Tuesday, January 27, 2009

The Right Brain vs Left Brain test

The Right Brain vs Left Brain test | September 26, 2007 10:00pm | "The Right Brain vs Left Brain test ... do you see the dancer turning clockwise or anti-clockwise?

If clockwise, then you use more of the right side of the brain and vice versa.
"

I ran across this the other day. It's interesting to see which way she's turning. For me she starts out spinning clockwise but I can get her to spin either way with little difficulty. The article has a list of "functions" that are based in each hemisphere of the brain. Oddly enough I have half and half; half of the list under each side. Guess that means I'm twice the half of normal people.

Powered by ScribeFire.

Monday, January 26, 2009

The "I'm Linux" Video Contest

The Linux Foundation is having an "I'm Linux" Video Contest. From the website;
If you've been alive and aware of mass media over the last twelve months, you've probably seen television commercials from Apple and Microsoft touting their operating system. From Apple's ubiquitous "I'm a Mac" to Jerry Seinfeld to Microsoft's "I'm a PC" retort, operating system commercials have been flooding the airways. Except one OS has been notably absent – Linux.
I might even try doing up something to submit.

Maybe.

Possibly.

Ok, probably not.

Yes, I know... I'm to much of a procrastinator and to lazy to do video editing. But the idea is good. Plus, here's what you get if you win;
The winner will receive a free trip to Tokyo, Japan to participate in the Linux Foundation Japan Linux Symposium in October 2009. The winning video will also be unveiled at the Linux Foundation's Collaboration Summit in San Francisco on April 8, 2009.
This might not sound to appealing for non-geeks but, hey! It's still Tokyo. It'd be worth trying it just for that. If only it wasn't a between Basho month.

Powered by ScribeFire.

Sunday, January 25, 2009

Afghan girls maimed by acid vow to go to school

Afghan girls maimed by acid vow to go to school By Atia Abawi CNN | KABUL, Afghanistan (CNN) -- "Shivering in pain and calling for her mother, Shamsia's hands shake uncontrollably, her eyes swollen shut and her skin peeling from terrible acid burns.

The 19-year-old was heading to school along with her 16-year-old sister, Atifa, in Kandahar, Afghanistan. It was a warm November morning last year and their only anxiety was being late for class.
"

For anyone questioning why we are there, this is why. It's also why a great majority of people, both here and in Iraq, want us to stay there. If we aren't there then these girls, and so many other people, will end up dead.

Powered by ScribeFire.

Wednesday, January 21, 2009

Klingon Keyboard: for serious Trekkies only

Klingon Keyboard: for serious Trekkies only | "Are you one of the biggest nerds in the world? If so, you probably know the fake Klingon language from Star Trek. And maybe you want to write things in this fake tongue. But here you are stuck with a stupid English keyboard. What to do? Buy a keyboard with Klingon symbols on it, that's what!"

Yes, I am a geek. If I had the cash to burn I'd get one of these for sure.

Powered by ScribeFire.

Tuesday, January 20, 2009

2008: The Risk Report

2008: The Risk Report | Tuesday, January 13, 2009 | "The Research Group has developed tools that objectively track and report on operational risk associated with software applications, operating systems and hardware."

This isn't just a "My stuff is good and yours sucks" list. It tracks vulnerabilities reported on software by type It isn't biased by license, business or sales but just reports the data.

Powered by ScribeFire.

Tuesday, January 13, 2009

Vets Honor Ex-Enemy Turned US Soldier

Vets Honor Ex-Enemy Turned US Soldier | January 05, 2009 | FREDERICKSBURG, Va. -- "It seems that a war story is universal, no matter which side of the battle you were on.

When Gunter Buhrdorf enlisted in the German navy as a 16-year-old during World War II, he probably never thought he would one day tell his story to fellow U.S. veterans at an American Legion post.
"
This is a very good story of how soldiers are the same underneath their uniforms. At least true soldiers are.

Powered by ScribeFire.

