Archive for February, 2006

Security reminders

February 26th, 2006 by Sjan Evardsson

While looking through my del.icio.us links I found a couple that I haven’t had time to check in on lately. It is telling, really, that the sites I have not visited recently are those related to security best practices.

It is really entirely too easy to get sucked into other areas at work and rely on past practices to maintain security. But as things go in the world of tech, the rules, tools and environment change almost (it seems) daily.

With that in mind it is time to look again at the NIST Information Technology Security guidelines and the Center for Internet Security benchmarks.

VeriSign-ICANN deal: much ado about nothing?

February 21st, 2006 by Sjan Evardsson

There has been a large amount of FUD generated in the last week regarding the ICANN VeriSign settlement. It seems that most that I have seen has been coming from name registrars, and notably the blog of Bob Parson (founder and president of GoDaddy).

It seems that Bob is trying to encourage people to write to their congressmen to get involved and squash the deal. I find this interesting that this post is from last Wednesday (2/15/06) while the deal was penned sometime prior to October 24, 2005. If this is such a big deal why did it take Bob so long to respond?

Most of the FUD is along the lines of an evil empire-type scheme to raise the prices for .com registration so VeriSign can fill their coffers with the money of the poor, down-trodden netizens. This is, of course, based on the pricing information in section 7.3.d which states:

Maximum Price. The Maximum Price for Registry Services subject to this Paragraph 7.3 shall be as follows:

  1. from the Effective Date through 31 December 2006, US$6.00;
  2. for each calendar year beginning with 1 January 2007, the smaller of the preceding year’s Maximum Price or the highest price charged during the preceding year, multiplied by 1.07.

Does this mean that VeriSign is going to rush out raise the price as much as possible? No. VeriSign is a solid, reputable company that has been in the market long enough to know how to set (and if need be raise) prices in a manner that will not negatively impact the market.

ICANN was never meant to be a regulator, but a coordinating body. I’m sure that Paul Twomey and Vinton Cerf knew what they were doing in setting up this deal. For a more logical look at the implications check out this article by Keith Teare from November 30, 2005, or look at the documents yourself and make your own decisions.

Pulling viruses out of the AVG vault

February 20th, 2006 by Sjan Evardsson

I was over at the Internet Storm Center and saw a simple how-to on retrieving viruses from the AVG vault for sending in to malware testers.

From the article:

Steps to export viruses from the AVG vault for analysis.

  1. Create a directory to store the files in.
  2. Open avg.
  3. Select the virus vault.
  4. Click on the virus you wish to restore.
  5. Choose restore, that will prompt you for the directory to restore the virus into.
  6. Select the directory created in step 1
  7. avg will alert again if its in active monitoring mode. choose continue.
  8. Turn off avg resident shield protection if you plan to package the viruses up for submittal for malware analysis.
  9. Select the AVG resident shield and unselect “turn on avg resident shield protection”, Click apply.
    Remember to turn resident shield back on as soon as your [sic] done with the virus.

There are further instructions in the article, including how to package a virus for sending for analysis. If you want to test this on your own machine so you know how to do it use the eicar test file (literally the following 68 characters: X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* saved as a .com file) which will show up as a virus without actually doing or attempting to do any damage to your system.

Offend me! Please!

February 15th, 2006 by Sjan Evardsson

It seems that an inordinate amount of energy is being expended on who is offending whom with what speech . I say let it go already!

We have connected the world, and made communication between continents and countries and cultures trivial. There is no way that anyone can communicate with that broad of an audience and not offend someone, sometime. The trick is to focus on making your communication clear, intelligent and well-thought-out. Those who will take offense will be offended no matter what. Those who are more open to new ideas are going to judge your communication based on its merits. And with that in mind, I am rarely ever offended at anything intelligent. (Yes, poorly thought-out, muddy and unintelligent conversation annoys me, but it is much harder to offend me.)

Of course, I think a large number of cases of “offense” are actually annoyance. And as long as we are on the subject, why is that those who are most offended are usually trying their hardest to offend right back ? It is the inability to laugh at ourselves that leaves us fragile and easily injured. Bah! I laugh at myself all the time. That’s why the article over at comicbookresources.com made me smile a bit. The headline says it all: Israeli group announces anti-Semitic cartoons contest!

I challenge anyone who is currently taking offense at something being said to take a moment, and try to come up with your own, even more offensive remark or statement about the same subject and see if that helps you to put it into perspective. Now that I’ve got that off my chest I can get off my fat ass and get back to doing something productive!

Who’s buying?

