On-line Opinion Magazine…OK, it's a blog
Random header image... Refresh for more!

Technically Speaking

Well this certainly inspires confidence, on MSNBC: Internet addressing agency loses its addresses

NEW YORK – This doesn’t sound good: The nonprofit agency in charge of the Internet’s addresses recently lost track of its own.

The Internet Corporation for Assigned Names and Numbers, or ICANN, said it happened when an Internet registration company it oversees got fooled into transferring the domain names to someone else.

The attack was quickly noticed, and ICANN’s domain names were restored within 20 minutes. However, because many Internet directories retain information for a day or two, visitors could have been redirected to an unauthorized site for longer.

You really have to wonder how this could happen. Why would anyone think ICANN would change it DNS or IP address?

On a lighter note: Rupert Goodwins of ZDNet.co.uk offers his list of the 10 most annoying programs on the Internet.

I only deal with 7 of them, and may be down to 6 if Adobe doesn’t stop with the upgrades.

29 comments

1 oldwhitelady { 07.06.08 at 6:26 am }

How oddly scary in regard to the main text of your post.

As far as Rupert Goodwins list, Annoying is right!

2 Kryten42 { 07.06.08 at 10:58 am }

I won’t get into the ICANN Thing… or say what I think of them after many years of dealing with them…

The list however, is another thing! LOL

1. Acrobat (Adobe) Reader!! Damned right! What a PITA and POS (to use two of my favorite acronyms!) 😉 And that goes for Adobe, who get the award after M$ for the WORST software company ever to exist! I use Foxit Reader (free)

2. Apple. *sigh* until I allowed my credentials to expire last year, I was an Apple Certified Desktop/Portable/Server technician, OS-X Server Sys admin, and a couple others. I was a Service Manager for an Apple Center. I had more trouble from Apple and more arguments with them than I ever did with customers, and usually because of the customers and the total lack of care or support from Apple! Whatever happened to them? *sigh* Well… of course, Bill Gates the Saviour of mankind (sic) [puke actually] became a good friend of Apple and Jobs and helped him out of a tight spot and give Jobs great advice on running a company! How nice was that? Yeah. Apple has become an M$/PC wannabe. Not quite as bad yet, but it’s early days yet.

A lightweight and fully working alternative to Apple Quicktime under Windoze is, Quicktime Alternative

3. M$ & Windoze updates. You’ve read my rants. ’nuff said! There are ways around M$ updates! 😉

4. RealPlayer! The godless creation of Real Networks! I haven’t wanted to go near it in many years! It was bad enough then… I hear it’s a LOT worse now! If you must, use Real Alternative and save your sanity.

5. Sun Java! Ahhh… an evil necessity for me and many, with sadly, little alternatives! 🙁

6. Yahoo toolbar and all the other toolbars!! I NEVER install them, and kill any app that tries too!! I have enough crap on my PC with Windoze installed. It doesn’t need any help being a PITA!

7. Norton Antivirus!! Yeah! What a total load of garbage! Everything Symantec produces is garbage! They even make m$ proud by taking over great software products, and turning them into total garbage! Norton Utilities, when it was just ‘Norton Utilities’ was a very useful set of tools. Sygate Personal Firewall was the best FW out there! No more… I think I may cry! :'(

Symantec do actually produce one small piece of invaluable software! And to prove it’s so good, the go out of their way to hide it! Norton Removal Tool

Now, if M$ could make a M$ removal tool… I’d be happy! Oh, wait… it’s called *Format*!

8. Oh yes! The bane of Notebook and brand named PC’s everywhere! Hard Drive filling garbage, and mostly a demo at that! Not even full versions. Sheesh!

9. Outlook & Exchange. It’s M$. Anyone still using them… well… never mind. *sigh*

10. I hate Flash with a passion! I applaud hackers that nuke Flash sites!! The Internet used to be such a nice place to find actual information once. Now it’s Hollywood gone psycho! Anyone that uses more than a single, simple, flash object on a page (and it better be necessary), deserves to be horsewhipped, chained to a tree, and stoned! And don’t get me started on what I think of most insane web designers! The nicest thing I can say about them is… most of them must be failed shoe or used car sales people! They make Al Bundy look like a great humanitarian!

