Fun day with the kids. Don't have much to say, but I thought I'd share this with you. It kind of goes along with the theme of my blog.
From: http://us.news2.yimg.com/us.yimg.com/p/cx/uc/20021031/ft/ft021031.jpg
Thursday, October 31, 2002
Tuesday, October 29, 2002
Securing Your e-Borders
Very interesting day today. I attended a local convention, ITEC. It's a small sparsely attended IT vendor-ama. However, you can usually find some neat new hardware to look at. Unfortunately, there was very little of that this time - just the normal trinkets. Services however, were being pushed big-time. Especially in the Computer Security arena. Who knew a few things would drop in my lap right along those lines.
James sent me a link to an article written on October 28 about the Chinese trying to 'hack' into networks aboard our Naval vessels. The article doesn't go into many details, but it appears that a link was e-mailed to someone on a ship, and clicking on the link took them to a website that played the Marine Corps Hymn. Either there was some malicious code that tried to take advantage of a known vulnerability to surripticiously install a 'trojan horse', or a link to download one.
It failed, and System Admins were alerted. It was probably because it wasn't the right bait. The Chinese might think Military men want programs that related to patriotism, but I bet if it was porn, they would have been successful.
While reading the story, something at the site caught my attention. I did some experiments and discovered I was correct. I followed a link and discovered a SEVERE security hole that could be exploited to allow someone to wreak havoc on a website. It all had to do with poor programming practices.
I sent off a note to the site admins to let them know they needed to correct the problem. This exact problem is what is discussed in the article the is directly below the story I linked to above. NASA is having a problem patching their systems, and it means that other government agencies aren't any better off. However, this vulnerability was not a defect in the Operating System, it was a careless programming defect.
Hopefully they won't have the same thing happen to them that did to Blogger.
Very interesting day today. I attended a local convention, ITEC. It's a small sparsely attended IT vendor-ama. However, you can usually find some neat new hardware to look at. Unfortunately, there was very little of that this time - just the normal trinkets. Services however, were being pushed big-time. Especially in the Computer Security arena. Who knew a few things would drop in my lap right along those lines.
James sent me a link to an article written on October 28 about the Chinese trying to 'hack' into networks aboard our Naval vessels. The article doesn't go into many details, but it appears that a link was e-mailed to someone on a ship, and clicking on the link took them to a website that played the Marine Corps Hymn. Either there was some malicious code that tried to take advantage of a known vulnerability to surripticiously install a 'trojan horse', or a link to download one.
It failed, and System Admins were alerted. It was probably because it wasn't the right bait. The Chinese might think Military men want programs that related to patriotism, but I bet if it was porn, they would have been successful.
While reading the story, something at the site caught my attention. I did some experiments and discovered I was correct. I followed a link and discovered a SEVERE security hole that could be exploited to allow someone to wreak havoc on a website. It all had to do with poor programming practices.
I sent off a note to the site admins to let them know they needed to correct the problem. This exact problem is what is discussed in the article the is directly below the story I linked to above. NASA is having a problem patching their systems, and it means that other government agencies aren't any better off. However, this vulnerability was not a defect in the Operating System, it was a careless programming defect.
Hopefully they won't have the same thing happen to them that did to Blogger.
Monday, October 28, 2002
I Am Musically Challenged
Not that I can't appreciate good music, I just can't create it in any shape or form. However, I was pointed to a neat music site that even someone like me can have fun with. Give it a try.
Not that I can't appreciate good music, I just can't create it in any shape or form. However, I was pointed to a neat music site that even someone like me can have fun with. Give it a try.
I Keep My Extras In My Posterior
I was watching TLC's "Urban Legends" Show and one of the questions they asked was "Do Humans only use 10% of our brains?" Of course I had heard that, and even had read it in Sci-Fi books as a basis for some people being able to use "more" of their brain capacity and thus gaining powers like Telepathy, Telekinesis, and other 'Mind Powers'.
As this article and others state, we pretty much use 100% of our brains.
