So, the Pork Chop Express has been dormant for 7 years. Only hits I get here are from search engines anymore, but I do still rank pretty high on some of the searches. I guess I can reclaim this page and start publishing a bunch of crap that no one will read. Yeah, that's the ticket.
So, for the next post, the check is in the mail.
Thursday, September 20, 2012
Sunday, March 20, 2005
Saving the Internet?
I was reading this article over at Ars Technica which refers to a CIO.com article that speaks about the Internet being crushed under its own weight. Both articles address the problems, so I am not going to repeat the discussion. There are various really bad solutions suggested, but it is a growing problem that needs to be addressed.
In my opinion, e-mail is the crux of the problem. Spyware and viruses are installed to send mail for spammers, phishers start their con with an e-mail message. Some have suggested a pay-as-you-go solution. I think you can add a payment function and keep it free as well. We don't need a tax, or a permanent 'per-use' charge, but a pay-rebate system. E-mail is popular because perceptually it is 'free'. Yes, this sounds like having your cake and eating it too, but I think this is a viable solution.
SMTP must be changed or modified. It's just too easy to abuse. Those who want to stick with SMTP can, but will still be subject to the avalanche of spam and phishing. I'm going to call the 'new' type PMTP for Protected Mail Transport Protocol. (AMTP, QMTP, and VMTP were taken)
How it works is something like this:
Company A registers their mail-server in the similar way that one registers a Domain Name. It would be something like the way DNS is currently handled by a centralized system. You put X dollars into each of your servers' account, and you do get charged Y amount for each e-mail you send out. When you run out of money in your account, the mail is stored on YOUR server waiting for funds to be available. When someone opens and reads your mail with their client program, you are credited back the Y amount to your account. Therefore, if you send nothing but e-mail to those who want it, you get 100% of your money back, and still use e-mail for free. Individual users would buy e-mail accounts from their ISPs, and this way if a user gets infected with a remailer virus or spam, their account would soon deplete, (because they wouldn't have to keep much money in it), they would know they have a problem with their computer, and spammers might quit trying to take over as many systems. Those who break spam laws would soon find their servers de-authorized.
How would we authorize mail? After all, a spammer could simply bypass the central server and use the PMTP protocol to send you an e-mail. Well, the central servers are going to have to store some sort of identifier and delivery status for each e-mail sent (not the whole e-mail, just an identifier). When someone sends your server an e-mail, it would include the unique mail identifier for that message. Your e-mail server would then query the 'root' e-mail servers to see if that identifier was valid, and if the mail had been delivered yet or not. The mail identifiers could be quite long, so as to be almost impossible to spoof or forge.
Of course, there'd have to be modifications to current systems to allow for this. I don't think it would require entirely new e-mail client or server software. Microsoft Exchange and other e-mail systems have supported various 'connectors' that allow for support of many different types of e-mail, whether SMTP, X.400, or others. Sendmail, Postfix, and other Open Source SMTP programs could be modified and could have included in their config files lines to enable or disable SMTP and/or PMTP services. Outlook, Eudora, Thunderbird, Evolution, and other e-mail client programs could be modified to support PMTP along with SMTP. Yes, it would take time and testing - but I think it could be a paid-for enhancement. Would you pay $5 to practically eliminate spam from your mailbox by purchasing an enhancement for your software? I've seen people spend more. This approach could be taken over time, SMTP and PMTP would be run in tandem, until such a time as PMTP was prevalent enough to start allowing organizations to stop supporting SMTP.
The hardest part would be deciding who would be the 'keeper' of the authorized PMTP server lists, accounts, and data and what compensation they would receive - as well as setting up the databases. You'd want thousands of root e-mail servers to handle the massive amount of data and traffic.
I was reading this article over at Ars Technica which refers to a CIO.com article that speaks about the Internet being crushed under its own weight. Both articles address the problems, so I am not going to repeat the discussion. There are various really bad solutions suggested, but it is a growing problem that needs to be addressed.
In my opinion, e-mail is the crux of the problem. Spyware and viruses are installed to send mail for spammers, phishers start their con with an e-mail message. Some have suggested a pay-as-you-go solution. I think you can add a payment function and keep it free as well. We don't need a tax, or a permanent 'per-use' charge, but a pay-rebate system. E-mail is popular because perceptually it is 'free'. Yes, this sounds like having your cake and eating it too, but I think this is a viable solution.
SMTP must be changed or modified. It's just too easy to abuse. Those who want to stick with SMTP can, but will still be subject to the avalanche of spam and phishing. I'm going to call the 'new' type PMTP for Protected Mail Transport Protocol. (AMTP, QMTP, and VMTP were taken)
How it works is something like this:
Company A registers their mail-server in the similar way that one registers a Domain Name. It would be something like the way DNS is currently handled by a centralized system. You put X dollars into each of your servers' account, and you do get charged Y amount for each e-mail you send out. When you run out of money in your account, the mail is stored on YOUR server waiting for funds to be available. When someone opens and reads your mail with their client program, you are credited back the Y amount to your account. Therefore, if you send nothing but e-mail to those who want it, you get 100% of your money back, and still use e-mail for free. Individual users would buy e-mail accounts from their ISPs, and this way if a user gets infected with a remailer virus or spam, their account would soon deplete, (because they wouldn't have to keep much money in it), they would know they have a problem with their computer, and spammers might quit trying to take over as many systems. Those who break spam laws would soon find their servers de-authorized.