I think I’ll go listen to a very relaxing Aztec music CD I was given yesterday. 🙂 It’s quite nice and relaxing. 🙂

3 Bryan { 07.06.08 at 12:18 pm }

A major portion of the people who comment here have removed Norton from their system because of their memory hogging ways and well as generally intrusiveness.

There is a box to uncheck to keep Sun from install the toolbar. I installed a new version of Java a couple of days ago and caught it in time. I don’t use all of the toolbars that come with my programs, so I sure don’t want extraneous ones.

I’ve never really seen the point of Flash, it’s just an annoying way of keeping people from doing what they went to a site to do.

I uninstalled Outlook before I connected this box to the ‘Net. There are so many hacks that steal the Outlook address book that having it on your box is an invitation to trouble. I use Pegasus in text only mode with manual connection required. It works for me. Not as spiffy, but I don’t worry about becoming part of a spam network if Eset misses a trojan.

Actually the ICANN thing ties into some earlier posts by others. There is an organized effort to go around and highjack other people’s URIs and then extorting money from them for the return. It sounds like a crime to me and I would file a criminal complaint with the appropriate agency, not negotiate.

4 Kryten42 { 07.06.08 at 1:05 pm }

The thing with Norton AV is… It’s not even a good AV!! It never gets into the top 5 (or even 10) for most independent AV test lab annual ratings! IT gives more false positives than it catches real virii etc! What a useless load of garbage. That goes for McCafee BTW! Not quite as bad, but bad enough. And Grisoft AVG and a few others too! The best ones I’ve tested recently are: Eset NOD32, Avast Pro, Dr. Web. Trend Micro PC-Cillin is OK (but can be a bit temperamental), Kaspersky was good, but went commercial and their technical expertise has slipped. F_Prot was good also, but it’s detection and cleaning rate has gone down hill. I could go on. 😉

The best *FREE* AV right now I think is Comodo AntiVirus (they also have a good Firewall and other free tools also). 🙂

Oh… anything from Computer Associates is garbage too. LOL As bad as Symantec and Adobe!

5 Bryan { 07.06.08 at 2:41 pm }

I use Eset but recommend Kaspersky to people who are into IM, because it covers messaging while Eset doesn’t. Kaspersky is almost as much overhead as Norton, but at least it is doing something.

My brother, a former corporate-type had the complete Norton system installed and had to fight with them over the loss of the use of his system for days because their software locked everything up. He enjoys these battles and knows how to wage them, so it keeps him busy.

Computer Associates had some good mainframe software, and then they started buying up micro software companies and destroying their products. Another corporation that sold to a limited number of other corporations and had no experience dealing in the retail computer market. They didn’t have the structure or understanding to enter the market, and then didn’t leave when that became obvious because they had too much money invested.

6 Kryten42 { 07.06.08 at 9:19 pm }

I have held the opinion for some time now that companies like Symantec, CA and several others are responsible in many ways for the appaling state of security and a major reason why ordinary PC users have so much grief. They are sold a worthless bill of marketing hype and have instilled in them a very false sense of security, just because they use *Norton AV* (or whatever) they will be safe from all evils, even a random axe murderer! Yeah… Now, if these crooked scums would actually educate people and even (dare one hope) produce products that actually work, people would have fewer problems and actually have some level of security. But, like the current US Government… these companies sales are driven by fear and hysteria. It’s all a con.

I have a secret. I haven’t used an AV on my PC for more than 4 years. And since Sygate was killed, I don’t use a firewall. I have a good router properly configured, and I download nothing I don’t know, or accept mail from people I don’t know. I do scan executables before I install them, and even run them in a sandbox first (but that’s more because I’m sick of software killing windoze! I have enough trouble with Windoze as it is.) I use Sandboxie. Good tool. 🙂 I have tweaked the hell out of XP and killed any service or driver I don’t need (and it’s amazing how much RAM I got back!) One tool I use is xp-AntiSpy
(free of course). The current version is beta 3, but has been very stable for me. 🙂
Education, knowledge and common sense will do more for you than any AV! (I do have them installed and keep them uptodate). I do use SpyBot Search&Destroy now and highly recommend it. 🙂

Hey Bryan… Maybe you can start a FREE PC Software thread. 😉 I have a LOT of links to good free PC software I use. It’s amazing what’s out there! And I do donate to the developers when I can. I’d MUCH rather give a good open source (or freeware) delevoper $10 (or whatever) than give M$, Symantec, Adobe etc 1cent!

