You are Severus Snape. You are a superbly sarcastic, somewhat evil wizard.
You are a former Death Eater but have found
your true calling in making students' life
hell.
Which Cool Evil Guy Are You?
brought to you by Quizilla
Well, I made it through another week, a little shaken up but otherwise all right and I sincerely hope getting back on the right track.
I learned another lesson today, and one that I'm going to put here lest I forget it again. One of my basic axioms of life is that whenever you go for help of any kind, be it stabilising one's position or looking to change it, the ripple effect applies. There will be repercussions.
Another lesson that I learned, more or less at the same time, is that these repercussions are both positive and negative. Yes, they hurt. But they can also help you orient yourself, no matter what you're doing. That's something that I'm going to have to reprogram myself to keep in mind, but more on that later.
Yesterday, my manager at the temp agency came to the office to talk to me with regard to a phone call placed before then - I was asking for reassignment. The two of us had a good conversation, and he explained to me what was going on and exactly why I was still there.. that straightened everything out for me. Because my boss at the county was MIA (his office was being redone by the work crew, leaving the staff therein temporarily displaced), I didn't know where he was, and I wasn't able to tell my manager at the temp agency where he was.. so they didn't meet up. And word wasn't exchanged...
That turned out to be bad.
My boss at the county was under the impression that I was leaving - no word, no message, just gone. I thought my manager at the temp agency had gotten in touch with him to tell him, and failing that I had planned on telling him at the meeting scheduled for this morning.. which I did. Later than I'd hoped and not under the circumstances that I'd been hoping for, but I did.
The biggest problem is communication. I'd better explain myself on this one.
I'm a low head on the totem pole. Moreover, all of my experience has been in relatively small networks (30-50 nodes, counting network infrastructure (hubs, switches, what have you)). I'm now working in an environment where there are so many nodes, I don't think anyone knows for sure how much stuff is out there. With that increase in size comes an increase in personnel, and an increase in stuff going on, day to day activity to keep everything running smoothly. Because I'm low on the totem pole, it seems to me like their stuff is more important than anything I've got that's not an emergency; hence, I try not to bother folks higher up than I am. Seems logical, right?
Not really. Nothing could be farther from the truth, in fact.
Communication, I am coming to understand, includes the "Hi, how's your father?" stuff as well as "Hi, is there anything that needs to be done?" and the inevitable "Oh, shit."
There's been a lot of the third, not enough of the second, and little of the first. That's not good. Some of that is situational, but a lot of that is my natural tendency to try to avoid bothering people unless there's no other way. Yes, this has lead me to fuck up in the recent past; I admit that freely. I wish I knew how to make it up, but it's dead and buried. The only thing left is to pick up the pieces and see what comes next.
While I'm posting what amounts to the source code for my social programming, I get panicky in situations that appear antagonistic (whether they really are or not - perception, flawed as it can be, is everything). This leads to two things: A return of the stutter that I spent so many years fixing, and panic, which leads me to babble like an idiot. This usually takes the form of trying to give background to explain the (convoluted) logic (or what passes for it) behind what I've done. This just makes things worse (seen playing back today in full recall a few times).
In panic, anything is possible, little of it good. This not only drags out the situation, it makes things worse. It's also impossible to explain at the time that I'm not backpedalling, I'm having a panic attack. If someone else who is involved is angry, that doesn't help things any.
Even as I write this now, with my perceptions filtered through the state of mind required to type, I can still feel the atavistic effects of a panic attack in my body, fuzzy and far away though they may be: Elevated pulse, increase in body temperature, and difficulty breathing. If I take my fingers away from Leandra's console I can see its hands shaking visibly. The memories alone are enough to trigger the response. If anyone is curious about the origins of this, please contact me privately. Suffice it to say that several years of percussive mental programming can do unusual things to one's interpersonal skills.
The solution to that problem is simple in concept, but will be lengthy in practise: Reprogramme my mind so that confrontation or confrontation-like situations do not cause panic, thus, not leaving me a babbling idiot who could possibly have a cerebrovascular accident at any time.
To distill it (more for my benefit than anyone else's, bear with me here), the reason I'm a fuckup is because I'm scared out of my wits, and being scared isn't conducive to either rational thought or clear communication.
There, I've said it. I'm damaged goods.
Now to figure out how to fix this... aversion therapy, while difficult and just as likely to give me a stroke, will eventually burn this fear out of me. The odd flashback I think I can handle, or at least I think so. I handle them at least twice a week, and have for quite a few years. If I can explain to those who really should know (bit of an oroborous there), that'll kickstart the process, though it'll take a few starts before I get anywhere. That would best be done outside of work - at least in the beginning stages, it has no place there. I could use biofeedback to arrest part of the fight-or-flight response triggered if I had a minute or two to concentrate (biofeedback is one of the things that I'm glad I learned along the way because it has so many uses; it's practically the Swiss Army Discipline); keep the hearts' pulses down and regulate breathing, and the feedback loop will lessen the surge of adrenalin. My body's feedback and control systems (speaking of cybernetics in the original definition of the term, systems that control themselves by using feedback from the environment and their own responses as input) will eventually learn that there's no reason to be going off. Learning some useful social skills beyond the bare minimum is also in order.
That's it in a nutshell, I suppose. Those of you who've never met me face to face are now thoroughly confused and might think that I'm a loon. Those of you who do know me are probably nodding your heads thoughtfully and saying, "It makes sense now." To those of you who this has befuddled for some period of time, I would like to apologise. I hope that it makes sense of some things. I sincerely hope that you'll stick with me as I work through this.
Heads up, con-goers: Registration is now open for HOPE 2004. The con will be held 9-11 July 2004 at the Hotel Pennsylvania in good old New York City. The 2600 crew is rounding up speakers and volunteers, so if you've got something interesting to talk about or just want to help out let them know soon. You might want to reserve your hotel room soon, too. Registration is $50us per attendee, and can be done either on line or at the convention.
Here's something that's thirty-one flavours of creepy to think about - in the Pinellas school district children riding the bus will have to have their fingerprints scanned with a biometric reader to disembark. That's right, to get off the bus they have to press their thumb against a scanner (there's an excellent image of one such unit at the head of the article). The idea behind it is that they'll be able to keep track of who gets on and who gets off (and where, thanks to a GPS unit correlating stops to geographic positions). Barry Steinhardt of the ACLU was quoted as saying that this conditions children into thinking that they have no privacy or right to same, and I'm rather inclined to agree with him. It's one thing to keep track of kids but bus drivers have never been particularly good at even keeping buses under control (at least where I attended school), let alone keeping track of who gets off the bus and where. Also, just because you know a kid got off at a certain point doesn't mean that they're safe. If someone's going to kidnap a kid they're going to grab him or her after they get off the bus; knowing where it happened won't be of much help in recovering them. It also won't deter possible bus hijackings (like the one that happened in Pennsylvania back in 2002, which the article mentions).
This should have made the national news but didn't.. a bunch of high school kids figured out how schools and businesses in Raleigh, NC posted closure and delay notices on Channel 14 during the snow storm a few days ago and decided to have some fun with it. The television station has a website that you had to register for online; once that was done it was possible to then change the essential information on that account (name, address, et cetera) and post your own messages. Some of them were screamingly funny, others were in-jokes or bad net.humour. Warning: Some of the images aren't work safe, so view at your own risk. l337sp34k is all over the place, and such businesses as Unnatural Intrusion Security and Tutone, Incorporated ("Call Jenny at 867-5309") appeared on the morning news, much to everyone's consternation. Way to go, guys.. that's one of the most amusing things I've seen yet this year.
Greetings, readers from Oracle!
I'm up, around, and mobile. Nothing's changed yet. I've done all that I can from my end of things, now it's up to those I've spoken to. I can feel it swirl around me like a wisp of smoke, now - the sense that something's going to happen soon, though I do not yet know what. I want to say that it feels like possibility but I don't know what it is yet. It's change on the road before me, but in what sense I do not yet know.
I'm sick; I'm tired; I'm worn out like an old but somehow reliable tool. But somehow this emboldens me. I can still feel a little hope.
Well, I got a response from my phone call to the temp agency yesterday. Not the response I'd been expecting, exactly (I thought they were just going to call the office and talk to the guy in charge of the temps) but a response just the same - my manager at the temp agency came to the office to talk to me.
I was quite surprised by this development, and not only because the wiseass who came to let me know that my manager was there told me that the county police were standing outside and wanted to speak to me. It's not just pianists that can train-wreck.
It took us a while to find a quiet room to talk in. Suffice it to say that we had a fairly involved conversation about what I'm doing at work right now as opposed to what I was originally hired to do. From what I was told, I'm working as an analyst at the county only because they can't afford to hire a real one, but I'm the closest thing there is. Okay. I can understand that; having never had a staff of my own I'm fully aware of how much it sucks to be the only one doing everything. A few things about my job performance also came up in conversation, which we put to rest in fairly short order. Suffice it to say that I'm just a temp.. I was given the opportunity to resign if I chose, but if I did there's no guarantee that I'd ever get another assignment due to the number of people in the agency's queue. On one hand, I'd like to go off on my own for a while; on the other hand, however, I have to pay the bills and somehow squirrel away money for the future. Suffice it to say that I'm still working there.
I'm still searching, but I'm still there.
At least it's not my head on the chopping block, or if it is it's somewhere off to the side and not squarely over the basket. I'm really hoping that we can get some more lines of communication open so I at least have a better idea of what's happening, and more importantly, what's supposed to be happening. But now I'm rambling.
Not only odd, but very addictive: Grow. Be prepared to spend a few hours playing around with this.
After a discussion with Lyssa last night, I've decided to cut my exercise regimen back to two days per week (from three). Lacking the time to do quite a few things, I'm going to have to free up some time to get them done (i.e., studying for my CISSP certification (coming back into the foreground next week) and job hunting). I'll lose an outlet for tension and excess energy (not that I actually have any excess energy these days) but I'll hopefully have less stress and get some more done. Also, if I bottom out again, I'll hopefully have programmed my mind to spin down a little bit to rest. I have yet to figure out how to build a liquid cooling system for my headware (though I'm working on it in those moments between clock cycles) but once I do I'm off to the patent office.. <grin> Then again, that might be a bad idea: They might become mandatory enhancements to IT folks just to stay active longer.