Friday, January 09, 2009

School is back!

Woohoo! School starts today. Well, for me at least. My son started on the 5th. This semester I'm taking C++ Intermediate Programming and something called Computer Applications. The description for it is -
This course is designed to increase proficiency in the use of common word processing, spreadsheet and presentation application software. Topics include production of business documents and reports. Upon completion of this course, students should be able to prepare documents using word processing, spreadsheet and presentation software.
Basically it means we learn MS Office. At first I was going to try testing out of the class but after thinking about it I figured what the heck. While I don't use MS Office for anything outside of these classes (I use either OpenOffice or SoftMaker Office, depending on my mood) I figure I'll still learn enough useful things I can take over to either of the others.

There was one thing that was difficult over the break, though. It took a real effort not to keep going in the C++ textbook. My son being here for the break helped, too. I wish the programming lessons/coursework were daily instead of weekly. I just can't seem to get it in fast enough. There's two more semesters then Summer. Maybe I'll see if I can learn assembly language programming then.

Wednesday, January 07, 2009

Top 10 Security Stories Of 2008 - Part 2

Top 10 Security Stories Of 2008 By Thomas Claburn | InformationWeek | January 2, 2009 04:00 AM - Here is part two. A few days late but what the heck.

5. The Internet's Biggest Security Hole
"In February, the Pakistan Telecommunication Authority directed the country's Internet service providers to begin blocking YouTube for distributing offensive content. In carrying out that order, the country's ISPs altered Internet routing information and the changed data propagated to PCCW, an ISP based in Hong Kong, and from there across the Internet. As a result, YouTube was briefly inaccessible."

A very significant incident. And one that's been known for a long time. The techies keep alerting the Government and Business communities to these kind of problems but said communities don't listen because it would cost money to fix. Then, when something does happen, they blame it on the techies. Typical.

4. Crouching Tiger, Hidden Trojan
"In its 2007 Report to Congress, the U.S.-China Economic and Security Review Commission (USCC) called Chinese espionage the top threat to U.S. technology.

That China might be doing so should hardly come as a surprise. It has been conducting cyberintelligence gathering for years, at least since the hacking campaign that U.S. investigators dubbed Titan Rain began in 2003. Other nations do so, too, it should be said. But Chinese hackers appear to have been notably successful and to have obtained significant technical information from the U.S. government, military contractors, and universities.
"

Anyone who's been involved with the Internet in the last decade knows the hacking abilities of China. Ever since the Eastern Block countries fell it's been the Chinese who've taken the top spot on the Cyber-Espionage leader board. Well, not counting all our "Allies" like much of the EU and Israel.

3. Hack The Grid
"Hacking a Web server is to hacking the power grid as a hand grenade is to an atomic bomb -- the impact of the former, while serious, pales in comparison to the impact of the latter. So it was that when, in January, CIA senior analyst Tom Donahue confirmed that online attackers had caused at least one blackout, security professionals and government representatives paid attention."

<In my best Rod Serling voice>
Imagine, if you will, a time not long from now and a place not far from here. A place where, after centuries, electricity suddenly disappeared. How would the world keep itself from falling into chaos? Let us visit this time and place. The time is the future. And the place? The Twilight Zone.
</Rod Serling voice>

Seriously, this isn't a Science Fiction story. Especially if they ever start mass roll outs of IP over the Power Grid.

2. The Always War
"In August, while the world had turned its attention to the Beijing Olympics, Georgia and Russia fought a brief war on land and in cyberspace. It was hardly the first network-based attack and it will not be the last."

For an expert take on this read what my buddy Marcus Sachs, director of the SANS Internet Storm Center, has to say in the article.

And lastly...

1. The Trouble With The Domain Name System
"Dan Kaminsky received plenty of criticism from the security community for hyping a flaw he discovered in the Internet's Domain Name System. But he didn't get more than 80 software and hardware vendors together to release a coordinated patch in July based on exaggerations and grandstanding. The vulnerability he discovered is serious and remains an issue for too many servers."

