scott

Lost Contact

by

I have been bad this summer. I have not kept in contact with some friends and family as much as I would like to. Don’t feel bad, my parents are mad at me for not seeing them enough either. Half of me says that contact is a two way street. if I have to call or email you first all the time, then you are not a good friend. The other half of me says, if I want to keep in touch with someone I should make an effort no matter what they do.

That being said, I have been very bad. I have had allot going on at work. It really does sap the time away. I am not proud of that fact, but it is the truth.

So what am I going to do about it? First I need to get out to Queens for John’s next Halo party. Then I need to see my folks. Goto my cousin Arielle’s birthday party later this month. Call my cousin synde and wayne, and then stay in touch for once in recent history. Email Jennifer and get her and steve to come visit again. There is more, but I know that will take me a while to do in the first place. I don’t want to make blanket statements and then never follow through with them.

The Security Myth

by

Security. I am a fan of it. Security is like a nice warm um well security blanket! No really. It is good, and most people take it for granted. The problem is allot of time security is this myth that people believe in that may not really exist. Take Wifi for example. I just used macstumbler while I am sitting at my desk at home. Do you know what I found? 8 wireless networks. One of them was mine. Of the other 7, I saw 4 open networks. Of those 2 had the default network names, and one was just named my network. That means that 50% of the networks around me where not just open for anyone to go into. That is crazy. I bet the people using those open networks don’t know they have a huge security hole on their network, or they don’t care. The network device manufacturer’s have a big problem. Make the setup of the devices too hard and people won’t buy them. Make them too easy (as they are most of the time now) and you have tons of unsecured networks. Having the majority of the people using this gear not know the mechanics of how the gear works does not help the situation. It is like having everyday people work on their cars instead of taking them to mechanic’s.

I don’t think most computer people will argue with the assessment I have made above. Or they can if they want. Wifi security has been discussed to death. Even with proper WEP or WPA encryption the system is still not safe. I know that. I have WPA setup on my wifi point. I know I can also add MAC address filtering, etc. I know better, but I still think I have secured the system enough. Have I really? I think for the most part yes. I think of WPA as the club. you can still steal the car (aka break into my network) but why would you waste time with my network or car when you can steal the guy down the streets car who left the door unlocked or just doesn’t have a club? I have a myth of security.

Another example of gaping security wholes is another growing wireless standard, Bluetooth. I have been a fan of it since I first read about it almost a year before the first mobile phone with bluetooth came out. And when it did, I bought one. A Ericsson (they were just Ericsson back then) r520. So for the record I am a fan of Bluetooth. I am a fan of wifi for that matter. I remember when I was at my first tech job back in 96 I got to play with a demo of a 1mbit (i think) wireless card and point from Raytheon. The problem is bluetooth has the same security myth. It also has the problem of the media blowing the issues into this huge security crisis. The simple fact is that most phones and other bluetooth devices were configured to be as easy to configure as the manufacturer could make them. That means allot of devices are setup to be discoverable by default. That means that if the bluetooth radio on a phone is on, someone else looking for bluetooth devices can see your phone if you are in range. To prove that, last week on Amtrak home from my trip I was able to view up to 4 other bluetooth devices from my seat. To protect yourself all you usually have to do is make a change in the default configuration of your device to not be “discoverable”. Do most people do this? Nope. But if you turn discovery off by default you have people complain that setting up partnerships are too hard. See the problem?

You have people then go around thinking all is ok, until they have a problem or someone tells them their phone is at risk of being broken into. First of all that may or may not be true given that you have to set passkeys, etc. For argument sake lets say it is an accurate assessment. These people then freak out and get mad at hardware vendors for delivering unsecured devices. How do you win?

Most of the time people live in the dream world that their stuff is safe. The crazy thing is that maybe 99% (or the vast majority) of the time people’s fantasy worlds are not broken. That perpetuates the myth that all is safe. Even if someone has been using their unsecured wireless internet connect for free for months.

The more I think about it, the more security myths I think about. And I am only thinking in terms of personal computer security. Don’t get me started on other society security concerns.

A perfect example is a few years ago my mom called me after she saw an Oprah on TV. She was calling to warn me that email I send wasn’t secure and that anyone can intercept and read it. She was shocked, but Oprah set her straight. I was like, yeah mom of course email is not secure. Old news. She was surprised that I knew that. It is scary that the general population assumes something like email is secure, and it isn’t. On the flip side can email be intercepted? Of course if it is not encrypted. Is most mail not encrypted? Yes. Will my mom have to worry about her neighbor reading her email or some stranger intercepting it? Probably not. It is very possible to do, but come on who really is going to try and sniff out her mail? its a real threat, but I don’t think most people won’t ever have to worry about it. Doesn’t mean I don’t think we should all get certificates and secure our mail. I would love to do that, but it is impractical in today’s world. So you see even I let the myth of my stuff is secure live on some level. We all do it, and if you don’t think you do, you are kidding yourself.

More VMWare Work

by

This week I actually am working on a technical project, not just managing them. I built a test environment to put up a windows 2003 terminal server. I used VMware’s GSX server to do it. I was testing what ports I would need to open up if I wanted to access a terminal server via the TSWeb client Microsoft gives you. Turns out even if the web server and the terminal server are the same machine you have to open up the RDP port on your firewall anyway. That wasn’t the answer I wanted to hear, so I am looking into Citrix to see if I can use their product and only open up port 80? Waiting to hear back from them.