So tonight I'm on the prowl, unfortunately with no bass growl (tip of the pin to the folks who get the referece). But at least I feel better about life for the immediate future.
Not even close.
I was going to write something intelligent and sound about today, but the truth of the matter is, I'd be lying.
I'm burnt, fucked, and ground up, excuse my language.
I'm in well over my head right now and I can't keep my head above water. It has taken me several months to come to this conclusion, but I'm no analyst. As much as IDSes interest me, I don't have what it takes to keep up with them and find the necessary patterns in them. It's difficult enough learning one's way around a new network, but I've found it downright impossible to learn one that's fully the size of this state. I think I've found a pattern of interest, and it really isn't. I think one's not, and it winds up being a nightmare of a puzzle to unravel. I'm best in MIS, management information systems. You want a system built to spec, fine. I can do that. Recable a LAN? Sure, I can do it. But as a full-time security officer, I can't cut it. I don't have the temprament or the experience to do it.
Earlier today I put in a phone call to my temp agency and asked to be reassigned. I explained it as best I could on the phone; now it's out of my hands. I'm just concentrating on keeping things held together at this point.
This isn't an easy thing to admit. It's a serious failing of personal honour to not be able to do something, for me. I can't do it. There. I've said it. That's the last of my credibility and my inner strength right there. I'm out of my league.
I'm going to bed.
Today seems to have gotten off to a good start. Only time will tell.
I'm still amazed at how nice it's been lately. It was rather cold yesterday morning but the day finished in the mid 60's Farenheit, and this morning it started at 52 degrees Farenheit. It's so nice, all you need is a turtleneck and a coat to be comfortable while walking around. I've been getting some wear out of the leather duster that Dataline gave me for Yule lately. I just have to add my rose pin to it.
I really hope this keeps up. I'm sick of all the cold weather. It's time for a change. It's also nice to see some sunlight in the mornings whlie waiting for the bus into the city. I'd almost forgotten what it was like, watching the sun rise over the city.
In leafing through the issue of Previews (which is cross between a trade magazine (in this case, for the comics industry) and a teaser collection) I noticed that the final trade paperback collection of Transmetropolitan will be out on 19 May 2004. Neat.
You can build all the security in the world into a system, but if the users accidentally turn off some of that security you're just as vulnerable as if those countermeasures weren't even there. The latest slew of worms for Windows is proof of that - they don't exploit anything but the users' tendency to open attachments. As tech support folks say offline, PEBCAK - "Problem exists between chair and keyboard." I'm not one to throw stones when I'm standing in the middle of a field - I've done exactly the same thing. Stupid things. I've had to rebuild systems as a result. I'm not throwing slag randomly, I know that I'm going to have to dump some on my own head. That said, there's a lot to be said for the user interface, and for making it difficult to turn off security options - Microsoft does a good job of that (when those security options are on by default, or when an admin sets a global policy to lock things down on a domain). The point is, it's easier to exploit the users than it is the code. Once you've got a good plan worked out and ready to go, you have to start changing things to implement that plan. That's actually the hard part, not breaking what you change, given how tightly interconnected system modules get after a while. One thing about this article is how poorly the author tries to use The Lord of the Rings as a metaphor - it just confuses the issue. If I may clarify his point on this, the point is to use what you've got as best you can before you start bringing in additional measures from the outside. If your systems' password policies can be configured, for example, then exploit that as much as you can before you start bringing in modules written by third parties. If you want to set up a firewall on each host, see if your OS supports this natively before you start looking at buying licenses of personal firewalling software. Purely technical fixes are not always what you need - sometimes you have to sit down with the users and train them, and hammer policy into their heads until they get it. That way, if and when something does fail, they've at least got the knowledge to know what went wrong and won't blame the firewall when it's an Outlook bug.
The powers that be are going to have electronic voting machines put into use one way or another, regardless of what anyone tells them. If you read my memory logs regularly you've no doubt noticed that I've been keeping an eye on the general insecurity of electronic voting apparatus in America and what's being done about it - plastic sealing tape is being done about it. As far as anyone knows, the bugs aren't being fixed in the code, and no one's offically auditing the code. The only measures being taken are wrapping the units in tamper-visible tape and setting them up. There's nothing that says that someone can't score another roll of tape, mess around with the units, and wrap them back up again. There also isn't anything that says that an unscrupulous insider can't tamper with the results after the units are packed back up and shipped out. This isn't going far enough, I'm sorry. There is too much opportunity for abuse as things stand right now.
Technology afficionados have been talking about RFIDs, radio-frequency identification tags, which are minute tags that respond to certain radio frequencies with a coded signal that uniquely identified whatever the tag is attached to, like an item in a grocery store or a credit card. Because these tags respond to radio frequencies with varying degrees of accuracy, they have been known to cause all sorts of trouble, in this case the RFID tags embedded in US currency were setting off antishoplifting security measures in a truckstop. They can also set off the hand-held detection wands carried by private security officers. The folks who wrote this article were so annoyed by this that they decided to try to wreck the tags on the cash that set off the alarm by putting them in the microwave fo ra few seconds. The pictures attached are most interesting - the money is badly burned, centered upon the right eye of the image of president Andrew Jackson, where the RFID tag is locatedon each bill. This seems kind of paranoid to me, and the name of the site (Prison Planet) reflects this, but I find the pictures interesting. The US government's been talking about using RFID tags as anticounterfitting measures for a while now, so I can't say that this surprises me too much. However, the emitters inside microwaves are tuned so that most of the RF energy they output goes toward a single rather large point in the middle of the chamber. These bills were placed in a stack in the middle of the microwave; hence, the burn pattern is consistent with several beams of microwaves converging near the bottom of the stack of bills, so it might not have been the RFID tags going up but the paper combusting as a result.
That's assuming that the whole story's not jetwash to begin with, which I would not say is impossible either. Or at least, the product of not knowing much about RF technology.
Target: Human! Mission: Destroy!
You would think that someone who had a thing for time (like me) would have been all over yesterday, which happened to be 29 February, the hallmark of leap year.
As far as I'm concerned, yesterday didn't happen. On my one day to sit and rest and do something that I generally give a damn about (like studying or going for a drive) I got hijacked to clean the house.
Hijacked by someone who doesn't have the energy to carry two bags out of ten or twelve of groceries, but you can bet the last bit in your registers that she has an extra bag of potato chips in the house and she knows exactly where to find it in a hurry.
And now, I think she's looking into the Atkins Diet. The irony tastes of something, but it's certainly not bourbon.
At least I had the house to myself for a little while last night. I got some stuff cleaned up, had dinner, and did a little reading.
As far as I'm concerned, that's not home. That's just where I happen to sleep at night. I've got a lead on an apartment nearby but my assignment at the county is almost up and knowing my luck, it'll be over the day I move my stuff out of the house and into the apartment.. and then I'll be screwed.
I never thought it would be possible to hate someplace so much.
I'm not the only one who's in a bad mood right now - Fyodor, creator of the portscanning utility nmap has pulled SCO's rights to distribute the utility on their open source software supplemental CD-ROMs. A few days ago he posted to the mailing list Bugtraq as well as to the nmap website that because SCO refuses to honour the GNU Public License, he's revoked their rights to redistribute it in any form. He's also pulled support for SCO Unixware from the utility's source code, so it cannot be trivially recompiled on a SCO box by third parties (read: SCO's customers).
Sometimes the gifts that keep on giving bring more than joy the whole year round. Not too long ago, a message infected with the Netsky.B worm was accidentally sent to a mailing list for the UK partners of the antivirus software firm F-Secure. The copy of the worm was sent by a list member who hadn't yet realised that he was infected. The SMTP server that hosts the mailing list isn't set up to scan incoming messages, so it snuck through without any trouble. F-Secure posted an apology to the same list not long after that. Oops.
As time passes things seem to get smaller and smaller and smaller.. and not just the stuff made in factories. The Pixelito is a miniature remotely-controlled helicopter that masses about 6.9 grammes, is made entirely out of off-the-shelf microelectronic components and carbon fibre twisted into a frame, and is about the size of your average pet hamster. That's right - some of the pictures on the page show a hamster posing next to the Pixelito, and they're about the same size. Even the tiny gears that drive the prop and tail rotor are made out of carbon fibre and the odd scrap of recycled plastic. The electric motor that drives the props is a vibrator motor from a pager; the tail rotor was formed out of a sheet of ABS plastic and is so light that it doesn't even register on a chemist's balance. Instead of radio frequency circuitry to provide the control channel, an infra-red reciever smaller than the builder's thumbnail is used to relay control signals to the craft. This is one of the coolest examples of hack value that I've seen in years..
In sitting here trying to ignore the fun and games going on because the office manager is away on a business trip, it has occured to me that I could blow the minds of everyone in this office without even trying. I won't get into exactly what it is that they're asking each other or what they're joking around about, but suffice it to say that I've actually done enough of it that I could give them a fairly deatailed how-to, including what not to do and why. It would get me thrown out, in all probability, but their facial expressions would almost make it all worth it.
Suffice it to say that baby oil and a brand new razor are the best things you could use when shaving...
That's it. I'm putting in for a transfer.
Tired. Burned out. I feel like I've got a memory leak in my headware and the kernel's slowly swapping the contents of my mind to disk and forgetting where it put everything. Everything's running in slow motion or at least it feels like it. It's not easy working up the volition to do anything complex, I just want to shut my mind down and leave it off.
Still trying to orient myself in life. I've not been too successful, at least not yet, but I'm trying. That's all I can do - try.
About a week ago, the First Child sent me a belated Yule gift. The local mail carrier wasn't able to deliver it because it'd come from abroad and needed to be signed for. Due to the fact that I tend to not be home more than I am, I wasn't able to do so, so he returned the package to the local post office for pickup on my part. Jump forward about a week; I finally made it out to the regional post office, two days after the drop-off slip said that the package would be shipped back to its sender, and after a short conversation with the chap behind the counter picked up my package.
Note to self: Accelerate the completion of my plan. My interim state of existence is posing some difficulties when dealing with government employees in post-9/11 America.