How would we authorize mail? After all, a spammer could simply bypass the central server and use the PMTP protocol to send you an e-mail. Well, the central servers are going to have to store some sort of identifier and delivery status for each e-mail sent (not the whole e-mail, just an identifier). When someone sends your server an e-mail, it would include the unique mail identifier for that message. Your e-mail server would then query the 'root' e-mail servers to see if that identifier was valid, and if the mail had been delivered yet or not. The mail identifiers could be quite long, so as to be almost impossible to spoof or forge.
Of course, there'd have to be modifications to current systems to allow for this. I don't think it would require entirely new e-mail client or server software. Microsoft Exchange and other e-mail systems have supported various 'connectors' that allow for support of many different types of e-mail, whether SMTP, X.400, or others. Sendmail, Postfix, and other Open Source SMTP programs could be modified and could have included in their config files lines to enable or disable SMTP and/or PMTP services. Outlook, Eudora, Thunderbird, Evolution, and other e-mail client programs could be modified to support PMTP along with SMTP. Yes, it would take time and testing - but I think it could be a paid-for enhancement. Would you pay $5 to practically eliminate spam from your mailbox by purchasing an enhancement for your software? I've seen people spend more. This approach could be taken over time, SMTP and PMTP would be run in tandem, until such a time as PMTP was prevalent enough to start allowing organizations to stop supporting SMTP.
The hardest part would be deciding who would be the 'keeper' of the authorized PMTP server lists, accounts, and data and what compensation they would receive - as well as setting up the databases. You'd want thousands of root e-mail servers to handle the massive amount of data and traffic.
Monday, January 31, 2005
Buying Iraqi Dinars
I've been keeping up on my blog reading, though not necessarily my writing. On a few of these blogs that have been talking about the Iraqi elections, I have been seeing some interesting ads.
Yes, Jack looks at the ads sometimes.
One of these services advertized is "Bet On Iraq". They say that you can help the Iraqis by purchasing Iraqi dinars, and if the price goes up, you can make a lot of money.
It sounded like a good idea the way they presented it, and being that I've seen the ads on many blogs I respect, I was thinking about buying a few for more historic purposes than an investment. However, the closer I looked, the less sense it made.
You can see from the Bet On Iraq site the number of Iraqi Dinars you can buy, and how much in US Dollars it cost to buy them and have them sent to the US. So I head over to XE.com, a currency conversion site, and plugged in some numbers to get a real conversion rate.
Now I know it costs to get the money to you through Fedex from across the world, through some bad conditions, but the numbers didn't add up to my Ferengi brain. I put it all into a table below. The first column is the number of Dinars you get, the second is how much you pay for them, the third is the actual converted value according to XE.com, the fourth is "Bet On Iraqs"' gross profit before shipping and other costs. You can see for yourself the numbers. You pay almost twice in shipping and profit for the company than what it costs to buy 25,000 dinars. OK - $32 to get a package from Iraq and keep their business running, I can understand that. what I don't get is how quickly it raises with the number of Dinars you buy. Maybe it is the 'insurance' costs from FedEx. I haven't called FedEx to get a quote for shipping stuff from Iraq, but it still seems to be too high.
I also ran into this article on XE.com that talks about the various scams.
Now, i am not claiming at all that "Bet On Iraqs"' offering is a scam, I believe that if someone offers a service at a price, it is up to the consumer to look at all the facts and make an informed decision. Impulse buying on risky investments rarely pay off. I just thought I would point this out. I wonder how many bloggers would still feel comfortable advertizing this service once they see this. What do you do if the currency is 'changed' to another type, you'd have to send it back to be exchanged for the 'newer' stuff. How would this be accomplished?
Again, I'm not saying that there should be any regulations or the business should be closed down, just pointing out the numbers involved.
I've been keeping up on my blog reading, though not necessarily my writing. On a few of these blogs that have been talking about the Iraqi elections, I have been seeing some interesting ads.
Yes, Jack looks at the ads sometimes.
One of these services advertized is "Bet On Iraq". They say that you can help the Iraqis by purchasing Iraqi dinars, and if the price goes up, you can make a lot of money.
It sounded like a good idea the way they presented it, and being that I've seen the ads on many blogs I respect, I was thinking about buying a few for more historic purposes than an investment. However, the closer I looked, the less sense it made.
You can see from the Bet On Iraq site the number of Iraqi Dinars you can buy, and how much in US Dollars it cost to buy them and have them sent to the US. So I head over to XE.com, a currency conversion site, and plugged in some numbers to get a real conversion rate.
Now I know it costs to get the money to you through Fedex from across the world, through some bad conditions, but the numbers didn't add up to my Ferengi brain. I put it all into a table below. The first column is the number of Dinars you get, the second is how much you pay for them, the third is the actual converted value according to XE.com, the fourth is "Bet On Iraqs"' gross profit before shipping and other costs. You can see for yourself the numbers. You pay almost twice in shipping and profit for the company than what it costs to buy 25,000 dinars. OK - $32 to get a package from Iraq and keep their business running, I can understand that. what I don't get is how quickly it raises with the number of Dinars you buy. Maybe it is the 'insurance' costs from FedEx. I haven't called FedEx to get a quote for shipping stuff from Iraq, but it still seems to be too high.
I also ran into this article on XE.com that talks about the various scams.
