Try JibJab Sendables® eCards today!
Friday, December 18, 2009
Monday, December 07, 2009
Our faces on the Stryper website :-)
Go to http://www.stryper.com/Fan%20Zone/Sightings/sightings.htm, scroll down to the lower half, click button [4] where it says "Thumbnail Panels". We're famous! Woohoo! :-P
Monday, June 29, 2009
Jordan Chandler admits he lied about Michael Jackson
Now that Michael Jackson is dead, Jordan Chandler is claiming that he basically cooked up the story to defame MJ and for the money. http://www.techbanyan.com/4554/jordan-chandler-admits-lied-about-michael-jackson/.
"Whoso shall offend one of these little ones which believed in me, it were better for him that a millstone were hanged about his neck, and that he were drowned in the depth of the sea." Matthew 18:6
...Michael was one of these little ones, IMHO...
Michael gave so much of himself to make the world a better place, to make children happy, to keep adults honest, and he had every right to at least try and make up for his own lost childhood. In return he ran into some adults which corrupted their own children for their own selfish aims. Shame it is so difficult to keep your innocence in this world, it will always find a way to drag you down.
Wednesday, June 10, 2009
Court hears NASA hacker 'at risk of psychosis'
Original article on ZDNet:
My view on this:
Of course NASA or the US army will never have to *prove* that it cost them that much money. They will probably never be asked to produce a report of work orders or insurance claims constituting the *actual* damage caused. They just need to say it, and thereby discredit someone with too much curiosity who happened to stumble accross a security hole that they didn't patch.
Let's think for a moment what this apparent $700k of damage might consist of. Some possibilities are:
1) man hours to reinstate the system critical files: $700k equates to 30 man-years of labor - somehow I don't think so.
2) physical damage to equipment - unless he wrote code to fire missiles or successfully burned out 1000s of video cards, I don't think so.
3) loss of data? If it cost that much, an organization like NASA should be sophisticated enough to use a non-volatile backup medium, and it would NOT cost $700k to restore from backup. Imagine if they lost all the deep space pictures that hubble has taken over the last 15 years, because they didn't back them up. I don't think so.
4) loss of software licences costing $700k? I'm sure that any software vendor dealing with NASA would have a relationship that allows them to reinstate licenses at little or no cost in such a situation.
Maybe they just thought that the public is getting tired of US government tarring everything with the same terrorism brush (the "cry wolf" effect), so they had to trump up their claims because other than that, the hacker was really just 'looking around'.
Finally, I would like to see a more precise definition of "hacking" in a legal context. Does it mean "attempting to gain unauthorized access", or "actually gaining unauthorized access", or "using unauthorized access to aquire unauthorized information and/or cause denial of services and/or data loss" ? It's like the terms of service on iTunes, which states you are allowed to "burn" your songs up to 7 times. Does copying it to my external hard drive or a USB memory stick constitute "burning"? Couldn't they say "make backups onto specific types of media which allow playback on musical devices"? What if I use a Re-Writable CD, erase it and burn it 7 times? What if I lose count? How can they ever hope to prove anything to enforce such a rule? Hey, Apple, you know that track I paid 99c for the other day? I just made 8 copies of it on my USB memory stick! Send 'round the feds! Haha!
Colloquialisms and jargon like "burning" and "hacking" in my opinion have no place in legal agreements or the court room.
Friday, May 29, 2009
Programmers vs. The Matrix
Matthias, Wolfgang and Stefan planning their infiltration of Nick's secret source code repository
Nick, you vill gif us ze codez to ze build server!!
Disclaimer: this comical blog entry bears no resemblance to actual people or events (except for some possible similarity in hairstyles and fashion sense).
Thursday, March 19, 2009
A Simple effective and 100% free anti-virus strategy
What you're about to read might seem quite radical to you if you haven't thought about it before. Even if you have thought about it before, you may have concluded, "Oh it's all too hard" and gone back to doing things the way everybody else does, because of course, if everybody does it, it must be the best way. Or you may be an avid Linux fan and think "ho hum big deal that's soooo obvious".