After my weekly trip to the supermarket to stock up I hit the local comic shoppe to check on my subscriptions. The latest Kabuki series isn't out yet; the latest edition of Voltron was waiting for me, along with the latest edition of Previews (which is a comic book trade magazine that talks about what's coming up, unsprisingly), and to pad out the minimum card order volume eight of Transmetropolitan.
By the time I got home, got everything unloaded and put away, and cleaned Ziggy's litter boxes, I sat down to crack open the parcel that First Child had sent me.
Chocolate. Lots and lots of chocolate. Enough to get me through every hormonal crisis laying in wait for me this year.
Ye flipping gods, First.. thank you. Thank you so much, from the bottoms of my hearts.
Now I need to figure out how I'm going to reciprocate without going broke in the process. I may have found a lead or two on a good price for shipping, but then I have to figure out what to send. I can always make another batch of cookies...
Chirp chirp chirp!
Today's been a bit of a bust. I was supposed to take Silaria and Deb to B'witche's Tavern tonight, but Silaria's up to her neck in schoolwork right now and not able to make it. Consequently, Deb's incommunicado. Swift Fox is out and about right now. Needless to say, it didn't happen. My next plan was to go on the monthly Bi Night Out, but that fell apart somewhen this afternoon. I wish I'd known before I drove all the way out there, but oh, well. It happens. I drove home and sat down to fix things up a little. I bagged a load of comic books, and rebagged the old ones with acid-free cardboard backings to protect them more, then threw some old stuff out and stuffed some documentation into a binder to get it out of the way.
Damned carpal tunnel syndrome. Damn it all.
In one of the last things I expected to read this morning when I hit the news feeds, one David Jeansonne of Louisiana was arrested and charged under the USA PATRIOT Act for crafting and transmitting a malicious e-mail attachment that targetted users of WebTV (now MSN TV) - the exploit, disguised as a utility to change the colours of the WebTV interface, actually caused the units to dial 911, resulting in false alarms. This little nasty was written to get back at 18 users whom Jeansonne was said to be in a disagreement with In Here. The exploit was designed to mail itself to the other users he was fighting with, to ensure that he got them, though it was forwarded to three other people not involved, resulting in twenty-one separate incidents. Because this stunt involved the 911 service, which is used in the US for reporting emergencies to request assistance (no jokes or rap lyrics, please) the Department of Homeland Security is coming down on this guy like the proverbial tonne of bricks. Jeansonne was released on $25kus bail, and is expected to appear in federal court sometime today. As much as I love a good practical joke, what he did was stupid. The twenty-one people whose units were dialing 911 were typing up phone lines in the 911 centre that could have accepted calls for help for people who had been in car accidents, having heart attacks or strokes, or were bleeding out. It might have cost some lives - we'll probably never know. I have a problem with the USA PATRIOT Act being used against him (I don't think that it was on a large enough scale to be called 'terrorism') but he does need to be punished.
Just a quick update: America On-Line says that they've got the Bizex worm under control. Users don't have to upgrade or download any patches, they've taken care of it on the server side. Kaspersky Labs, interestingly enough, says that it hasn't recieved any reports of the worm from their customers - so how did they write this yesterday?
Well, it's the end of another day. What's more, it's Friday, at long last. Today passed in a haze of music from my CD/MP3 CD-ROM player, IDS alert trend analysis, and good old-fashioned Perl coding. For some reason, there are really two things that get me through my day, music and hacking code. I don't get to listen to music as often as I would like to anymore, so every chance I get I take it. I decided not to cram my brain with more CISSP stuff today, partially because I felt mentally exhausted and partially because holding a heavy book open with one hand and writing with the other, the whole time trying to keep from sliding bodily out of my seat on the bus, coupled with typing for nine hours every day (at a minimum) has been destroying my wrists. I've taken to dosing my body with Tylenol Arthritis again just to make it through work.
That's not good. Ordinarily I dislike using drugs of any kind for any reason, preferring to use biofeedback and self-hypnosis, but I haven't had the mental clarity to do so lately. When the preferred tools are lacking for whatever reason, use the ones you have as best you can. So it's aspirin cut with a large dose of caffeine instead of inert cornstarch.
Ironically, I'm now laying here typing. But I digress.
I'm hoping to spend the weekend resting and recouping whatever strength I can. I've been relaxing with comic books, mindless movies (Mortal Kombat), and ice cream.
I noticed something watching Mortal Kombat tonight: In the credits, there is a position listed that was filled by a Colonel somebody-or-other that came as something as a surprise. A movie censor. Yep, in those words, 'movie censor'. Censored what, I have to wonder.. the violence? Something more subtle? It makes me wonder what ws cut out. Or if anything was cut out, and the listing was an easter egg of sorts, to see who would stay long enough to notice it. Or if anyone would notice.
But now I ramble just to have something to say. Bedtime.
I must admit, I could be wrong in my opinion on cyberterrorism. Just because no one's tried any Tekwar-style stunts yet doesn't mean that it can't happen in the future. However, I still wonder why people tie such critical systems as building alarm computers into the Net where the possibility of penetration is very real. In a few days' time the US government will be releasing an NIE document (National Intelligence Estimate) on the possibility of attacks against the US information infrastructure. The going opinion of senators John Kyl (chairman, US Senate Subcommittee on Terrorism, Technology, and Homeland Security) and Dianne Feinstein, who are fairly highly placed in the US government, is that DHS isn't taking the idea of cyberterrorism seriously enough. Okay. Fine. That's understandable - Achilles didn't pay attention to his heel in combat, why should they make the same mistake? The thing about the story that gets me, mostly because I haven't been able to verify it yet, was that they mention a specific incident that occurren on 3 May 2003, where two people operating out of a net.cafe in Romania had cracked the network of a trucking company in Pittsburgh, PA (which also wasn't mentioned anywhere that I know of) and then hit the National Science Foundation's network. So the story goes, they compromised a network that controls the life support systems of a research facility in Antarctica (McMurdo Sound?) and also copied some sensitive information, which they used to prove their claims in an e-mail to the NSF itself. They threatened to expose the information they'd stolen unless they paid some amount of money to them. The FBI tracked them down and arrested them in June of 2003.What bothers me is that something of this magnetude would have hit the news. This tale seems very deus ex machina to me - appearing out of nowhere to make a point. It'd also be a serious enough incident that it would be talked about in a lot of places (like the risks digest, the vuln-dev and incidents mailing lists at Securityfocus, and probably the full-disclosure mailing list (read that one at your own risk) as the prime example, which would have put to bed the 'is there or isn't there?' controversy right off the bat. Also, the fact that there are (or were) computers controlling critical life support systems accessible from the Net doesn't wash with me. Why would you make such a computer accessible, when you know that its failure or compromise could cost human lives? Even the DoD orange book standard mandates that systems above a certain level of importance should not be hooked up to a network at all.. this doesn't make sense.
Afficionados of instant messaging take note: There's a new worm making its rounds called Bizex which uses the popular instant messaging software ICQ to travel. The attack begins when an infected system contacts someone in the contacts list on the system via ICQ and sends a message containing a URL to go to a particular website. The website is engineered to exploit a pair of vulnerabilities in Windows to install and execute the Bizex executable, which starts the process all over again. Please note that the worm only attacks true-blue ICQ clients, not clients that are only compatible with ICQ (like Trillian). While the worm is installed on the system it scans all open windows in the hopes of finding information regarding a number of different online payment systems, which it records and later transmits to someone Out There. It also sniffs SSL-encrypted web traffic in the hopes that the user will, at some point, go to a bank's net.services website and log in. There's an excellent writeup of this little nasty here.
I honestly don't know what to say to this, a claim that exploits are released after patches are because crackers are too lazy to find holes on their own. Crackers do not reverse engineer patches, they dig through code to find the latest and greatest vulnerability to exploit. Typically, proof-of-concept exploits are released on any number of security related mailing lists; they're often included with bug reports to companies as evidence that something is amiss. Crackers often take these proof of concept exploits and modify them into something more malevolent. Just as often, crackers find bugs before security researchers or companies do and write 0-day exploits, which take advantage of bugs found on the bleeding edge and tend to get passed around a little before word of the vulnerability gets out and patches are written. If David Aucsmith is to be believed, he's saying that software manufacturers (I'm not naming any names because it's not limited to just one company, it's a part of software development) are ahead of the game when it comes to security, and the underground is tailing behind. Nothing could be farther from the truth. His statement, "We have never had vulnerabilities exploited before the patch was known is an out and out lie. There have been vulnerabilities in Windows and IIS going around for weeks before any mention hit the research community and the bug report addresses at Microsoft. What was the L0pht's tagline before they were subsumed by @stake? "Making the impossible practical"? This article is pure spin, and nothing more.
Lately, I've been reminded of a conversation that I had with Alexius a few weeks ago. We were discussing the nature of time; in particular I was lamenting the lack of it anymore. He said something that stuck with me:
The reason [years seem shorter] is because you're getting older. When you were ten years old, a year was fully one tenth of the life you've lived thus far. You'd look back and it was a huge expanse of your life. Now, a year is barely one twenty-fifth of your life; it's not such a large part of your history anymore.
I'm still amazed when I think about that.
I also feel old.. much older than I really should, I suppose. My body just turned twenty-six years of age - a hair over a quarter-century. When you look at the short term, that's a long time. A small town can grow into a city in that time. A car can be manufactured, drive one or two hundred thousand miles, and be traded in for a new car two or three times in that time. A child can grow up and move away in that time to start their own life. That's an entire generation. When you take the long view of things, though, the spacing of events seems much closer together. Hardback books used to be more common, and much less expensive. Paperbacks were much cheaper back then. I know what you are all waiting for me to say, so I'll get it out of the way now - home computers used to be almost all 8-bits with almost no mass storage (floppies don't count as mass storage, just cold storage - I'm talking hard drives) and about as much memory as a wristwatch does now.
Now it seems like things are changing faster than we can keep track of them, and I don't just mean due to Moore's Law. In four years we can fight an entire war and end it. A news story can infuriate millions... for about a week. Protests last a day and then are forgotten. Newspaper headlines are mentioned once, if we're lucky. Getting a bachelors' and a masters' degree at the same time is much more common than it once was. Kids in my state get their driver's licenses at the age of 16 and have usually been driving for a year or two before that (legally or not). Many paperback books are in print for less than a year before vanishing utterly - some titles don't even see the light of day unless it's at a surplus store or flea market because they never hit the shelves. I look back at the newspaper articles that I've collected in high school and wonder why no one else remembers these people or those events.
