Wednesday, February 27, 2008

dry...

So I said that Helix came with a 339 page user guide. For the newbies... I'm 104 pages in. I tore through the first 75 or so yesterday, but it's dry today.

Yesterday's topics included what happens when you run from the CD-Rom in windows. It was fun to play around, even if I couldn't get FR (file recovery tool) to work. Today I'm reading on the Linux side of the CD, and so far, I haven't been able to play around like yesterday. And the content is Dry old review material.

Things I like - computer tools edition:

As a pseudo follow up to last weeks encryption post:

I like portable apps. Install some of the greatest open software tools you need on a memory stick (usb flash drive), and run the applications from there.

Damn Small Linux usb install. Like the above, but it's the whole OS on a stick. You can boot from it (if the computer supports it), or run it inside MS Windows.

Yes I know other distros can do the same thing, I just happened to like DSL.

And one of my new favorite tools. Even if the Beginner's guide is 339 pages is Helix. I've been playing with this for work. I'm looking into using this as a special audit tool.

Sunday, February 24, 2008

What do you do, when waiting on a vendor to do maintenance?

So I'm at work tonight. Only reason I am here is in case things go bad. Looks like that won't be the case tonight.

So here is what I did:
Brain Surgery. I'm happy to say that the patient made a full recovery (as far as I can tell at this time). I replaced the processor in my laptop. It's working. I haven't tested the wireless yet, but that's because I don't have a wireless access point at work.

I've blogged.

I've printed out a 339 page book in pdf format, twice. I burnt the software that goes with it. It will be drilled Tuesday, and put in a binder. Then I get to use the software to do something I don't feel qualified to do. (It involves computer forensics).

I'm trying to not succumb to the plague. I really should have grabbed some tylenol or other from of pain killer.

I'm waiting to go home.

Excuse me, I have the plague.

No not really, I have a sinus infection, and an ear infection. But still.

So after I posted about encryption. The day after, I found a few mentions to a new project that was making it's rounds. Not a new project in a good way.

It turns out that the way RAM works now, it doesn't forget everything once the power is off. Including your encrypted password to boot your FDE box. Instead, SDRAM slowly suffers bit rot, and if you cool the chips it holds the data even longer.

The same day, /. came out with an spot about a new way to hack cell phone calls. All you need is about 1000.00 of storage and some other equipment. It's not like cell phones are secure, but it's becoming easier for people who aren't the government or the phone company to snoop.

Yes I sound paranoid at times, but I am paid to be. The first company spent lots of money to make me this way. :)

Wednesday, February 20, 2008

Censor this.

Why do people have no clue? Seriously first it was China with their great firewall. A laughable joke. Proxies and the like make it easy to get around. Heck there is a service I heard about a few years ago, where you can sign up, they allow an encrypted connection to your PC and use your bandwidth to get around the firewall.

Now it's the Wikileaks.org issue. Wikileaks is a web site that allows anonymous whistle blowing. A swiss bank had the whistle blown on them, about money laundering. So they found a moron symptomatic judge (bought and paid for most likely) to have the domain name taken away. It appears that it is better to protect the company than it is the consumer. A sad thing that is getting bigger and bigger in the US.

Seriously people, the companies and the government want to know what you are talking about. They want to control you. FISA and the like aren't about saving people, it's about control.

Its time to up the game. Use Tor, use PGP / GPG, SSH, SFTP, Password Safe, and TrueCrypt.

Tor will let you surf the web more anonymously. It makes the job of finding out where your going, and where you are harder. Basically it bounces you around a bunch of other computers before you get to the web server.

PGP / GPG, encrypt your email. Make it so only those you want to read your email can. Yes you can get it to work with gmail too.

SSH and SFTP encrypt your connection to terminal and ftp servers. Normally your password is sent in plain text, and anyone with a packet sniffer can see what that password is. SSH and SFTP encrypt the connection between you and the server. Meaning that they can't read your password, or what your getting from a packet sniffer.