Now, i am not claiming at all that "Bet On Iraqs"' offering is a scam, I believe that if someone offers a service at a price, it is up to the consumer to look at all the facts and make an informed decision. Impulse buying on risky investments rarely pay off. I just thought I would point this out. I wonder how many bloggers would still feel comfortable advertizing this service once they see this. What do you do if the currency is 'changed' to another type, you'd have to send it back to be exchanged for the 'newer' stuff. How would this be accomplished?
Again, I'm not saying that there should be any regulations or the business should be closed down, just pointing out the numbers involved.
Dinars Cost ($US) Converted ($US) Gross Profit
25000 $50.00 $17.09 $32.91
50000 $90.00 $34.18 $55.82
100000 $175.00 $68.36 $106.64
250000 $339.00 $170.91 $168.10
500000 $639.00 $341.81 $297.19
750000 $859.00 $512.72 $346.29
1000000 $1,150.00 $683.62 $466.38
2000000 $2,300.00 $1,367.24 $932.76
3000000 $3,450.00 $2,050.86 $1,399.14
4000000 $4,600.00 $2,734.48 $1,865.52
5000000 $5,750.00 $3,418.10 $2,331.90
0.00068362 Iraqi Dinars for Each US Dollar as of 1-31-05
Saturday, January 15, 2005
One Omitted Word
I was watching one of our local television news stations (WSYX6) last night. One of the stories was about a student who took a gun to school with him. Those links don't last very long (or don't point to the same story after a new one is posted) so I have included the text of the website article here:
Gun Found in Middle School Locker
Sheriff's deputies arrived in full force at Pleasant View Middle School in Grove City. Six cruisers lined the bus lanes Friday afternoon. A handgun was found in a locker, and one student taken into custody of the Sheriff's Office.
When the cruisers had gone - so had the 13-year-old accused of bringing a small-caliber, semiautomatic handgun. He had not been accused of anything more than that - and may or may not be formally charged. At that time there was no indication of intimidation of other students. It is still unknown as to why the gun was brought to school. That's something police are trying to find out and something the sheriff's office will investigate. A letter from the principal came out with everything they knew, prior to 3pm.
Legally, the southwest city school district cannot discuss the penalty to this student if he indeed brought the weapon on to school grounds. However - a zero-tolerance policy means the district can suspend him for ten days - with a recommendation for expulsion.
A 'standard' story sure enough. This happens from time to time at different schools. Has been happening for a very long time, even way back when Jack was in High School. However, during the story they flashed the 'letter from the principal' across the screen, and being somewhat of a speed reader - I saw the words 'unloaded gun' in the text of the body of the letter.
It immediately made me wonder why this detail was left out of the story. Surely a single polysyllabic word didn't 'lengthen' the story to make it too long to fit into the news broadcast segment. Something seemed amiss to me, that one word changes the store quite a bit, it was a fact that was left out, not an opinion. Now, don't get Jack wrong, kids shouldn't be taking guns to school, loaded or unloaded. However, leaving out the word 'unloaded' just smelled a little suspicious to me.
Back before Ohio had CCW licenses, it wasn't a felony to carry an unloaded or non-working gun. In fact, even if it were loaded, it had to be shown to be in 'working' condition before you could charge the person with a felony-level CCW charge instead of a misdemeanor (if even a charge at all). We used to send all firearms confiscated during CCW arrests to the range for testing to be sure they worked. Now, if you took out the unloaded firearm and pointed it at someone, it was a different matter, you could be charged with 'Aggravated Menacing', though it was still only a misdemeanor. When you tell a someone that a kid took a gun to school, there is an assumption that it was a loaded firearm in working condition. While again, it does not lessen the degree of concern a parent should have, it does make somewhat of a difference that the firearm wasn't loaded. I might then question the obviously poor judgment of the student, but I'd be then more likely to believe that he just might have brought it only to 'show it off' to some friends (which is probably how he was caught with it). It sure makes a difference to me, and not just a 'slight' one.
So I wrote the station an e-mail through their website feedback submission form, though I doubt I'll get an answer. I asked them if an electronic copy of the letter the principal sent to parents was available, and if not, was I correct in reading that the gun was 'unloaded'. We'll see if I get an answer and what answer I get. I might follow-up with a phone call if I don't.
I'll let you know what happens.
I was watching one of our local television news stations (WSYX6) last night. One of the stories was about a student who took a gun to school with him. Those links don't last very long (or don't point to the same story after a new one is posted) so I have included the text of the website article here:
Gun Found in Middle School Locker
Sheriff's deputies arrived in full force at Pleasant View Middle School in Grove City. Six cruisers lined the bus lanes Friday afternoon. A handgun was found in a locker, and one student taken into custody of the Sheriff's Office.
When the cruisers had gone - so had the 13-year-old accused of bringing a small-caliber, semiautomatic handgun. He had not been accused of anything more than that - and may or may not be formally charged. At that time there was no indication of intimidation of other students. It is still unknown as to why the gun was brought to school. That's something police are trying to find out and something the sheriff's office will investigate. A letter from the principal came out with everything they knew, prior to 3pm.
Legally, the southwest city school district cannot discuss the penalty to this student if he indeed brought the weapon on to school grounds. However - a zero-tolerance policy means the district can suspend him for ten days - with a recommendation for expulsion.
A 'standard' story sure enough. This happens from time to time at different schools. Has been happening for a very long time, even way back when Jack was in High School. However, during the story they flashed the 'letter from the principal' across the screen, and being somewhat of a speed reader - I saw the words 'unloaded gun' in the text of the body of the letter.