If DNS goes then we're all in a world of hurt. Read the above article and then check this DNS link for more info.

The bottom line, from a security perspective, is that the old saying is still true - Fast, cheap & secure; pick two. It just happens that the vast majority of the time the one not chosen is security.

Powered by ScribeFire.

Data Breaches Booming

Data Breaches Booming By Thomas Claburn | InformationWeek | 1/6/2009 - "In a down year, data breaches went up, again.

In 2008, according to the Identity Theft Resource Center, there were 656 reported data breaches, an increase of 47% from the 2007 total of 446.

The breaches were reported in the following sectors: business (240), education (131), government/military (110), health/medical (97), and financial/credit (78).
"

No big surprise here. Dig deeper and I'll bet you find the #1 reason behind these breaches is human error. Someone forgets to secure a connection, some application has a hole in it that no one is interested in fixing, the break-ins happened through systems running Microsoft products. The biggest problem is that security is a process, not a product. The only way to be secure is to practice security 24/7/365. Let down your guard for five minutes and boom! You're screwed.

Tuesday, January 06, 2009

I Take The Vow

I Take The Vow - "On November 7, 2008, at 9:45 am, the 500 people attending the Alliance for a New Humanity Human Forum in Barcelona took a vow for non violence in their thoughts, speech and actions. Each person decided to ask other people in their lives to join them in taking the vow. The goal then became to create a global movement, which would mobilize 100 million people to make the same commitment."

At first this seems like another one of those piece-nick, hippie things that's all talk but of little value. But upon closer inspection it become clear that it's not just words but actions. And it isn't some grandiose, pie-in-the-sky thing. This is something that everyone can do and it can have a dramatic impact on the world. The only way to make any kind of real, lasting change is to start with yourself. Think this is futile? Just remember the words of the Dali Lama, "If you think you are too small to make a difference try sleeping with a mosquito."

Friday, January 02, 2009

Top 10 Security Stories Of 2008 - Part 1

Top 10 Security Stories Of 2008 By Thomas Claburn | InformationWeek | January 2, 2009 04:00 AM - "A municipal network held hostage, the hacking of a public official's private e-mail account, court battles to gag security researchers, and dire warnings about the Internet's Domain Name System were just a few of the highlights of the IT security landscape in 2008."

Ah, the fun of living in a hi-tech world. Let's see what the year held for us.

10. Transit Hackers 2, Gag Orders 0
"In separate but related incidents this year, Massachusetts Bay Transportation Agency and NXP Semiconductors lost court battles to gag security researchers. MBTA wanted to keep three MIT students from talking about security flaws in Boston's transit fare card system known for its "Charlie Card." NXP wanted to prevent researchers at Radboud University in the Netherlands from publishing details about security flaws in NXP's MIFARE Classic card, on which the Oyster card used by the London transit system is based."

The worst thing you can do with a security problem is hide it. Some may think this is counter intuitive but unlike with physical security, hiding computer security problems makes them more susceptible to exploitation. That's because only the bad guys will know about them. When it comes to computer security the sad truth is that the bad guys are always five steps ahead of the good guys.

9. Sarah Palin's Rogue E-mail Account Hacked
"In a case that highlighted the insecurity of online password recovery schemes, the risk of public officials going rogue and relying on consumer services for official communication, and the deductive power of the crowd, Alaska Gov. Sarah Palin saw the contents of her Yahoo Mail account published all over the Web."

Bruce Schneier has written about this in his Crypto-Gram newsletter. Basically all those questions like, "What is your mothers maiden name?" are just to easy to figure out. Security through obscurity is no security at all.

8. Involuntary Data Sharing
"As of Nov. 25, 2008, the Identity Theft Resource reported 585 data breaches that exposed over 33 million records. In all of 2007, the ITRC reported 446 data breaches. It's not clear how much of this 31% rise should be attributed to increased reporting of incidents, but just about every security firm reports that online crime is surging. There's more malware out there than ever and it's designed for data theft."