I guess I can quit trying to exercise mine. Here I thought I could turn the 90% 'fat' into some mental muscle.
I was watching TLC's "Urban Legends" Show and one of the questions they asked was "Do Humans only use 10% of our brains?" Of course I had heard that, and even had read it in Sci-Fi books as a basis for some people being able to use "more" of their brain capacity and thus gaining powers like Telepathy, Telekinesis, and other 'Mind Powers'.
As this article and others state, we pretty much use 100% of our brains.
I guess I can quit trying to exercise mine. Here I thought I could turn the 90% 'fat' into some mental muscle.
Wednesday, October 23, 2002
OH PUH-LEEZE
This will be the first time with more than one entry per day, but I couldn't pass this by.
Now they are worried about computerized voting machines being "hacked".
Of course, "hacking" is a subjective term - often misused, as the case here. But lets go along with their little fantasy.
Let's assume that the Democratic Party finds some people with brains to run the elections in those Florida counties that had all those voting problems in the last two elections. They setup these computerized voting booths, that are for some reason attached to the public Internet. Why they would be instead of on an isolated private network, I don't know. The idea that our "hackers" have about 14 hours (7AM to 9PM - 'court' ordered extended voting hours, like in St. Louis) to learn a whole new system, find all its weaknesses, break into the systems and change the data, erase logs, and disconnect before anyone discovered them is truly fiction. Even though I would like to try to break into a system in less than 60 seconds and write a worm that does all this while getting a hummer from a babe who performed fellatio "full-service" (I'll pass on the gun to the head) like in 'Swordfish' - it ain't gonna happen.
Besides, how many people could possibly successfully pull off the above scenario compared to the number of people (no matter their technology skill level) who could pilfer a stack of butterfly ballots, punch some holes in them, and drop them in the ballot box when no one is looking? You tell me which fraud is easier.
As far as a missing 'paper trail' goes, haven't these people heard of PRINTERS?
This will be the first time with more than one entry per day, but I couldn't pass this by.
Now they are worried about computerized voting machines being "hacked".
Of course, "hacking" is a subjective term - often misused, as the case here. But lets go along with their little fantasy.
Let's assume that the Democratic Party finds some people with brains to run the elections in those Florida counties that had all those voting problems in the last two elections. They setup these computerized voting booths, that are for some reason attached to the public Internet. Why they would be instead of on an isolated private network, I don't know. The idea that our "hackers" have about 14 hours (7AM to 9PM - 'court' ordered extended voting hours, like in St. Louis) to learn a whole new system, find all its weaknesses, break into the systems and change the data, erase logs, and disconnect before anyone discovered them is truly fiction. Even though I would like to try to break into a system in less than 60 seconds and write a worm that does all this while getting a hummer from a babe who performed fellatio "full-service" (I'll pass on the gun to the head) like in 'Swordfish' - it ain't gonna happen.
Besides, how many people could possibly successfully pull off the above scenario compared to the number of people (no matter their technology skill level) who could pilfer a stack of butterfly ballots, punch some holes in them, and drop them in the ballot box when no one is looking? You tell me which fraud is easier.
As far as a missing 'paper trail' goes, haven't these people heard of PRINTERS?
I want my PADD
The PADD (I forget what the acronym stands for) are those thin, handheld devices that are used as input devices and computers on Star Trek TNG and later (no, not tricorders). With this invention they move a step closer to reality. In fact, they'll probably be a considerably thinner.
Imagining two sheets of thin hinged glass being my computer staggers the mind. All of the 'projected' images on suspended glass screens in Sci-Fi movies/shows can be reality. It will be much easier to carry around a PC with you no matter where you go, or to extend several small pieces networked together to create a wearable computer.
With this technology, that commercial where you see the guy with the 'half-glasses' computer interface shouting "BUY! BUY! SELL! SELL!" while pidgeons scurry away from him becomes possible. I love it. I truly am looking forward to the next 20 years to see where we are. I bet I can get a full body replacement by then and essentially live forever.