It immediately made me wonder why this detail was left out of the story. Surely a single polysyllabic word didn't 'lengthen' the story to make it too long to fit into the news broadcast segment. Something seemed amiss to me, that one word changes the store quite a bit, it was a fact that was left out, not an opinion. Now, don't get Jack wrong, kids shouldn't be taking guns to school, loaded or unloaded. However, leaving out the word 'unloaded' just smelled a little suspicious to me.
Back before Ohio had CCW licenses, it wasn't a felony to carry an unloaded or non-working gun. In fact, even if it were loaded, it had to be shown to be in 'working' condition before you could charge the person with a felony-level CCW charge instead of a misdemeanor (if even a charge at all). We used to send all firearms confiscated during CCW arrests to the range for testing to be sure they worked. Now, if you took out the unloaded firearm and pointed it at someone, it was a different matter, you could be charged with 'Aggravated Menacing', though it was still only a misdemeanor. When you tell a someone that a kid took a gun to school, there is an assumption that it was a loaded firearm in working condition. While again, it does not lessen the degree of concern a parent should have, it does make somewhat of a difference that the firearm wasn't loaded. I might then question the obviously poor judgment of the student, but I'd be then more likely to believe that he just might have brought it only to 'show it off' to some friends (which is probably how he was caught with it). It sure makes a difference to me, and not just a 'slight' one.
So I wrote the station an e-mail through their website feedback submission form, though I doubt I'll get an answer. I asked them if an electronic copy of the letter the principal sent to parents was available, and if not, was I correct in reading that the gun was 'unloaded'. We'll see if I get an answer and what answer I get. I might follow-up with a phone call if I don't.
I'll let you know what happens.
Tuesday, January 11, 2005
Take Command of Windows File Copying
Back in the DOS days, one of Jack's favorite utilities was Norton Commander. This was back in the days when Norton software was worth more than it cost. Today you wouldn't catch Jack spending a single penny for any of Symantec's crapware. (In case you didn't know, Symantec is now the company that owns and maintains all of the Norton software.) Norton Commander was the earliest file manager that has been somewhat duplicated by Windows Explorer (not Internet Explorer, but the File Manager, Explorer). It had two 'panes' and using the function keys - you know those keys at the top of your keyboard you rarely use), you could do a myriad of standard file functions (View, Edit, Copy, Rename, Delete, etc.). It was also easy to start, just type 'nc' at the DOS prompt to start it.
As of Windows 95 Norton basically turned NC into another version of Windows Explorer, which means you might as well use Windows Explorer itself.
A client of Jack's had committed the coffee backflip into the keyboard of his Dell notebook computer and watched it slowly die. The screen slowly dimmed until the Dell fell into a forever electronic slumber, never to awaken. Luckily for the client, the hard drive is rarely damaged in these cases.
After procuring a new desktop for the client, Jack was for the umpteenth time copying the files from the clients old hard drive to the new one, running it through a virus scanner on the way. I was using Windows Explorer
The many problems with Windows Explorer is that it: 1. Stops on all errors, meaning you have to figure out where it left off and painstakingly go through the file list and select the remaining files to copy, or start over, which is a pain because...; 2. On the new Windows OS's, it 'scans' over the files to be copied to make a determination of several factors and settings to be used in copying, so for a large number of files, it can be minutes before the files start copying; and 3. It takes forever to do copies across the network or even from hard drive to hard drive.
On Linux, I use "Midnight Commander", which is Norton Commander for *nix. Works almost exactly like the old Norton Commander. It doesn't work well under OS X without disabling some Function keys that have useful operations on the Mac. Besides, you really don't need it on OS X. Luckily, someone ported Midnight Commander to Windows.
Midnight Commander does stop on errors, but it gives you the options to skip the error and proceed, abort the operation, or retry. The 'skip' is the most useful. Its easier to jot down a few skipped files or directories than to have to start all over again. That and it is much, much faster. It only took it 10 minutes to copy an amount of data that would have taken Windows Explorer 30 minutes.
You can find links to other 'Commander' type programs at rmonet.com as well as more information on this type of program.
Jack Heartily Recommends it.
UPDATE: A new "Best 46 Freeware Utilities" list is up. Check it out for other good stuff.
Back in the DOS days, one of Jack's favorite utilities was Norton Commander. This was back in the days when Norton software was worth more than it cost. Today you wouldn't catch Jack spending a single penny for any of Symantec's crapware. (In case you didn't know, Symantec is now the company that owns and maintains all of the Norton software.) Norton Commander was the earliest file manager that has been somewhat duplicated by Windows Explorer (not Internet Explorer, but the File Manager, Explorer). It had two 'panes' and using the function keys - you know those keys at the top of your keyboard you rarely use), you could do a myriad of standard file functions (View, Edit, Copy, Rename, Delete, etc.). It was also easy to start, just type 'nc' at the DOS prompt to start it.
As of Windows 95 Norton basically turned NC into another version of Windows Explorer, which means you might as well use Windows Explorer itself.
A client of Jack's had committed the coffee backflip into the keyboard of his Dell notebook computer and watched it slowly die. The screen slowly dimmed until the Dell fell into a forever electronic slumber, never to awaken. Luckily for the client, the hard drive is rarely damaged in these cases.
