6 Mar
2013
6 Mar
'13
10:54 p.m.
It seems some nasty hacker has defaced ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
(sorry if I spoiled anything Paul... :)
6 Mar
6 Mar
10:59 p.m.
On 06/03/13 21:54, Peder Hedlund wrote:
It seems some nasty hacker has defaced ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's old
looks soon.
(sorry if I spoiled anything Paul... :)
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user(a)lists.linuxaudio.org
http://lists.linuxaudio.org/listinfo/linux-audio-user
Isn't it an anti-crime though? -- someone's hacked in and improved it ;-)
Q
11:11 p.m.
Quoting Q <lists(a)quirq.ukfsn.org>rg>:
On 06/03/13 21:54, Peder Hedlund wrote:
I WANTS MY OLD ARDOUR.ORG BACK!!!!
And what's worse - not even the Wayback Machine seems to have a copy
of the old layout :(
Guess I'll just have to look at this screenshot
(http://a.webutation.net/d/4/ardour.org.jpg) and reminisce about the
good old days...
- Peder ;)
It seems some nasty hacker has defaced
ardour.org
Isn't it an anti-crime though? -- someone's hacked in and improved it ;-) 
7 Mar
7 Mar
6:56 a.m.
On 03/06/2013 12:10 PM, Peder Hedlund wrote:
Quoting Q <lists(a)quirq.ukfsn.org>rg>:
Yah, the design has the opposite of the usual web designers problem:
font too small. This design says "Font too big" to me! ;-)
--
David
gnome(a)hawaii.rr.com
authenticity, honesty, community
http://clanjones.org/david/
http://dancing-treefrog.deviantart.com/
On 06/03/13 21:54, Peder Hedlund wrote:
I WANTS MY OLD ARDOUR.ORG BACK!!!! It seems some nasty hacker has defaced
ardour.org
Isn't it an anti-crime though? -- someone's hacked in and improved it ;-) 
7:01 a.m.
On 03/07/2013 12:56 AM, david wrote:
On 03/06/2013 12:10 PM, Peder Hedlund wrote:
The thing that confuses me is the multiple references to MIDI editing,
yet the version available for download is 2.8.16.
--
---
My bands, CD projects, music, news, and pictures:
http://www.lateralforce.com
My blog, with commentary on a variety of things, including audio,
mixing, equipment, etc, is at:
http://audioandmore.wordpress.com
Staat heißt das kälteste aller kalten Ungeheuer. Kalt lügt es auch;
und diese Lüge kriecht aus seinem Munde: 'Ich, der Staat, bin das Volk.'
- [Friedrich Nietzsche]
Quoting Q <lists(a)quirq.ukfsn.org>rg>:
Yah, the design has the opposite of the usual web designers problem:
font too small. This design says "Font too big" to me! ;-)
On 06/03/13 21:54, Peder Hedlund wrote:
I WANTS MY OLD ARDOUR.ORG BACK!!!! It seems some nasty hacker has defaced
ardour.org
Isn't it an anti-crime though? -- someone's hacked in and improved
it ;-) 
9:21 a.m.
On 03/07/2013 07:01 AM, Al Thompson wrote:
The thing that confuses me is the multiple references
to MIDI editing,
yet the version available for download is 2.8.16.
indeed. similar comments have appeared on IRC in the last weeks. However
the consensus is that time is better spent on simply pushing Ardour3 out
the door than writing anti-confusion explanations :) -- The website is
just a bit ahead of the A3 release schedule.
Also, neither the website nor other related work which going on behind
the scenes has been publicly announced, yet.
On that note: Ardour3 release candidates are already available to
subscribers. Subscribe now and you should receive a notification about
rc3 binary packages which are due to be released later today.
Of course you can also always compile from source:
http://ardour.org/building_linux.html
Cheers!
robin
9:23 a.m.
Thats a good status update on the release - thanks Robin!
On Thu, Mar 7, 2013 at 8:21 AM, Robin Gareus <robin(a)gareus.org> wrote:
On 03/07/2013 07:01 AM, Al Thompson wrote:
The thing that confuses me is the multiple
references to MIDI editing,
yet the version available for download is 2.8.16.
indeed. similar comments have appeared on IRC in the last weeks. However
the consensus is that time is better spent on simply pushing Ardour3 out
the door than writing anti-confusion explanations :) -- The website is
just a bit ahead of the A3 release schedule.
Also, neither the website nor other related work which going on behind
the scenes has been publicly announced, yet.
On that note: Ardour3 release candidates are already available to
subscribers. Subscribe now and you should receive a notification about
rc3 binary packages which are due to be released later today.
Of course you can also always compile from source:
http://ardour.org/building_linux.html
Cheers!
robin
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user(a)lists.linuxaudio.org
http://lists.linuxaudio.org/listinfo/linux-audio-user
3:14 p.m.
Of course you can also always compile from source:
http://ardour.org/building_linux.html
So if the ardour site was hacked then is there not a possibility that the sourcecode has
been compromised too? Is the code signed?