Passowrd Safe securely store your user names and passwords. It has a nice gui in windows. It stores the data in an encrypted file. You can double click an entry and it will securely copy it to your clipboard for pasting, and the clears the clipboard when it minimizes or closes.

Lastly TrueCrypt offers Full Disk Encryption (as of version 5.0) that requires pre-boot authentication (for windows, need to check on Linux, and Mac OSX is planed for later). It provides some other nifty things too, like encrypted containers, that you can hide a second encrypted container in. That way if your computer is stolen, your data isn't accessible. Well after it powers off. It also works well on USB drives. I recently got an 8 gig drive, that I've put an encrypted container on. When I plug the drive it, it pops up the auto run menu, and asks if I want to mount the drive. I don't have to. I do have some stuff outside the encrypted section, but that's encrypted in a different way. There are some other tools that can do the Full Disk Encryption, like PGP, but Truecrypt is open source and only costs the price of the download.

Service.

What ever happened to customer service? In the last week, I've had horrible service at 3 different restaurants, and had a guy at a computer store make a comment about "crap I wouldn't use" as I was about to pay him for said item.

1) Restaurant last Friday, very large order. Brought out the main dish before the appetizers... then asked if I still wanted the appetizers. There were 6 of us, and I was the only one to get anything besides the appetizers. Then it was still another long wait. About 20 minutes.

2) Pool hall on Saturday. We saw our waitress a total of 6 times. Once when she took our first order for drinks and food, and she brought them back, again for the second order, and we had to track her down to pay the bill, then wait for the change. We were wondering if she was going to bring the change back it took so long. We where there for 3 hours.

3) Pizza joint last night. They have drive through pizza that is hot and ready. I went inside to get pizza. 20 minutes later, still with no pizza, I demanded my money back and left to go else where.

4) Today at a computer store. Small shop in A^2. I went to but some thermal compound for my new processor. All they had was crap, and it was over priced. However I figured since I'm here, I'll get that and hope it lasts. The guy ringing me up looks over tells the other guy there to order more, since all that is left is crap he wouldn't use. I took my money back and left.

Monday, February 18, 2008

Something random

I just got done watching the rocketboom video over at crooks and liars: Why we do what we do.

It's hard to watch really. People doing their best to remain ignorant, and you can tell by the way they are talking, that they are getting more so by each generation. Listen to the teenage girl. She speaks bushese fluently.

It is scary that people don't know that under god was added to the pledge in the 1954 because of tail-gunner joe and his peeps. Its also scary that they don't realize the line on our money "in god we trust" was added later too. Adopted as the national motto in 1956, it was put on the money during the civil war. In 1864 the first coins were struck with that motto. It didn't hit the paper money until 1957.

LEARN HISTORY PEOPLE.

Sunday, February 17, 2008

Stop raping my childhood PLEASE!

The Kight Rider movie... It was awful. I mean it was on par with Team Knight Rider, and even stole some elements from TKR. But it was bad. Just really bad. Sci-Fi channel's Flash Gordon bad.

I hope they make it a series.

As bad as it was, it's still better than the reality tv show crap they force on us now.

Friday, February 15, 2008

Things you don't want to see when you first wake up

Sitting in my in box this morning is an email from my domain hosting company. The people I registered my domain name through. So ssakcaj in Russia requested my password be reset. The email came to me. My email account, doesn't forward anywhere. It still pisses me off though.

One of the things my dns provider does, is include the ip address (how I know the ssakacj is in Russia, or at least using a Russian ip). I'd contact the provider, but I doubt they'd care. Russia doesn't have a rep as a cracker paradise for no reason after all.

In related news... I'm blocking 12367 ip address from accessing the box behind that domain name. It's my laptop. Mostly used for SSH, so I can test things from work. Back in the day... Before my pc died, I had a web server up, hosting pictures of my parrot.

Thursday, February 14, 2008

bidding on ebay sucks

With all the reading of virtualization I've been doing lately, I want to do virtual windows xp on my laptop. Since I'm reading about Xen Virtualization, which we are going to use at work, I want to stick with that. That means I need an Intel VT chip. I did some looking at the processors and I thought I had one, however the option isn't in the bios, and the flags are not there in cpuinfo.