After procuring a new desktop for the client, Jack was for the umpteenth time copying the files from the clients old hard drive to the new one, running it through a virus scanner on the way. I was using Windows Explorer
The many problems with Windows Explorer is that it: 1. Stops on all errors, meaning you have to figure out where it left off and painstakingly go through the file list and select the remaining files to copy, or start over, which is a pain because...; 2. On the new Windows OS's, it 'scans' over the files to be copied to make a determination of several factors and settings to be used in copying, so for a large number of files, it can be minutes before the files start copying; and 3. It takes forever to do copies across the network or even from hard drive to hard drive.
On Linux, I use "Midnight Commander", which is Norton Commander for *nix. Works almost exactly like the old Norton Commander. It doesn't work well under OS X without disabling some Function keys that have useful operations on the Mac. Besides, you really don't need it on OS X. Luckily, someone ported Midnight Commander to Windows.
Midnight Commander does stop on errors, but it gives you the options to skip the error and proceed, abort the operation, or retry. The 'skip' is the most useful. Its easier to jot down a few skipped files or directories than to have to start all over again. That and it is much, much faster. It only took it 10 minutes to copy an amount of data that would have taken Windows Explorer 30 minutes.
You can find links to other 'Commander' type programs at rmonet.com as well as more information on this type of program.
Jack Heartily Recommends it.
UPDATE: A new "Best 46 Freeware Utilities" list is up. Check it out for other good stuff.
Saturday, January 08, 2005
Diamond TV
I've always wanted to go to one of the CES shows. This years 2005 show has featured a lot of neat stuff. One thing that interests me is Carbon/Diamond Nanotube TVs. With HDTV being a requirement in the near future, I've been looking at what I wanted in a new Television. Converters aren't going to do the job if you care about the quality of TV you watch - sort of like those old 'color tv' adapters for black and white televisions. (Are you old enough to remember having B&W TVs for the most part? I remember).
This new technology looks promising. I haven't cared for the projection TVs, Plasma TVs supposedly wear out (sure it might be 12-17 years, its just the whole principle and expense), and LCDs are extremely expensive to get 'theatre sizes'.
Looks like I need to save my pennies until 2006-07.
I've always wanted to go to one of the CES shows. This years 2005 show has featured a lot of neat stuff. One thing that interests me is Carbon/Diamond Nanotube TVs. With HDTV being a requirement in the near future, I've been looking at what I wanted in a new Television. Converters aren't going to do the job if you care about the quality of TV you watch - sort of like those old 'color tv' adapters for black and white televisions. (Are you old enough to remember having B&W TVs for the most part? I remember).
This new technology looks promising. I haven't cared for the projection TVs, Plasma TVs supposedly wear out (sure it might be 12-17 years, its just the whole principle and expense), and LCDs are extremely expensive to get 'theatre sizes'.
Looks like I need to save my pennies until 2006-07.
Friday, January 07, 2005
The Trouble With Chicken
Yeah that's right. Chicken. That stuff you buy in the grocery store that you bake, fry, broil, shred, or do whatever you need to for your recipes.
Jack gets many requests for his chicken wings. (even though at Jack's New Year's party, they were sub-par for my normal fare.) So I buy them in large quantities, at least once a month.
I don't buy those ones pre-cut that come in a bag all frozen. They often have an 'ice' covering, and since I deep fry my wings the water and very hot oil (350 degrees F) don't mix very well. I find that if I thaw them out, they are quite small. However, something about those frozen wings and even the fresh ones that I buy is now really bothering me.
"Up to X % of a solution added to enhance flavor"
Poppycock. You see, they 'inject' the chicken with a solution (probably Chicken Broth, or just salted water) to allegedly make it more 'moist' and 'tasty'. Blah. All it means is that you are paying so much per pound for water. If you fry or cook the chicken, it comes right out during the cooking. When I cut fresh wings that have this solution injection, it just makes a large mess of raw chicken liquid that is a pain to cleanup.
By now you're probably wondering what the big deal is. Well, its like this, that X % used to be 10% at most. OK - a 10% extra charge on what I am paying for after you get rid of the 'enhancement'. I could deal with that. Now its up to 15-20% (though I did see some that was as low as 12%, once), so I am paying for 1/6th to 1/5th of the cost per pound in water!
There could be a couple of reasons for this. One is that it leads to higher profit margins. The other is that the FDA has banned growth hormones use in many of the meat products we eat, one of these being chicken. I don't know which it is at this point, it seems that the ban went into effect in 2002, so its been around for a while, even though there is still argument about whether or not these hormones are harmful.
I just want chicken that has no 'enhancements' of water without paying an arm and a wing for 'organic' chicken. I'll take the stuff grown in cages thankyouverymuch. At least the Giant Eagle near me carries stuff that has no solution enhancement, but we'll see how long that lasts. Of course it is about 30% higher in cost.
Yeah that's right. Chicken. That stuff you buy in the grocery store that you bake, fry, broil, shred, or do whatever you need to for your recipes.
Jack gets many requests for his chicken wings. (even though at Jack's New Year's party, they were sub-par for my normal fare.) So I buy them in large quantities, at least once a month.
I don't buy those ones pre-cut that come in a bag all frozen. They often have an 'ice' covering, and since I deep fry my wings the water and very hot oil (350 degrees F) don't mix very well. I find that if I thaw them out, they are quite small. However, something about those frozen wings and even the fresh ones that I buy is now really bothering me.
"Up to X % of a solution added to enhance flavor"
Poppycock. You see, they 'inject' the chicken with a solution (probably Chicken Broth, or just salted water) to allegedly make it more 'moist' and 'tasty'. Blah. All it means is that you are paying so much per pound for water. If you fry or cook the chicken, it comes right out during the cooking. When I cut fresh wings that have this solution injection, it just makes a large mess of raw chicken liquid that is a pain to cleanup.