The future will happen, as it always has. But it doesn't have to shove the present out of the way to get here.
It wasn't long ago that I could come home, make dinner, read the mail and a magazine or two, play a game, do some cleaning, read my e-mail, and talk to friends, all in the span of one evening. Now I can barely read my mail and get some exercise if I'm lucky.
I'm still not sure what I'm going to do about that. I don't even have the time to think about what to do about it.
As the character of Galen on Crusades once said, "There's always hope. It's the one thing that no one's figured out how to kill yet." That can be said about a lot of things, including the $250kus bounties placed on the the authors of viruses, in particular SoBig, Baster, and MyDoom. Microsoft created a $5mus fund in November of 2003 to pay rewards for information leading to the arrests of these worms; so far nothing's worked, and the culprits are still at large. Clues have been found and trails followed, but all of them have either been dead ends or had long gone cold. Only time will tell.
Something that puzzled Albert Einstein during his life was where so much of the mass of the universe was. In his calculations, he determined that to keep from contracting once more into a single point the universe had to have much more mass than could be seen, but he didn't know where it was. There is now some very strong evidence that suggests that it might not be mass preventing the recollapse but energy, dubbed 'dark energy', meaning that it cannot be seen with the naked eye (or eyes technologically enhanced in some way, such as with telescopes). This dark energy, if it exists, counteracts the net gravitational field of the universe (Einstein's 'cosmological constant') and prevents the Big Crunch from occurring, at least not anytime soon. Very little is known for sure about dark energy, let alone whether or not it really does exist outside of mathematical models of cosmological activity. The going theories are that dark energy is coming from everywhere at once without a point of origin, or that dark energy is associated with an omnipresent, constantly oscillating energy field referred to in the article as 'quintessence' for lack of a better term (amazing, how things tend to come full circle, isn't it?) (I would think that this 'fifth essence' would be a counterpart of the four fundamental forces of physics, the strong and weak nuclear forces, electromagnetic force, and gravity). Until harder data comes in, the jury's still out.
I got a pleasant surprise today - I ran into Vlad, who works for Dell field service. He was in the office this afternoon fixing some desktop machines.
Well, it's been conclusively decided: One's feces would not be large enough to appear on an aerial photograph of a parcel of land at 1/24,000 scale. I need to get out of here.
I don't think I've ever bitten my tongue so much in one night. As my family is wont to do over dinner, we were discussing politics and current events of the day (and you wonder why I'm a news junkie...) and the discussion, of course, turned to George Bush's announcement that he will try to amend the Constitution to make it impossible for gays and lesbians to marry. Infuriatingly, John Kerry is a proponent of 'separate but equal', meaning he's all for civil unions but not actual marriage. He's also against the constitutional amendment but I think that's a reactionary position to pit himself against Bush in the upcoming election.
I'm sorry that I keep talking about this, but this hits too close to home for me. So close that I actually feel physically ill when I consider it.
My grandfather is a staunch supporter of the 'old school', if you will. He is very against the concept of homosexuality and the idea that two people of the same sex would even want to get married is abhorrent. "They're getting bold.. they're getting greedy.. they had all the rights we have when they were in secret, now they're trying to change everything."
Dataline is very much a 'live and let live' kind of woman. As long as you're not hurting someone (which I would extend to 'non-consensually'), so be it. She hasn't said that she is in favour of homosexual marriage, she hasn't said that she's against it. I think it's because she just doesn't want to deal with the possibility that a fundamental facet of society could change so radically, and in a way I can understand that. Change of that magnitude is scary, and when you've had a lifetime to get settled in and figure out how the world works a change like that makes you sit down and reevaluate life as you know it, which is a slow process that can take years to settle.
"They." "They." "They."
It took every ounce of strength I had to not correct them: "We."
It actually makes me angry to hear them talk like that. Lesbians, homosexuals, and bisexuals aren't another species (well, most of us, but that's a different story), nor are we something that everyone's heard about but no one has ever seen, like Bigfoot, a humble ant, or a time where Richard C. Hoagland is talking about something empirically verifiable. We are people, just like you. We laugh. We cry. We bleed. We hurt. We love. We work alongside you. We go to church (or our equivelent). We read the same magazines, newspapers, and books as you. We watch television. We listen to music. We dance. We complain about the weather. We walk alongside you down the street and drive next to you on the road on our way to work, school, and the store. We ride the same buses, trains, planes, and boats as everyone else.
We're not to be feared or hunted or made fun of, and we sure as hell don't want you making our choices for us. Some of us want to marry for all the same reasons as a heterosexual couple, because we're in love. We don't want a civil union which legally gives us the rights to share the benefits of one's partner but none of the respect or recognition that only straight people get. We don't want to see the Constitution of the United States changed to redefine the concept of marriage to mean only a heterosexual couple. We just want to live our lives, just as you do, only without having to look over our shoulders and without living in a world where 'separate but equal' means 'equal'. If we're not given the same respect and rights as you, we're not your equals. We're second or third class citizens; i.e., we are not equal. That's all we want - to be equals under the law and in society.
Strangely accurate.
As you've no doubt read, last night was a haze of panic, phone calls, and wondering whose security was breached. Once that clusterbombing was cleaned up I spent part of the night trying to cancel my subscription to PC World magazine because of all of the stuff that comes in the mail, it's only marginally more useful than the credit card applications that pile up at the end of the week (which I shred, incidentally, and use to stuff my beanbag chairs in the Lab). The first thing I noticed was that when I called the 'cancel my subscription' 1-866 number it was answered by a computer. A very sophisticated computer, no doubt, which was able to understand my body's speech patterns (even with a sizeable dose of adrenalin coursing through its bloodstream). The second thing I noticed is that it goes out of its way to keep you from actually cancelling your subscription. Understandable, really - they want to keep every last subscriber, and the more they have, the more money they make. Simple corporate logic there. The third thing I noticed, however, is that I wasn't actually able to cancel the subscription, I was only able to keep it from be renewed at the end of this year. Net result: I still get charged for this subscription cycle. Dammit.
If I wasn't at work right now I'd try to get in touch with a real human being or two and bend a couple of ears. $25us is two tanks of gas, less if the state of Pennsylvania decides to raise its gasoline tax.
In imitating the cycle that worked so well for me in college (read and highlight, take notes, make margin notes, re-read notes) I've decided to stop progressing in my CISSP book and go back to the beginning to take notes. I've got a blank notebook and I've started going through the review sections of each chapter, hunting down the facts they talk about, and making notes. In doing that this morning, I noticed that the ride was oddly smooth about a half hour out from the Lab, which is most unusual on Pennsylvania roads. This was because the bus had stopped - traffic was backed up and over the radio we could hear the dispatcher reading detour directions over the airwaves. There was a fire in Sharpsburg this morning, and traffic was snarled for miles around it (due to the positions of the highways). Eventually, we drove past what I think was an old warehouse billowing a thick cloud of black smoke into the chilly morning air. Down at the base of the building, from our vantage point on the highway deck (and abouve the street in a bus), we could see what looked like a thick mat of flames roiling like oil on water and backlighting the smoke with an eerie orange light. Through the occasional breaks in the smoke an occasional tongue of fire could be seen trying to claw its way toward the sky. There was little wind so mostly everything just rose straight up, up and kept going.. almost as an afterthought, there was a not-unpleasant scent of burning wood on the air, something not ordinarily associated with building fires.
Swift Fox probably got that call this morning, Sharpsburg is his stomping grounds. I hope he's okay.
I think I forgot to enclose a copy of my resume' with that job application last night. Dammit.
Strange, strange dreams last night. I wonder what stirred up those images?
There is an excellent article over at 2cpu.com talking about hyperthreading processor cores under Linux that every hardware junkie should take a look at. Hyperthreading is the name for Intel's new CPU architecture which basically puts two processors onto the same silicon chip, meaning dual-processor power (well, slightly less, but not much) without having to buy a mainboard that has multiple processor sockets on it. We use CPUs similiar to these at work (1.4GHz Intel Xeons with hyperthreading) and they're slick as teflon when it comes to crunching numbers. Redhat Linux and Fedora Core 1 both recognised them right out of the box and treat them as dual-CPU systems without even batting an eyelash. But back to the review.. it briefly goes over the latest generation of processor cores, code-named Prescott, talking about the increased amounts of level one (8KB -> 16KB) and level two (512KB ->1MB) (level one and two cache are used to temporarily store instructions and data on the CPU itself, so it doesn't have to waste time re-fetching them from RAM later; it speeds up processing immensely), on-board buffers to store data before it's moved onto the mainboard's bus, and two sets of registers, one per logical CPU (registers are the fastest memory in a computer, and are used to store data while it's being operated upon directly).
The reviewer goes so far as to state not only what software he used to test these CPUs but how he compiled it and even the configuration files used, in some cases (such as the kernel itself). I'll break down the numbers for you: In the kernel recompilation test, the Prescott CPUs with hyperthreading turned on and off were neck and neck, with the 'on' trial coming out ahead in a straight rebuild (i.e., no funky options were passed to the make utility). With the '-j 2' flag passed to GNU make, Prescott CPUs with hyperthreading active stomped those with the functionality turned off soundly. In the MP3 encoding competition using Blade Enc (which was written to take advantage of multiple processor cores), the two modes of the Prescott CPUs were again neck and neck. When it comes to hammering the Apache web server software until it falls over, hyperthreading again ate the lunch of the CPUs that had it turned off. However, in the MySQL shoot-out, the Prescott CPUs were beaten by the 'plain Jane' Xeon CPUs without hyperthreading functionality. In the Java VolcanoMark test runs, a standard 3.2GHz Pentium-4 CPU beat the pants off of the Xeon version and just edged out the Prescott CPUs. If you've got the cash to spare and you're building a system to handle some serious computing, like number crunching or 'nothing but source' en masse compilation, you might want to look at the Intel Prescott CPUs. If you're just building a home system you'll probably want to save your money for a more pedestrian CPU.