Before I busted my hand, I was about to start my own Tech help and info blog. I have the space ready and was just starting the design when I did the stoopid! LOL

Cheers! 🙂

7 Kryten42 { 07.06.08 at 9:30 pm }

Oops. 😉 I left out the sandboxie link.

Sandboxie

Ehhhh… What the heck! Heres a few more free useful tools! 😉 😀

Revo Uninstaller
Sooooooo useful to get rid of unwanted software that even the standard Windoze uninstaller won’t!

CCleaner
Ahhh! Another tool I can’t live without! Was originally called ‘Crap Cleaner’. More appropriate IMHO! LOL

Recuva
A very good file recovery tool. Even I accidentally delete files I didn’t mean to! This takes care of that problem, and others. 🙂

This is a site I use to find useful or just interesting Freeware software. 🙂 I’ve found some very useful products here. Why make the crooks richer when you don’t have to? 😉

xtort -Mega Freeware Files

Just doing my bit to save sanity and the ever decreasing bank accounts!

Enjoy! 😀

8 Bryan { 07.06.08 at 10:11 pm }

Thanks, for the links [the number of links in a single post is why it didn’t appear instantly], but if you’re going to start a blog on this, I think I’ll wait on frontpaging them until it’s up and running. I can send you some traffic.

Actually, Australia is a better environment than the US for utilities because your guys have never bought into the US concept of patenting software, just copyrighting, as it should be. That’s why we can’t get decent encryption software in this country – there are bloody licensing fees involved.

Given that all digital computer concepts can be traced back to George Boole’s algebra of logic, Napier’s logarithms, and Shannon’s switching concepts, I don’t see how you can patent anything, but they do in this country.

All of the recent work has really been on presentation and user interface, not actually new concepts.

You hand will be functional soon enough, although not as soon as you would like.

9 Kryten42 { 07.06.08 at 10:42 pm }

You are right about that Bryan. I did know the USA had gone Patent(ly) insane… 😉 LOL Pardon my pun! 😀

Yeah, I was just waiting for my new PC to test out WordPress and Movable Type to see which was the best for what I want to do Wordpess seems to be going backwards as far as Administration goes with each new release. Strange.

I know about the anti-SPAM link moderation. 🙂 It’s not a problem for me. I’ll probably do the same thing for my sanity too! LOL

The hand! *sigh* Well… it’s an excellent lesson in patience! LOL

I was given a cool CD by a local musician for a band called Native Inka that I find quite peaceful and enjoyable (considering I tend towards classical and rock, that’s curious as *New age* isn’t something that I have liked a lot, with a few exceptions, such as Medwyn Goodall). It helps somewhat. 🙂

Yeah, when I get my ass into gear, we can have fun cross linking! LOL 😉

Cheers m8. 🙂

10 Bryan { 07.06.08 at 11:11 pm }

Alas, puns come with the territory, especially since I do it too. If you read Terry Pratchett that’s prima facie proof of punning.

As they continue in the foolish attempt to make the software “fool proof” they are pulling it further away from technical users. A lot of it can be customized, and there are templates that do a lot of the work for you. I like my current template, as modified, but it requires some work to get thing positioned as I would like, especially tables.

We actually have a Native American Flute festival locally, and the American flute tradition is very “Old” Age, but restful, if intended.

11 Steve Bates { 07.06.08 at 11:46 pm }

If you ever decide to take up one of those flutes yourself, be sure to find someone who plays it for real and ask their advice before acquiring any sort of Native American flute. Think of it this way: many South and Central American countries sell “tourist flutes” the same way Austria and Germany sell “export beer”: the native musicians/pub-goers wouldn’t touch ’em with a pole.

I played several concerts on a flute alleged to be (and probably actually) from a region in the Andes. It was the most Dog-awful, out-of-tune, balky-speaking piece of garbage you could imagine. OT1H, I had no choice but to regard it as a challenge, and find a way to play it in tune reliably. OTOH, when I eventually played a real native flute from that area, I understood the derogatory reference “tourist instrument.” Always seek advice before purchasing an instrument!

