Wednesday, December 07, 2011

Promotion: Hungry Jacks $2 Whopper


All that programming is making me Hungry!
--- for Australian readers only ----



Wednesday, November 30, 2011

NOTES GSL

Prerequisites
Building using Visual Studio C/C++
GSL Examples
GSL Considerations
Build GSL with MinGW
Running MSVC with minGW-built-GSL
GSL Makefile
General C define macros and typedef
GSL-C-Fortran Framework

Prerequisites
===============
For running on Windows system:

1. mingw (minimalist GNU for Windows)
- go to http://www.mingw.org/
- Download and install both mgw and msys: eg. mingw-get-inst-20110802.exe
- Install and select C++, Fortran and MSYS options

2. gsl (Gnu Scientific Library)
- go to http://www.gnu.org/s/gsl/
- Download from nearest GNU mirror, eg. http://ftpmirror.gnu.org/gsl/.
- Unpack it to a general place like c:\gsl....

Building using Visual Studio C/C++
===================================
http://gladman.plushost.co.uk/oldsite/computing/gnu_scientific_library.php
http://www.quantcode.com/modules/smartfaq/faq.php?faqid=33


The GSL subroutines are grouped according to functionality. For this document, we say that these functionalities are grouped into packages. Each package is a folder containing the source code for that functionality. In this section, we will compile the package called BLAS.

Note that this BLAS is actually gls_blas. It uses the underlying blas implementation called cblas.
cblas is the standard blas for C/C++ and is also available in MKL.
In this example build, we will build the gsl_blas and configure is to use cblas from MKL.

1. Create a Visual Studio C/C++ Project called GSLProj, under the Solution called GSLSoln.
Add New Project - Visual C++ - Win32 - Win32 Project - {DLL, Empty Project}

2. Go to Windows Explorer and copy the blas folder from c:\gsl....
and paste into the GSLProj folder.
Update: The following packages seemed to be a bare minimum and have enabled GSL to be compiled successfully with MSVC 2008 - blas, block, err, ieee-utils, matrix, sys, test, vector.
Update: Second batch of packages to be added:
- cdf, cheb, complex, eigen, integration, linalg, min, multimin, multiroots, permutation, poly, randist, rng, roots, sort, specfun,

3. In Windows Explorer, copy these files from c:\gsl
    config.h , templates_on.h, templates_off.h, build.h
and paste into the GSLProj folder.

4. In Windows Explorer, under c:\gsl...., do a search for gsl_*.h. This will find all the gsl header files in the source code. Copy all of these and paste into a folder called gsl and put this folder under the GSLProj folder.

5. Go back to the Visual Studio GSLProj, go to the Solution Explorer and click on the little icon called "Show All Files" just on top of the Solution tree.

6. In the Solution Explorer, the tree becomes a folder tree view. Go to the branch GSLProj, right click on the blas folder (which appears now) and select "Include in Project". Inlcude any other project as necessary, only include their *.c is OK. All header files do not need to be INCLUDED via Visual Studio because the C compiler will pull the contents of *.h hearder files in.

7. For the ieee-utils package, exclude the files below which are for various different operating systems other than Windows. These files have names like: fp-[OS].c
Including fp.c seems to be OK.

For the matrix package, Include the matrix folder into the project.
Then exclude files: *.h, *.lo, *_source.c
Ensure that normal c files are included:   *.c
Note that the *_source.c files are actually pulled into the base *.c file similar to how header files are included.

Specfun package also has these *.c files to be excluded from compile:
cheb_eval.c, cheb_eval_mode.c
 
In many matrix files, eg copy_source.c, file_source.c, getset_source.c, the copy.c, file.c, getset.c uses the templates_on/off.h which dynamically creates code using Preprocessor Macro definitions. This causes SEVERE problems at the line:
#define SHORT complex
because Microsoft Visual C redefines this in their math.h file as:
#define complex _complex
DO  NOT Put this macro definition /D__cplusplus  which may solve the _complex problem but creates new problems with other MS files like:

Error 1 error C2061: syntax error : identifier 'vc_attributes' c:\program files\microsoft visual studio 9.0\vc\include\codeanalysis\sourceannotations.h 42 VCPP_testDLL01

To solve the _complex problem definition, add this at the top of templates_on.h:
#ifdef complex
#define fixCOMPLEX_ 1
#undef complex
#endif

Also add this at the end of templates_off.h
// ASSUMES that the predefined complex is _complex in Microsoft's VC include\math.h and crt\src\math.h
#if fixCOMPLEX_ == 1
#define complex _complex
#undef fixCOMPLEX_
#endif

8. Right click on the GSLProj icon and select properties. In the Properties configuration, Configuration Properties:
- under C/C++ - Command Line
Add these compiler options: /DGSL_DLL /DDLL_EXPORT
- under C/C++ - General - Additional Include Directories:
      enter the path to the current project folder.
 enter the path to \mkl\include
- under Linker - General - Additional Library Directories:
      enter \fortran\lib\ia32
 enter \mkl\ia32\lib
- under Linker - Input - Additional Dependencies, enter these mkl, openmp libraries
   for 32bit:
mkl_intel_c_dll.lib
mkl_intel_thread_dll.lib
mkl_core_dll.lib
libiomp5md.lib
   for 64bit:
mkl_intel_lp64_dll.lib
mkl_intel_thread_dll.lib
mkl_core_dll.lib
libiomp5md.lib

The setup above enable the project to be linked to MKL's cblas routines.

9. Edit the config file so that the "!" is removed in the following lines:
#if HAVE_DECL_LDEXP
#if HAVE_DECL_FREXP
#if HAVE_DECL_HYPOT
For some reason the use of preprocessor macros does not seem to work well. Hence the config.h file need to be modified as above.

10. Removing cblas from GSL code.
- Exclude the cblas directory from the project
- Exclude the file gsl\gsl_cblas.h
- Remove the line
     #include
  and replace if necessary with
     #include
  for these files:
blas\blas.c
doc\examples\cblas.c    // probably not needed
eigen\francis.c
eigen\nonsymmv.c
gsl_blas_types.h

11. Due to using mkl_cblas.h, these definitions need to be changed.
in gsl_blas_types.h, change to:
typedef  CBLAS_ORDER       CBLAS_ORDER_t;
typedef  CBLAS_TRANSPOSE   CBLAS_TRANSPOSE_t;
typedef  CBLAS_UPLO        CBLAS_UPLO_t;
typedef  CBLAS_DIAG        CBLAS_DIAG_t;
typedef  CBLAS_SIDE        CBLAS_SIDE_t;
... the enum keyword has been removed.

12. Add the following Preprocessor definitions
/P    - only to check the preprocessed intermediate files

13. To add cdf package:
- add this to beta_inc.c
#include
- exclude from project, usually because these files are included in other files and are not really standalone files:
test_auto.c, beta_inc.c

cdf package needs the following packages:
specfun, cheb


14. Various packages of GSL, such as block and matrix, have some files with the same names such as file.c.
But the way MSVC compiles and builds by putting all *.obj files into the same DEBUG or RELEASE folder causes a problem. A simple way is to rename some of the clashing file names. This does not affect the ability to use the GSL-DLL functions, because functions have different names withing files with same names such as file.c

To quickly identify where duplicate filenames exist, go to Solution Explorer and click on the GSLProj project folder.
Near the top of the Solution Explorer panel, click on the icon to switch to Show All Files, such that all *.c files appear under the Source Files folder under your GSLProj project folder. Then rename any duplicate file names *.c.

Alternative - Right-click, Properties, C++, Output Files. Change the Object File Name from $(IntDir)\ to, say, $(IntDir)\block\. You can repeat for the vector file group, etc.

