Jonathan's blog

A blog about Jonathan's life and "stuff".

Why I hate Windows Vista

It should be simple - download the Joomla zip file, and extract the files on to your Vista based machine.

Well, to download Joomla, Vista was going to take over 30 minutes. To extract, over 40. Gave up at that point and put it on memory stick (NTFS, files placed there by my Linux box).

Couldn't copy the files, had to use a cmd prompt to tell me "access is denied".

Now extracting the files and placing on the NAS....

Bloomin' mythbox

So, I restart the myth box because for some reason I can't do something else to be greeted with a nice message advising /dev/sda6 isn't mountable.

Well, I can mount it on my laptop with it in the SATA cradle, so what's actually going on - another dodgy Asus motherboard perhaps?

Sigh...

How secure?

Truecrypt v7 released, 2010-07-19

A couple of weeks ago I attended a meeting to discuss setting up a Young Professionals Information Security Specialist Group under the BCS. The YPISSG intrigued me given that Information Security (Infosec) is an interest of mine, the meeting certainly showed some good ideas for why the group was needed and what it would do.

I tend to think about how secure establishments are reasonably regularly. For example, a few friends/colleagues help run their partners businesses be that with accounts or dealing with customer queries. Most of the time, the small businesses handle all their IT on the main family PC, unencrypted and accessible by all the family. It's reasonable to expect your family to be trustworthy - no problem - but what happens when the PC is stolen?

Needless to say I've done my bit and mentioned how Truecrypt could help and I believe their PC is now encrypted.

The UK Government issued an instruction that any data leaving the establishment must be encrypted (or words to that affect) and BECTA (a Government quango, now dissolved) began giving guidance to schools on how they could comply with this directive. Educational establishments are, generally, not wonderfully secure largely due to educated IT professionals not being on the staff (historically anyway).

For example, I know that a few years ago one school nearby didn't have any form of transmission security (i.e. SSL) on its email system. More worryingly, it didn't have any SSL security surrounding its public Internet accessible student registration system. The school has since implemented SSL to protect the data in transit.

The question is, in education how far do you pursue Information Security? My response would be "all the way" - after all, schools handle a lot of personally identifiable information (PII) pertaining to students, their grades, their home life etc and information that can cause harm or disruption to an individual should be considered sensitive at the least. Schools are now starting to encrypt staff laptops, thanks to the free Truecrypt, but staff training is still a concern.

I'd be intrigued to call an amnesty and ask for education sector volunteers to hand in their memory sticks to reveal what kind of data is on there. Are there full class lists? Lists of students with their names and addresses? Draft reports and grades? If that data is found, is it already encrypted and if not does the staff member actually know what encryption is? More importantly, do staff in education ever send sensitive/confidential information via email? Email is a postcard, it's sent in plain text and anyone can read it en route...


At the end of the day, I'm sure I'd receive responses like "it's only a school", "you're taking this too far" and "it won't happen, I know where my memory stick is" but realistically the type of institution shouldn't matter, it's the data that's at risk and if it exists on media then the risk exists with it.

I'd be interested in other people's comments, be they teachers, IT pros, fellow members of the BCS or maybe you, who don't feel you come into any of those categories but have some thoughts anyway! Please leave a comment by following the view/add comments link and sharing your thoughts (if you could say what category you fall into that'd be interesting too).

If the BBC article changes....

...it may be because I just emailed them...

Does the BBC understand child protection?

So, I'm just reading the BBC news website when I come across 'Nut' kiss lands girl in hospital which struck me as mildly interesting (more so than the rest of the doom and gloom anyway.

Reading the article I'm reminded, yet again, how appauling the BBC's news reporting is; clearly the BBC never went on a child protection course! The article contains the girl's name, her age (14), her county, a photograph of her and finally her school.

All I need to do now is find the school (thanks Google Maps) and I could easily wait outside the gates and pick her up - obviously her mum is on a trip away, Grandma's in hospital and she's asked me to take her daughter straight there...

(fortunately, however, I'm not a child abuser)

In other news, I started investigating Sharepoint. Initial views on Sharepoint while at Adastra were "oh dear, what have they done now" but clearly it has come on a fair way since 2003.

For those of you that may want to install the free version of Sharepoint (previously Windows Sharepoint Services, now Windows Sharepoint Foundation 2010) you may wish to know:

* You cannot install the stand-alone setup on a domain controller.
* You want Sharepoint Foundation 2010 on a Windows Server 2008 R2 server, not Windows Sharepoint Services)
* It's reasonably nice what I've seen so far, more to come...