12 Kryten42 { 07.06.08 at 11:56 pm }

LOL Steve! 😀 No chance on my ever wanting to play flute or any wind instrument! It would be too much of soul destroying reminder of the *Recorder* lessons I was forced to endure for 3 years at the sadistic mercies of the Christian Brotherhood! I did play drums however, and quite enjoyed it. I became an apprentice recording engineer for a Studio and played some session drums on a few albums. 🙂

In the days I was an engineer, I was taught that making things *idiot proof* was a lesson in futility! The world will just breed even more stupid idiots! LOL 😉

These guys were good. I enjoyed the concert and am enjoying the CD. 🙂

That beer thing is the same here! We export *Fosters* to the World! What they don’t tell you is that they HAVE to export it! Nobody here will touch the stuff! We regard it as cats pee… with apologies to cats! LOL Errrmm… we also think most American beer is worse actually. 😉 LOL

Cheers! 😀

13 Steve Bates { 07.07.08 at 12:13 am }

Kryten, sorry about the recorder lessons. Recorder is one of the instruments on which I am formally trained, and on which I performed regularly in a professional early music ensemble. I was pretty good at it, took masterclasses with some of the best in the world, and taught recorder at university. But people assume that if one can play one flute-class instrument at a high level, one can also be (ahem) highfalutin’ on any other flute-like instrument. It’s not an unreasonable assumption, but it leads to people like me playing all kinds of “interesting” instruments on which we’re not trained. 🙂

Speaking of early instruments, if you ever have an opportunity to hear one of your countrymen, Stanley Ritchie, play baroque violin, by all means do so. He is one of the best I’ve ever heard, and he is in his mature prime as an artist. Unfortunately for you, he left Aus and spends much of his time in the U.S. in recent years. (He is on the faculty at Indiana University, for example.)

14 Kryten42 { 07.07.08 at 12:30 am }

Heh… No problem Steve. 🙂 I enjoy music in many forms. For me, it’s the way music makes me feel that’s important. Any instrument well played can carry me somewhere else. 🙂 To paraphrase the parallel to visual art, it’s in the ear of the listener. 😉 LOL To be honest, if it were not for the BRothers, i would probably have enjoyed the Recorder. I enjoyed all music until that point! It’s taken me some time to get over that and appreciate music in all it’s forms again.

I had a lot of anger as a youth, and I was a junior (competition) weightlifter. So really, percussion was the only real choice for me! 😀 One of the reasons I chose percussion was that I had been told that it would do wonders for my flexibility and coordination. And it did. 🙂

I was lucky to attand a recital by a local Recorder artist (Recordist?) by the name of… Racheal Cogan I think it was. 🙂 It was wonderful. I found another artist… another female whose name escapes me! She was a soloist and had a LOT of different recorders! I never knew there was so many! Drat… I wish I could remember her name! She took the humble recorder to new heights… Like Vanessa May did for Violin. 😀 I will definitely keep an ear (and an eye) open for Stanley Ritchie! Thanks. 🙂

I love music! What else matters? 🙂 LadyMin can attest to my broad and eclectic musical tastes! LOL

Cheers Steve, and I would love to hear you perform one day, seriously! 🙂 (You seriously *DON’T* want to hear me play drums! LOL I haven’t picked up sticks or brushes for over 20 years. Sadly).

15 Bryan { 07.07.08 at 12:34 am }

Even the best instrument would sound terrible in my hands, so I don’t insult instrument makers by attempting to play.

16 LadyMin { 07.07.08 at 1:37 pm }

I almost missed a “bad software” rant!

I hate Flash, I hate Flash, I hate Flash. Now I feel better. I realize I’m not the target market for visiting flash sites, but it’s becoming more difficult to avoid.

I’m only forced to use 2 of those 10, Java and Flash. I can deal with Adobe as long as I have the PDF download extension installed in Firefox. The rest of that crap can stay away from my computers. I chose Dell for my new notebook because they had an option to install XP instead of Vista and let me opt out of having any bundled software pre-installed. They even gave me an actual backup disk with the OS on it. (It only took 2 phone calls for that one.) Apple software is waaay too bossy. I have an iPod and won’t use iTunes. There are alternatives out there if you look. Anapod Explorer turns an iPod into a hard drive and lets you use drag and drop and delete. Something Apple says you can’t do… with their software anyway. /software rant.