By now you're probably wondering what the big deal is. Well, its like this, that X % used to be 10% at most. OK - a 10% extra charge on what I am paying for after you get rid of the 'enhancement'. I could deal with that. Now its up to 15-20% (though I did see some that was as low as 12%, once), so I am paying for 1/6th to 1/5th of the cost per pound in water!
There could be a couple of reasons for this. One is that it leads to higher profit margins. The other is that the FDA has banned growth hormones use in many of the meat products we eat, one of these being chicken. I don't know which it is at this point, it seems that the ban went into effect in 2002, so its been around for a while, even though there is still argument about whether or not these hormones are harmful.
I just want chicken that has no 'enhancements' of water without paying an arm and a wing for 'organic' chicken. I'll take the stuff grown in cages thankyouverymuch. At least the Giant Eagle near me carries stuff that has no solution enhancement, but we'll see how long that lasts. Of course it is about 30% higher in cost.
Monday, December 27, 2004
You'll Put Everyone's Eye Out
Santa was good to Jack, even better to the kids. However, had I known about this wonderful device that every alpha-geek needs, I would have asked for it.
Anyone want to shell out the $699 to send Jack a belated Christmas present, before they get pulled from the market?
Santa was good to Jack, even better to the kids. However, had I known about this wonderful device that every alpha-geek needs, I would have asked for it.
Anyone want to shell out the $699 to send Jack a belated Christmas present, before they get pulled from the market?
Tuesday, November 30, 2004
DNS Broken?
DNS, or Domain Name Service, is what takes human-readable names, such as www.google.com and turns it into an IP address, such as 64.233.167.99 (Both will take you to the same place).
If we didn't have DNS, we'd have to memorize the IP addresses of all the websites we visit, and 'virtual' websites that exist on a single server (some servers hold hundreds of websites) would not be accessible because they need the correct header in the HTML request, which if you go to the server by IP address, you won't get.
The last few days several of my clients and people I know have reported DNS irregularities. It looks like some of the Top Level Domain (TLD) entries for whom is reported as the Source Of Authority (SOA) for different domains are reporting incorrectly.
What does that mean in simple terms? It means that when you go ask the big 13 servers that run the internet who you need to talk to in order to find the IP address that goes with the website you are trying to go to, like www.google.com, is giving you the wrong server to ask. In that case, you never get the correct IP address for the domain, or you get none at all.
Very weird. More details to follow.
DNS, or Domain Name Service, is what takes human-readable names, such as www.google.com and turns it into an IP address, such as 64.233.167.99 (Both will take you to the same place).
If we didn't have DNS, we'd have to memorize the IP addresses of all the websites we visit, and 'virtual' websites that exist on a single server (some servers hold hundreds of websites) would not be accessible because they need the correct header in the HTML request, which if you go to the server by IP address, you won't get.
The last few days several of my clients and people I know have reported DNS irregularities. It looks like some of the Top Level Domain (TLD) entries for whom is reported as the Source Of Authority (SOA) for different domains are reporting incorrectly.
What does that mean in simple terms? It means that when you go ask the big 13 servers that run the internet who you need to talk to in order to find the IP address that goes with the website you are trying to go to, like www.google.com, is giving you the wrong server to ask. In that case, you never get the correct IP address for the domain, or you get none at all.
Very weird. More details to follow.
Wednesday, September 01, 2004
An Operation Was Attempted On Somthing That Is Not A Socket
Jack's back. Sorry for the long absence, but CTCon (see previous posts) and work have intruded.
Work, however, is the reason for this post. As usual, there's some nasty spyware and viruses going around out there that really breaks TCP/IP networking. You'll find that when you try to renew your IP address after removing this stuff that you get the error that is the title of this post.
There's a couple of ways to fix it. You can just Google the error. You must enclose it in quotes. There's a lot of good information in the first few links, such as this one from the JSI FAQ (A GREAT resource).
However, for some reason, even though I Googled on this error several times, it took a while before a new result popped up, and it was the number 1 result. LSP-Fix is a great little easy to use program that fixes the Windows XP TCP/IP subsystem that gets broken by malware and removing malware.
Just wanted to give props to it, I used it to fix a system that didn't work after following the JSI instructions (which are from a Microsoft Support Article).
Jack's back. Sorry for the long absence, but CTCon (see previous posts) and work have intruded.
Work, however, is the reason for this post. As usual, there's some nasty spyware and viruses going around out there that really breaks TCP/IP networking. You'll find that when you try to renew your IP address after removing this stuff that you get the error that is the title of this post.
There's a couple of ways to fix it. You can just Google the error. You must enclose it in quotes. There's a lot of good information in the first few links, such as this one from the JSI FAQ (A GREAT resource).
However, for some reason, even though I Googled on this error several times, it took a while before a new result popped up, and it was the number 1 result. LSP-Fix is a great little easy to use program that fixes the Windows XP TCP/IP subsystem that gets broken by malware and removing malware.
Just wanted to give props to it, I used it to fix a system that didn't work after following the JSI instructions (which are from a Microsoft Support Article).
Monday, August 09, 2004
Shallow Jack's X-box Discovery
[shallowjack]
Shallow Jack here. I've grabbed the keyboard whilest your normal Ferengi-eared author isn't looking.
