The site goes read-only. You can still checkout/view project source, issues, and wikis.
  • January 25, 2016 – The project hosting service is closed. You will be able to download a tarball of project source, issues, and wikis. These tarballs will be available throughout the rest of 2016.

Google will continue to provide Git and Gerrit hosting for certain projects like Android and Chrome. We will also continue maintaining our mirrors of projects like Eclipse, kernel.org and others.

How To Migrate Your Data Off Google Code

The simplest way to migrate off of Google Code is to use the Google Code to GitHub exporter tool, which provides an automated way to migrate a project’s source, issues, and wikis to a new GitHub repo. Please note: GitHub’s importer will convert any Subversion or Mercurial Google Code projects to use Git in the process.

We also offer stand-alone tools for migrating to GitHub and Bitbucket, and SourceForge offers a Google Code project importer service.

If you encounter any problems using these tools, please log issues with us, contact google-code-shutdown@google.com, or email me directly (cdibona@google.com). We’ll also be closely tracking Hacker News, Reddit, and other popular forums to answer questions in public. We know this decision will cause some pain for those of you still using Google Code and we’re sorry for that. We’ll continue to do our best to make the migration process easy for you.

GitHub and Bitbucket are both looking forward to working with developers moving off of Google Code. They’ve been great to work with leading up to this announcement, so we’d like to thank those sites for their continued support of the community. There are some great options for people today that didn’t exist in 2006, and we look forward to helping you find the one that works for your project.

Chris DiBona, Director of Open Source

如何理解NSA新型硬盘病毒?

卡巴斯基实验室发现一种来自于NSA的新型病毒的痕迹。

这里写一下个人对该项技术的理解,转载请留出处。

http://www.hustoj.com/?p=87

硬盘病毒,首先让人联想到的是MBR引导区病毒,但是这种东西自从NTLDR广泛使用以来就不能兴风作浪了。所以,这里的硬盘病毒不是指MBR中的异常代码。

新闻中提到,这个病毒的实现是一种技术飞跃,很有可能是在参考了硬盘厂商的源代码之后制造出来的。这就表明,该病毒并非一般意义上的Intelx86/AMDx64病毒,而是运行在硬盘控制器(firmware固件)中的特殊代码。当然,firmware中的可能仅仅是一个运载关键组件,在上位系统(Windows/Linux)中应该还有一部分实际运作的有效载荷。

我们都知道,硬盘是以逻辑扇区、磁道、柱面等方式划分空间的,这些地址数据由操作系统通过接口总线(SATA/SAS/IDE)发送给硬盘,在硬盘控制器中转换为物理地址,驱动盘片、磁头访问实际位置。

假如在fireware中对数据进行监控,发现常见操作系统的程序文件被读取时,可以认为其正在加载该代码进入上位系统内存,这个时候,用事先存放在硬盘备用扇区中的恶意代码进行替换,上位系统完全无法识别,进而被感染。被感染的进程可以是任何进程,包括操作系统核心。

而新闻中还提到,fireware因为通常只做升级硬盘性能使用,并且受知识产权保护,通常是只写而不可读取的,这就使得病毒隐藏至深,无法被扫描。

如果前述猜想是正确的,那么通过一个未感染系统启动并热插拔挂载被感染的硬盘,然后向其中写入一个常见操作系统的文件系统,然后用一个虚拟机模拟启动操作,读取该硬盘中的文件,再从中截取读到的数据,跟之前写入的数据进行对比,应该会发现关键数据被改写的痕迹。

假如真的是这样,那么该病毒成功的将恶意代码的领域扩展至MCU,通过跨平台的两种运行机制的紧密合作,变成了一种几乎无法杀死的程序。

更进一步,报道提到,该病毒可以通过移动存储介质,从物理隔离的计算机系统中窃取数据。可以这样理解,假设一个军事机密网络,它跟互联网是物理隔离的,但是其中某块硬盘上感染了该恶意代码,进而感染了整个网络。只要物理隔离,窃取到的机密数据无法通过互联网返回NSA。但是,假如有人使用了移动存储设备,比如一个U盘或移动硬盘,那么该病毒可以将机密数据保存到该设备的可用空间中,而不以文件形式列入文件分配表。当这个移动存储设备再次连接到另一台与互联网有直接连接的系统上时,假如这个系统也同样感染了该病毒(这是很有可能的),那么病毒就有机会读取隐藏在移动存储设备中的机密数据,发送给NSA。

联想最近经常遇到U盘无法弹出,真是细思极恐。

那么怎样才能杀死这个病毒呢?

首先,你得有个“可靠”的系统,比如古老发行版的Linux LiveCD。

然后,刷写“可信”的fireware,比如来自硬盘厂商的最新更新,当然我们假设硬盘厂商没有被迫为虎作伥。

最后,对整个硬盘做置零操作,低级格式化,重新分区,

 

 

以下纯属个人主观臆测

win8卖不动啊,wp8卖不动啊,应用太少啊……

怎么拉拢这些穷酸安卓开发者呢?

这些家伙成天叫嚣开源,喜欢java,迷恋eclipse

eclipse算个球,vs给他们免费用;java闪开,看我.net大法。

对了,不如把.net开源了,vs给一套拖拖拽拽版的Android UI速成秘籍,把新近android开发者都拉来用vs,然后一个工程apk/xap双输出,android有的应用我wp自动克隆然后效率还更高,啊哈哈哈~~~

那个Mono小弟,别管大哥我抢生意哦。

Mono:有本事你搞个官方for wp8的安卓模拟器不就ok了,拿我开涮算怎个意思。

Palm的幽灵:Classic —-PalmOS emulator for WebOS