Everyone who runs a server of some sort, be it a webserver for friends, an IRC server to chat on, or some other type of publically accessible system wonders occasionally what would happen if one of their users went rogue and did something that would attract the attention of the authorities. Most people don't worry about it because they trust their friends pretty far. But what if it happened just the same...? The same worry applies to companies that make money hosting servers for people, only they've got lawyers to help them out, right? Sometimes it doesn't make a difference. On 21 February 2004 CIT Hosting was raided by the Federal Bureau of Investigation. What's more, because they couldn't comply with the FBI's demands that they turn over information about users of an IRC (Internet Relay Chat) network they hosted in their facility the FBI decided that instead of sitting in the NOC sifting through gigabytes upon gigabytes of data, they pulled a couple of trucks up to the building's loading dock and stripped every last computer out of the building to cart back to regional HQ for analysis. Every last computer. Of course, the FBI says they will return it all once they've picked them apart to see what they could find, but until they do that company's effectively dead in the water. There's no telling how long it'll take them to go through everything. It doesn't just happen to kids anymore...
Here's something that sci-fi fans will sit up and take notice of: Dr. Hunter Hoffman of the Harborview Medical Centre of Seattle, WA has been using virtual reality simulations to help treat burn patients. The VR programmes were used to occupy the minds of burn victims while nurses were changing the dressings on their wounds, traditionally an extremely painful procedure. The patients' minds are so deeply synchronised in VR that they really don't notice the pain; they are aware, of course, that something is happening but exactly what doesn't register, hence, less pain. The screenshots of the simulations are extremely detailed and the landscapes are very realistic, so I can see how easily the users of these simulations accept the programmes. Dr. Hoffman's theory is that physical pain has a strong psychological element, which is what makes it so difficult for many to handle. By replacing that psychological element with something much more benign, the body can more readily adapt to short periods of increased pain. He is also experimenting with using VR simulations to treat people suffering from PTDS, post-traumatic stress disorder. By exposing patients to highly detailed virtual replicas of the original situation which caused their brains to associate internal states with higher levels of stress hormones (basically, training the brain to function normally at higher levels of excitation, rather than relative states that most would equate with 'calmness'), the mind gradually adapts to the stimulus and thus the memories, and stops using them to cause the states of excitation.
Fascinating. It reminds me a lot of stories from feudal Japan, where samurai would play chess to distract themselves from the pain of battlefield surgery. With enough mental discipline, it is possible to control the signals of pain that one recieves from one's body to the point where it is no longer felt, or at least interpreted as bodily discomfort. Advanced states of hypnosis are occasionally used for this when patients are, for whatever reason, unable to undergo anesthesia. Deep meditative states can also be used for this. I'm inclined to think of this as another way of controlling the mind so that it can have better control over the flow of information from the body.
I realise how hideously late this is, but it's been said face to face, and I'd like to write it here. Happy birthday to Dataline, who turned.. older than I.. on 15 February 2004.
I would also like to wish my grandfather a happy birthday, who turned 85 today. Wszystkiego najlepszego z okazji urodzin - kocham cie, dzi-dzia.
|
|
|
|
|
| ||||||
| Asexual reproduction is love. | |||||||||||
<laughter!>
Another day in the trenches, another middling paycheque to spend on bills, bills, and maybe a buck or two to put away for a rainy day (which are frequent around here, so even that doesn't last). More and more I'm starting to wonder if there will ever be a way to break through to something more, something that will give me a chance to get out of here. There's still hope, there is always hope. But it fades daily, and the routine has a way of crushing any aspirations one might have toward becoming more than someone's tool. The few breakthroughs tend to be dead ends or illusions, and I'm starting to get tired of trying to make things happen. No matter what I do, how hard I try, how much energy I pour into things, it doesn't make a difference.
Just when you thought things were a bit more sane in other countries, everything changed. The Parliament of the European Union has drafted a mandate of intellectual property laws in secret session, releasing the text only six days before the vote is to be taken (shades of the USA PATRIOT Act, anyone?) This is the first chance anyone's had a chance to look at it, and things are looking pretty grim. In the words of one presenter, "You just have to trust us."
Riiight... the scope of the laws has been broadened frmo counterfiting and piracy to encompass all intellectual property related disputes, including peer-to-peer file sharing and everyday interoperability problems (and solutions, presumably). Article 8, which allows for secret court authorisations of raids, sounds a lot like 'black ops', of the sort allowed for in the US. Article 10.1 allows for the freezing of any and all assets before a case has been brought to court not only paralyses companies and people in much the same way that a broken neck can, but without access to one's money makes it damned difficult to even retain a lawyer to defend oneself. Can we say 'sitting duck', boys and girls? Article 8.5 is one that I hope never catches the eye of anyone over here in that statements by anonymous witnesses can be admitted into evidence to denounce on-the-record witnesses. Otherwise known as, "A little birdie told me you're full of it." The FFII (Foundation for a Free Information Infrastructure - UK) thinks that this mandate opens the field for opportunistic legal threats to shut people up or down whenever one of the big boys in the sandbox doesn't like the new kid. If you're curious about what's happening on the other side of the pond, hit the links at the bottom of this article and gift them a read. It's interesting stuff, in a David Cronenberg sort of way.
The US Department of Defense is in the market for upgrades - they've just purchased a 2,132 CPU massively parallel computing cluster running Linux as part of a programme to upgrade their high performance computing facilities. The system they've just purchased contains 1,066 computers, each containing two Intel 3.5GHZ 64-bit processor cores connected to one another using a gigabit Ethernet network fabric.
In case you're curious, there are two basic ways of using computers to solve extremely large mathematical problems (such as calculations used in engineering and probability). You can either put the problem on a single computer, usually a big one, and let it chug away until it find the solution. Due to the nature of such problems, this tends to be a bad idea because they tie up a single system for extraordinarily long periods of time. However, also due to the nature of these problems, they can be readily decomposed - you can break them down into lots of smaller problems which are much simpler when compared to the big picture. Once you've done that, you can start farming out each smaller problem to other computers and let a pack of systems all working at once solve the different parts of the problem simultaneously. When they're all done, you put the small solutions together into the big solution you're looking for. That is how massively parallel computing works, by breaking down very complex problems into lots of simpler ones, putting individual computers to work on each sub-problem, and the assembling the end result. That's how their new cluster works.
Never ones to let go of something easily, bits and pieces of the now-defunct TIA (Total Information Awareness fnord) project, once lead by retired Admiral John Poindexter are alive, kicking, and under the jurisdiction of other government agencies now. The TIA programme was gunned by congress after projections showed an unacceptibly high false positive rate in their setup's constant search for public activity that might signify oncoming Terrorist Attack(tm). There is another ongoing project called Intelligence Community Advanced Research and Development Activity which has as some of its developers those attached to Poindexter's TIA-related projects. Odd. Word's gotten out that Congress, while killing TIA, has not terminated funding to projects that could still potentially be used to find terrorists, collectively referred to as the National Foreign Intelligence Programme; exactly which intelligence agency has control of it is classified. Another 18 data mining projects (once part of the TIA programme) are also still funded and operating. Like the Laernean hydra, if one head is cut off, two will sprout in its place; that's what this feels like.
It's about time.. Microsoft is releasing a CD-ROM of Windows updates, to facilitate getting systems patched up and secured. It's being aimed at end users whose links aren't fast enough to download all of the necessary patches in a timely manner for XP, ME, 2k, 98, and 98 Second Edition. However, they still advocate using Windows Update because the patches on the disk only date up to 15 October 2003. Users can order the CD at no cost and it should be recieved between two and four weeks afterward (well, at least they're faster than CERT); the update CD-ROM is available only in selected countries (basically, the biggest ones). A version that covers the rest of the world will be available after today (23 February 2004).
Brain back on line. Blood concentration of caffeine circulation system now minimal.
While paying some of my bills this evening, I got an unexpected and unwanted surprise in the form of an unauthorised charge on my credit card. Needless to say, I called the company to cancel the charge and when the cancellation goes through I'm going to cancel the card entirely and sit down with the credit agency to figure out what's been going on. I don't like surprises, especially ones like this. At least they were nice enough to listen to me, and had offices open late enough that I could get in touch with them after work.
For the rest of the night I've been applying for other jobs, in the hope that I'll find something more substantial, but only time will tell, really.
I've taken the pride banner down from my memory log page because of the bandwidth required to send so many copies. Sorry, everyone. It's still on the index page, though.
Today's been another bad one. Not because of anything that's happened but because of how I woke up. I had a reasonably good night last night, heading out to Swift and Silaria's for D&D night (and finishing up with a round of Chez Geek, sans instructions), checking in with everyone, and then crashing for the night. I woke up this morning feeling, once again, like getting out of bed was probably the worst thing that I could have done. I hate living at home, I hate being the only one doing stuff around here (though simply stonewalling them into getting off their asses has met with some success in recent days), and I hate having time to myself when it's deemed appropriate - this includes hunting for a better job, mind you.
Most of today's been spent doing laundry and trying to get my head screwed back on straight. Mostly I've just been reading, or trying to read. I wound up breaking to exercise this afternoon to clear my head and get my blood pumping for once (gods only know, it's about the only thing that even vaguely resembles physical activity anymore, and hiking across the city to get to and from work doesn't really count as such) and get raked over the coals because "I'm looking anorexic again, and I've never heard you out of breath from exercising before."
This coming from a woman who didn't get dressed until 1550 EST or so, napped on the couch off and on all day, and routinely eats a quarter-bag of potato chips as an evening snack.
So here I am, with a stack of bills and a cup of coffee wondering what, if anything, I should do next.
I finally got Leandra upgraded to v2.4.25 of the Linux kernel. v2.4.24 just didn't work out too well.. well, maybe it could have, if I'd had the time to hack around with it and see what was going on, but never did. Anyway, I'm going to stress-test it for a while and then if all works out install the GRsecurity patch and benchmark it. One of these years I'll get the time to digest all that data and write up a formal report of some kind. Maybe it'll happen.
Well, that settles that question...
Kept under wraps a lot of the time, but not necessarily dead...
I like boots so much, I even have a pair or two that go well with a business suit.
