I was mentioned as a Technical Editor in Curtis Preston’s new edition of Backup and Recovery. Thanks for the free book, Curtis!
I’m tying up some loose ends in a garage where I have things.
Today I needed functionality and was unwilling to tolerate bad consumer implementations any longer.My household network may include the following devices at any given time:• a couple of OSX 10.4 macs• at least one Windows XP workstation or laptop• a Nintendo Wii• a Sony Playstation 3• assorted other laptops• A Zaurus• at least one visiting smartphone or IP phone• Sony PSPs• and other such widgets and devicesOddly enough for whatever reason, the PS3 was not fitting into my brave new world of WPA2. Sony doesn’t (even after the last firmware 1.5 update) support WPA2, but does manage WPA [AES].Sadly after a fair amount of trial and error, I was able to determine that the Linksys firmware does infact not offer WPA [AES], but only WPA [PSK]…. Who cares.I sshed into the now OpenWRT access point and the following commands got things where I needed them to be:ipkg updateipkg install nasrebootA really excellent feature of OpenWRT, I noticed, was that it can support WPA2 and WPA devices supporting both AES and PSK at the same time…. After the usual security warnings about how windows can be owned at any moment by anything (which prefaced the installation instructions), I installed the uPnP module via their somewhat odd procedure:cd /tmpwget http://members.optusnet.com.au/edwardluck/openwrt/packages/libupnp_1.2.1a_mipsel.ipkipkg install libupnp_1.2.1a_mipsel.ipkwget http://members.optusnet.com.au/edwardluck/openwrt/packages/linux-igd_1.0.1.ipkipkg install ./linux-igd_1.0.1.ipk/etc/init.d/S65upnpd startThe PS3 then reported that I was running a type 2 NAT (in place of the previous type 3) and that uPnP was now operational.Thank you OpenWRT for giving me the chance to distract my competition with words and laugh at them when I blow them up.
Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.
Hi Marc-not-Marcus,I wanted to give you some feedback on your presentation this evening atthe ISSA because, frankly, I was a disappointed with some of yourconclusions.First, the whole “the internet is an organism” concept of virus andmalware propagation.Lots of people have said this which, I suppose, makes it a kind ofconventional wisdom speaking point. I don’t agree with it and I’ll tellyou why. It centers around the recurring commentary that many in ourindustry have spoken about regarding shoddy software devdelopment.
This was a random thing I encountered, so it bothered me until I figured out why I could not remember the password set for my System Keychain.The reason was that I didn’t set one, and that it is randomly generated…. To view them, you need to have access to the keychain.What is a geek to do?
Hacktivism and corporate culture seem to be more at odds than ever.