February 12th, 2006 by Sjan Evardsson

Despite the fact that our album has been available for while now, and we have had scores of people tell us that they were in a hurry to buy it, we haven’t managed to actually sell many at all.

Makes one wonder – do people say that so they don’t have to say they didn’t like it? Maybe, but I would rather hear what it is they don’t like about it – We never claimed to be perfect, just doing what we love. And if we can do something to enhance the listening experience, we will.

So who is buying? A couple co-workers, and a radio station in Brazil. After they asked our permission to play our music on the air. Well, that’s something at least.

So if you haven’t checked it out yet, do so. There are samples (low-quality) on the site. The store is linked. Buy our album!!! Please?

Another Firefox vs IE test

February 10th, 2006 by Sjan Evardsson

Earlier today I had a very strange request come across my inbox. An employee of another organization asked me to explain to her IT department why they were wrong in their assesment of Firefox . It seems that since they can push out Internet Explorer patches via WSUS , but not Firefox patches, they made the assumption that Firefox was less secure than IE.

We’ve all heard the arguments to the contrary over and over – including this article today. But there are still organizations where the thinking is “If the patch can’t be pushed out via WSUS, it isn’t secure.”

I realized, that perhaps there are departments (like the one to which I sent the directions below) that are either unaware of how to automate Firefox patching or are too afraid to install it in the first place to have the chance to figure it out.

No, Firefox patching doesn’t happen through WSUS (at least to my knowledge), but it can be fully automated by:

  1. Go to “Tools” -> “Options” -> “Advanced”
  2. Click on the “Update” tab
  3. Check the boxes labled “Firefox”, “Installed Extensions and Themes”, “Search Engines”, “Automatically download ….” and “Warn me if …”

Click “OK” and you’re done. Automatic updating in Firefox. Who knows, once the market share grows enough, you may be able to push Firefox patches through WSUS. Until then, however, the builtin function works great.

Another real-world turbogears example

February 9th, 2006 by Sjan Evardsson

Another real-world example of turbogears was pointed out by one my coworkers (thanks Brad!) and I had to check it out.

The Python devcenter blog on O’Reilly has an article on replacing Meetup.com with a turbogears app .

While I haven’t done any more at this point than quickly browse the source files and check it out in action, it seems like it is a good example piece. (I tend to better understand how things work by examining a few different examples.)

The app was developed by Rick Copeland of the The Python Atlanta “Meetup” group where you can see it in action.

Talisker/DShield used by the NSA

February 6th, 2006 by Sjan Evardsson

This morning I came across an article at the Internet Storm Center about Bush’s visit to the NSA that showed their internet monitoring setup in the background.

From the article:

A little over a week ago the President of the United States visited the National Security Agency in Ft. Meade, Maryland. The visit came on the heels of allegations that domestic eavesdropping laws were broken, and that the administration had exceeded its authorized powers. We aren’t going to pick sides on that one but there was a really nice photo that showed up in the Washington Post as part of the story that we should all be proud of. When I first saw it, I thought:

Super-secret spy agency sensor grid – $Billions

Security for a visit from the President of the United States – $Millions

Showing the President that your prime source of information is a bunch of volunteers – PRICELESS!

See the photo or read the article. The image you see behind the NSA Director is the Talisker Security Wizardry Portal, which includes the DShield world map along with other security information.

That just tells me that there is intelligence in the NSA!

Minor revision to breadcrumbs.py

February 6th, 2006 by Sjan Evardsson

I made a slight change to the I wrote as a plugin for . I changed the way the links are displayed, so that the directory seperators (/) are not included in the actual link, and added a rel=”tag” to the links to allow style aggregators understand them better.

As always, you are free to download it from this site and I am open to any hints, suggestions, fixes, updates, or constructive criticism of any sort.

Fickle weather

February 6th, 2006 by Sjan Evardsson

Over the past couple of days the temperature has shifted from hovering around 5F (-15C) for the high and -15F (-26C) for the low, to suddenly being in the high 30′s (2 to 3C) with a very light drizzle. What that does to all the snowpack on the roadways is in no way pretty. (Think of how a zamboni prepares the ice for a skating rink.)

Anyhow, all the local schools are closed due to the icy road conditions. I wasn’t aware that the University would be closed, however, until after I got here, and got settled into my desk and ready to crack at another week. But, since I have just gotten the call from higher up I guess I can call it a day. Whew! I never thought I’d have to work a whole day in 12 minutes! And to think – I left early because I knew the roads were bad and spent almost 40 minutes getting here!

I think I may just stay for an hour or three and get some things done. At least the phone won’t be ringing off the hook today!