15. Inline functions.
The following packages are affected: cdf
MSVC++ accepts both inline and _inline BUT when the code is *.c and compiled with MSVC, then it only recognize _inline.
Error Messages are like:
Error 1 error C2054: expected '(' to follow 'inline' ...\specfunc\cheb_eval_mode.c
Error 2 error C2085: 'cheb_eval_mode_e' : not in formal parameter list ...\specfunc\cheb_eval_mode.c
Error 3 error C2143: syntax error : missing ';' before '{' ...\specfunc\cheb_eval_mode.c 6
Solution:
In specfun/cheb_eval_mode.c, airy.c , gamma.c, bessel.c, bessel_olver, bessel_zero, coupling.c, ellint.c
erfc.c, legendre_con, trig.c, zeta.c
change from inline to _inline

16. Notes on cdf and specfun packages.
- see 15. for "inline" issue
- Files to be renamed from *.c to *_cdf.c are:
     cdf/beta.c   to avoid clash with specfun/beta.c
- files to be excluded from compile:
cdf/beta_inc.c

 17. Add randist package - needed by cdf
 - inline keyword modified, see note 15; for files:
     binomial_tpe.c, discrete.c, shuffle.c
 - Files to be renamed from *.c to *_randist.c are:
     beta.c, binomial.c, cauchy.c, chisq.c, exponential.c, exppow.c, fdist.c, flat.c, gamma.c,
gauss.c, geometric.c, hyperg.c, laplace.c, logistic.c, lognormal.c, nbinomial.c, pareto.c, pascal.c, poisson.c, rayleigh.c, rdist.c, weibull.c

18. Add rng package - needed by randist
 - inline keyword modified, see note 15; for files:
     ... almost all files ...
 - Files to be renamed from *.c to *_rng.c are:
     file.c

19. Add complex package - needed by specfun
 - Files to be renamed from *.c to *_complex.c are:        
     inline.c

20. Add eigen package - needed by specfun
 - inline keyword modified, see note 15; for files:
     gen.c, francis.c, qrstep.c, jacobi.c,
- Remove           //#include
  and replace by     #include
  in these files:    francis.c, nonsymmv.c
- exclude from project:
      qrstep.c


21. Add linalg package - needed by
 - inline keyword modified, see note 15; for files:
     apply_givens.c, cholesky.c, givens.c, exponential.c
- exclude from project:
     apply_givens.c, givens.c, svdstep.c


22. Add permutation package - needed by linalg
 - inline keyword modified, see note 15; for files:
 - Files to be renamed from *.c to *_permutation.c are:        
      file.c, init.c, inline.c,
- exclude from project:
      permute_source.c


Add integration package - needed by randist
 - inline keyword modified, see note 15; for files:
    append.c, initialise.c, positivity.c, set_initial.c, qpsrt.c, util.c, reset.c, qelg.c,
 - Files to be renamed from *.c to *_integration .c are:        
     
- exclude from project:
     append.c, cquad_const.c, err.c, initialise.c, positivity.c, ptsort.c, qpsrt.c, util.c, reset.c
qelg.c, qc25c.c, qc25f.c, qc25s.c, qpsrt2.c, set_initial.c,

NOTE: if some *.c files which are included by other *.c files are NOT excluded from compile, then errors like these occur:
Error 1 error C2143: syntax error : missing ')' before '*'
Error 2 error C2143: syntax error : missing '{' before '*'
Error 3 error C2059: syntax error : 'type'
Error 4 error C2059: syntax error : ')'


Add sort package - needed by eigen
 - inline keyword modified, see note 15; for files:
     sort.c, sortind.c, sortvec_source.c, sortvecind_source.c,
 - Files to be renamed from *.c to *_sort.c are:        
     
- exclude from project:
     sortvec_source.c, sortvecind_source.c, subset_source.c,  subsetind_source.c,
test_heapsort.c, test_source.c,


Add min package - for minimization routines
-  Add static to these functions:
      min/test.c::my_error_handler()


Add roots package
 - inline keyword modified, see note 15; for files:
 - Files to be renamed from *.c to *_roots.c are:        
      test.c, test_funcs.c
- exclude from project:


Add multimin package
 - inline keyword modified, see note 15; for files:
      simplex2.c
 - Files to be renamed from *.c to *_multimin.c are:
      test.c, test_funcs.c
- exclude from project:
directional_minimize.c, linear_minimize.c, linear_wrapper.c,


Add poly package - needed by multimin
 - inline keyword modified, see note 15; for files:
 - Files to be renamed from *.c to *_multimin.c are:
      test.c, eval.c, deriv.c,
- exclude from project:
 companion.c, balance.c, qr.c,


Add multiroots package
 - inline keyword modified, see note 15; for files:
 - Files to be renamed from *.c to *_multiroots.c are:
      convergence.c, fdfsolver.c, fsolver, newton.c, test_funcs.c, test.c
- exclude from project:
      enorm.c, dogleg.c




23. To make use of GSL's own test, do the following to the selected GSL packages as needed:
cdf, specfunc, rng, randist, min, roots, multimin, poly,

- eg. in cdf/test.c  (which has been renamed to test_cdf.c), rename the function
     main      to    main_cdf.c

- ensure say, cdf/test.c  is now included in the project and compile.

- for the test functions, say: void main_cdf(void)
  put its prototype function in your own driver program using extern, like:
     extern "C" { void main_cdf(void);  }

- in the main functions, say main_cdf(), at the last line of the function, change this:
     exit(gsl_test_summary());
  to this, to return the EXIT_SUCCESS or EXIT_FAILURE code
     return gsl_test_summary();

- in the main functions, say main_sf(), if there are arguments that are not used like this:
     int main_sf(int argc, char * argv[])
  to the following
     int main_sf(void)

- in cdf package ONLY: in file test_cdf.c, change the line from:
     void test_gamma (void)
  to rename it to:
     void test_gamma_cdf (void)
  and in the same file, change the call to the test_gamma function from:
     test_gamma();
  to the new name :
     test_gamma_cdf();
  This is done to prevent clash with a function of the same name test_gamma() in specfunc.

- in randist package only, change the following functions by adding the keyword "static",
  so that other files to not uses these functions. The functions made "static" are:
     test_beta, test_binomial_pdf, test_chisq, test_exponential, test_fdist, test_gamma,
test_ugaussian, test_geometric_pdf, test_hypergeometric2_pdf, test_negative_binomial_pdf,
test_pascal_pdf, test_poisson_pdf

- in roots package only, change the following functions by adding the keyword "static",
  so that other files to not uses these functions. The functions / variables made "static" are:
     test_roots.c: EPSREL, EPSABS, MAX_ITERATIONS, test_f, test_f_e, my_error_handler,
test_funcs_roots.c: create_function, func1, func2, func3, func4

- in multimin package only, change the following functions by adding the keyword "static",
  so that other files to not uses these functions. The functions / variables made "static" are:
     test_fdf, test_f,

- in multiroots package only, change the following functions by adding the keyword "static",
  so that other files to not uses these functions. The functions / variables made "static" are:
     test_multiroots.c: test_fdf, test_f,
     test_funcs_multiroots.c: rosenbrock, rosenbrock_initpt, rosenbrock_f, rosenbrock_df, rosenbrock_fdf,
wood, wood_initpt, wood_f, wood_df, wood_fdf,
     roth, roth_initpt, roth_f, roth_df, roth_fdf,

- Strange reason, the two functions gsl_cdf_logistic_Q and  gsl_cdf_logistic_P are not visible to the test program and cannot be compiled. Typical error messages are:
Error 1  error LNK2001: unresolved external symbol gsl_cdf_logistic_Q test_cdf.obj vcpp_gsl
Error 1  error LNK2019: unresolved external symbol gsl_cdf_logistic_Q test_cdf.obj vcpp_gsl
    to solve this problem, go to the file cdf/logistic.c and copy the two functions of
gsl_cdf_logistic_Q and  gsl_cdf_logistic_P
    and paste it to cdf/test_auto.c and place it above the line:
void test_auto_logistic (void)
    ALTERNATIVE: Better solution is to check no two source files has the same name. This is already described in point 15. When two files have same name, one of them is not compiled and so its functions cannot be found.