I was reading Foxnews, and came across the article about the slime of the earth who beat some people to death over clothes and an X-box.
Yes, I'm sure it is on many other news sites, but that wasn't what caught Shallow Jack's attention. You see, what Jack found might even be a little low for him. Besides, it doesn't involved sex and/or naked women, so its not my normal purview.
I was reading the article, and took a screen shot of what I saw. Even though it may be called in bad taste, or really, really bad taste, but I'm going to show you and comment anyway.
I just wonder what would have happened if the dirtbags had instead seen the same ad Shallow Jack did that is in the lower section to the right of the article:
(It's gone, but there was an X-Box Ad on the page)
DOH!
[/shallowjack]
[shallowjack]
Shallow Jack here. I've grabbed the keyboard whilest your normal Ferengi-eared author isn't looking.
I was reading Foxnews, and came across the article about the slime of the earth who beat some people to death over clothes and an X-box.
Yes, I'm sure it is on many other news sites, but that wasn't what caught Shallow Jack's attention. You see, what Jack found might even be a little low for him. Besides, it doesn't involved sex and/or naked women, so its not my normal purview.
I was reading the article, and took a screen shot of what I saw. Even though it may be called in bad taste, or really, really bad taste, but I'm going to show you and comment anyway.
I just wonder what would have happened if the dirtbags had instead seen the same ad Shallow Jack did that is in the lower section to the right of the article:
(It's gone, but there was an X-Box Ad on the page)
DOH!
[/shallowjack]
Tuesday, August 03, 2004
Long Distance Wireless Networking
Was perusing my tech news hangouts, and was directed over to an article on Wired.
It seems that some kids from here in Ohio created an 802.11b wireless network connection at a distance of 55 miles. They used those 9.5 foot satellite dishes that were more popular before the days of the 18" dishes like DirecTV and Dish Network use. They used both amplification and non-amplification to get those distances.
However, one of the interesting parts of the articles reads thusly:
Corrado told the crowd that they initially had no plans to attend DefCon but decided to enter the contest 19 days earlier after a "business plan" they devised fell through.
"We were going to war-drive around Cincinnati and find unencrypted wireless access points," Corrado said. "We knocked on people's doors and asked if (they) wanted us to encrypt them, and they just got all freaked out. So we were searching for other things to do with the equipment we had just purchased."
Exactly.
If I had a dime for everytime someone suggested doing just what they did, I'd be a rich man.
You might be thinking, "But hey, it sounds like a good idea, why wouldn't it work?"
That's the problem with most ideas. They might sound good, but with the follow-through, they rarely pan out.
Even if you were of a proper age, dressed in a suit and tie, and gifted with proper communication skills, you'd get almost no where with this approach.
You see, you're pointing out to people that they are either:
Careless
Stupid
Inept
Poor Decision Makers
Or all of the above.
You're also giving the impression that you are:
A Smart Ass
A Know It All
Sneaky
A Criminal
Unethical
Or all of the above.
You wouldn't rattle someone's front doorknob and finding it open, ring the doorbell and tell them to lock their door would you? You'd be lucky if they didn't summon the police to take you away. The same common sense applies to testing wireless networks. You don't do it unless you were given prior permission.
That's why it rarely works, and gets you the cold shoulder or deer-in-the-headlight looks. There's a better approach that I have used successfully, and if you want to know it, you can pay my consulting fees to find out.
It was nice to see someone doing such long distance shots with wireless. It gives one hope that those out in the rural areas can get high-speed connectivity if they don't have trees, power lines, tall buildings, or other obstacles in the way.
I have purchased a Super Cantenna for long distance shots at small business locations. It works really well. Sure, I could build my own, but it would take more time and money than just buying it.
Was perusing my tech news hangouts, and was directed over to an article on Wired.
It seems that some kids from here in Ohio created an 802.11b wireless network connection at a distance of 55 miles. They used those 9.5 foot satellite dishes that were more popular before the days of the 18" dishes like DirecTV and Dish Network use. They used both amplification and non-amplification to get those distances.
However, one of the interesting parts of the articles reads thusly:
Corrado told the crowd that they initially had no plans to attend DefCon but decided to enter the contest 19 days earlier after a "business plan" they devised fell through.
"We were going to war-drive around Cincinnati and find unencrypted wireless access points," Corrado said. "We knocked on people's doors and asked if (they) wanted us to encrypt them, and they just got all freaked out. So we were searching for other things to do with the equipment we had just purchased."
Exactly.
If I had a dime for everytime someone suggested doing just what they did, I'd be a rich man.
You might be thinking, "But hey, it sounds like a good idea, why wouldn't it work?"
That's the problem with most ideas. They might sound good, but with the follow-through, they rarely pan out.
Even if you were of a proper age, dressed in a suit and tie, and gifted with proper communication skills, you'd get almost no where with this approach.
You see, you're pointing out to people that they are either:
Careless
Stupid
Inept
Poor Decision Makers
Or all of the above.
You're also giving the impression that you are:
A Smart Ass
A Know It All
Sneaky
A Criminal
Unethical
Or all of the above.
You wouldn't rattle someone's front doorknob and finding it open, ring the doorbell and tell them to lock their door would you? You'd be lucky if they didn't summon the police to take you away. The same common sense applies to testing wireless networks. You don't do it unless you were given prior permission.
That's why it rarely works, and gets you the cold shoulder or deer-in-the-headlight looks. There's a better approach that I have used successfully, and if you want to know it, you can pay my consulting fees to find out.