Anyway, there is a very simple, effective and 100% free way to radically improve your Microsoft Windows computer's resistance to viruses/trojans/rootkits/malware/adware/spyware, etc. I am not saying that you don't need any antivirus software, but as there are deficiencies in antivirus software and lots of other vulnerabilities in many common Windows applications (yes, there are vulnerabilities in Unix/Linux too, but this article is aimed mainly at Windows users), this strategy will make your computer several orders of magnitude more resistant to viruses, making you less reliant on constantly having the latest virus database downloaded from your AV vendor. It does however mean that some tasks become a little bit more difficult, but that's the whole point... viruses try to modify your system in undesirable ways, so if we make it more difficult for them to modify your system, then naturally it's going to be slightly more difficult for the user to modify the system as well. But, when you consider that once you have your system set up the way you like it, and want it to stay that way, doesn't it make sense to prevent yourself from making further changes accidentally, with the only trade off being that it takes a little bit more effort to install new software, or make the occasional change to your system settings?
What I am talking about is a strategy that has been used in the Unix world long before DOS and Windows even existed, and long before the Internet was a commonly used medium, and will almost certainly continue to proliferate for all eternity in the Unix/Linux world. All it takes is *not* to give your normal user account adminstrator privileges, by *not* going to your local users and groups and adding your domain account to the local Adminstrators group. Most people will at some point add their regular user account to the Adminstrators group because they try to install some application which tells them that they need Administrative rights, and they don't want to log off and on every time they install something new. Instead, we can give our regular account the minimum level of privilege that it needs in order to run the software that you need to run from day to day, and invoke higher privileges only when necessary, without having to close your current session.
To do this, start by making sure you know the password of the local "Administrator" account of your machine eg; ARI-MBB-WS\Administrator, if your machine is called ARI-MBB-WS, which it better not be because that's my machine's name! :-P To test this, log out and try logging in as local Administrator (you have to change the "domain" field of the login box to show your machine's name). It is possible that the password is blank, which is another major security problem, so if you can login with a blank password, change this to something non-blank immediately. Once you have logged in as local administrator, go to Control Panel / User Accounts, and if your domain account appears there, change it to "Restricted User". I would strongly reccommend this over "Power User" or even "User". Why? You may say that you trust yourself as a power user, but ask yourself this: do you trust every piece of software that you use or may use in the future with the same power that you trust yourself with? What about software that installs itself without your knowledge... do you trust *it* as mush as yourself? In order to restrict the software that you (knowingly or not) allow to run on your computer, you must unfortunately restrict yourself. That is something that Unix users have understood for decades and learned to live with, and that's part of the reason that there's no such thing as a Unix or Linux virus.
The next thing you may complain is that you have to log off your regular account and log back on as administrator in order to make any system changes or install any software. Not true at all. You just need to use "Run As..." to perform administrative tasks, which requires entering the administrator's password, but does not require you to log off an back on and back off and back on. Being required to enter a password makes sure that a virus cannot make changes to your system, because any virus that runs while you are logged on as a Restricted User will be, as expected, restricted from modifying your system files and settings.
In some cases, the "Run As..." option is available directly by right clicking on the icon or start menu item for the thing that you want to run administratively. In many cases it's not, and this is an annoyance with Windows that I don't fully understand, which may or may not be related to the fact that Microsoft make money from AntiVirus software (ooh... conspiracy... well... who knows?). Anyway, you can run ANY task as an administrator, and considering the benefits, and how often you need to do so, it is well worth the extra effort. In order to run ANY task as administrator, look at the properties of the shortcut that starts it to find out where it actually resides on your disk(s). Then click on Start / All Programs / Accessories, and when you see "Command Prompt", don't just go clicking on it willy nilly, hold your horses! Right click on the menu item "Command Prompt" and choose "Run As...", then choose the MY-MACHINE\Administrator account and enter its password. Then go to the directory where the target application lives, by typing (for example) "cd /d D:\Installs\Subversion\TortoiseSVN". Then run the target application, which may be an MSI file, by typing "start TortoiseSVN-1.5.9.15518-win32-svn-1.5.6.msi". To save typing, you can always type the first few letters of the target application and press the "Tab" key until you see the correct name, or copy the name from Windows Explorer. Of course you still have to trust the source from whence you obtained said target application, and for this purpose some software providers provide checksums to allow you to verify the integrity of their applications. This is a different topic, but there is plenty of information on the Internet on how to verify checksums, which may come in the form of MD5 or GPG. Also, if you got your software from rapidshare or bittorrent or some website starting with an IP address or containing "....(ru|pl|cz):8000/dodgy-stuff/warez" then don't blame me if a white rabbit suddenly comes knocking on your door.