- other files where functions are already identified somewhere else in test*.c. The solution is to add the static keyword to these functions:
   test_integration.c: my_error_handler
   test_linalg.c: my_error_handler


Debugging:
Modified test_roots.c: void test_f, test\results.c: void gsl_test()
Completed [12017/12017]
GSL cdf test result is 0
 end of gsl cdf test
Completed [14995/14995]
GSL specfunc test result is 0
 end of gsl specfunc test
-10, 1072693247, 0, 0
FAIL: results.c::gsl_test:: [15003]incorrect precision (%g obs vs %g expected)
-16, 1072693247, -350469331, 1058682594
FAIL: results.c::gsl_test:: [15005]incorrect precision (%g obs vs %g expected)
2142418408, 1061077358, 0, 0
FAIL: results.c::gsl_test:: [15007]incorrect precision (%g obs vs %g expected)
-13, 1072693247, -350469331, 1058682594
FAIL: results.c::gsl_test:: [15020]incorrect precision (%g obs vs %g expected)
2142401953, 1061077358, 0, 0
FAIL: results.c::gsl_test:: [15022]incorrect precision (%g obs vs %g expected)
-10, 1072693247, 0, 0
FAIL: results.c::gsl_test:: [15034]incorrect precision (%g obs vs %g expected)
-13, 1072693247, -350469331, 1058682594
FAIL: results.c::gsl_test:: [15036]incorrect precision (%g obs vs %g expected)
2142401953, 1061077358, 0, 0
FAIL: results.c::gsl_test:: [15038]incorrect precision (%g obs vs %g expected)
FAIL: results.c::gsl_test:: [15064]%s, %s (%g obs vs %g expected)
FAIL: results.c::gsl_test:: [15065]exceeded maximum number of iterations
FAIL: results.c::gsl_test:: [15066]incorrect precision (%g obs vs %g expected)
FAIL: results.c::gsl_test:: [15068]incorrect precision (%g obs vs %g expected)
FAIL: results.c::gsl_test:: [15070]incorrect precision (%g obs vs %g expected)
FAIL: results.c::gsl_test:: [15072]%s, %s
GSL roots test result is 1
 end of gsl roots test




GSL Examples
================
http://apwillis.staff.shef.ac.uk/aco/freesoftware.html  - passing function as argument
http://www.helsinki.fi/~fyl_tlpk/luento/ohj-13-GSL-e.html - passing function as argument
Fortran GSL
http://www.lrz.de/services/software/mathematik/gsl/fortran/index.html
http://uncwddas.googlecode.com/svn/trunk/other/gsl-1.8/gsl.vc/gsl.vc8.readme.txt


GSL Considerations
===================
32-64 bit
cblas replace with blas - can used ATLAS (C) at least


Build GSL with MinGW
========================
MSVC and MinGW Dlls - shows how to build Dll using MinGW that can be used by MSVC
http://www.mingw.org/wiki/MSVC_and_MinGW_DLLs

GSL can be build using MinGW with the following commands:
configure
OR  to just make a dynamic library without static lib;
./configure --enable-static=no
then
  make

In general, to specify on conditions and macro definitions:
env CPPFLAGS="-DGSL_DLL"  ./configure --enable-static=no
./configure --enable-static=no CPPFLAGS="-DGSL_DLL"
Don't need to add GSL_DLL definition - this is just an exmaple.


The result is are the following files:
in [gsl]\cblas\.libs:  libgslcblas.dll.a, libgslcblas.a, libgslcblas-0.dll, libgslcblas.la, libgslcblas.lai
in [gsl]\libs: libgsl.dll.a, libgsl.a, libgsl-0.dll, libgsl.la, libgsl.lai

If there are errors during MAKE, like these:
    infnan.c:98:3: error: #error "cannot define gsl_finite without HAVE_DECL_FINITE or HAVE_IEEE_COMPARISONS"
    infnan.c:115:3: error: #error "cannot define gsl_isnan without HAVE_DECL_ISNAN or HAVE_IEEE_COMPARISONS"
to solve this, go into [gsl]\config.h  and remove the UNDEF lines and add DEFINE lines like:
   //#undef HAVE_DECL_ISFINITE
   #define HAVE_DECL_ISFINITE 1

   //#undef HAVE_DECL_ISNAN
   #define HAVE_DECL_ISNAN 1


To make GSL compatible with MSVC(Microsoft Visual C), then edit gsl_types.h file, to ensure that the following line is defined:


 
Run-Time Check Failure #0 - The value of ESP was not properly saved
across a function call.  This is usually a result of calling a function
declared with one calling convention with a function pointer declared
with a different calling convention.

The message above about calling convention is misleading. The gsl dll may be in the right calling convention already. The caller to the functions in gsl need to specify explicitly
    __cdel(dllimport)
on the prototype for the function they need to call.


Running MSVC with minGW-built-GSL
===================================
First, built the GSL using MinGW as described in "Build GSL with MinGW" section.
Then,
To LINK with MSVC, use the *.dll.a, but rename them to *.lib
To RUN with MSVS, put the *-0.dll files into the runtime path.

Error Message when running
"Run-Time Check Failure #0 - The value of ESP was not properly saved across a function call.  This is usually a result of calling a function declared with one calling convention with a function pointer declared with a different calling convention."

..... need to check calling conventions.


Aside: To convert MSVC *.lib into *.a for GNU/GCC in MinGW, use the tool called "reimp".


GSL Makefile
=============
some key definitions of the Makefile is below.

$(SHELL) $(top_builddir)/libtool

libgsl.la: $(libgsl_la_OBJECTS) $(libgsl_la_DEPENDENCIES)
$(libgsl_la_LINK) -rpath $(libdir) $(libgsl_la_OBJECTS) $(libgsl_la_LIBADD) $(LIBS)


92:
libgsl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \
$(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \
$(libgsl_la_LDFLAGS) $(LDFLAGS) -o $@
294:
libdir = ${exec_prefix}/lib
343:
libgsl_la_LIBADD = $(SUBLIBS) $(am__append_1)
233:
LIBS = -lm
234:
LIBTOOL = $(SHELL) $(top_builddir)/libtool
112:
CCLD = $(CC)
184:
CFLAGS = -g -O2
344:
libgsl_la_LDFLAGS = -version-info $(GSL_LT_VERSION) $(am__append_2)


90:
am_libgsl_la_OBJECTS = version.lo
libgsl_la_OBJECTS = $(am_libgsl_la_OBJECTS)

88:
libgsl_la_DEPENDENCIES = $(SUBLIBS) $(am__append_1)
43:
am__append_1 = cblas/libgslcblas.la
44:
am__append_2 = -no-undefined
315:
SUBLIBS = block/libgslblock.la blas/libgslblas.la \
bspline/libgslbspline.la complex/libgslcomplex.la \
cheb/libgslcheb.la dht/libgsldht.la diff/libgsldiff.la \
deriv/libgslderiv.la eigen/libgsleigen.la err/libgslerr.la \
fft/libgslfft.la fit/libgslfit.la histogram/libgslhistogram.la \
ieee-utils/libgslieeeutils.la integration/libgslintegration.la \
interpolation/libgslinterpolation.la linalg/libgsllinalg.la \
matrix/libgslmatrix.la min/libgslmin.la monte/libgslmonte.la \
multifit/libgslmultifit.la multimin/libgslmultimin.la \
multiroots/libgslmultiroots.la ntuple/libgslntuple.la \
ode-initval/libgslodeiv.la ode-initval2/libgslodeiv2.la \
permutation/libgslpermutation.la \
combination/libgslcombination.la multiset/libgslmultiset.la \
poly/libgslpoly.la qrng/libgslqrng.la randist/libgslrandist.la \
rng/libgslrng.la roots/libgslroots.la siman/libgslsiman.la \
sort/libgslsort.la specfunc/libgslspecfunc.la \
statistics/libgslstatistics.la sum/libgslsum.la \
sys/libgslsys.la test/libgsltest.la utils/libutils.la \
vector/libgslvector.la cdf/libgslcdf.la \
wavelet/libgslwavelet.la