So I did more looking. Turns out I have an Intel Core Duo T2300E which doesn't do VT. So after looking around the net, and not wanting to pay $400.00+ for a chip that is no longer made, I decided to try Ebay.

In the last week I tried to bid on several different processors. I placed bids, and ended up getting out bid. One, I held the winning bid for 3 days. It was a T2300, the right kind. However I got an email today saying I was out bid, and the thing is now going for $60.00.

Talking to a co-worker, she said don't bid until the last 20 seconds. Put in the max amount you're willing to pay for it, and it'll usually prevent you from being out bid. Personally I don't like the snipe approach. I wonder how often that is someone just jacking up the price of their own product.

A great example. One of the processors I had bid on... I got an email from the seller last night. He hadn't heard from the buyer (after an hour of the sell closing), and wanted to know if I wanted to buy it. Of course at that time I was looking at another one and winning the bid on that. I said no.

Buying on ebay is a little easier... even if it does cost you more money. Still not the greatest system in the world, but I've seen much worse.

Tuesday, February 12, 2008

Senator Levin...

So I was surprised by one of my Senators today. Levin, actually voted in favor of the Dodd / Feingold amendment. However, I forgot all about Stabenow (IE STAB IN THE BACK / STAB ME NOW).

She was one of the traitors that cross the line to side with the republic party on giving her corporate masters (she's bought and paid for) immunity.

I sent a fairly nasty email to her. Telling her thank you for cementing the position in our current police state.

If you don't think we live in a police state, you haven't really be paying attention have you...

Oh and speaking of masters... Anyone else see that our media masters are calling states for Obama, before ANY votes are counted?

The strange things I think of...

So it's Tuesday, that means generator test day. As I was walking past the two large generators doing their test run (they're used for the Data Center), I though... Hey, why don't we feed some power back into the grid... Which led me to think about solar panels on the roof of the building (large factory style building).

It won't run the data center, but if we get enough of them, it should handle the overhead lighting and maybe the power outlets... Ok that'll take quite a few, but we've got the roof space.

I ran the idea past the director, I'll just wait to see where he takes it. He liked the idea.

Monday, February 11, 2008

My Senator is a Traitor living in Fear

This is a letter I sent to Senator Carl Levin of Michigan today.

Dear Mr. Levin,

I just watched you supporting the Specter / Whitehouse amendment to the FISA bill.

What you basically said, yes the telcos broke the law, but that's fine as long as no one can show they were hurt. If citizens can show they were damaged (by secret laws) then they can have a day in court. You statement was that because the telcos were acting in "good faith with the administration" it is ok to break the laws of the nation. This country is supposed to be above secret laws, and you're advocating them.

That is akin to you approaching me to murder someone for you, saying as long as I hide the body well enough, I won't be prosecuted. Even though we both know that I'd be breaking the law.

Everyone is damaged by the Telecommunication companies that broke the law, because U.S. Citizens can no longer trust that their conversations are private, and not being listened to illegally.

You sir disgust me. Stop living in fear.

Listening to Dodd on FISA

Man, I wish Dodd was still running. He's going a great job speaking against the immunity garbage in FISA bill. He's following up on what Feingold started before him (in the speeches).

Dodd is showing leadership, where are Clinton and Obama?

Thursday, February 7, 2008

Should I stop doing errata?

I bought this book about a month ago, it's bad. See the early post from today. I have submitted at least 5 errata in the last two weeks. Not one has shown up on the website yet.

They include wrong commands, commands not matching the screen capture below it in the book, and commands with spaces in them, that really do not belong.

Xen Virtualization: The book - update

I decided to not build the last two xen boxes in chapter 3. So far the book has been a major disappointment. The author wasn't even trying in chapter 3. And I really wonder if the reviewers read the book.

Whole steps were left out while installing the NetBSD box, and instead of giving pointers to make things work during install, it was a case of oh just go read this web page on the NetBSD site.

Overall I'm very disappointed with the book.