It doesn't help that companies have little or no real expertise in system, application and network security.

7. I Locked My Network In San Francisco
"For a few days over the summer, the IT community had its own soap opera.

In July, San Francisco network administrator Terry Childs, fearing he might be laid off, took the city's network hostage. He changed the administrative passwords on the network's switches and routers and then refused to divulge them.
"

This is another example of the single biggest computer security problem of all; the people inside the company.

6. CAPTCHA Cracker
"CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It's a technique that involves displaying an image depicting distorted text that people, but not machines, can identify.
[...]
In January, "John Wane," who identified himself as a Russian security researcher, posted software that he claimed can defeat the CAPTCHA system Yahoo uses to prevent automated registration of free Yahoo Mail accounts. He claimed a success rate of 35%.
"

I have no idea why people thought this would work. More specifically, why didn't they realize it could be cracked?

That's it for part one. I'll post the top five tomorrow. Maybe Sunday. Well, sometime before New Years Eve 2009.

Powered by ScribeFire.

Israeli strike kills senior Hamas leader

Israeli strike kills senior Hamas leader By Nidal al-Mughrabi GAZA – "Israel killed a senior Hamas leader in an air attack on his home on Thursday, striking its first deadly blow against the top ranks of the Islamist group in a Gaza offensive that has claimed more than 400 Palestinian lives.

Nizar Rayyan, a cleric widely regarded as one of Hamas's most hardline political leaders, had called for renewed suicide bombings inside Israel. Medical officials, confirming his death, said two of his four wives and seven of his children were killed in the bombing, in Jabalya refugee camp.
"

Here's one more in a slew of reports about the most recent brouhaha happening in the Middle East. Personally, I'm getting sick of it. The hatred being perpetuated by the Hamas hardcore and their Zionist counterparts does nothing but lead to the death of civilians and makes more suicide bombers and fanatics. I'd love to round up all the militant extremists on both sides, stuff them in a cargo container and send them out to see on a one-way ticket to the Bermuda Triangle. I swear the world is going to end because of the stupidity of the human race.

Yes, I'm feeling bitter today. So what?!?

Powered by ScribeFire.

Thursday, January 01, 2009

Obligatory New Year post

I, like pretty much everyone else in the blog sphere, want to wish a happy new year to the handful of people who might actually be reading this blog.

2008 was an interesting year for me. Mostly because I started my first real foray at University. But the last month or two I've also been feeling better than I have in quite a while. The pain has fallen just under the level of consciousness so I'm thinking clearer. The fog has thinned out in my brain, so to speak. Also, the addition of Guitar Hero in the house has lifted my spirits far more than I'd anticipated. Mental, physical and emotional upsurges across the board.

You might notice that all of these events happened in the last quarter of the year. It's not that the rest of the year was unremarkable. I just don't remember it. Oh, I'm sure I could come up with most of it if I had to. A couple of hours thinking and there it'd be. But the point is that I am not one to live in the past. Nor the future, it seems. I tend to live in the present. Well, let's say "exist" in the present. Spending a day staring at the tube[1] isn't what you'd call living. The point, though, is that I don't function in a linear fashion. I kinda bump along from event to event, whether it be flowing along with the currents of time or actively choosing a direction. I just do what I'm doing. The past is over and the future isn't hear yet so might as well keep doing what you're doing now. Yeah, I know... Doesn't make much sense to me either.

So what's in store for 2009? As is evident from the above paragraph, I have no frelling clue. I hope to be kicking butt in school (it starts on the 9th; I can't wait), continue feeling good (if not better) and ripping & shredding licks on my ax (virtually speaking, of course). It would be nice to start having a social life again, too. If the previous sentence holds true that just might be a reality.

But most important for 2009 is to spend as much time as possible with my son. His being here for winter break was like spring in December.

That was rather poetic, huh.

[1] That's what TV's were called back in the day. It's how YouTube got it's name.