Sample of actual output in Make:

libtool: link: ln .libs/libgsl.lax/libgslcdf.a/fdist.o .libs/libgsl.lax/lt72-fdist.o || cp .libs/libgsl.lax/libgslcdf.a/fdist.o .libs/libgsl.lax/lt72-fdist.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/flat.o .libs/libgsl.lax/lt73-flat.o || cp .libs/libgsl.lax/libgslcdf.a/flat.o .libs/libgsl.lax/lt73-flat.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/gamma.o .libs/libgsl.lax/lt74-gamma.o || cp .libs/libgsl.lax/libgslcdf.a/gamma.o .libs/libgsl.lax/lt74-gamma.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/gauss.o .libs/libgsl.lax/lt75-gauss.o || cp .libs/libgsl.lax/libgslcdf.a/gauss.o .libs/libgsl.lax/lt75-gauss.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/geometric.o .libs/libgsl.lax/lt76-geometric.o || cp .libs/libgsl.lax/libgslcdf.a/geometric.o .libs/libgsl.lax/lt76-geometric.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/laplace.o .libs/libgsl.lax/lt77-laplace.o || cp .libs/libgsl.lax/libgslcdf.a/laplace.o .libs/libgsl.lax/lt77-laplace.o
libtool: link: ln .libs/libgsl.lax/libgslcdf.a/logistic.o .libs/libgsl.lax/lt78-logistic.o || cp .libs/libgsl.lax/libgslcdf.a/logistic.o .libs/libgsl.lax/lt78-logistic.o



General C define macros and typedef
=====================================
#define [dummy] [real text]
eg.
# define __BEGIN_DECLS extern "C" {

this means whenever the "__BEGIN_DECLS" is used in the code, the pre-processor will replace it with:
extern "C" {


typedef [type] [alias]
eg.

/* type declaration */
typedef struct {
int number;
char *text;
} LINE;


/* Variable declaration */
LINE buffer[MAXLINES];


Note the actual type, like the struct above, is declared first, followed by the last word which is the alias LINE.
BUT, this is reverse for #define where the actual alias or dummy is the first word, then the rest are the real text.

An alternative way to declare a struct using "tag" is:

/* type declaration */
struct templ {
int number;
char *text;
} ;
/* Variable declaration */
struct templ buffer[MAXLINES];


Note that using the tag method for struct, the keyword struct still need to be included in the declaration.



GSL-C-Fortran Framework
=======================
1. Compile the GSL into a library with vcpp_gsl.lib|.bin, see "Building using Visual Studio C/C++"
2. Create a wrapper C++ project, say gslCwrap.
3. Create a header file gslCwrap.h and code file gslCwrap.c
4. In the header file gslCwrap.h
a) prepare to export the wrappers.

extern "C"{
__declspec(dllexport) void cdfGaussP (double x, double *p);
__declspec(dllexport) void fnGamma (double x, double *gamma);
}

b) include reference to GSL header like and call gsl function:

#include "gsl/gsl_cdf.h"
#include "gsl/gsl_sf_gamma.h"
void cdfGaussP (double x, double *p) {      *p =  gsl_cdf_ugaussian_P(x); }// 2 * x;  }
void fnGamma (double x, double *gamma) {    *gamma = gsl_sf_gamma(x); }

the actual gsl function names used here are: gsl_cdf_ugaussian_P, gsl_sf_gamma


5. To call from Fortran, prepare a Fortran interface:

    interface
        SUBROUTINE cdfGauss_P(x, P)  BIND(C, NAME='cdfGaussP')
            USE, INTRINSIC :: ISO_C_BINDING     ! New Fortran 2003 standard
            IMPLICIT NONE
            REAL(C_DOUBLE), VALUE :: x
            REAL(C_DOUBLE) :: P
        END SUBROUTINE cdfGauss_P
        SUBROUTINE fnGamma(x, dGamma)  BIND(C, NAME='fnGamma')
            USE, INTRINSIC :: ISO_C_BINDING     ! New Fortran 2003 standard
            IMPLICIT NONE
            REAL(C_DOUBLE), VALUE :: x
            REAL(C_DOUBLE) :: dGamma
        END SUBROUTINE fnGamma
end interface

6. In the Fortran code, just call the function as specified by the interface.
Eg.
    call fnGamma(vecX(ii), answ)      
call cdfGauss_P(vecQ(ii), answ)      


There are at least 3 projects involved here.
vcpp_gsl - this keeps the gsl code in its own project, so that it is independent of any change in interface or usage.
gslCwrap - this consist of the C wrappers so that it can be used by C code or Fortran code. It also transforms all gsl functions into VOID C functions so that it can be called as Fortran subroutines. Fortran Interface - this is freely linked to the gslCwrap wrapper code. There is no direct reference to the GSL code.  

Thursday, August 18, 2011

Links to Smartphone Mobile Security Software

This is a collection of links to Smartphone Mobile Security Software

Kaspersky Mobile Security
https://www.kasperskyanz.com.au/kaspersky_mobile_security

Bullguard Mobile Security
http://www.bullguard.com/why/bullguard-mobile-security-10.aspx

F-Secure Mobile Security
http://www.f-secure.com/en/web/home_global/protection/mobile-security/features-benefits

NetQin Mobile Security
http://www.netqin.com/en/antivirus/

News - Security


New Android bug renders device silent, unresponsive
Denial-of-service flaw affects more than half of all current users.
New Android bug renders device silent, unresponsive
A newly-discovered vulnerability in the Android operating system would allow attackers to place a target device in a vegetative state, rendering it unusable, security researchers have found.


Modular Android malware dev kit to be released
By Darren Pauli on Aug 3, 2012 10:13 AM
"An open source framework has emerged that allows Android malware to be built from modules that enable data to be stolen, phone calls to be eavesdropped and root exploits to be run.
The modules slashed the time and difficulty to build malware and allowed users to select from some 20 prebuilt features such as the ability to siphon contacts, emails and SD card data off phones, and force victims to dial premium calls.
Malware authors could currently select from eight pre-designed templates and insert a custom IP addresses to which siphoned obfuscated data would be delivered.
It could even pack the malware into legitimate-looking signed applications like file system explorers and games so they were ready to be uploaded to Android app stores...."


AVG issues smartphone malware warning
By Ken Presti, on Aug 3, 2012 8:04 AM
"Cybercriminals are increasing their focus on Android-based smartphones given the relative openness of the platform, especially when combined with effective social engineering tactics.
That's according to security vendor, AVG, which recently released its Threat Report for the second quarter of 2012.
The Android platform represents approximately 59 percent of the global market and has been heavily targeted by malware authors, particularly from China and neighboring markets, according to the report.
The second quarter of this year witnessed the introduction of the first Android bootkit, "DKFbootkit," which masquerades as a fake version of a legitimate application and damages the smartphone’s Linux kernel code by replacing it with malicious code......."



Malware disguised as updates pushed over hotel wi-fi
By Dan Kaplan on May 10, 2012 10:40 AM

Feds warn update before travel.
Now  travelers to be on the lookout for malware on their hotel's wireless connection.
According to the alert, attackers are using the hotel's Wi-Fi hotspot to distribute malware to guests under the guise of a security update.
The alert was issued by the Internet Crime Complaint Center (IC3), a partnership between the Federal Bureau of Investigation and the National White Collar Crime Center, and funded by the Bureau of Justice Assistance.
"In these instances, the traveler was attempting to set up the hotel room Internet connection and was presented with a pop-up window notifying the user to update a widely-used software product," the alert said.
"If the user clicked to accept and install the update, malicious software was installed on the laptop. The pop-up window appeared to be offering a routine update to a legitimate software product for which updates are frequently available."