Green IT

On Thursday I drove to Maidstone for the BCS Kent Branch's Green IT event, the journey wasn't bad (albeit that anybody travelling Canterbury bound on the M2 was sadly out of luck, that tailed back for quite a few miles) and I arrived at KCC's Sessions House in good time.

Sessions House is a huge venue and almost stately if the small amount of the building I saw was anything to go by. Large canvas painting of people all over the place and I imagine they're all over the place - clearly whoever owned the building used to have money, assuming that KCC didn't buy a load of random, but well done, paintings.

Anyway, I'm no artist so let's move on...

I remember thinking at the last BCS event I was at "hmm, no tea" so I was pleasantly surprised when I looked at the refreshments to see a large pot of the stuff. Well, I would have been had I used my brain - the tea direct and café direct logos are incredibly similar although I'm sure the readership will note the key and not too subtle difference; needless to say I didn't and with nowhere to toss the coffee I added a load of milk and drank it. Tea is a difficult drink to store in a thermos unless you remove the teabag so I guess that's why it's rarely left out!

The Green IT specialist group were running the event with the Kent Branch and about 20 had been catered for, sadly only about 10 turned up but this did mean the event was more a dicsussion and workshop so some good ideas and comments were shared.

It's amazing how many devices get left on when they don't need to be that we take for granted. For example, at work there's a lot of network switches that simply don't need to be on overnight - there's no reason to send network broadcasts in the dead of night and it's not like the computers are going to talk to each other! I did find we're better than a number of organisations, however, as our PCs power down before 17:00! (which also saves on airconditioning)

Printers stay on overnight too and if there's no network, and nobody in, it's unlikely anyone will be printing - certainly not in a classroom (I can understand some people might VPN in and print to their offices after hours to be ready for the day ahead). Add photocopiers to the list and that's yet more devices that just don't need to be on.

Research has shown that people finish with their home PCs and generally power them off yet they finish work at 17:00 and leave their work PCs on. Some would argue that updates get pushed round after hours but there's software around to get round that and a humble magic packet for wake on LAN could wake the PCs up early enough in the day that by the time employees arrive in the morning all the updates have happened. If the enterprise doesn't want to wake up every PC in the organisation then employees could set alarms in their workstation's BIOS to power the device on 30 minutes before they reach their desks (and Dell's BIOS is particularly good because the last time I checked you could specify "weekday" too).

So, what am I goning to do about it? Well, other than evaluating my home's IT I'm going to have a look at works too. One reason that research found for people turning off their home PCs was that there's a feedback loop - if you leave your home PC on all the time it is reflected in your electricity bill.

At home, the media PC come Subversion repository will now power down at 02:00 and power back on at 06:30 - it's unlikely anyone will be watching a movie or commiting code between those hours. The printers (1 LASER, 1 inkjet and a Netgear print server) will now only be available from 10:00 - 23:00 (short of throwing the bypass switch) thanks to a small timer on the extension lead and I'm working on the NAS power saving options.

I can't do much about the fridge/freezers but at least it's a start! Now all I have to do is evaluate doing the same at work, perhaps liasing with site (we'd be saving their electricity bill). I'd be really intrigued to see what kind of difference we could make (financially and to the world) after powering down a load of devices...

Full Disclosure vs Responsible Disclosure

I recently learnt that Steve Gibson of GRC, Gibson Research Corporation and Security Now Fame had started a blog so I dutifully subscribed to it.

This morning I actually get time to cast an eye over the most recent blog posting about a vulnerability in Windows XP and Windows Server 2003's Help Centre, originally researched and disclosed by Tavis Ormandy in this webpage. I've tested the vulnerability on a work colleague's Windows XP workstation (I use Windows 7, XP was slowing me down) and successfully ran calculator (calc.exe) out of a dodgy request.

Microsoft have also released a statement.

Tavis released the information to the Web less than 4 days after informing Microsoft - that goes against the IT security industry's principle of responsible disclosure but reading more on Tavis' article shows he doesn't buy into the whole responsible disclosure mantra and nor does respected security researcherBruce Schneier( Schneier: Full Disclosure of Security Vulnerabilities a 'Damned Good Idea'). I've read some of Bruce's work in the past and many IT Security guys place him on a large pedestal - I've not formed my opinions yet but if he was talking I would be listening.

A bit more wandering around the web and I found The Vulnerability Disclosure Game: Are We More Secure? written by Marcus Ranum, the CSO of Tenable Security. Tenable produce a security scanning tool(Nessus if memory serves) that checks for known exploits on targeted hosts.