I may at some point work out how to start an adminstrative command prompt in any directory, or force windows to always show the "Run As..." option, in which event I may or may not be bothered to update this document.
If you don't want to try this straight away, I will be your guinea pig starting from the time of this writing and go where no Windows machine has gone before (okay, that might be a bit of a high claim). If you want to let sleeping dogs lie for a while and first see how things are going on my computer, I will more than happy to share my story with you.
As a final word, if any software does not work without adminstrator privileges on an ongoing basis, it's a badly designed piece of rubbish and you should either 1) ask to have this abominable deficiency fixed or your money back, or 2) just stop using it if you can get by without it and/or didn't pay too much for it.
Happy Windowing!
Tuesday, March 17, 2009
Session timeout? WTF?
Don't you hate it when sessions time out on your own private PC, especially when you're doing several things in parallel, like budgeting in Excel while doing transfers through online banking, or working on a presentation that you wanted to attach to a message that you started writing in an Outlook Web session and suddenly realised that the attachment wasn't finished, so while you work on finishing the presentation, the web session times out and you don't realise it until you actually hit "Send" and suddenly need to rewrite the message from scratch?
Here is how I think session time out messages should read:
Sorry, your session has timed out. We may pretend that this is for your safety, but given that all web browsers in common use can fill out your username and password automatically, and we haven't bothered to try and use a very simple and well known solution to prevent this even greater security hole, you will soon realize that we are actually more concerned with not storing a measly 100 bytes or so of information on our massively powerful cluster of web servers for more than 30 minutes, just so that you can leave a window open in the background of your pesky little laptop and do several other things in parallel without having to reenter your password several times a day on your machine which you sit at all day and nobody else can touch without your knowledge because 1) you are always chained to your desk and/or 2) you always lock your screen whenever you walk away from your desk.
Anyway.... ahem :-P Hooray to Google for keeping login cookies active indefinitely!
Friday, January 30, 2009
From a pile of gravel to actual Google Maps vector data
I just find it amazing that there exists a piece of data on Google's servers in the form of a vector tracing a piece of road which for 10 years I was the only person on this entire planet to walk along every day as I went to school from the ages of 9 (4th grade primary school) through to 18 (year 12 senior high). I am referring to the dirt driveway leading from Glen Ora Road to our house on the 15 acre plot of land where we lived those years. I saw this piece of road constructed from a 200 metre long, 1 metre high pile of yellow limestone rocks and reduced down to a driveable and walkable roadway leading from the public road to our house. During those 10 years, the road was driven on every day only by my father, and several times a week by my mother, and walked on by myself everyday as I went down to the bus stop on the Pacific Highway to go to school. This piece of road doesn't even have a name, and it was protected from casual wandering members of the public by 4 pieces of fencing wire and a rusty metal truss which I had to stick into a hole in the hard clay ground and push against the 15" wooden fence post with all my might so that I could lower the fencing wire loop over it to close the "gate" every morning and afternoon.
Many of those days included me writing software on a Radio Shack TRS-80 Color Computer with 64Kilobytes of memory and an audio cassette as the only means of saving my projects. This often failed, leaving me to write down all my code on paper by hand because I had no real need for a printer, and reenter the code another day in the hope of being able to save it to cassette. Aaaaanyway....
Now this insignificant piece of dirt road exists persisted as a polyline within the cluster of Linux boxes which host the Google Maps application! Absolutely... mind blowingly... amazing!!!
Now this insignificant piece of dirt road exists persisted as a polyline within the cluster of Linux boxes which host the Google Maps application! Absolutely... mind blowingly... amazing!!!
Subscribe to:
Posts (Atom)