Hackers break into 55,000 Twitter accounts, leaving passwords bare
8th May 2012 by Alex Wilhelm

"In a massive leak, some 55,000 Twitter accounts have been compromised, leaving them open for abuse. According to AirDemon, accounts belonging to celebrities were attacked in the process.
The leak is large enough that 5 PasteBin pages were required to host the list. I’m going to link to them, only so that you can see if you are among the hacked: one, two, three, four, five. The pages have racked up thousands of views, implying that the accounts could have already been compromised. If you see any funny tweets in your stream, this might be why."


First drive-by Android malware detected
By Marcos Colon on May 4, 2012 9:12 AM

"   Malware writers "even lazier than before".
Now The first mobile malware infection via drive-by-download has been detected.
The Android trojan was detected by Symantec researchers delivered through a fake security update hosted on malicious websites.
Drive-by-download transmitted malware to a victim's computer when victims visited infected web pages, but users still had to accept permission prior to installing.
“This is more of a social engineering attack,”  Symantec Security Response Center operations director Liam O Murchu said. “At the end of the day, the user still needs to see a message and decide if it's something that they want to install or not.”   "




Why malware authors don't need to try
By Michael Lee, ZDNet.com.au on April 18th, 2012
"We often assumehttp://www.scmagazine.com.au/News/299371,first-drive-by-android-malware-detected.aspx
First drive-by Android malware detected
By Marcos Colon on May 4, 2012 9:12 AM

"   Malware writers "even lazier than before".
Now The first mobile malware infection via drive-by-download has been detected.
The Android trojan was detected by Symantec researchers delivered through a fake security update hosted on malicious websites.
Drive-by-download transmitted malware to a victim's computer when victims visited infected web pages, but users still had to accept permission prior to installing.
“This is more of a social engineering attack,”  Symantec Security Response Center operations director Liam O Murchu said. “At the end of the day, the user still needs to see a message and decide if it's something that they want to install or not.”   "

 that malware writers are the sort of evil geniuses who work tirelessly to exploit unheard-of or secretly hidden backdoors in order to make a quick dollar or use your computer's resources for their own means. But recently, it feels like they haven't even been trying that hard.
On the back of Flashback, we saw another piece of malware, SabPab, that exploited the same Java vulnerability. Then, it wasn't long before a variant of SabPab was released, and Intego noted that SabPab's authors had begun to use Word documents to deliver their payloads. Strangely, the Word vulnerability that it used to spread itself was patched in 2009.
Although Kaspersky considers SabPab to be an advanced persistent threat, which usually indicates a high-level über hacker, I'm more inclined to see it as the work of someone who is relying on their victims being clueless about security. Why? Well, other than the ability to humiliate your victims for falling for such an old vulnerability, why would you pick one that is expected to have been patched?
I think the answer is that the authors are banking on users not bothering to patch, even though it's expected of them."
http://www.flashbackcheck.com/ - Kaspersky free detection website and removal tool
http://www.f-secure.com/weblog/archives/00002336.html - F-Secure how to detect and remove Flashback manually
http://support.apple.com/kb/HT5242 - Apple official patches and tools




Android concept app siphons sensitive data
By Darren Pauli on Apr 11, 2012 11:12 AM
Application bypasses permissions to steal SD and app data.

"A security researcher has developed an application that demonstrates how sensitive data can be stolen from Android phones without user permission.
The application can access contents of a phone's SD card, tap into app data and upload sensitive data without requiring permissions.
The No Permissions app
Permissions were a security system on Android phones that require applications to ask users for access rights to phone contents like contacts, data and the ability to access communications."



Wicked exploit found in Linux WiFi
By Darren Pauli on Apr 12, 2012 3:13 AM
Anonymous student hacker finds holes in WICD tool.

"A zero day exploit has been discovered in popular wireless Linux manager WICD that allows an attacker to spawn a root shell on a target machine.
The privileged escalation exploit affects the latest versions of WICD (pronounced wicked) and was successfully tested on a handful of Linux distributions including the latest release of the penetration testing operating system BackTrack.
It was not yet tested for remote exploitation vectors."




Five million machines potentially vulnerable to RDP exploit
By Darren Pauli on Mar 20, 2012 5:21 PM
Scan shows not just 'stupid users' are vulnerable.
"Up to 5 million computers have Remote Desktop Protocol (RDP) activated meaning many were potentially exploitable via the MS12-020 bug.
The results derived from an ongoing TCP port scan to locate machines runing RDP services. It was preformed by security researcher Dan Kaminsky and was about 20 per cent complete.
It found 415,000 of 300 million machines (0.4 per cent or extrapolated to about 8.3 per cent of total internet users) had RDP activated.
The RDP vulnerability provided attackers with remote access to networks that have RDP enabled and was predicted to cause mayhem for organisations this year with small businesses most notably at risk."
Other RDP news



Open source Android bug seeker launched
By Dan Raywood on Mar 17, 2012 10:25 AM
"MWR InfoSecurity is to launch an Android security testing framework this afternoon at the Blackhat EU conference.
An open source Android security testing framework had been launched that analyses vulnerabilities in the mobile platform. The technology dubbed 'Mercury'  was launched at BlackHat EU on the back of media coverage of security issues on Android phones, and in light of the fact that researching vulnerabilities in mobile phones is time-consuming. The tool was designed to allow testing of applications before, during and after development, MWR InfoSecurity managing director Ian Shaw told SC Magazine.
“This comes with the Android platform that OEM vendors have taken and added to links to reduce security vulnerabilities in the development process," he said."




Bank tokens swiped from Android phones
By Marcos Colon on Mar 20, 2012 9:16 AM
"Intercepts one time tokens through SMS.
The banking credentials of Android device users are being threatened by a new, self-updating trojan that poses as a one-time password application (OTP).
Once users downloaded the token-generator application from a third-party forum -- the official Android Market is not affected -- attackers could siphon data from phones, according to McAfee Labs security researcher Carlos Castillo.
The malware mostly targeted users of Spanish banks like Santander and Banesto and appeared credible because it disguised itself with the logo and color of the bank in the application."



Allphones hacked, staff passwords exposed
By Darren Pauli on Mar 6, 2012 10:55 AM
Hacker claims 703 accounts listed.
"Telecommunications retailer Allphones has had hundreds of staff usernames, passwords and company administrator logins exposed following a hacking attack.
The breach occurred when the company's web administration interface was accessed through a SQL injection attack that targeted the Allphones website.
SC Magazine Australia informed the Allphones website designer of the breach including the vulnerable link and a captured HTML page of the admin console."



DIY mobile phone tracking using open source
By Darren Pauli on Feb 21, 2012 1:35 PM
Researchers locate target without help from phone carriers.
"US researchers have developed a cheap and simple method for tracking the location of GSM mobile phones.
Mobile carriers typically transmit unencrypted signals between GSM towers and phones to determine location. This is required for phone services to be provisioned.
But the new research has revealed that anyone running the open source Osmocom GSM software could use the same functionality to determine whether or not a mobile phone is in an area of between one and 100 square kilometers."



Trojan leverages patched Microsoft Office flaw
By Dan Kaplan on Feb 12, 2012 8:22 PM
"The exploit arrives as an email.
Researchers at Symantec said they have spotted a trojan taking advantage of a previously patched Microsoft Office vulnerability.
The exploit, which is being used in targeted attacks, arrives as an email that contains a Microsoft Word file and a separate DLL file, a rare combination considering DLL files are not typically sent over email."