Don't know if I'd really want to do that though.
The PADD (I forget what the acronym stands for) are those thin, handheld devices that are used as input devices and computers on Star Trek TNG and later (no, not tricorders). With this invention they move a step closer to reality. In fact, they'll probably be a considerably thinner.
Imagining two sheets of thin hinged glass being my computer staggers the mind. All of the 'projected' images on suspended glass screens in Sci-Fi movies/shows can be reality. It will be much easier to carry around a PC with you no matter where you go, or to extend several small pieces networked together to create a wearable computer.
With this technology, that commercial where you see the guy with the 'half-glasses' computer interface shouting "BUY! BUY! SELL! SELL!" while pidgeons scurry away from him becomes possible. I love it. I truly am looking forward to the next 20 years to see where we are. I bet I can get a full body replacement by then and essentially live forever.
Don't know if I'd really want to do that though.
Bet You Didn't Even Notice
The "root" if the Internet was attacked today. This story gives you the high-level as non-techie-as-possible explanation of what happened. If you notice, there are basically 13 servers that let all of us get from one site to another on the Internet. As the article states, Richard Clarke (no relation to Dick), warned long ago that an attack on the root DNS servers or "Top Level Domain" (TLD) servers would be devastating.
And it would.
And it wouldn't be hard.
These are the type of cyberattacks that are easy to accomplish (and have happened before) that could cripple things for quite a while.
The article doesn't explain what the TLD servers do, or why this would be bad, so I'll attempt to explain it in layman's terms.
The 'root' servers help convert the first level of DNS names to an IP address.
Huh? You say.
OK - Let me explain. This blog, http://jackburton.blogspot.com is hosted on a server with an IP address of 64.41.146.221 - How would you like to try to remember to type that number instead of jackburton.blogspot.com, or even if you bookmarked it with the number, imagine trying to send your link to other people. What if they had a bookmark with the same name already? Like Worthless Blog = 64.41.146.221 or something like that. Compound that with the fact that due to virtual hosting, you can have thousands of websites hosted on a single server with a single IP address. If you don't have DNS resolution, you don't get to any of the sites on that server. DNS (Domain Name Service) provides 'real' names to the IP addresses. The rub is, DNS names are read from Right-to-Left. (OK - all of you Islamic Conspiracy Theorists get to work now on this.)
So, when your computer asks for the IP address of jackburton.blogspot.com the DNS servers it has been assigned starts with the .com - Which is controlled by one of the 'root' servers. Therefore your computer asks the .com root server for the IP addresses of the DNS servers that control the blogspot.com domain. If the root server never answers, you never get there.
Now, when the root server is working, you get back the IP addresses of the DNS servers that are the Authority for the blogspot.com domain. Your computer then asks those servers for the IP address of the host by the name 'jackburton' - and the blogspot.com domain DNS servers reply with the correct IP address, 64.41.146.221 - Your computer then makes an HTTP GET command to http://jackburton.blogspot.com at 64.41.146.221 - which the webserver then translates to the correct virtual website and returns to you the correct data which your Web Browser re-assembles into what you see here. E-mail works the same way. Only E-mail talks through SMTP or POP3 or IMAP instead of HTTP.
Now, I have simplified a bit, your computer actually asks its assigned DNS servers to do all the work. When they get the final IP address, they send it back to your computer.
Still cornfused? Think of it like mailing a letter. If I was sending a letter to Jack Burton, 123 Anywhere Street, Anytown, AS (Any State), 12345 USA - I would address my letter like this:
Jack Burton
123 Anywhere Street
Anytown AS 12345
USA
Now, the equivalent for DNS would be:
jackburton
blogspot
.com
OK - We're missing one line, but it's the same thing. In fact drop the country designation off of the first example (because many of us don't use it because we rarely send international mail):
So we have:
Jack Burton
123 Anywhere Street
Anytown AS 12345
OK - Now imagine dropping off the 'Anytown AS 12345' from your letter. You'd have:
Jack Burton
123 Anywhere Street
What City? What State? What Country? It would never get there. It would sit in the dead letter office unless someone mailed it in the same zipcode as the destination and some mail carrier recognized it. The exact same thing would happed to all network packets not using the direct IP address of a server. The packets would not get there, and the internet would be for all intents and purposes, dead. Only sites and e-mail servers that controlled single domains would be accessible, and those only by IP address. Someone could set up a public WINS server or DNS server that everyone would have to use (so it better be a damn powerful server), and then the attackers would just flood the new public server with so much traffic that it would be useless as well.