What I am getting at is that if you install ardour using a root account but the version
you are installing is maliciously compromised then your system canbecome pwned.
I doubt this since if I wanted to own a few systems then I would not leave thehack evident
but Linux is very close to some large exploits due to the natureof distributed and weakly
protected code.
Regards, nick.
3:26 p.m.
On Thu, Mar 7, 2013 at 9:14 AM, Nick Copeland <nickycopeland(a)hotmail.com>wrote;wrote:
maybe you need to actually visit ardour.org
peder's post was a joke. i'm not sure why he decided to post what he did,
but ardour was not hacked, and besides, the website is not where the code
lives and there is no access to release files via the webserver.
--p
Of course you
can also always compile from source:
http://ardour.org/building_linux.html
So if the ardour site was hacked then is there not a possibility that the
source
code has been compromised too? Is the code signed?
8:49 p.m.
New subject: Just a (bad) joke (Was Re: Ardour.org hacked...)
Quoting Paul Davis <paul(a)linuxaudiosystems.com>om>:
peder's post was a joke. i'm not sure why he
decided to post what he did,
I visited ardour.org on the 21st or so, obviously seeing the old
layout, and was gladly surprised when I saw the new look yesterday.
Since I hadn't seen any post about the change, and failed to see the
announcement in the "What's new" on the community site, I thought it
was just put into effect and thought I'd make it "public".
I thought it would be really obvious to anyone visiting the page and
seeing the new look that I was joking but I didn't think about the
people who had already seen it (since I thought it was brand new).
Sorry about any confusion I may have caused.
- Peder
8 Mar
8 Mar
2:48 a.m.
New subject: Just a (bad) joke (Was Re: Ardour.org hacked...)
On Fri, Mar 8, 2013 at 3:49 AM, Peder Hedlund <peder(a)musikhuset.org> wrote:
Quoting Paul Davis
<paul(a)linuxaudiosystems.com>om>:
Or people who just may just reply to the content without checking the link =)
peder's post was a joke. i'm not sure
why he decided to post what he did,
I thought it would be really obvious to anyone visiting the page and seeing
the new look that I was joking but I didn't think about the people who had
already seen it (since I thought it was brand new).
7 Mar
7 Mar
3:34 p.m.
On Thu, 7 Mar 2013 15:14:42 +0100, Nick Copeland wrote
Of course. It'll be as vulnerable as the compiled ardour you download from
a hacked server ;-)
Of course you
can also always compile from source:
http://ardour.org/building_linux.html
So if the ardour site was hacked then is there not a possibility that the source
code has been compromised too? Is the code signed?
Probably not. It might be possible to provide checksums (wich you would have to
commuincate over a secure channel ...) but in the presence of line-end conversion
et al. even that is non-trivial.
What I am getting at is that if you install ardour
using a root account but the
version you are installing is maliciously compromised then your system can
become pwned.
Yes. That's pretty obvious. Almost the same is true for non-root installs as well.
Just install a backgound process that logs all X-events (key-down ...) and you'll
be able to get root access.
Iff you protection against this kind of exploits you pretty much need to audit you
code base or use distributions that use signed packages. Trust your
distribution or
audit, those are the only options you have.
I doubt this since if I wanted to own a few systems
then I would not leave the
hack evident but Linux is very close to some large exploits due to the nature
of distributed and weakly protected code.
Which distribution _doesn't_ sign it's packages? What code is weakly protected?
Even most major download/DVCS sites use secure communication channels these days
(https). The problem is the naive asumption that self-compiled code would be more
secure. Not a Linux problem, I'd say ...
Cheers Ralf Mattes
Regards, nick.
--
R. Mattes -
Hochschule fuer Musik Freiburg
rm(a)inm.mh-freiburg.de
3:37 p.m.
On Thu, Mar 7, 2013 at 9:34 AM, R. Mattes <rm(a)mh-freiburg.de> wrote:
Iff you protection against this kind of exploits you
pretty much need to
audit you
code base or use distributions that use signed packages. Trust your
distribution or
audit, those are the only options you have.
Given that I'd much prefer that people did NOT get Ardour from their Linux
distribution, I'd prefer that they trust me. That way they can at least
the screw ups that several major distributions manage to inject into Ardour
whenever they package it.
--p
8 Mar
8 Mar
2:47 a.m.
On Thu, Mar 7, 2013 at 10:34 PM, R. Mattes <rm(a)mh-freiburg.de> wrote:
Which distribution _doesn't_ sign it's packages? What code is weakly protected?
Even most major download/DVCS sites use secure communication channels these days
(https). The problem is the naive asumption that self-compiled code would be more
secure. Not a Linux problem, I'd say ...
Smaller distros don't necessary sign packages (mine, Arch, started
doing it relatively recently). The implicit 'trust-the-dev' still
applies though, even with signing.
7 Mar
7 Mar
9:21 a.m.
Well 3.0 is dropping any day now - isn't it Paul? Where are the
translations up to now?