Crims make $3 million a year off Android botnet
By Dan Kaplan on Feb 12, 2012 10:03 PM
Uni researcher finds world's biggest Android botnet.
"Researchers claim to have found the world's largest and most lucrative mobile botnets.
Saxon Jiang, a researcher from North Carolina State University, found a botnet containing hundreds of thousands of infected nodes.
Symantec confirmed the botnet. Security response engineer Cathal Mullaney said the malware used to grow the bot was contained in almost 30 rogue applications on Chinese app stores."


Bug means iPhone thieves get iMessages, too
By Darren Pauli on Feb 6, 2012 12:18 PM
iMessages relayed to strangers' iPhones.

"A bug in Apple iPhones was discovered that could relay iMessages to strangers’ phones.
The flaw meant that stolen iPhones would continue to receive iMessages that were sent by and delivered to victims who used iMessages on a replacement device.
iMessages was an Apple proprietary system for iOS 5 and an alternative to SMSes that allowed iPhones to send text and multimedia for free over a data network."


Google employs Bouncer to cleanse Android malware
By Dan Kaplan on Feb 5, 2012 9:41 AM
Claims malware app downloads had dropped 40 per cent.

""Google has developed an in-house anti-virus service to remove malware on its marketplace.
The Bouncer service emulates the operating of application on Google's cloud and searches for anomalies that may be indicative of malware.
"We also analyse new developer accounts to help prevent malicious and repeat-offending developers from coming back," Android engineering vice president Hiroshi Lockheimer said.
Lockheimer credited Bouncer with lowering the number of "potentially" malicious downloads in the Android Market by 40 per cent, between the first and second half of last year.""


HTC phones reveal Wi-Fi logins
By Dan Kaplan on Feb 5, 2012 9:41 AM
Apps could swipe SSIDs, passwords.

""A software bug was found in some HTC Android phones that could allow attackers to steal Wi-Fi credentials and SSID.
The US Computer Emergecy Response Team (US-CERT) said the flaw could be exploited by  users who installed applications on affected phones that contained specific permissions.
"There is an issue in certain HTC builds of Android that can expose the user's 802.1X password to any program with the 'android.permission.ACCESS_WIFI_STATE' permission," US-CERTresearcher Bret Jordan said in a vulnerability note.
"When paired with the 'android.permission.INTERNET' permission, an app could easily send usernames and passwords to a remote server for collection."   ""



Build Up Your Phone’s Defenses Against Hackers
By KATE MURPHY
January 25, 2012
"Chuck Bokath would be terrifying if he were not such a nice guy. A jovial senior engineer at the Georgia Tech Research Institute in Atlanta, Mr. Bokath can hack into your cellphone just by dialing the number. He can remotely listen to your calls, read your text messages, snap pictures with your phone’s camera and track your movements around town — not to mention access the password to your online bank account."

PcAnywhere code stolen, Symantec warns of exploits
By Dan Kaplan on Jan 26, 2012 12:08 PM
"Company recommends to stop using its product pending fixes.
Symantec is advising users of its pcAnywhere remote access product to disable the software if they don't absolutely need it.
Warnings come amid confirmation by the security giant that hackers stole a portion of the company's source code dating back to 2006.
The code related to the 2006 versions of Norton Antivirus Corporate Edition, Norton Internet Security, Norton SystemWorks and pcAnywhere."


Symantec finds huge Android malware infection
Antone Gonsalves on Jan 30, 2012
"Up to 5 million smartphone users at risk.
Symantec has found a massive Android malware infection in which several million smartphone users downloaded from the Android Market a Trojan capable of stealing information and displaying advertising.
The security vendor discovered the malware, called Android Counterclank, in 13 apps with titles such as "Counter Ground Force," "Heart Live Wallpaper" and "Sexy Girls Puzzle." The malware has the ability to receive commands from a remote server and to steal information, Symantec reported Friday."


Cyber criminals launch underground search engine
Brian Krebs  January 24, 2012 - 7:58AM
"Australian stolen credit card details in search results.
A new service aims to be the Google search of underground websites, connecting scammers to a vast sea of web forums that offer an array of dodgy goods and services, from stolen credit card numbers to identity information and anonymity tools."




Hacking Google for Fun and Profit
Posted by Andrew Cantino Dec 14th, 2011
In my opinion, this is the most subtle, but also the most disturbing, of the three bugs. As with the other bugs that I found, this was an example of Cross Site Request Forgery- the practice of convincing a user’s browser to make a request on their behalf to a remote server. This type of attack generally only works when the user is logged in to the remote service. In this case, if a user is already logged into Gmail (and they usually are), a malicious website could make a series of requests for Gmail profile images and, based on the return codes, determine whether or not the visitor had communicated with another Gmail user. This worked because Gmail, as a well-intentioned privacy measure, would only show profile images to a viewer if they had had mutual contact. Here is some example code that worked at the time:




Malicious apps discovered in Android Market
By Angela Moscaritolo on Dec 13, 2011 8:31 AM Malicious devs lose registration but still turn a profit.
Large numbers of malware-laden popular apps such as Angry Birds have hit Google's official Android Market.
A rogue developer with the handle “Lagostrod” uploaded infected versions of at least a dozen popular games, including Cut the Rope, Need for Speed: Shift, and Assassin's Creed: Revelations, F-Secure researcher Sean Sullivan said.
After being notified of the issue, Google removed the apps and suspended the developers' accounts.

Phone porting used to unlock net banking codes
By Brett Winterford on Dec 6, 2011
The scam is sophisticated, as one recent example illustrates.
George Craig*, a small business owner from Sydney’s Northern Beaches, received a call on his home phone from the Commonwealth Bank in mid-July.
He was told that his mortgage account had been accessed by fraudsters, who had funnelled out some $45,000. And his mobile phone – which hadn’t rang off the hook as it usually did during business hours – was used as a tool in the attack.
Craig cannot be 100 percent sure how his online bank account was compromised. He blames himself for conducting online banking sessions on a company laptop without adequate security software.



Four eBay scams to avoid
By Darren Pauli on Nov 28, 2011 10:00 AM

It should be no surprise that auction site eBay is a target of fraudsters.

With an arsenal of virtual credit cards, identity theft and social engineering, fraudsters with the will and persistence have long battled the security teams working to protect eBay's millions of buyers and sellers.

But where other forms of online fraud have been dominated by Russian criminals, it is fraudsters operating from Romania that have caused the biggest headaches for the online auction mega site.



You say 'rootkit,' I say 'diagnostic tool'

by Elinor Mills  November 17, 2011 3:15 PM PST

"Android developer Trevor Eckhart recently noticed something odd on several EVO HTC devices: hidden software that phoned home to the carrier with details about how the phone was being used and where it was.
The software, Carrier IQ, tracked the location of the phone, what keys were pressed, which Web pages were visited, when calls were placed, and other information on how the device is used and when."



Certificate phishing sucks bank customers into Blackhole
By Dan Raywood on Sep 19, 2011 12:50 PM
Bank business customers warned of invalid certificates.

"Spammers are telling bank business customers that their SSL certificates had expired in efforts to exploit the blacklisting of certificate authority DigiNotar.
DigitNotar was blacklisted by major browsers after it was hacked and issued fraudulent certificates.
Barracuda Networks security researchers Dave Michmerhuizen and Luis Chapetti said the spam carried a dangerous message.
"The spammers try to create a sense of urgency with the hope that you will click one of the links to see what happens; which in this case is a particularly bad idea because the second link in the message directs the browser to a server hosting an exploit kit," they said."


By Greg Masters on Sep 15, 2011 7:47 AM
Anti-virus won't detect it.
A variant of the SpyEye trojan dubbed SpitMo can steal bank account details and redirect transaction validation SMSes from Android phones.
SpitMo, or SpyEye for mobile, imposed templated fields on targeted banks' web pages requesting that customers fill in a mobile phone number and the international mobile equipment identity (IMEI) number of the device, a unique signature for a specific phone.
It meant criminals no longer needed to generate a certificate and issue an updated installer to snag the IMEI number, saving them up to three days.