I have to say, I'm not fully decided on which principle is best for the world at large. Schneier argues in favour of full disclosure as the bad guys can find the exploits anyway so letting them know at the same time as the general public shouldn't be an issue, plus it focuses the software vendor somewhat. On the other hand, by making it public immediately, any bad guy that didn't know about it certainly knows about it now! Meanwhile, Ranum argues that if you're not part of the solution, your part of the problem so you should stop publicly disclosing (it's not done any good in 10+ years) to get your 2 minutes of fame and instead work to resolve the problems.

If there was a vulnerability in my software, and I'm sure there is as no software is perfect, then I'd rather know about it and have time to fix it. Conversely, as a user of software I'd rather know now as it might sway me to another vendor / unplugging my ADSL line.

What do others think?

Jonathan meets an iPad

ok, the previous post was ame getting used to the iPad on screen keyboard hence it's a titled blank post.

Adam has an iPad from work at the moment and I have to say it's not as bad as I thought and I'm evening typing at a reasonable speed.

Will have to have a longer play with this on Tuesday but I'm certainly intrigued at the moment.

Apologies in advance to Apple if I slagged your new gadget off out of hand - but we'll see!

jon

Aircon units can freeze?!

They can also defrost, mmmm, nice smell.

It's a glorious sunny Saturday in Canterbury today, well Saturday at least, and I'm honestly not sure what I want to do today. Nothing's planned which is always a good start but I suspect it'll involve some code and maybe some DIY if I'm feeling adventurous enough.

Brigades were low on numbers last night with only 3 young people for the older group but they still had fun deciding they required an assault course to start the evening. Fair enough, so after a quick think and a few tables and bean bags later with the odd hoop, bench, chair, ball and people later we had one of my more adventurous courses yet.

Underneath the 2 tables I'd stuffed the bean bags (I'm not talking little ones, I'm talking the big things you sit on). The hoops had formed a "tyre run" (lack of tyres) which you tackled after bunny hopping from one bench to the other. You ran from the chair, bunnied the bench, did the hoops, crawled under/over/through the beanbag "tunnel of sludge" (like a tunnel of love but without any), threw and caught the ball, bounced and caught the ball, ran out the room, grabbed the cross and sat back on the chair - all against the clock of course! My time was 49 seconds or so beaten fairly quickly (thankfully) by one of the young people who happily removed 3 seconds from my time. Ross (another leader) on the other hand managed the course in a whopping 29 seconds but I did have to rebuild the tunnel afterwards!

Anyway, they had fun and we have some amusing photos to boot (no, I can't share those online).

Happy weekend all!

Old vs Young

How often do we hear on the news that the "youth of today" are terrible, mouthy little individuals that cause havoc, cycle on pavements and graffiti our walls? I suspect roughly everyday there's a news item somewhere that slags off young people. Sometimes students get the bad name, sometimes the 30 year old "lager lout".

Unfortunately, no-one ever has a moan at OAPs!

I was cycling to work this morning and along the back of Martyrs Field road there's a cycle path with garages along one side and back gates along the other. This morning a car was clearly waiting having just driven out of the garage (and it was a big car too, Scenic I think) so clearly I had to go round it.

The car is facing me, and the driver is in the seat - I'm unlikely to pass on the side (my left) in case the driver opens the door (there's no passenger). Besides, there's more space down the right hand side which avoids doors and potential for misjudging the gap and damaging the bike or car.

So, I slow right down (no idea if another pedestrian will come out from the garage, can't see one and there's no noise) and go to pass on the right hand side. The driver, a female OAP immediately pipes up:

"Stupid bitch, go down the other side, go round on the road"

For a start, the cycle path is a non-segregated pedestrian/cyclist path so there's no definition of "road" or "path". Secondly, well I outlined my reasoning above.

So I reply:

"How dare you, there's no need to speak to me like that, this is a cycle path."

An OAP man, presumably her husband, then appears out of nowhere (fortunately I was very slow at this point) and has a moan too explaining that I'm on the path and the cycle path is the other bit.

Frankly, they're talking rubbish, as already outlined.

Now, my point is, if the positions had been reversed there'd have been outcry - older folk complaining that the youth of today block the cycle path / pavement with their cars with no thought for OAPs that might have to use tri-walkers, wheel chairs or motorised buggies. I'm half tempted to write to the local newspaper's letters page to see what the masses think. As for the language - how was that called for? If I'd scraped up the side of the car or knocked into the gentleman then it would at least be understandable.

My witness (a gentleman I see each morning on that route) informs me they're always that rude.

I know I swear, a lot more frequently than I should, and I'm trying to knuckle down and sort that out. It's certainly an inspiration that my Dad doesn't swear (save when the car nearly got ploughed into) and that my Mum hasn't sworn for years (I remember picking up "bloody" from her when I was younger) and nor does my sister but given the rude outburst from a complete stranger this morning it does make me wonder!