Bryan, you are the first person I’ve found, other than in my office, that uses Pegasus. It’s what we use at work because of security reasons, Outlook being full of holes, and on that count I agree. But it’s cumbersome to use and I could go on a Pegasus rant.

Music… I’ll listen and enjoy, but I stay away from musical instruments and singing. Or people will be running… the animals will be running too! (Yup, Kryten has eclectic tastes in music, I can verify.)

17 Bryan { 07.07.08 at 3:09 pm }

Pegasus is not easy to use as initially installed, but it’s hard to break and very programmable. You, as the end user, can make it do exactly what you want it do, and no more. It doesn’t get hacked, and no one gets my e-mail addresses. I have it running on DOS machines through XP machines and the interface is pretty much the same, with or without the mouse.

It’s not fancy, although the graphics have improved in the XP version, but it only does one thing, and it does it right.

I seem to remember that David Harris is a Kiwi; I know he’s not an American because the software works, and continues to work through it’s revision history.

18 Badtux { 07.07.08 at 6:15 pm }

I’m almost ashamed to say that I use Thunderbird. Mostly it’s because I operate on three different platforms (Mac, PC, and Linux) and it’s the only constant between all of them, my email habits are built around it.

Antivirus: That’s one of the reasons I went Mac. I absolutely refused to browse the web using Windows XP except to certain very well defined sites that I was bloody well certain were not going to hack my computer (e.g., the Jeep.com site), meaning I was stuck with the vapidity of Firefox on Linux, which would not play most multimedia content without dancing in circles in a penguin suit sacrificing Windows disks on an altar made of Bill Gates’s testicles. I looked at buying a new laptop and all you could buy it with was Vista. I Just Said No(tm) and bought a Macbook instead. The Mac Just Works(tm). I hack all day for a living, I don’t want to have to hack just to see a #$%@ video, and I don’t want to have to buy Bill Gates’s latest crack cocaine substitute just because my old laptop was slow and its keys were starting to not work… and I’ve spent zero time on antivirus and firewall protection for the Mac, unlike on Windows XP where it was a continual annoyance. Gah, the stupidity, it burns, it burns!

Anywho, regarding the list of stupid programs, I agree with all of them, which is why I run as few of them as possible… but, alas, you can’t use anything today without Flash. Grrr….

– Badtux the Geeky Penguin

19 Bryan { 07.07.08 at 8:25 pm }

Adobe once had a very handy line of programs for typesetting and a useful if quirky programing language [yes, I have written Postscript programs], then they decided to take over everyone’s printer and things have been going downhill since. I don’t know which I hate more: PDF or Flash. I could live forever happier if both would go away as they slow things down, rather than provide more information.

I have anti-virus software because I have clients who send me attachments. I have a client who has been restricted to faxes because of a lack of security on their computer network. Their attachments are deleted by me most of the time because they are virus laden more often than not. They haven’t made a sincere effort to secure their system They operate their own web server [IIS] that is a magnet for nastiness. I make them fax screen shots because my software has it marked as a cesspool. I don’t know why they spend the money because people will not visit when your site in on the top of everyone’s “naughty” list.

I don’t have anything to do with their web site, my stuff is office software, but they keep trying to suck me in.

One day the script kiddies will begin on the Macs and then you will be forced to deal with it, Badtux, but visiting a limited circle of known good sites is the best approach I know.

When I had the gamers living next door, they kept asking me to look up game cheats for them at a particular site. I did it with my back-up laptop and disinfected it as soon as I was done, because game sites really are sewage plants.

20 hipparchia { 07.07.08 at 9:12 pm }

i love pdf. i have to send out email attachments that i very emphatically do not want people to resize before they print them. a pdf isn’t a foolproof way to do this, but it slows down most of them.

21 Bryan { 07.07.08 at 10:31 pm }

I have no problem with them being sent by e-mail, and I download the IRS forms I need because after filing the exact same forms for the past 15 years, the IRS can’t manage to include them in my tax package.

