Posts

Showing posts from January, 2007

MySpace "Hacked"

There have been a small number of phishing attacks against MySpace users. The latest round gathered some 56,000+ login names and passwords. Now, every security guy in the world is blogging (and blogging more) about peoples' crappy choices for passwords. Similar to websites that poll you about various hot topics, there is a fundamental flaw to this password analysis. Go to a news site with a story about Hillary Clinton, and there's a decent chance there's a sidebar poll asking you if she has a chance to win her party's nomination (or the Presidency). This poll will inevitably identify itself as "unscientific", but readers still put some stock in it. All that poll will tell you is what percentage of people who would read an article about Hillary Clinton actually think she will get nominated or elected. Furthermore I posit that the most likely people to read that article are ones who are in favor of her, and therefore the poll results should be skewed tow

Watching Sneakers Again

I prefer Wargames, but Sneakers is cool. Much to my surprise, the kids love it. They don't like me pausing and explaining stuff, but they love it.

My New Favorite Toy

Okay, I have a new favorite toy. It's called Engarde Secure Linux . This secured Linux distribution goes beyond the normal SELinux capabilities with a restricted root and true Mandatory Access Controls (remember your CISSP training?) Why do I care? A few years ago I was tasked with building a secure file transfer system that was built on existing tools which a "partner" company could acquire and tie into, and it had to be easily automated. Based on the requirements (and taking a guess at what regulatory requirements were going to pass legislation) I built a system running on a Solaris box that SCPed data to- and from- partner companies. This data was PGP encrypted (if we were sending it) to the customer's PGP key, or it was received from the partner and automatically decrypted via PGP command line. This posed a few problems. The enterprise version of PGP command line (from Network Associates at that time) required that the passphrase be read from a text file, sto

Past Performance Is An Indicator...

of future results. Quick rehash: Iraq kicks out UN weapon inspectors . Eventually, we get ticked off enough to do something about it. (For a brief post on this issue, look here .) Now, Iran has banned UN nuclear inspectors . By my count, they have either 11 years of cushion here, or until the next Republican majority in the House and Senate coincide with a Republican president. There is a part of me that would like to think that Iran is actually just trying to get nuclear power power for the pipples (if you don't get that reverence, post and I'll 'splain). It would be nice to stage a power plant in a good neutral country and "ship" power over to Iran, but there just aren't very many good neighbors to Iran that we (the US) are likely to trust with nuclear power. Anyway, I digress. We are at a weak point internationally, and this is not helped by the Democrat-controlled legislature. Iran will not back down until there is a legitimate threat of invasion,

Christian Rock Doesn't Suck...

...anymore. Heaven knows it did, at least to someone with tastes like mine. I spent quite a bit of time in the "gaming" community (Doom, Quake, Unreal Tournament, and now XBox games) and for some strange reason this interesting form of "melodic heavy metal" is immensely popular there. For those of you who don't know what I'm talking about, the best example I can give you is Evanescense . When Evanescence came out, they were quite popular, and most people thought they were a novel new sound. Those in the Internet communities I hung around knew about tons of bands who had been doing this female-led heavy metal for quite a while. It is these secular bands that I have had a hard time getting away from. Bands like: After Forever, Nightwish, Edenbridge, Lacuna Coil, Darkwell and Within Temptation. Other bands with similar (albeit male lead) sounds include Gammaray, Stratovarius, Therion, Luca Turilli/Rhapsody, and others. If you want a fun tool to see what

Oh, The Irony Of It All!

First, we hear that Tom Cruise is actively pursuing the Beckhams (specifically, Victoria Beckham) to join his profitable little Scientology cult. This spiritual change on Victoria's part was the subject of rumors as to why the Beckhams were looking at moving to L.A. Now, it appears that David chose to bring his family to LA to get the best care available for his son, Romeo, who has epilepsy . If this new revelation is true, I applaud David and Victoria for their move. Furthermore, this is the kind of exposure that helps raise awareness (and money) for these kinds of medical conditions. Buuuut, I am concerned about Cruise's attempts to drag the Beckhams into Scientology. With any luck, the Beckhams are South Park fans and have an idea as to how wacky the cult is. Maybe it would help Victoria if she were to read this . Or this . I understand that David and Tom are close friends, but if my "close friend" tells me to forego medicine for my epileptic kid (because he&

Reading List

Here are the books I picked up in the last few weeks. "Picked up" means I already own them, and I found need (or desire) to reference them. I haven't bought anything new for the last few months. For those of you uninterested in religion, I'll list the secular stuff first: Applied Cryptography - Bruce Schneier. (I would recommend "Secrets and Lies" to every IT person on the face of the Earth. It's that important). This book is actually a good read, despite the dry subject matter. How The Mind Works - Steven Pinker. Self-descriptive title. I read this beginning-to-end years ago, and found need to reference it again. I need to give it a full read again so I can remember exactly why I found it so interesting! In the mean time, I needed to verify some ideas I had in a discussion with my teenage daughter. Surfing Through Hyperspace - Clifford Pickover. This book does an awesome job of explaining multiple dimensions in laymans terms. Unfortunately,

"Do you really believe...

...what you believe, or do you have doubts?" -text message This is the single most thought provoking question I have been asked in the last week or so. Don't laugh, I get a ton of thought provoking questions at work and at home. This particular one came from someone very close to me who does not share my worldview (he is "skeptical" about religion). My immediate answer was "no". Furthermore, I amended that I struggle with people who do have doubts. Not personally, I just don't understand them. Didn't. Now I am doubting my answer. Thought provoking. I truly do not have doubts about my faith. I haven't for quite some time (ten-plus years). Of course, I will concede that in that time I have lead a rather charmed life. Great wife, great kids, great parents and siblings. Great friends, and great jobs. No unexpected deaths, and my critical job loss was followed up with a miraculous series of job offers over a *very* short period of time.

Future (Present?) of Privacy

You have no privacy. You can take my statement one of two ways: the ramblings of one who fears God and knows that God knows all that has been, is, and will be, or you can view it as the ramblings of one who has faith that we will not destroy ourselves (completely) before we develop amazing new technologies in the next 1000 years. Your choice. For the sake of this argument, however, I'm going to focus on #2 (which is what some of you may think this article is...a bunch of #2) As I did with my post "The Future of Christianity I" , I will first look to the past to predict the future. Furthermore, I shall explain the present. Can you imagine being a murderer and getting away with your crimes (let's say Jack the Ripper) and you have someone from the future approach you and tell you that they were able to solve the murders using a technology that was unheard of (indeed, undreamt of) in your time? The "Jack the Ripper" case may be a far out example (for now) b