Sorry about rambling, but with as dependent as we all are upon e-mail for business these days, it would have a huge impact on the economies of the world.
Got any questions? Drop me a line....
The "root" if the Internet was attacked today. This story gives you the high-level as non-techie-as-possible explanation of what happened. If you notice, there are basically 13 servers that let all of us get from one site to another on the Internet. As the article states, Richard Clarke (no relation to Dick), warned long ago that an attack on the root DNS servers or "Top Level Domain" (TLD) servers would be devastating.
And it would.
And it wouldn't be hard.
These are the type of cyberattacks that are easy to accomplish (and have happened before) that could cripple things for quite a while.
The article doesn't explain what the TLD servers do, or why this would be bad, so I'll attempt to explain it in layman's terms.
The 'root' servers help convert the first level of DNS names to an IP address.
Huh? You say.
OK - Let me explain. This blog, http://jackburton.blogspot.com is hosted on a server with an IP address of 64.41.146.221 - How would you like to try to remember to type that number instead of jackburton.blogspot.com, or even if you bookmarked it with the number, imagine trying to send your link to other people. What if they had a bookmark with the same name already? Like Worthless Blog = 64.41.146.221 or something like that. Compound that with the fact that due to virtual hosting, you can have thousands of websites hosted on a single server with a single IP address. If you don't have DNS resolution, you don't get to any of the sites on that server. DNS (Domain Name Service) provides 'real' names to the IP addresses. The rub is, DNS names are read from Right-to-Left. (OK - all of you Islamic Conspiracy Theorists get to work now on this.)
So, when your computer asks for the IP address of jackburton.blogspot.com the DNS servers it has been assigned starts with the .com - Which is controlled by one of the 'root' servers. Therefore your computer asks the .com root server for the IP addresses of the DNS servers that control the blogspot.com domain. If the root server never answers, you never get there.
Now, when the root server is working, you get back the IP addresses of the DNS servers that are the Authority for the blogspot.com domain. Your computer then asks those servers for the IP address of the host by the name 'jackburton' - and the blogspot.com domain DNS servers reply with the correct IP address, 64.41.146.221 - Your computer then makes an HTTP GET command to http://jackburton.blogspot.com at 64.41.146.221 - which the webserver then translates to the correct virtual website and returns to you the correct data which your Web Browser re-assembles into what you see here. E-mail works the same way. Only E-mail talks through SMTP or POP3 or IMAP instead of HTTP.
Now, I have simplified a bit, your computer actually asks its assigned DNS servers to do all the work. When they get the final IP address, they send it back to your computer.
Still cornfused? Think of it like mailing a letter. If I was sending a letter to Jack Burton, 123 Anywhere Street, Anytown, AS (Any State), 12345 USA - I would address my letter like this:
Jack Burton
123 Anywhere Street
Anytown AS 12345
USA
Now, the equivalent for DNS would be:
jackburton
blogspot
.com
OK - We're missing one line, but it's the same thing. In fact drop the country designation off of the first example (because many of us don't use it because we rarely send international mail):
So we have:
Jack Burton
123 Anywhere Street
Anytown AS 12345
OK - Now imagine dropping off the 'Anytown AS 12345' from your letter. You'd have:
Jack Burton
123 Anywhere Street
What City? What State? What Country? It would never get there. It would sit in the dead letter office unless someone mailed it in the same zipcode as the destination and some mail carrier recognized it. The exact same thing would happed to all network packets not using the direct IP address of a server. The packets would not get there, and the internet would be for all intents and purposes, dead. Only sites and e-mail servers that controlled single domains would be accessible, and those only by IP address. Someone could set up a public WINS server or DNS server that everyone would have to use (so it better be a damn powerful server), and then the attackers would just flood the new public server with so much traffic that it would be useless as well.