Hackers steal SSL certificates for CIA, MI6, Mossad
http://www.computerworld.com/s/article/9219727/Hackers_steal_SSL_certificates_for_CIA_MI6_Mossad
By Gregg Keizer
September 4, 2011 05:35 PM ET15
"The Dutch government has since audited DigiNotar's performance and rescinded this assessment," Nightingale said. "This is not a temporary suspension, it is a complete removal from our trusted root program."
On Saturday, Piet Hein Donner, the Netherlands's Minister of the Interior, said the government could not guarantee the security of its websites because of the DigiNotar hack, and told citizens not to log into its sites until new certificates had been obtained from other sources.



Hackers acquire Google certificate, could hijack Gmail accounts
http://www.computerworld.com/s/article/9219569/Hackers_acquire_Google_certificate_could_hijack_Gmail_accounts
Repeat of Comodo affair last March; foreign government may be behind theft, says researcher
By Gregg Keizer, August 29, 2011 05:26 PM ET

Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.
Criminals could use the certificate to conduct "man-in-the-middle" attacks targeting users of Gmail, Google's search engine or any other service operated by the Mountain View, Calif. company.
"This is a wildcard for any of the Google domains," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday.
"[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials," said Andrew Storms, director of security operations at nCircle Security.



Android tops mobile hacking charts
http://www.scmagazine.com.au/News/267861,android-tops-mobile-hacking-charts.aspx
By Tom Brewster on Aug 24, 2011 12:52 PM
Filed under Applications
But malware hasn't reached a tipping point.

Android officially became the most attacked mobile operating system by far in the second quarter (Q2), indicating it is emerging as the Windows of the mobile hacking world.
....
The information grabbed includes: user identifier, SIM card number, telephone number, IMEI number, IMSI number, screen resolution and local time… If the root exploit is successful, the system partition is remounted as writable and various additional utilities installed, supposedly to make removal more difficult and allow for additional functionality.




Top ASX-listed companies vulnerable to Apache DoS exploit
http://www.scmagazine.com.au/News/267894,top-asx-listed-companies-vulnerable-to-apache-dos-exploit.aspx
By Darren Pauli on Aug 24, 2011 12:17 PM
Attack launched over 3G

Twenty six of the top 200 ASX-listed companies are vulnerable to an Apache web server denial of service exploit according to a penetration testing company.
The exploit issues partial content requests to Apache httpd which causes the daemon to swap memory to the file system, eventually triggering a denial of service attack



Think Twice Before Installing Any Chrome Extension

http://blog.arpitnext.com/2011/08/chrome-extension-awesome-screenshot.html
Google Needs to Moderate Chrome Extension Gallery
If you are a Google Chrome user and have installed extensions from the Chrome Web Store, you need to know one important thing. The extensions available in official gallery are not as safe as you think. These extensions are not checked by Google for possible malicious behaviour. This means that these Chrome extensions may track your browsing habits, send data to a remote server, manipulate contents of a web page etc. without your consent.
The most unfortunate thing is that the Chrome team has no intention to implement an approval process for the items available at Web Store. I raised this issue earlier, but then the Chrome team said, “We’ve purposely avoided having a pre-review process for the extensions gallery / Chrome Web Store.”.


Jailbroken idevices pwned by charging stations
http://www.scmagazine.com.au/News/267479,jailbroken-idevices-pwned-by-charging-stations.aspx
By Darren Pauli on Aug 19, 2011 4:04 PM
USB mode silently comes to life.
Data can be stolen from Windows, Android and Apple devices by unassuming power charging towers.
In an attack demonstrated at the Defcon hacking conference, mobile phone charging units were rigged to pull data from phones plugged into them.
They were laced with different power charging adaptors to make them more appealing.
Some stock phones were safe since they deactivated USB mode when they were powered off, but others were not so lucky.
Many jailbroken and modified devices activated USB functions when  they were plugged in, or simply rebooted.
That gave security researchers Brian Markus, Joseph Mlodzianowski and Robert Rowley the access they needed to pull data, though they instead served victims with a warning.
“If the phone died due to lack of power, in most cases the phone would boot up upon
plugging it in, then expose the data,” Marcus said.

Droid spyware answers phone calls
http://www.crn.com.au/News/267333,droid-spyware-answers-phone-calls.aspx
By Angela Moscaritolo on Aug 18, 2011 4:10 PM (9 hours ago)
"A malicious Android app that disguises itself as Google's new social networking platform, Google+, is capable of stealing data, and answering and recording incoming phone calls, researchers said this week.
The spyware app disguises itself as Google+ by installing itself with the name “Google ++,” Jamz Yaneza, threat research manager at Trend Micro.
The malware contained in the app shares the same code structure as previously discovered Android spyware that also can steal information and record phone calls made from infected devices."

Written on April 1, 2011 by Uri Rivner
"The first thing actors like those behind the APT do is seek publicly available information about specific employees – social media sites are always a favorite.  With that in hand they then send that user a Spear Phishing email. Often the email uses target-relevant content; for instance, if you’re in the finance department, it may talk about some advice on regulatory controls.
The attacker in this case sent two different phishing emails over a two-day period. The two emails were sent to two small groups of employees; you wouldn’t consider these users particularly high profile or high value targets. The email subject line read “2011 Recruitment Plan.”............


Keywords: 

Saturday, August 06, 2011

How to Identify Athlon XP Palamino, Thoroughbred, Barton

The AMD Athlon XP Palamino, Thoroughbred, Barton CPU can be differentiated by the code that appears on the CPU.

A few websites have tables of these codes which can be very helpful in determining exactly which AMD Athlon the CPU is. The links are:


http://www.c627627.com/AMD/AthlonXP/

http://en.wikipedia.org/wiki/List_of_AMD_Athlon_XP_microprocessors

AMD CPU Codes for "Socket A", multipliers, and voltages
http://www.overclock.net/amd-cpus/172-amd-cpu-codes-multipliers-voltages.html

AMD Athlon, Athlon XP and Athlon MP identification
http://www.cpu-world.com/info/id/AMD-K7-identification.html

Thursday, August 04, 2011

How to Avoid Phone Spam

This article addresses the following issues. If you have any one of these issues, there are options below of how to avoid them.
- Have you been called by marketing companies after giving out your phone number when filling some forms?
- Have you been called by marketing companies whose phone number are not actual permanent phone?
- Do you need to fill in an online application and they require your phone number to be filled in?
- Do you want to enter some special competition or promotional draw, but they need your phone number?
- Do you want to avoid giving your real phone numbers?


Here are some solutions:

1. For Australians, it is possible to register your phone number with the government to specify that you do not wish to receive unsolicited phone calls. The organization that does this is the:

National Do Not Call Registry
https://www.donotcall.gov/


2. You can use the following sites to check where the phone number came from, if their phone numbers are left on your phone. Note that some of these sites may not work for all countries.

https://www.numberguru.com/
numberguru

http://www.freephonenumberfinder.com/
Free Phone Number Finder

http://whocallsme.com/Phone-Number.aspx
WhoCallsMe


http://www.reversephonesearch.com.au
Australia Reverse Phone Lookup

http://www.reverseaustralia.com/lookup/
reverseaustralia


3. If you do need to give out your phone number, you can try the following. These numbers have made calls to me but when I returned the call, there is no one there. They are technically valid phone numbers meaning you can get a connection, but they appear to be used for marketing and they are not owned by the people who made the call. If you know of any of such numbers, please post a comment here.

02 8031 1300
02 8524 5941
02 8524 5985
02 8524 5998
02 9325 0300

03 8372 3179
03 8669 1578
03 9938 2698

07 5584 4700


61 2 8524 5998
61 2 8524 5985
61 2 8524 5941
61 3 9938 2698
61 2 8031 1300
61 2 9325 0300

Thursday, July 28, 2011

Links to Free Software

This page brings together free and useful software. Software which are not free or do not have a free version will generally not be listed here.