OTOH, when I’m looking for something on the ‘Net and what I want turns out to be a bloody .PDF, I get more than a little annoyed, especially when the process is interrupted by Adobe telling me that I really should upgrade as they have discovered that their software is a malignant tumor magnet.

22 Kryten42 { 07.08.08 at 2:18 am }

So? Just use Nitro’s pdf Download extension for firefox. 🙂 It gives you options and tell’s adobe reader to mind it’s own biz. 😉 LOL

It’s an extension that Nitro created to help promote their own reader and PDF editor, but it’s unobtrusive and works very well. 🙂

PDF Download by Nitro PDF Software lets you regain control over PDF files in Firefox. When you click on a PDF file, PDF Download lets you know, can tell you how big it is, and can then give you the choice to open, download, or convert it to HTML. The add-on for Firefox lets you decide what to do with the PDF files you click on and customize and automate how they should be handled.
Control PDF files in Firefox

* Stop PDF files crashing your browser.
* Stop PDF files taking forever to open.
* Make PDF files download like other files in Firefox.

When you click on a PDF file on the web, PDF Download notices and (depending on your settings) will do things like:

* Ask you what you want to do with the file.
* Convert the PDF to HTML automatically.
* Download the PDF automatically.
* Open the PDF in the browser automatically.

The settings let you configure PDF Download to the way you like to work with PDF files. Other popular features let you:

* Set default PDF viewer. Choose the PDF reader you’d prefer to use, including Foxit Reader.
* Check PDF file size. Get PDF Download to tell you the file size of the PDF before you start downloading, opening or converting it.

Enjoy! 😀

23 Kryten42 { 07.08.08 at 3:46 am }

I meant to post this above regarding encryption. 🙂

I use TrueCrypt for most things and a very good Russian (based on the work of Peter Guttman) one that is not publically available, for things I REALLY want secure! 🙂 Peter has an excellent crypto tutorial I recommend: Godzilla Crypto Tutorial

TrueCrypt is pretty good. It uses AES, Serpent, Twofish and Cascades encryption algorithms, and RIPEMD-160, SHA-512 and Whirlpool hash algorithms.

It can be used to creat a completely hidden partition or drive, and even a hidden OS.

I am sure, Bryan, I don’t have to say what I think of AES, or any algorithm sponsored by the NSA (or any US agency for that matter). 😉

Steve, if you are interested, I am getting a couple promo copies of that ‘Native Inka’ CD (titled: ‘The Andes’) if you’d like one. 🙂 Let me know, we can arrange something.

Cheers! 😀

24 Badtux { 07.08.08 at 10:48 am }

PDF is a native format for MacOS, so I don’t need to use Acrobat Reader for anything, Apple’s own Preview program comes up. Yeah, I know Apple was on the list of Evil(tm), but on the scale of Evil(tm) Apple is sorta down there around the ranks of picking your nose in public, while anything Microsoft is up there just below Satan Himself. Alas, we too often get to choose the lesser of two evils, sigh…

-Badtux the Geeky Penguin

25 Bryan { 07.08.08 at 11:13 am }

Of course, Kryten, I suspect backdoors in anything written in the US by a major corporation, and a separate set in anything written in by contract programmers in India, which is another reason for seeing what your guys and the Kiwis have going on.

Apple is Apple, Badtux, and they have never changed or claimed to be anything they weren’t. If it works, you know what you’re getting and the terms. Steve Jobs hasn’t been running around DC asking for more H-1B slaves.

26 Badtux { 07.08.08 at 11:15 am }

BTW, Kryten, I disagree with your assessment of AES. I know a number of the people who were involved in that effort (indeed, I was the first person to obtain a U.S. export permit for an open source implementation of AES when Bill Clinton finally gave in to reality that exporting a British implementation of a Flemish algorithm — Rijndael — as AES was sorta like exporting ice to Eskimos and thus preventing its export was, what’s the word, STOOPID!), and Rijndael is righteous. It is a sleek and well-designed little algorithm that is fast as the blazes and (in its 192-bit and 256-bit incarnations) more secure than 3DES while being, much, MUCH faster. We prefer AES for our VPN software because even in its 256-bit incarnation its performance is much better, though some of our clients (large financial institutions) still use 3DES because that is still the standard for financial institutions.