Well, this would make Charles Fort (RIP) sit up and take notice: For the second time hundreds of electronic locks in Las Vegas, NV have up and died, stranding many by locking them out of their vehicles. By the evening of Friday, 20 February 2004 locksmiths' shops all over Las Vegas were swamped with people calling for help because the electronic locks in their cars, trucks, and SUVs were completely dead. No one's sure why or how it happened, but there is no dearth of theories attempting to explain the phenomenon. Radio frequency interference, magnetic pulses, radiation of sundry kinds, static electricity, electrical activity, terrorist activities, Those Evil Hackers(tm), Big Brother's Black Ops(tm), Jake Day, solar radiation.. you name it, people are suggesting it. The solar observatory in Big Bear, CA, shot down the solar radiation theory by saying that solar activity was actually subdued yesterday, not more pronounced. The location of the now-defunct military base known as Area-51 is rather close to the Vegas core, but as far as anyone who can get anywhere near that place knows, it's been cleaned out, packed up, and abandoned (though there is the odd Camo Guy patrol still on duty out there).
Weirder than Tupperware ladies on acid, I tell you.
The excitement never ends. The price that must be paid for a single good, restful, relaxing weekend is too high. It's not worth it.
I hate my lives.
Surprisingly, it was rather pleasant Outside this morning, with a temperature in the high 30's (Farenheit) and clear skies. It's strange, not having to wear a parka to work. Of course, they're predicting snow for later tonight or early tomorrow, so you can't even count on the weather around here to cheer you up.
Okay, have to pull myself together. Something reasonably complex and technical...
Those of you waiting for direct neural interface technology, the direct connection of computing equipment to the human brain, will find this interesting: A team of researchers at the University of Calgary have made an interesting discovery. Nerve cells grown on silicon chips are capable of retaining information, which can then be passed on to the rest of the brain. Neurons attached to these chips were observed to grow much more dense dendritic networks (dendrites are the structures in neurons that actually store information by forming connections to other neurons) than normal. Even more interestingly, these neurons were found to have actually stored information inside themselves, probably through mRNA deposits and changes in internal chemistry (which are also methods used to store information by neurons, only internally instead of externally). These information stores were later read back from the neurons by the substrate chips... basic input/output functionality between a computer chip and organic nerve cells. Tiny electrical charges produced by minute capacitors on the chips induced the cultured neurons to communicate with nearby cells; equally minute transistors were used to read the information from the cells later.
Since the source code for Windows was leaked onto the Net a few days ago, hundreds if not thousands of people have been poring over it to see what lies hidden inside a CD's worth of material. some of the comments therein are interesting enough to warrant an article all their own, this one at Kuro5hin. The files released appear to be a cross-section of the entire codebase, covering the networking subsystem, the command shell, and even a few screensavers. Some of the comments are just vulgarities, coders blowing off steam for one reason or another. Others are complaints about the development environment used at Microsoft or particular hoops that the developers have to jump through to work around quirks on other hardware platforms (some of which aren't even supported anymore but are too deeply embedded to just tear out). I find it interesting that a few companies (but more third-party software packages) are referred to as 'idiots' or 'morons'. There are even clear warnings to code maintainers that some portions of the code are hacks, and ugly ones at that, and to tread lightly around them lest something critical get broken as a result. Contrary to rumour, the portions of the Windows 2000 code examined so far do not show any signs of purloined open source code, at least as far as anyone can tell.
Who would've thought the guys in my office would be fans of Thundercats? If they're not, they seem to like Snarf's voice a great deal...
As far as I've seen, no one's confirmed the allegations made in this article, so I'm posting a link to it here to see if anyone out there knows anything. A little over two weeks ago, Bank Leumi, one of the four biggest banks in Israel reported on Channel 10 that someone physically broke into their NOC (network operations centre) and compromised security; as the old adage has it, "if they have your keyboard your electronic security's worthless." A laptop was said to have been jacked into their network and two copies of a datafile containing information on the debts owed the banking firm was deleted; there was a backup copy of this datafile that they missed. Without this data, there's no way of knowing who owes money to the Bank Leumi, how much, when it's due, or what the interest rate is, thus crippling the bank's day-to-day operations. Bank Leumi also did not report the break-in, contrary to Israeli law (assuming that it happened). Bank Leumi hired an outside firm to see if there was indeed a break-in; none was found, but no formal report was ever filed (either way) with the Israeli office of Banking Supervision (I'm guessing at the terminology here, the properly capitalised stuff is what I'm certain of). Either way, this could make them look very bad in the public eye. What is it with Israeli offices being hit this year?
I'm not sure if I should feel as if I've been kicked in the groin or if there remains a tiny spark of hope in the vast space between my hearts.
After a fairly serious mix-up earlier this week, I took today off because I had a telephone interview with a company somewhere in Virginia for an administration position. I've been clinging to the possibility of finally getting out of here and moving on with my life with this job, even going so far as to ask for help moving down there and laying preliminary relocation plans. The interview lasted all of five minutes, and consisted of my being asked if I had a number of Microsoft related certifications to my name. I can barely pay my student loans and I'm already working on my CISSP, so needless to say the answer was 'no'. I'd been told by the recruiter that this was a Unix administration position, not a Windows admin position.
What a screw-up.
Needless to say, I'm already out of the running for this. The gentleman I spoke to told me that he'd pass my resume' on to another organisation that uses a considerable number of Unix machines as their back-end, but now I'm not so hopeful.
Fuck.
Pictures from the William Gibson book signing on 16 February 2004 are now on line. I tried to enhance some of the pictures to make them more readily viewable, though how good a job I did remains to be seen.
Today's been spent, for the most part, offline. I drove my grandfather to get a haircut (he doesn't get them all that often, and doesn't have much hair left), and then after taking him back home hit the grocery store to pick up a few things that we'd run out of around the house, like milk. Much of the afternoon was spent editing photographs (my concession to not disconnecting entirely), catching up on my reading, or breaking one hell of a sweat exercising. As much as I love Lyssa's tastes in particular and fine food in general, it's bad for me. I need to start watching how much of it I partake of. I can't lose sight of what I've done, and I'm bloody sure that I'm not willing to let all those years of work go to waste. I could carefully say that perhaps this is a sign that I need to make some changes in life soon before too much time in a static situation starts driving me nuts again.
I did some more reading tonight and then played around with The Gimp for a while, as evidenced by the pride banner at the top of this page.
For a while now, I've been trying to figure out my reasons for making that banner. It might sound trivial to everyone out there, but sometimes I do things and don't know why. Part of it is that I'd like to make known that I stand by other folks out there, gay, bisexual, polyamorous, what have you. After quite afew years, I'm finally becoming comfortable with who I am, and now it's becoming safer to poke my head up out of the foxhole, so to speak. Or at least it feels safer; I don't get the sense that I have to be watching my back all the time. There are folks on my side and I'm on theirs. There's also the matter of finally coming out and admitting that I am bisexual, instead of being quiet about things and sneaking around the fringes of various groups, which I am wont to do out of insociability as well as a general sense of nervousness. This is probably the biggest reason - for once coming right out and saying something. No allusions, no letting people figure it out on their own this time.
One of my screenshots was referenced in an Ask Slashdot column a few days ago. It feels weird, people finding one of my older desktops interesting. No flames have appeared yet, either, which I find truely odd given that it's Slashdot.
Another day in the trenches, this time to play catch-up, fix the stuff that broke while I was gone, and touch base with everyone to see what happened to whom and when. It's going to take me a little time to get back into the swing of things, as evidenced by almost getting on the bus this morning without my ID card for work, without which I cannot even enter the building. Thankfully, there's a second bus stop a few streets away, so I was able to run back to the Lab, get my ID card, and still make it to the bus and thus to work.
I'm still wondering why everyone in the city, it feels like, are driving like madmen today. Buses are cutting each other off. Cars are honking at each other almost ceaselessly (even going so far as to produce a nifty Doppler effected noise while passing through a tunnel) for no reason that I can tell. Hell, shortly after arriving downtown we were treated to the sight of sights: A team of paramedics scraping up a jaywalker on the main drag and loading him onto a backboard. Even without the Sight I felt a chill pass down my spine as I turned and watched the paramedics work calmly and efficiently. They didn't show any hurry, but then again they never do. They're taught to work fast and work well, and most of all make it look like there isn't any hurry to keep all concerned calm. There was no sign of the car that'd hit him, no vehicles pulled over other than a police car or two and three ambulances (which seemed overkill to me, but then again you never know what is procedure and what is paranoia).
I could have done without that today.
I hope that guy will be okay.
Some days I hate missing work.
I still don't know why the trip back home is longer than the trip down. When driving down to Maryland to see Lyssa this weekend, it took me slightly over four hours and three-quarters of a tank of petrol to go the entire way without any stops. The trip back was almost six hours (though, to be fair, that counted a thirty minute break for coffee, petrol, and Transmetropolitan). Still, four hours down and five back up? Thinking about it, it could have been a number of things: Workaday commuter traffic, the fact that it was dark and we were travelling through the mountains south of Pennsylvania amidst road construction in places, caution of the other drivers, the colder air impeding engine performance somewhat.. it could be a lot of things, some combination of factors, and probably a few that I haven't thought of yet.
Anyway, by 2200 EST I was back at the Lab, the car was unloaded, and I was merrily scarfing the remains of Lyssa's sweet chicken curry for dinner, with the last slice of birthday cake for dessert. Long road trips tend to make me hyper, especially if I've been on the road for a while: My mind tends to run as fast as the car did, and it takes a while to slow back down. I'll write about meeting William Gibson when I get home tonight, because that'll take a good deal longer than I normally have while multitasking at work. After a quick hunt through the baggage for things I'd need today (like toiletries and the charger for my cellphone) and a shower, I tossed and turned in bed for a good hour or so until my brain finally put itself into warm shutdown mode for a few hours. Waking up this morning was remarkably easy, probably because I'd caught up on my rest while in Maryland.
In a slightly frightening display of the maxim that enough eyes will find many the bugs (time finding the rest), the first vulnerability found as a result of analysing the leaked source code to Windows was found and announced over the weekend. The vulnerability in question affects IE5 and Outlook Express and is found in the subsystem that handles the processing of bitmap files. In particular, an offset into a referenced bitmap can be used to push executable code onto the process' stack, which results in remote code execution. Lovely. IE6, thankfully, isn't vulnerable. A proof of concept exploit was posted to the mailing list full-disclosure, almost as if to hammer the point home.