Applications

Programming


Brackets - Editor for Web Design. Brackets is a lightweight, yet powerful, modern text editor. We blend visual tools into the editor so you get the right amount of help when you want it. With new features and extensions released every 3-4 weeks, it's like getting presents all year long.


Utilities


Backup

Areca Backup "is a personal backup solution which basically allows you to select a set of files / directories to back-up, choose where and how (as a simple file copy, as a zip archive, ...) they will be stored, and configure post-backup actions (like sending backup reports by email or launching custom shell scripts)"

SyncBack FreewareSyncBackFree the best Windows backup and synchronization program on the planet with great features and benefits at no cost:

BootLoader

Easy BCD     "extends and revamps the Windows Vista/Windows 7 BCD bootloader, and with EasyBCD, almost anything is possible. Setting up and configuring a dual-boot between Windows 7, Windows Vista, older versions of Windows such as XP & 2003, Linux, Ubuntu, BSD, and Mac OS X is a breeze. You just point & click and EasyBCD does the rest."

  Boot-US  "is an universal boot manager. It allows you to easily use of all your existing operating systems completely independent of each other. The boot manager can be comfortably installed directly under Windows."




Eraser

Eraser "Eraser is an advanced security tool for Windows which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns."

DBAN is a self-contained boot disk that automatically deletes the contents of any hard disk that it can detect. This method can help prevent identity theft before recycling a computer. It is also a solution commonly used to remove viruses and spyware from Microsoft Windows installations. DBAN prevents all known techniques of hard disk forensic analysis. It does not provide users with a proof of erasure, such as an audit-ready erasure report.

Remote Helper

TeamViewer "connects to any PC or server around the world within a few seconds. You can remote control your partner's PC as if you were sitting right in front of it. Find out why more than 100 million users trust TeamViewer!"

LogMeIn "remote control, file sharing, systems management, data backup, business collaboration and on-demand customer support of PCs, servers, Macintosh computers, smartphones and other connected devices."

Soluto "Help others with their PCs. Get started with your own. It's easy."


Other Tools

CCleaner "the number-one tool for cleaning your Windows PC. It protects your privacy online and makes your computer faster and more secure. Easy to use and a small, fast download."

TweakNow RegCleaner "After a long period, after installing and uninstalling a lot number of applications, your Windows registry may contain a large number of obsolete entries. These will significantly increase the registry size and thus will slow down your computer, because Windows will need more time to load, search, and read data from registry.
To keep your computer in top performance, it is recommended to periodically clean your Windows registry."

Revo Uninstaller "helps you to uninstall software and remove unwanted programs installed on your computer easily! Even if you have problems uninstalling and cannot uninstall them from "Windows Add or Remove Programs" control panel applet."

SpeccySpeccy is an advanced System Information tool for your PC. Need to find out what's inside your computer? No problem! Speccy will give you all the information you need.

Rufus - Simple-to-use program with standard and advanced options for formatting USB drives and creating bootable disks quickly and with minimum effort



--------------------------------------------



APPLICATION
Google Pack
Space
Stellarium - http://www.stellarium.org/ It shows a realistic sky in 3D
Nasa Hidden Universe
Worldwide Telescope
Media Coder
Legacy Family Tree  http://www.legacyfamilytree.com/

The Rasterbator - printing very big page, but split into A4
Souptoys toybox - kids games
MP3tag
DITTO - copy paste clipboard
Camstudio - screen and events capture
FeedReader
Free Download Manager
TweakUI

Virtualization
Scumm VM - virtual machine for older games
Virtual Box
Sandboxie  - virtual environment
VMware Server



Remote Login

LogMeIn - Remote Access tool

TeamViewer 6 - once it is setup, it allows remote login to the PC
Orb
UltraVNC


Development Tools
Redmine - web based Project Management Tool



Office

Foxit PDF Reader



5 Must-have Chrome Extensions for Writers and Bloggers
http://webworkerdaily.com/2010/05/11/5-must-have-chrome-extensions-for-writers-and-bloggers/
5 Must-have Chrome Extensions for Writers and Bloggers
Communications
Pidgin - Messaging
Thunderbird - Email client


Games


GTA, GTA2
Return to Castle Wolfenstein: Enemy Territory
Perfect World International


Online Backup
5GB free, also iPhone, Blackberry  http://www.idrive.com/idrive-lite/index.html
Ebook Readers
Calibre ebook manager - converts websites (eg news site) into ebooks. http://calibre-ebook.com


MULTIMEDIA
MediaCoder is a free universal batch media transcoder, which nicely integrates most popular audio/video codecs and tools into an all-in-one solution. With a flexible and extendable architecture, new codecs and tools are added in constantly as well as supports for new devices. MediaCoder intends to be the swiss army knife for media transcoding in all time and at this moment, it already has millions of users from all over the planet.
Exact Audio Copy is a so called audio grabber for audio CDs using standard CD and DVD-ROM drives. The main differences between EAC and most other audio grabbers are :
It is free (for non-commercial purposes)
It works with a technology, which reads audio CDs almost perfectly. If there are any errors that can’t be corrected, it will tell you on which time position the (possible) distortion occurred, so you could easily control it with e.g. the media player With other audio grabbers you usually need to listen to every grabbed wave because they only do jitter correction. Scratched CDs read on CD-ROM drives often produce distortions. But listening to every extracted audio track is a waste of time. Exact Audio Copy conquer these problems by making use of several technologies like multi-reading with verify and AccurateRip.

FFDShow - DirectX decompressor for many codecs: DivX, Xvid, H.264, MPEG4
HandBrake - converter from DVD to MPEG4, H.264
VLC Media Player
Virtual Dub - video converter
Tversity Media Server


Graphics

Google SketchUp - 2D, 3D architecture design buildings
RawTherapee - Photo editor allows editing of RAW images
Blender - 3d modelling


Audio
AudioGrabber - ripper and encoder
dBpoweramp - encoder
Audacity - music player


SECURITY
McAfee Aurora Vulnerability Detection Tool
McAfee FileInsight
McAfee SolidCore
Microsoft - Enhanced Mitigation Experience Toolkit v2.0
Ashampoo Anti Malware 1.2.1 has Anti-Keylogger
Microsoft - Attack Surface Analyzer
Hijack This

Antivirus
Avira


AntiSpyware
Malwarebytes

Encryption
TrueCrypt
Cypherix Cryptainer LE


Firewall
ZoneAlaram

----
Password Safe 

UTILITIES


Diagnostics
CPU-Z
SppedFan
SisSoft Sandra -
Process Explorer - 




Dexpot - multi screen windows
Event Ghost - scripting, automation
Rainmeter - skins, desktop customisation
StartupDelayer

Uninstallers
Revo uninstaller
Myuninstaller




Installer

Ninite - choose your own app and it will create an installer for you to download




Recovery Toolkit
UBCD4WIN  - Ultimate Boot CD?
BartPE
WINPE
Ubuntu Live CD


Backup
SyncBack 


HardDrive Utilities
Defragger - file and disk defragmentation
Double Driver - backup installed driver
JDiskReport - like WinDirStat
WinDirStat


GParted
DiskSpace Fan - monitor disk space usage

Tools to edit photo exif info 
Exif tools
Jhead 


File Management
http://eraser.heidi.ie/ Erase data safely
DUP Killer - finds duplicate files
FileZilla - FTP, SFTP
Unlocker - force delete things in Windows

http://www.piriform.com/recuva Recuva - undelete tool




DVD Authoring
DVDStyler - www.dvdstyler.de - to make DVD menus
Video DVD Maker - www.protectedsoft.com - to burn several video files into DVD format.
Quick Media Converted - www.cocoonsoftware.com - Encode video files to MPEG2
IsoBuster
ImgBurn
CDBurnerXP

--------
List of software
List of Linux Distros
List of tools for Developers

Business Invoice Software