September 11, 2008 at 6:23 am · Filed under Personal
I looked up at the calendar resting in my SuSE box tray (oooh shinny!) and it occurred to me that today is a weird one. To the majority of America today represents 7 years since the WTC/Pentagon terrorist attacks. To me this day represents my Fathers birthday.
I wonder if my Dad will be forever plauged or if it will turn into a generational thing. Will my children know that his birthday is shared with the largest attack on Continental American soil? If I say December 7th, how many of my readers know what happened that day?
All the same my prayers are joyous and reserved. Much the same way I felt the day this happened. I walked into Mrs. Perkin’s classroom to see the TV reports and a girl crying in a desk near the door. Mrs. Perkins had her mouth covered and her glasses off (tall tell signs of disbelief.) My first thought as I watched the plane smash into the towers was my Father. Not his birthday, not his celebration that night at home, but rather where he was going. I grew up conditioned to watch CNN more for knowing where my dad would be next week than what was news. It was my travel guide.
So Dad, Happy Birthday. I will not include the exclamitory mark here out of respect for those in mourning still. I hope my kids never assosciate your birthday with this point in history.
September 10, 2008 at 2:18 pm · Filed under Techie
Here is a blast from the past…way back past…
I loaded OpenSuSE 11 on my G4 Cube and remembered I had a few of the old Loki Games. Here are the games with ports to Alpha/PPC/SPARC:
It is mind boggling that at this point in Linux history (2000-2002) that someone decided to port these! The great thing about GCC and SDL is cross compiling is pretty simple. With that said supporting these must have been a nightmare for Loki.
September 6, 2008 at 8:34 am · Filed under Techie
I wanted to run MacOS 9 in my Ubuntu Intrepid dev box so I went ahead and grabbed CVS. Problem was the autogen script never dumped a config.sub. Instead I took the easy route and downloaded an RPM version and used alien to convert. The one extra step to get it running is to as root ln -s /var/lib/libreadline.so.5 /var/lib/libreadline.so.4
Have fun!
sheepshaver_23-13_i386.deb
September 2, 2008 at 4:01 pm · Filed under Techie
The mark of a good system administrator is laziness. I mean this in the sense that laziness in the computing world fuels automation and thereby lower costs. In this quest for automation it is my belief that we have opened ourselves to a real danger in the air.
Most computers by default have running applications. Wether they be in the taskbar or a Linux daemon, our machines are set to take care of their users. The biggest offenders are communication based services. Programs that login to our Lotus Smarttime, Windows Messenger, or Jabber corporate servers transmit userid and password information upon recognizing network connections. Email programs set to auto-check for mail ping into the ether in search of new messages to delight the warm body clicking away on its keyboard.
This is where airborne comes into play. As I sit typing this at 35,000 feet I am reminded that this red eye flight is sparsely populated. On a flight with a few more laptops I would be given the opportunity to take over their laptops. Most laptops are programmed to auto-connect to the strongest wifi access point accessible. Even my Windows Mobile phone and iPhone perform this similar function.
Here is where someone with a not so perfect ethical background could create an attack. Linux and MacOS X offer the option to setup AD-HOC networks that can appear as infrastructure WAP. If these networks were given names like DELTA or Free WIFI, there is a good chance the user would allow the automatic question without thinking twice. That is of course if the user was even queried (remember our lazy system administrators.) What we are left with is a group of laptops assuming there connection to the internet is active and thereby sending login information hoping for responses. A user running a packet capture program could then deconstruct these packets and extract useful information. Even a machine that utilized encryption for authentication such as Kerboes would fall prey as it sent the FQDN of the server in your enterprise.
What is a security professional to do? Disable automatic wifi connections. Or better yet, add a list of approved wifi access points. The technology exists to lock down a corporate laptop while still allowing your road warriors the ability to connect in various hotel rooms around the world. Only allowing corporate assets to be accessed through concentrators such as VPN endpoints or firewalls would add a further layer of security. Use of application and desktop virutalization products such as VMware ACE or XenDesktop could ensure rigid security practices are in place before allowing access.
Laziness is a hallmark of good system administration. What we must remember in today’s highly connected, overly communicated world is that automation can breed great exploits. Lock down those wifi cards.
August 30, 2008 at 7:22 pm · Filed under Techie
I am a GNU Hacker, hear me ROAR! Do Wildebeest roar?
« Previous entries ·
Next entries »
![050903-F-5586B-114(2)[1] (Hurricane Katrina, Keesler AFB)](http://lh5.google.com/oneguynick/Rcay93r3cWI/AAAAAAAABIw/qzeM2XtKr2g/s160/050903-F-5586B-114%282%29%5B1%5D.jpg)
![050903-F-8078V-013[2] (hurricane katrina relief, Air Force, Unclassified)](http://lh5.google.com/oneguynick/Rcay43r3cFI/AAAAAAAABGo/__1_oCrKxBA/s160/050903-F-8078V-013%5B2%5D.jpg)
![050902-f-7503w-070[1] (130th Airlift Wing, 43rd Aeromedical Evacuation Squadron, Hurricane Katrina)](http://lh3.google.com/oneguynick/RcazCXr3cnI/AAAAAAAABK4/OTGF53PPimk/s160/050902-f-7503w-070%5B1%5D.jpg)