The NSA doesn’t need to crack AES, and doesn’t want to, and can’t short of technological advances that seem unlikely at the moment. They just need to sniff the passphrase (see: keyboard sniffers), and they have your stuff. Which shows the limits of depending upon a secure algorithm for your data security. Sure, the algorithm is secure. But what about the cryptosystem that it’s a part of? Does it leave plaintext passwords lying around in memory or in swap? Is the OS that it’s running upon secured to prevent software-based passphrase sniffers from operating? Are the physical facilities secured to prevent someone from breaking in and placing a hardware-based password sniffer into the keystream? Are you physically securing the passphrase-encrypted key in a separate location when it is not necessary in order to use to encrypt or decrypt data? If I want to break a cryptosystem, virtually every one in existence today — including Truecrypt — is child’s play, even though I can’t break AES. But I don’t need to break AES. Not as long as we have OS’s with more holes than swiss cheese that let me insert sniffers into the keystream. Even with Linux kernel-based implementations it’s difficult but not impossible to break every cryptosystem that I’ve looked at thus far. Makes me wonder about all these compromised systems spewing viruses, and who’s behind all that…

— Badtux the Crypto Penguin
(And now I’ve told you more about my day job than perhaps I should have…shrug. Let’s just say that I’m with the good guys, the ones wondering about what to do about all this, and leave it at that.)

27 Bryan { 07.08.08 at 4:17 pm }

OT: If the post makes you nervous, ‘Tux, I can remove it. I’ll hold it in moderation for now.

The number one security problem for major corporations is the post-it note. The number of times I have visited a location to see the passwords on post-it notes stuck on the screen is mind-boggling, and I visited accounting departments.

The rolodex is number two, it is usually readily available under “P”.

$50 to a member of the cleaning crew will get you all of the passwords you ever wanted, and the executive offices were the worst offenders.

We bust our butts securing things and protecting them, and management pitches it all out the door for convenience. They’ll spend millions in court costs defending “trade secrets”, but won’t memorize a password to make their system secure.

There was better security on the college system I administered, than at Fortune 50 companies [there were two of them] that I worked for.

28 Badtux { 07.08.08 at 5:05 pm }

I think I have enough misdirection in there that the message is okay. Nothing that violates my NDA, as far as I can tell.

Other favorite places for people to write passwords: On a post-it note stuck *under* the keyboard. On a post-it note stuck under the desk calendar (back in the days when people had desk calendars). On a post-it note stuck to the inside of the top drawer of the desk. Back in the days when I had a need to do so, I rarely had to go hunt down someone for the password to critical IT systems that I needed access to. I just needed the IT director to let me in to the office and nine times out of ten, I was in the system within minutes. (The other 1/10th of the time, he had to call someone to get the password). Indeed, about 20% of the time I found out that the person in question had turned off the monitor or terminal but was still logged in to the IT system! A quick hit of the ‘Refresh’ button and there I was, in the system.

Regarding cleaning crews, outside cleaning crews are a massive, massive security breach and companies which outsource their janitorial services are playing with fire. The only sensible thing to do from a security point of view is to hire your own janitorial staff and subject them to the same background checks as anybody else who deals with your critical data. But it costs more to hire people than to contract, according to the bean-counters (or more likely, contracting lets you “hire” illegals to clean your business without your company being held responsible if ICE comes in and does a raid). I swear, if I wanted to know the secrets of half the companies in the Valley, I’d start by buying up a janitorial company that already has contracts in those companies. (Not my employer’s secrets, of course — we don’t make that mistake — but then, in the business we’re in, you wouldn’t expect us to).

– Badtux the Security Geek Penguin

29 Bryan { 07.08.08 at 5:38 pm }

How many times have I heard “They aren’t a problem. They don’t even speak English.” How incredibly foolish some supposedly intelligent people can be.

It’s like outsourcing your accounting – why would anyone do that? It’s an invitation to being ripped off, as we have already seen.

There was a time when you would never hear a discouraging word from the corporation mass. Now you can’t shut them up. If the company isn’t loyal to the workers, the workers won’t be loyal to the company. It doesn’t take long for the short term savings to disappear and the long term costs to become evident.