In an unexpected twist, the famous virus programmer Gigabyte was arrested last Monday in her hometown of Mechelen, Belgium. Gigabyte is known for her virus development prowess and sense of humour, and the fact that she is a female in the almost entirely male virus development scene. She was out on bail less than 24 hours after being arrested, questioned, and brought up on charges of computer data sabotage, a crime which carries penalties of six months to three years in prison and a 100k Euro fine.
The FBI's been called in to figure out how the source to Windows got out. Microsoft internal security has stated that the leak of the source code was not due to a security breach on the part of Microsoft, but perhaps due to one of the organisations included in their SSI, Shared Source Initiative. The SSI allows member organisations to gain access to certain portions of the source code to Windows for various reasons, usually to assist their programmers in writing applications more effectively. It could very well be that a developer somewhere released the code for some reason. Microsoft's press release states that "there is no known impact on customers"; that's not true, if you'll scroll back a few lines and check out the first security vulnerability discovered as a result of auditing the leaked code.
If you're still curious (read: not burned out) by SCO's Linux kernel lawsuits you might want to check out this article at Computerworld that's short, sweet, and to the point. There's no legal or technical language in it, it's written for everyuser. SCO says that because they own the rights to the original SYSV source code, they also own the rights to every extension ever written for that code. Because Linux has some of the SYSV code that was released to the public in it, they say that they own it also. They also say that because IBM wrote a brand-new file system for AIX (IBM's version of Unix), SCO owns the rights to that, too. If you look at the documents from AT&T that Novell dug up, however, it says in clear text "to assure licensees that AT&T will claim no ownership in the software that they developed -- only the portion of the software developed by AT&T." i.e., if you licensed SYSV code somehow and wrote extensions to it, AT&T doesn't own the extensions, you do. Because SCO has the rights to the SYSV code under those licensing provisions, they do not own the extensions to that code anyone's written, either.
I think I'm in a position to write now. I've spent the evening, in order, dozing on the bus home because my mind is dead-tired, eating dinner, taking the garbage out to the kerb, picking up Dataline from the garage (where she's just dropped off her car for its yearly inspection), and watching the director's cut of the last few episodes of Shin Seki Evangerion, which I highly recommend watching, but I'm afraid it's not worth the $29us price tag. Rent it or pass the hat with some friends and buy it, but don't drop the cash all on your own.
But as I was originally going to write about Monday evening, I shall begin. To wit, it is not an easy thing, meeting the man (or woman) who made you what you are. It's downright scary, in fact, and can crash your brain but good if you're not careful.
I feel that I should explain myself on that point.
William Gibson is, without a doubt, one of my heroes. I've been a fan of his work for going on sixteen years now. I first read Neuromancer at the age of ten, or somewhere therabouts. To be precise, I read the paperback edition edited by Terry Carr after finding it in the local library. I pretty much grew up a computer geek, having been given a Commodore-64 at the tender age of six, after They (meaning, the local school district) discovered that I had natural talents for mathematics (a proclamation which they later came to regret), logical reasoning, and strangely enough computer programming as a discipline. Gibson's vision of cyberspace captivated me - an entire universe made up of computers and the sum of the knowledge, experience, and wisdom of the human race, liberally spiced with the secrets that might be needed one day struck me as a simply amazing concept. I promised myself that one day I would see cyberspace, or at least come as close as I possibly could to doing so.
To make a long story short, it's left me with a fascination for computers and virtual reality that has stayed with me to this day. But I once again stray from the topic at hand.
On Monday afternoon Lyssa and I bundled up in our cold weather finery (she in her social engineering t-shirt, I in my Cray Research t-shirt, both of us in our trenchcoats) and we set out toward the state of Virginia to find a Borders franchise; in particular the one which William Gibson would be signing books and talking about his latest work, Pattern Recognition. We also came bearing equipment (namely, my pocket computer, shortwave scanner, and digital camera) and things to get autographed. The first thing we did when we arrived was jump into line to get numbered tickets for the book signing - numbers 75 and 76. While Lyssa stood in line I roamed around finding copies of books to get signed for people who, regrettably, could not be there, as well as a few people who are in for a surprise.... The store's selection of books by Gibson was picked clean by the time I checked out; only a few trade paperback copies of Pattern Recognition were left on the shelves by the time I got back into line. I spotted some folks who were definitely kindred spirits in the building, if the Defcon jackets were any indication.
That proved to be the first of several trips to the checkout counter that night.
We spoke hurriedly to the.Silicon.Dragon and after straightening out exactly what was meant by "getting tickets" he set out to join us, arriving about halfway through Mr. Gibson's presentation. As we recieved our line tickets (to organise the book signing) we had to present the things that were being autographed to be checked in and tagged as "yours, not ours". The Neuromancer game box drew a few raised eyebrows from curious onlookers, but now I'm getting ahead of myself.
The first thing I noticed is that Mr. Gibson is tall, at least 6'5" if he's an inch. The second thing I noticed is that he's aged extremely well, and his voice hasn't changed overmuch from the interviews and recordings of Neuromancer that I've heard in the past. He spoke briefly about the background of Pattern Recognition and read a short passage from one of the early chapters of the novel. Following that he expounded a bit more on the setting of the novel, and capping it off was a Q&A period from people in the audience, which by the time he began the presentation was standing room only. The most prevelent questions asked were about the writing process and why he decided to bring P- R- into the now-just-past. One person asked him which of his novels were his favourite. He replied that he doesn't often go back and read his own novels, though Idoru is his favourite. I had a few questions to ask him, such as "What kind of research did you do when you were preparing to write P- R-?" and "How does it feel that you, to some extent, predicted the flow of events fifteen or twenty years down the line in your novels?" but unfortunately I wasn't called upon.
After that, the three of us loitered around to kill time because people were called up in blocks of twenty-five for the book signing part of the night. It was at this point that I found my copy of the Evangelion Director's Cut DVD and the soundtrack to Transformers: The Movie, and also spent time discussing the .//HackSIGN drinking game (which I think that Silicon really should write up). The folks at the checkout counter were becoming more and more amused by our repeated trips to buy things. When it was our turn in line, Silicon stood with us and talked, mostly to keep me calm, I think. We had a very good discussion about musicians' rights and indie record labels, and joked a great deal about my nervousness. Lyssa was cool as the proverbial cucumber and took everything in stride.
I stood dumbly, almost mute as it was my turn. Mr. Gibson autographed the hardbound copy of Neuromancer that Lyssa had given me for my birthday, as well as my hardback edition of P- R- and Idoru for a friend. He was slightly taken aback when I asked that he autograph them to the Name I Call Myself (The Doctor), though when it came time to sign the game box he wrote in feltpen "The Doctor is in! --Wm. Gibson" on the cover.
My hearts skipped beats at this.
I recall asking him if he planned on writing any more short stories in the future, and was rather surprised to hear that writing short stories requires a mindset different from that of writing novels. He didn't have any plans to write short stories anytime soon.
At this, I said goodbye, packed my things, and walked back to my seat.
When Silicon's time came, Lyssa and I positioned ourselves nearby with my camera at the ready. We got a few good pictures of Silicon meeting Gibson, and when everyone else had gone he was nice enough to take a group picture with us. I've got the images on Leandra right now and I am in the process of editing them to put them on line. Before we'd left Lyssa asked him if he was interested in joining us for dinner at a nearby restaurant, because authors on tour don't often get to do much besides return to their hotel and crash. Gibson thanked us but declined, saying that he had to be in Philadelphia, PA early the next morning. Flattered yet respectful, we said good-bye and walked downstairs to the front of the store to leave.
It was at this time that the realisation hit me: I'd just met William Gibson, the man whose works shaped my life. Speech became impossible; my hearts began to pound. Ye gods, this was like meeting one's maker.
I managed to recover and calm down. He's a man. A gifted man, a talented man, but a man. A hero, but not a god.
Plans were laid - dinner nearby, Lyssa and I following Silicon to the restaurant. No sooner had we set off toward our respective cars, than a tall, familiar looking figure got into a sedan at the front of the store... yep, William Gibson, on his way back to the hotel. We waved good-bye and headed out for a bite to eat, whereupon we met up with Elwing and talked into the wee hours of the night about the day we'd just had.
Back in Pittsburgh. Unpacking and getting ready for work tomorrow. Will write when I have a chance.
It is done. It's happened. I'll write and post the pictures when I'm on a link that's not slow as Oracle on an 80386 box.
Well, I'm in DC. I got in safely.
I got up early this morning to share breakfast with Dataline. Last night we celebrated our birthday early because I was going to be visiting Lyssa this weekend. I baked her a cake using organic cake mix (which I was skeptical about, I must admit), a two layer deal using two pans; she frosted it with whipped frosting and topped it with coconut (her favourite). I'd picked up a few pouches of decorative frosting to ice the cake, but I should have read the instructions: They required cake decorating tips to do anything useful with them. After tying a plastic bag over the nozzle with a rubber band and cutting the corner off, I had a perfectly servicable icing bag, which I used to write our names on the frosting. A search of the house unfortunately did not reveal any birthday cake candles, so she plucked one of the tapers from the candleabra on the counter and drilled it into the centre of the cake. What fun is a birthday if you can't improvise a little?
I gave her a nightgown, a flannel bathrobe, and a porcelin doll as gifts for her birthday; she got me an Amazon gift certificate. She fell in love with the doll immediately; she collects dolls. We spent the night eating cake and talking with my grandfather, reminiscing about the year past and everything that's been going on. We don't do that as often as we should, we just don't. I think I'm going to make time to do that more.
This morning she was going to visit some of her friends around town and have her hair done. After breakfast I'd packed some things for the trip down, cleaned the car out, and geared up to hit the highway. After a quick stop off for petrol and pocket money, I took the maze of back roads that is my neighborhood to the highway and set off for Washington, DC. Lyssa called around 1300 EST to check in and make sure that all was well. We spoke for a time and then parted ways so she could get a few things done and I could make headway across the countryside. After a few CDs in the radio I gave Pace a ring on her cellphone to see what was up in her sector of the Net. I caught her on a layover in Memphis, TN with two friends who were on their way to San Francisco, CA to get married.
Good luck; all my best!
While we didn't have a chance to speak for very long, we did touch base briefly. Pace has something big, very big on the horizon, and I wish her well with that.