Technorati Tags: , , ,

Budget Surplus?

by

OK, I am a bit confused and pissed off. I read now that the MTA has a budget surplus of 1 billion? Thats US dollars people. Aren’t these the same people that said they were going to have a 400 million plus deficit and they needed to raise fares? This was like a year ago. What is going on? Do they truly have no f–king clue?

I have two opinions on this. 1, if they have such a surplus they could have tried to predict this and well maybe not raised the rates. or not raised them so much? Opinion 2, I understand raising rates (to a point) to not be in debt. If you then later on find yourself having a surplus you should (maybe) use the money wisely, instead of cutting prices for a month or so. How about more trains? Speed up renovation of existing stuff, or expand the system? Did I mention more trains? Or how about putting the money away and save it for the next deficit? I would bet you get some nice interest on a billion dollars.

I am so f–king confused. These are the same idiots that say they had to cut back night and weekend service and they now have a ton of cash. I know I am repeating myself. I am just baffled…

And for some of the riders who commented on the article I link to. Are you FREAKIN crazy. You want a quick $1 back on your ride instead of ensuring the dam system runs in 1-10 years? So short sited. And who was the moron who said “there’s already tunnels to brooklyn so they don’t need more”. Call me crazy, but If it takes you an hour to get through the tunnel durring rush hour, maybe a new one would be a good idea?

There are some real rocket scientists living in this city.

More VMWare Work

by

This week I actually am working on a technical project, not just managing them. I built a test environment to put up a windows 2003 terminal server. I used VMware’s GSX server to do it. I was testing what ports i would need to open up if i wanted to access a terminal server via the TSWeb client Microsoft gives you. Turns out even if the web server and the terminal server are the same machine you have to open up the RDP port on your firewall anyway. That wasn’t the answer i wanted to hear, so i am looking into Citrix to see if i can use their product and only open up port 80? Waiting to hear back from them.

, , ,

Another Monday

by

I am running out of catchy titles for posts on some days. Who am I kidding. I ran out of good post names for most posts back in 2003! I had as typical a day as I could. I had a few meetings. Went over issues with Kai, and had to deal with some last minute requests. Nothing major to report, or I should rephrase that. nothing major that I can report here! Read into that what you will! And yes I like being cryptic sometimes. It’s more than I have to be, I actually enjoy it.

After work I went to Best Buy with Jayson to fix the shipping issues with my TV. After about 40 minutes of working with customer service they think they fixed the problem. It took forever to fix. it also took like 3 people to figure out the issue, but they did figure it out. they were also very very nice and attentive about the whole issue. It may have taken a long time, but it could have been MUCH worse. Kudos to the ladies that assisted me.

Treo Refresh

by

Last night I ended up wiping my Treo 650 and reinstalling all my software. I have been having issues with it rebooting every time I tried to sync my mail using Snappermail. That program is half the reason I use my Treo over the Blackberry, so I was not too happy when it started acting up earlier this week. I had to go on my trip Thursday without being able to use the Treo for email. I got by on the Razr and the Blackberry but I like the Treo better. After the reinstall Snappermail seems to be working. But I have had 2 random reboots since the hard reset. Once after a call to my sister right after I got out of the subway this morning. The other when I was syncing with my Powerbook. The sync reboot also happened often before I wiped the Treo, but I am not sure if it is because of the config on my Powerbook or the Treo.

I will try using for a while longer, but if the random reboots continue I will have to seriously consider an alternate PDA phone. As much as I like this device, I cannot have it randomly rebooting on me almost daily!

Retirement Party

by

Today was my mom’s surprise retirement party thrown by her old co-workers. I meet up with Carrie in Penn station and we took the train together. Mike picked us up with Morgan and we drove over to the restaurant it was being held at. It wasn’t really a huge surprise to my mom, but it was a nice party. There were allot of people who turned out. Morgan was in Morgan form. She is funny to watch with so many people.

Because of the party for my mom we were not able to make it to Arielle’s birthday party in Jersey. What is so funny was I was planning on going to Arielle’s party, but when I met my parents for dinner last week they told me about my mom’s party. Like I said it wasn’t a surprise. So my plans to Jersey were canceled. I need to get out there eventually since I haven’t seen my cousins in ages.

The party was started at 1:30 so it wasn’t a late night. I don’t like being out till 10-11 on a Sunday. Work on Monday is hard enough without coming home late the night before and having to get up early the next day.

Flickr And Me

by

I signed up for the Flickr photo service a few months ago. I just never used it. I thought, I have a photo album on Typepad, and I use a MOB on Textamerica. I also maintain a photo album site on my home page. Why do I need to post my photos somewhere else? Well the devil is in the details. I finally went onto the Flickr site and was looking around. You can do some cool stuff with the site. I also like the ability to batch upload files using iPhoto since someone wrote a plug in. I already uploaded the past 2 months worth of photos to the site.

I also found someone posted how to take a Flickr badge and use it in Typepad. I got it setup in 5 minutes. Not bad! Now I am going to play with the tags on some of my photos.

I can also get rid of my Typepad photo album. It was easy to use and convenient to have, but it was never that great. I can delete the photos and save space on my account, not that I need to!

Mini Work Birthday Party

by

Before the Best Buy thing I went to I did stop off at for a quick drink (well 1/3 of one) at the mini birthday party the Finance people were having for several of their team. Jay and I stopped by for a bit. I ran out quick to goto my other thing, but Jay stayed for a while. There was one or two other non finance people there, but it wasn’t weird. We hang with most of them all the time!