On Thu, Mar 7, 2013 at 6:01 AM, Al Thompson <althompson58(a)gmail.com> wrote:
On 03/07/2013 12:56 AM, david wrote:
On 03/06/2013 12:10 PM, Peder Hedlund wrote:
The thing that confuses me is the multiple references to MIDI editing,
yet the version available for download is 2.8.16.
--
---
My bands, CD projects, music, news, and pictures:
http://www.lateralforce.com
My blog, with commentary on a variety of things, including audio,
mixing, equipment, etc, is at:
http://audioandmore.wordpress.com
Staat heißt das kälteste aller kalten Ungeheuer. Kalt lügt es auch;
und diese Lüge kriecht aus seinem Munde: 'Ich, der Staat, bin das Volk.'
- [Friedrich Nietzsche]
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user(a)lists.linuxaudio.org
http://lists.linuxaudio.org/listinfo/linux-audio-user
Quoting Q <lists(a)quirq.ukfsn.org>rg>:
Yah, the design has the opposite of the usual web designers problem:
font too small. This design says "Font too big" to me! ;-)
On 06/03/13 21:54, Peder Hedlund wrote:
> It seems some nasty hacker has defaced ardour.org
>
Isn't it an anti-crime though? -- someone's hacked in and improved
it ;-)
I WANTS MY OLD ARDOUR.ORG BACK!!!! 
6 Mar
6 Mar
11:16 p.m.
On Wed, 06 Mar 2013 22:54:21 +0100
Peder Hedlund <peder(a)musikhuset.org> wrote:
It seems some nasty hacker has defaced ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
You had me going there for a minute :o
--
Will J Godfrey
http://www.musically.me.uk
Say you have a poem and I have a tune.
Exchange them and we can both have a poem, a tune, and a song.
11:17 p.m.
Love it! Slick design, man.
--Jason
On Wed, Mar 6, 2013 at 3:16 PM, Folderol <folderol(a)ukfsn.org> wrote:
On Wed, 06 Mar 2013 22:54:21 +0100
Peder Hedlund <peder(a)musikhuset.org> wrote:
It seems some nasty hacker has defaced
ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
You had me going there for a minute :o
--
Will J Godfrey
http://www.musically.me.uk
Say you have a poem and I have a tune.
Exchange them and we can both have a poem, a tune, and a song.
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user(a)lists.linuxaudio.org
http://lists.linuxaudio.org/listinfo/linux-audio-user
7 Mar
7 Mar
6:48 a.m.
On 03/06/2013 12:16 PM, Folderol wrote:
On Wed, 06 Mar 2013 22:54:21 +0100
Peder Hedlund <peder(a)musikhuset.org> wrote:
Cool - Ardour can now export HTML pages!!!!! ;-)
--
David
gnome(a)hawaii.rr.com
authenticity, honesty, community
http://clanjones.org/david/
http://dancing-treefrog.deviantart.com/
It seems some nasty hacker has defaced
ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
You had me going there for a minute :o 
6 Mar
6 Mar
11:32 p.m.
Le 06-03-2013 16:54, Peder Hedlund a écrit :
It seems some nasty hacker has defaced ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
Is this a commercial product ? ;-)
7 Mar
7 Mar
9:20 a.m.
On 03/06/2013 11:32 PM, jonetsu(a)teksavvy.com wrote:
no joking. It is a commercial product.
Paul makes some money by developing ardour, and others do as well: There
are studios and engineers who use Ardour commercially.
proprietary? no, it ain't. You can get the source. It's still GPLv2;
it's free as in freedom.
Cheers!
robin
Le 06-03-2013 16:54, Peder Hedlund a écrit :
> It seems some nasty hacker has defaced ardour.org
> I hate when they do that, never any thought about all the hard work
> people have put in to make the website look nice..
https://community.ardour.org/node/6883
I hope Paul
has a recent backup so he can get the site back to it's
old looks soon.
Is this a commercial product ? ;-) 
8 Mar
8 Mar
9:31 a.m.
On Wed, 2013-03-06 at 17:32 -0500, jonetsu(a)teksavvy.com wrote:
Le 06-03-2013 16:54, Peder Hedlund a écrit :
It's ok to present Ardour by that style, but perhaps the small dark grey
fonts on black background at the bottom should become more readable.
Dark grey on black easily becomes hard to read on tube monitors that
aren't calibrated perfectly, if just some sunlight shines on the screen.
It seems some nasty hacker has defaced
ardour.org
I hate when they do that, never any thought about all the hard work
people have put in to make the website look nice..
I hope Paul has a recent backup so he can get the site back to it's
old looks soon.
Is this a commercial product ? ;-)
4268
days inactive
4270
days old
linux-audio-user@lists.linuxaudio.org
20 comments
14 participants
participants (14)
-
Al Thompson -
Dan MacDonald -
david -
Folderol -
Jason Jones -
jonetsu@teksavvy.com -
Nick Copeland -
Oon-Ee Ng -
Paul Davis -
Peder Hedlund -
Q -
R. Mattes -
Ralf Mardorf -
Robin Gareus