Somehow, I made it to DC in record time, a little under four and one quarter hours, to be precise. I didn't stop for rest breaks for some reason. Once I hit my stride I just didn't want to stop. I love singing too much on long trips, and I did quite a few CDs on the way down. I'm getting pretty good at Iris tunes. Perhaps I'll start without music when I get a chance, I have to start building confidence in my own voice. Anyway, one quarter of a tank of gas (and one hell of a delay after getting stuck in traffic) and I pulled into Lyssa's driveway. My cookies went over big; I'm going to have to bring another batch down I have a feeling (because we tore into them shortly after I got in). I got her book six of Transmetropolitan as a Valentine's Day gift, as well as a copy of Immortals and a kit of face paints. When we went shopping for dinner tonight, I picked her up a bouquet of roses at the store. She'd gotten for me a set of Prydonian Academy ROTC dog tags, a nifty blinkylight keychain that throws off quite a bit of light when it's turned on, and three books: A Six Doctors retrospective, the Doctor Who Technical Manual, and gift of gifts.. a leather bound hardback copy of Gibson's Neuromancer, which I plan on having autographed on Monday afternoon.
Dinner's ready. More later.
Last night I headed out for a bit to do some research, namely, finding a few books for a colleague of Dataline's who's interested in getting into Linux. He's fairly technical (I think he's one of their IT ninja) so a type-by-numbers book wasn't right for him. The Redhat Linux 9 Bible and Redhat Linux Fedora All-in-One Desk Reference For Dummies (which actually assumes quite a bit of computer literacy and ability to think logically) were at the top of the list. I'm also going to suggest to him that he read at the very least the Linux FAQ (which, if I read the revision history correctly, needs updated soon). While I can't be sure, he seems genuinely curious and would like to do some experimenting; he's got the right idea, gathering as much information as he can before deciding what to do and how to go about it. I hope he's serious about it.
I'm pointing him in the direction of Redhat in general and Fedora in particular because they're generally the most user-friendly of all distributions, with excellent documentation (both dead tree edition and softcopy), excellent user support, and excellent GUI configuration tools. In recent years of working with computer users (read: desktop support) and having to support Redhat Linux for both users and as a backend, I've learned a few things (many of them while trying to figure out Redhat myself). First, it's really not as bad as it seems at first. Yes, it's simple. Once you start actually poking around, though, it's actually quite complex on the backend. If you're used to other distros or new to Linux in general, it's quite daunting. I like a challenge; end users, on the other hand, might not. They have things to do that don't include picking apart config files and staring at directory listings, like writing reports and sending e-mail. The GUI tools are good for setting things up if you're not familiar with The Redhat Way, or if you're just starting out in general. One of the things I did when I was getting started with Redhat was to make a backup copy of /etc (at first, individual configurations' subdirectories later), use a text tool (like redhat-config-network-tui) to change something, and then use the diff utility to find the differences between the backup and the new version. It's long and messy but if you want to see what something changes it's the way to go.
It's also the one that people tend to go to when they need tech support from the company and not a bunch of newsgroup postings. When last I was on IRC, it was pretty much a waste of time when it came to trying to get help. If you're not computer savvy, using search engines to try to find a solution to a problem when you might not even know the right words to search on is only going to be frustrating. Many ISPs don't even have Usenet feeds anymore, so searching the Linux related newsgroups probably isn't going to happen (unless you use a service like Google Groups, and even then its user interface leaves a lot to be desired). In a lot of cases, having a real book with a real index sitting next to you is the best thing. Also, you can make notes in the book, highlight important things.. academic stuff.
I'm hoping to push him toward Fedora because technically Redhat 9 will be discontinued soon due to Redhat's trying to stay in the black. Fedora's already in excellent shape (at least, Fedora Core 1 is; I can't even get to the release announcement for Fedora Core 2 because it made the front page of Slashdot last night) and it's sufficiently like Redhat 9 so that the same books and files will still be mostly accurate. Some things have changed, to be sure, but the vast majority of it has to do with the user interface end of things. If you start digging into the OS itself it's actually very much like Redhat AS and Redhat 9; only the software revision numbers have changed, not so much the file system layout or the config files. If you know one, you basically know the other at this point in time. Besides, it'd be nice to have him in a position to learn utilities like yum and apt for managing packages on his machine. It's easier, let's face it. I ran Slackware for years, but at this point in time I'm sick of compiling everything to upgrade; besides, my wrists can't take it anymore. apt-get install big-hogging-desktop-environment is faster and easier if you're on a Debian box or using apt for Fedora. Once he gets some experience under his belt he'll probably start compiling his own stuff (like I did), but after some period of time, which appears to be different for everyone, you eventually get tired of compiling everything and want it to Just Work(tm). Enter network package repositories and automatic installers.
Anyway, he knows how to reach me; I'll help out however I can.
Remember the blackout in the summer of 2003 that took out a fairly large chunk of the northeastern United States and part of Canada? As it turns out, a previously unknown bug contributed to the problem. Software engineers have been going over the code for months and they've finally found it buried inside of several million other statements. The alarms intended to alert the operators of exceptional situations didn't work, so they didn't know that something was wrong. When the primary controlling computer died, the secondary kicked in as it was supposed to but because events pile up in a queue to be serviced, the queue was so large that it killed the backup too. Because the queues were filled, the entries closest to the front were actually the oldest, so they were working with data old enough to be useless, and thought that everything was all right. Amazing how when enough little things pile up, all hell can break loose, isn't it?
From the information wants to be front, it's been announced that the source code to Windows NT v4.0 and 2000 has been stolen from Microsoft's codebase servers and is being freely circulated on the Net. Microsoft is afraid that knowledgable crackers will get hold of it and analyse it to find heretofore unknown security vulnerabilities that can be freely exploited for months, if not years. Microsoft discovered the theft last Thursday. Whether or not this is an actual threat is a different matter, however: If they're older copies of the codebase there's an excellent chance that some of the vulnerabilities that could be found have already been patched or are no longer relevant due to fixes elsewhere in the codebase (code gets tangled pretty badly as programmes evolve, and sometimes a fix in one place can fix bugs in other places; the reverse is, of course, also true). The thing is, this isn't the first time this has happened. Back in 2000, an early version of the source code to project Whistler, which I think was the code name for Windows XP, got loose on the Net as well.
There's a new variant of the Welchi worm going around that hits systems infected with MyDoom.A/Novarg.A and tries to install patches on them from the Microsoft website. It also attempts to delete the worm if it finds a running copy. This isn't new - in the mid 90's a virus called Chinese Fish which attempted to kill the Stoned virus, and a [cr,h]acker named Max Vision did the same thing back in 1998 when he released a worm into several military networks that patched a serious vulnerability in BIND, which is one of the most prevelent DNS server systems on the Net. Vision was thrown in jail for that stunt, even though he meant well by trying to minimise a serious problem that was resulting in the compromise of hundreds of unpatched systems.
If it's one thing that I love about Comcast digital cable (besides Cartoon Network and Sci-Fi), it's On Demand TV. I love the idea of being able to catch some of ADV's newer stuff as part of basic cable. One word: Chobits. They're showing it on their Anime Network feed right now; so far it's only the first two episodes. It's not half bad, I have to admit; the first time I tried watching it I really couldn't get into it. I'm waiting for Bubblegum Crisis 2040 to wrap around to the beginning so I can see if the rest of it's like the first few episodes (which, I'm sorry to say, didn't impress me much).
This morning I was talking to Dataline on the bus about wanting to spend time with her on her birthday before I hit the highway to drive down to DC. She said without realising it, "We're both big girls; we can take of ouselves."
I'm so proud of her. She's finally starting to understand.
While a lot of people find Marcel Gagne annoying in the Linux world, mostly due to his writing articles with a French accent, he writes some excellent articles. They're not too technical for folks who are just starting out, but they're not too simplistic for people who have some Linux experience under their belts. He's got an article in the March 2004 edition of Linux Journal about trying out multiple desktop environments easily, and some of them at the same time, in fact, that's worth reading once or twice. I have to admit, once I started running Enlightenment way back when (1997? 1998?), which dates me, I've barely looked back. On my lighter weight systems, like Kabuki I run a window manager that requires much less in the way of system resources (Blackbox). Anyway, what I was trying to say was that once you find something that works for you, you tend to not change from it because then you have to spend a lot of time getting used to everything, moving things around.. trying to get comfortable again. It'd be nice if you could experiment without having to lose all your settings; you can. Marcel talks about running multiple X servers on the same machine, dividing them beween virtual consoles. He also goes into how to start various window managers and assign them to different X servers at runtime, which is handy to knowhow to do. He also discusses the Xnest X server, which lets you start other X servers inside windows belonging to an already existing login session.. I've wondered about how to use it for a while now, and now that he's mentioned it, I think I'm going to play around with it a little tonight.. I highly suggest checking out the window manager page at plig.org in case you've never seen what a Linux desktop could look like.
In one of the most plausible theories I've heard so far, the Doomjuice worm going around (which plants copies of the source code for W32.MyDoom.A on the hard drives of infected systems) may be doing so to provide an alibi for the real creator. Doomjuice crawls around infecting computers that have already been hit by W32.MyDoom.[AB] (a.k.a., W32.Novarg.[AB]) by sneaking in through the backdoor software its predecessors left behind. While many might find and remove the worm, they might not find the backdoor it also installs. If the creator gets caught it would then be possible to file a plea of "not guilty because the source code was planted by another worm - look at all those other people who have it, also." Given the fact that software companies are starting to place bounties on the figurative heads of virus writers, this actually makes sense - $250kus is a lot of money for one coder, after all. This might be due to the fact that the author of Novarg.A and .B may have signed his code with the name "Andy", and a message reading "Sorry, I'm just doing my job", in which case it would be time for some serious CYA. Or maybe a nice, long vacation someplace where you can't get DSL.
I realised late last night that I'd forgotten to do something rather important after I got home: Hang up the telephone reciever after checking my messages. Oops.
Today's been more or less like that from the get-go. In hindsight, I wish that I'd not gotten off the bus when I got to town and just rode around all day, it would be better for the world as a whole if I'd done so. But, it's too late to fix things, so I may as well just keep my head down and my mouth shut, lest I dig the hole that much deeper. At least the test ru