Sorry about rambling, but with as dependent as we all are upon e-mail for business these days, it would have a huge impact on the economies of the world.
Got any questions? Drop me a line....
Monday, October 21, 2002
More Good News
I asked for it, and I got it. James sent me some good news for my blog. I was thinking more of good economic news, but I didn't specify. It doesn't matter anyway with the market up now several days in a row, even with some mixed bad indicators (damn those indicators) shows that maybe there is a little logic creeping into investment decisions. But I digress. Here are links to James' good news (and his comments):
The space shuttle Atlantis has safely returned to earth. Another successful mission!
The Russians, after an exploding rocket killed one of their ground crew, has successfully launched an orbital observatory to study black holes.
Something that may be a big boon to your business, new home builders are looking in to hooking everything with a pulse to the Internet.
Medical researchers have come up with a drug that might control premature ejaculation. Not that (ahem) I need that or anything. And there's no info on how the disgruntled wives that buy the drug will convince their husbands to take it.
My comments: Uh-huh - Suuuuure James - we know you don't need them - You've probably built up some thick calluses from those coated magazine pages - built in dapoxetine, eh?
A new dialysis machine might just save 2,000 lives a year.
He sent another reference to "The zoo in Kabul, Agfghanistan has been restocked by the kindness of a zoo in China." - but the link was the same as the dialysis machine one above. The 'a' 'f' 'g' and 'h' keys, and Control-C and Control-V are all left-handed keystrokes. James, your right hand is strong enough, time to work on your left. (See the link on dapoxetine above).
Thanks for the news!
I asked for it, and I got it. James sent me some good news for my blog. I was thinking more of good economic news, but I didn't specify. It doesn't matter anyway with the market up now several days in a row, even with some mixed bad indicators (damn those indicators) shows that maybe there is a little logic creeping into investment decisions. But I digress. Here are links to James' good news (and his comments):
The space shuttle Atlantis has safely returned to earth. Another successful mission!
The Russians, after an exploding rocket killed one of their ground crew, has successfully launched an orbital observatory to study black holes.
Something that may be a big boon to your business, new home builders are looking in to hooking everything with a pulse to the Internet.
Medical researchers have come up with a drug that might control premature ejaculation. Not that (ahem) I need that or anything. And there's no info on how the disgruntled wives that buy the drug will convince their husbands to take it.
My comments: Uh-huh - Suuuuure James - we know you don't need them - You've probably built up some thick calluses from those coated magazine pages - built in dapoxetine, eh?
A new dialysis machine might just save 2,000 lives a year.
He sent another reference to "The zoo in Kabul, Agfghanistan has been restocked by the kindness of a zoo in China." - but the link was the same as the dialysis machine one above. The 'a' 'f' 'g' and 'h' keys, and Control-C and Control-V are all left-handed keystrokes. James, your right hand is strong enough, time to work on your left. (See the link on dapoxetine above).
Thanks for the news!
Friday, October 11, 2002
Don't Touch Him, He Might Have a Virus
No, not some communicable disease, but a computer virus. Technology is wonderful, everytime we come up with something new it destroys the basis for much of the sci-fi that is out there. If you have read any of William Gibson's work of the Cyberpunk genre, you know about his futuristic vision of "hackers" eventually having cybernetic implants that will allow them to directly connect their brain to computer systems. Well this advancement changes all that. You don't need any external implant with conductors, simply using what we've had for thousands of years will allow us to interface with each other or with other systems.
Imagine a computer virus run rampant with this sort of technology. "Wearable" Computers are becoming more fact that fiction, and soon you'll be tightly integrated with them. Current viruses (virii?) nowdays do little more than send themselves out to other people, and try to infect them. However, will the Trojan Horse programs of the future be able to take over people's minds? Hmmm....sounds like an idea for a novel.
