bin2iso for Leopard 10.5
I compiled bin2iso from source for all the mac users out there. For some reason bin2iso is not in macports. Link below:
Unzip into a directory and chmod +x bin2iso
Recommend moving to /usr/local/bin
Archive for Techie
PPC Loki Games
Here is a blast from the past…way back past…
I loaded OpenSuSE 11 on my G4 Cube and remembered I had a few of the old Loki Games. Here are the games with ports to Alpha/PPC/SPARC:
- Civilization: Call to Power
- Myth II: Soulblighter
- Railroad Tycoon II
- Eric’s Ultimate Solitaire
- Heroes of Might and Magic III
It is mind boggling that at this point in Linux history (2000-2002) that someone decided to port these! The great thing about GCC and SDL is cross compiling is pretty simple. With that said supporting these must have been a nightmare for Loki.
SheepShaver on Ubuntu
I wanted to run MacOS 9 in my Ubuntu Intrepid dev box so I went ahead and grabbed CVS. Problem was the autogen script never dumped a config.sub. Instead I took the easy route and downloaded an RPM version and used alien to convert. The one extra step to get it running is to as root ln -s /var/lib/libreadline.so.5 /var/lib/libreadline.so.4
Have fun!
Airborne Warfare
The mark of a good system administrator is laziness. I mean this in the sense that laziness in the computing world fuels automation and thereby lower costs. In this quest for automation it is my belief that we have opened ourselves to a real danger in the air.
Most computers by default have running applications. Wether they be in the taskbar or a Linux daemon, our machines are set to take care of their users. The biggest offenders are communication based services. Programs that login to our Lotus Smarttime, Windows Messenger, or Jabber corporate servers transmit userid and password information upon recognizing network connections. Email programs set to auto-check for mail ping into the ether in search of new messages to delight the warm body clicking away on its keyboard.
This is where airborne comes into play. As I sit typing this at 35,000 feet I am reminded that this red eye flight is sparsely populated. On a flight with a few more laptops I would be given the opportunity to take over their laptops. Most laptops are programmed to auto-connect to the strongest wifi access point accessible. Even my Windows Mobile phone and iPhone perform this similar function.
Here is where someone with a not so perfect ethical background could create an attack. Linux and MacOS X offer the option to setup AD-HOC networks that can appear as infrastructure WAP. If these networks were given names like DELTA or Free WIFI, there is a good chance the user would allow the automatic question without thinking twice. That is of course if the user was even queried (remember our lazy system administrators.) What we are left with is a group of laptops assuming there connection to the internet is active and thereby sending login information hoping for responses. A user running a packet capture program could then deconstruct these packets and extract useful information. Even a machine that utilized encryption for authentication such as Kerboes would fall prey as it sent the FQDN of the server in your enterprise.
What is a security professional to do? Disable automatic wifi connections. Or better yet, add a list of approved wifi access points. The technology exists to lock down a corporate laptop while still allowing your road warriors the ability to connect in various hotel rooms around the world. Only allowing corporate assets to be accessed through concentrators such as VPN endpoints or firewalls would add a further layer of security. Use of application and desktop virutalization products such as VMware ACE or XenDesktop could ensure rigid security practices are in place before allowing access.
Laziness is a hallmark of good system administration. What we must remember in today’s highly connected, overly communicated world is that automation can breed great exploits. Lock down those wifi cards.