Anyway, here's hoping I don't catch them tomorrow morning as this "stupid bitch" will likely be even less amused!

What are the Dr Who team doing?

As a word of caution, this post contains spoilers on the current Dr Who plot (or rather if you've not seen the previous 3 episodes yet, you probably don't want to be reading this...).

Firstly, the Daleks - what's going on there?! The new Dr Who killed off the Daleks during the Time War, fine, but then we find that some survived. Fine. Since then the Doctor has beaten them at least twice and now we find the Daleks have survived, created an android to infiltrate WWII parliament just to get the Doctor to testify that they're Daleks so the progeniter can be used - what on earth is the progeniter? (and how do you spell it anyway?)

The progeniter does its thing and bam! New, fat, acryllic paint coloured Daleks appear only to get permission from the "old" Daleks to "cleanse" them by killing them off! A Dalek doesn't surrender and they've been killed to many times. Script writers - do something original!

(My firefox spell check seems to be disabled, I'll figure that out later)

The cybermen - originally from Mondas, Earth's twin planet, and now some weird Earth based invention that couldn't give two hoots about gold, pardon me? As if that wasn't bad enough, they've come back a few times now having been killed off...

They also brought back the Master, twice and that really takes the biscuit given he most likely died on the Cheetah planet (which clearly the awful Dr Who film rescued him from) and then he elected not to regenerate only to be brought back by some form of magic. Dead people stay dead (for the most part).

Don't get me wrong, there have been some good episodes and plot lines, take Blink for example, it was Doctor light but plot heavy and gave us the weaping angels that are now back in plot I like the angels.

They've also joined up a lot of the plot first with bad wolf, next with tapping and now with a fracture in the universe or some such but there's very little sense elsewhere...

Don't get me started on the Torchwood disaster!

VMWare HA bug

I've been having some problems with VMWare's High Availability recently and it's quite a key component when you consider resiliency was one of my reasons for getting the VMWare system.

There seems to be a problem if you have hosts in standby and then power a VM on. Doesn't happen all the time and I've happily watched VMWare work faultlessly for a few weeks after a support ticket but then, bang it's knackered again...

So, after filing my 3rd support ticket VMWare have now raised a bug in my honor

Oh, for those that are interested, comments are now enabled again on this blog...

Long walks and "horrible weather"

Well, according to the weather people it will be "horrible weather" this weekend. I can safely say that, as my friend would put it, "the weather bitch lied Jon" as it was quite nice sunshine today.

Jules stayed home gardening with Dad so after Mark had dug a hole (he had a bizarre craving to do so) he and I head out in search of a place to put a geocache - we found one so keep an eye on Geocaching.com for GC2630F once it's approved (don't worry, I'll post). First to find gets our copy of Fluxx so we'll need to replace that.

Mark and I walked on a bit further through Larkey Valley wood (OS TR1225) and out the other side, along the road a bit and into Iffin Wood. A few spent shotgun cases had me slightly dubious, given we'd already seen someone carrying a shotgun, but no-one bothered us. There's a lot of barrels dumped in Iffin, quite a while ago...

Headed back home to prep the geocache to get it ready for being placed tomorrow.

Got a new bike too, will give that a ride soon

If anybody's interested, I uploaded a downloadable Glossary of Terms to my Wiki - covers a range of ICT/Computing/Technology terms.

The rain it falleth

Apparently, it's supposed to be horrible weather all weekend which is a shame given I can now see my wife (term has ended) so we could do some geocaching. Nonetheless, we did bag 6 the other day and a further 2 today before the rain started to fall

More importantly, today I got my Amiga One out of its bubblewrap and hooked it all up. I forgot how fast the OS was, and I'm an update out (can't afford 4.1 yet though). Back on Wookiechat and nattering in IRC already and currently typing this from the Orygin Web Browser (supports CSS and the reason Jonsdocs gained CSS support a while ago).

About to open the study blind I think so I can see the rain falling, aren't I sadistic!

Unfortunately, the Mythbox in the living room is dead. New Mobo arrived yesterday (with built in quad core Atom processor) and the board is DOA. Worked for a bit but as soon as you try to do anything too stressy (we're talking switching it on) the whole lot dies requiring a CMOS reset - looks like I'll be RMAing that!

Off to make some UOW blog posts I think!

© Jonathan Haddock 2008-2010
Jonsdocs, Jonathan's home on the web - About | RSS
Last updated: 2010-03-26 Last blog post: 2010-08-25 21:41:36 Site version: 4b