No, not some communicable disease, but a computer virus. Technology is wonderful, everytime we come up with something new it destroys the basis for much of the sci-fi that is out there. If you have read any of William Gibson's work of the Cyberpunk genre, you know about his futuristic vision of "hackers" eventually having cybernetic implants that will allow them to directly connect their brain to computer systems. Well this advancement changes all that. You don't need any external implant with conductors, simply using what we've had for thousands of years will allow us to interface with each other or with other systems.
Imagine a computer virus run rampant with this sort of technology. "Wearable" Computers are becoming more fact that fiction, and soon you'll be tightly integrated with them. Current viruses (virii?) nowdays do little more than send themselves out to other people, and try to infect them. However, will the Trojan Horse programs of the future be able to take over people's minds? Hmmm....sounds like an idea for a novel.
Friday, October 04, 2002
Sick of Bad News
Seems like the media is all about putting out nothing but bad news. The good news around never gets any headlines. The reaction to the economy is so emotions based that if good news were reported more often, the economy and stock market could possibly cure themselves. So I am going to start a list to only good news. If you have any good news stories, e-mail a link to me at this address.
Good news in the recent past:
Chrysler Adds 1,000 Jobs
Technology Company Addamark gets $7 million in Investments
Arkansas State Goverment Adds Jobs to High Unemployment Area
Flooring Company Adds Jobs (Webmaster of this site should be fired for bad links though)
Telecommunications Company Adds Jobs
Florida adds jobs in many areas
Blue Cross Adds Jobs
Toyota Adds 700 Jobs
That's it for now, I'm sure there are more. Send them in. The cynics among you that will say this is just a 'drop in the bucket' need not apply. Go read or watch the mainstream news for bad news....
Seems like the media is all about putting out nothing but bad news. The good news around never gets any headlines. The reaction to the economy is so emotions based that if good news were reported more often, the economy and stock market could possibly cure themselves. So I am going to start a list to only good news. If you have any good news stories, e-mail a link to me at this address.
Good news in the recent past:
Chrysler Adds 1,000 Jobs
Technology Company Addamark gets $7 million in Investments
Arkansas State Goverment Adds Jobs to High Unemployment Area
Flooring Company Adds Jobs (Webmaster of this site should be fired for bad links though)
Telecommunications Company Adds Jobs
Florida adds jobs in many areas
Blue Cross Adds Jobs
Toyota Adds 700 Jobs
That's it for now, I'm sure there are more. Send them in. The cynics among you that will say this is just a 'drop in the bucket' need not apply. Go read or watch the mainstream news for bad news....
Thursday, October 03, 2002
Unbelievable
How? I just don't understand. I really don't. Someone please explain it to me. This article says it all. How in the hell are people this stupid? I can't believe it. After all of the publicity in other cases like this, how can it happen?
Some of you will try to wax eloquent about how its societies fault, that we don't take care of single mothers. That's way, way, way beyond the simple fact that this is just totally unacceptable. The article tries to spin it in a way that makes you feel sorry for the mother, and this will destroy her. Well it probably will, and it should. Dammit, I'm sick and tired of people making excuses for people who do these sort of things. A child is dead because the mother made a completely negligent and irresponsible decision.
Grrrrrr.....
How? I just don't understand. I really don't. Someone please explain it to me. This article says it all. How in the hell are people this stupid? I can't believe it. After all of the publicity in other cases like this, how can it happen?
Some of you will try to wax eloquent about how its societies fault, that we don't take care of single mothers. That's way, way, way beyond the simple fact that this is just totally unacceptable. The article tries to spin it in a way that makes you feel sorry for the mother, and this will destroy her. Well it probably will, and it should. Dammit, I'm sick and tired of people making excuses for people who do these sort of things. A child is dead because the mother made a completely negligent and irresponsible decision.
Grrrrrr.....
Subscribe to:
Posts (Atom)