Month: June 2006

Linux

SourceForge Enterprise Edition

If, like me you spend a lot of time on SourceForge and wish you could harness the SF functionality in your own development environment then this is for you. SourceForge has released 4.3.

This is a Virtual Appliance that allows for up to 15 free users. I haven’t put it to use yet, but I will be implementing a test of it (hopefully) sometime this summer at work to see how well it meets our development, project and bug-tracking needs.

If it is all it promises to be this may be one of the most useful tools for small-team distributed development ever.

Security

FUD or Failure?

While not exactly in the arena of what is meant by “Network Security,” I just couldn’t resist commenting on the failure of the U.S. House of Representatives to include Net Neutrality in the COPE (Communications Opportunity, Promotion, and Enhancement – H.R. 5252) Act here. (story)

So why would I post this in security? With telcos given the option of giving bandwidth priority to some sites or content types without penalizing them, and with the possibility of telcos charging customers extra fees to access certain sites (as in sites that are on another carrier’s backbone connection) the security risk I see is to the free exchange of information. If AT&T gets a bug up their butt and decides that any content on Verizon isn’t as important as content on AT&T networks, they could throttle those links, effectively cutting their customers off from Verizon customers, and vice-versa. Then it is a simple matter to charge a “net long-distance” fee for customers to get some of that restricted bandwidth.

Will it happen that way? I don’t know. I would hope not, but given the behaviour of the telcos over the past few years I wouldn’t put anything past them at this point.

Security

Disposing of old hard drives

Before you toss that old hard drive out stop. What information is on there? How about your personal information? Banking information? Maybe even some incriminating or embarrasing pictures, emails or documents?

Now that you are thinking about what may be contained on that drive, how hard would it be for someone else to pick it up and slap it in a machine and pull that information off? Not hard at all.

There are several ways to make sure that the data on the disk is not (easily) recovered. One way is physically destroy the device. One common practice for physical destruction is to drill the case, and straight through the platters (they may shatter and/or throw off shards so be sure to wear proper eye protection.)

Many stores offer to do this for you when you upgrade your hard drives. There is nothing wrong with letting the store do this for you, but make sure you watch every step of the process or you may end up surprised like the couple in Springfield Township, Ohio. They trusted their local Best Buy store when they were told that the drive would be destroyed, but got a phone call a year later from a gentleman in Chicago who told them that he had just bought their hard drive at a flea market, with all their data in tact.

If you are planning to pass your drive on rather than trashing it, however, there are a couple tools that may come in handy. One is Eraser by Sami Tolvanen. It can be used to overwrite files, directories, or entire drives with pseudo-random binary data. If you have more than one drive you want to wipe, however, it makes it difficult to use something like Eraser. In this case you can use Darik’s Boot and Nuke – you boot from the floppy or CD and it wipes the entire drive(s) installed in the machine.