It was nice to see someone doing such long distance shots with wireless. It gives one hope that those out in the rural areas can get high-speed connectivity if they don't have trees, power lines, tall buildings, or other obstacles in the way.
I have purchased a Super Cantenna for long distance shots at small business locations. It works really well. Sure, I could build my own, but it would take more time and money than just buying it.
Tuesday, July 27, 2004
Best Hard Drives
There are many websites out there that evaluate the merits of the different manufacturer's hard drives. One of my recent complaints is that the quality of drives has suffered when the speed and capacity increased.
These drives generate a lot of heat, but I've already talked about that at length.
Now Seagate is upping its drive warranties on certain drives to 5 years.
Great. Glad to see it. It's about time. I've purchased many Maxtor's, Western Digital's, and Seagate drives, and I haven't been happy with their reliability. Many client systems suffer failures just days or weeks after the 1-year warranty expire.
Which brings me to an interesting point in this article:
Disk drive quality is already fairly high. IDC's Reinsel said annual return rates are less than 1 percent for the industry.
Ha! Sure. Reduce the warranty from 3 years to 1 year so you get less returns, and say that the drives are more reliable. What a joke.
Oh well, hope to see the other manufacturers follow suit.
There are many websites out there that evaluate the merits of the different manufacturer's hard drives. One of my recent complaints is that the quality of drives has suffered when the speed and capacity increased.
These drives generate a lot of heat, but I've already talked about that at length.
Now Seagate is upping its drive warranties on certain drives to 5 years.
Great. Glad to see it. It's about time. I've purchased many Maxtor's, Western Digital's, and Seagate drives, and I haven't been happy with their reliability. Many client systems suffer failures just days or weeks after the 1-year warranty expire.
Which brings me to an interesting point in this article:
Disk drive quality is already fairly high. IDC's Reinsel said annual return rates are less than 1 percent for the industry.
Ha! Sure. Reduce the warranty from 3 years to 1 year so you get less returns, and say that the drives are more reliable. What a joke.
Oh well, hope to see the other manufacturers follow suit.
Wednesday, July 21, 2004
Get Rid of Norton!
Jack himself doesn't care for Norton products. In his opinion, they are bloated programs that interfere with normal system operation and don't do a very good job. In fact, it's been my experience that Norton Anti-Virus misses a lot of Viruses out there. Of course, YMMV, and Norton might work just fine for you. If so, stop here and don't read any further.
Jack makes good money fixing computers simply by uninstalling Norton Internet Security 200x, and installing Command AntiVirus or AVG and Tiny Firewall or Zone Alarm. NIS 2004 causes many problems, and is a 198MB installation! I have NO idea why it needs to be so large.
Jack's client supplied PowerBook G4 came with Norton AntiVirus on it. As it is now officially mine (It's not 'borrrowed' anymore), I wanted to uninstall NAV.
You need the original disk.
Don't have it, and the client couldn't find it.
As a public services announcement, I give you Mac OS X users the link to the Symantec Uninstaller, which removes any Symantec product from OS X, and is compatible with 10.3 Panther.
You can find it with Google, but it wasn't on the first few pages if you searched for 'Uninstall Norton AntiVirus OS X'.
Jack himself doesn't care for Norton products. In his opinion, they are bloated programs that interfere with normal system operation and don't do a very good job. In fact, it's been my experience that Norton Anti-Virus misses a lot of Viruses out there. Of course, YMMV, and Norton might work just fine for you. If so, stop here and don't read any further.
Jack makes good money fixing computers simply by uninstalling Norton Internet Security 200x, and installing Command AntiVirus or AVG and Tiny Firewall or Zone Alarm. NIS 2004 causes many problems, and is a 198MB installation! I have NO idea why it needs to be so large.
Jack's client supplied PowerBook G4 came with Norton AntiVirus on it. As it is now officially mine (It's not 'borrrowed' anymore), I wanted to uninstall NAV.
You need the original disk.
Don't have it, and the client couldn't find it.
As a public services announcement, I give you Mac OS X users the link to the Symantec Uninstaller, which removes any Symantec product from OS X, and is compatible with 10.3 Panther.
You can find it with Google, but it wasn't on the first few pages if you searched for 'Uninstall Norton AntiVirus OS X'.
Sunday, July 18, 2004
Copy Protection Grrrrr...
Jack's kids are huge Harry Potter fans. The youngest's birthday is coming up very soon, and as she just spent the week at Grandma's and Grandpa's, they gave her some money to buy her own birthday present.
I loved getting money as a kid, meant I was able to get what I wanted, instead of 'something close'.
Jack takes the kids to a local computer store to pickup a RAID controller for a client installation, and while we're there, they see Harry Potter and the Prisoner of Azkaban for both the PC and the Gamecube. We have 10 PCs and 1 Gamecube - yes, I know, I'm hopeless.
The Gamecube version is $40, and the PC is $30. The youngest just happens to have exactly $30, and decides she wants the game. So we buy the PC version.
I put the game CD into my computer and start the installation, which goes just fine. After the game installs, it tries to start and stops with the error, "CD ROM not found. CD/DVD emulationb detected, please disable CD/DVD emulation and try again."
OK - The CD is in the tray, don't know why it can't find it. However, I do use an old version of CloneCD that supports 'Virtual Clonedrives'. Why? Because I have kids. Kids are very rough on CD media. This way I can image the disk to the hard disk, and the kids know how to mount the images.
No problem, I disable CloneCD and try again.
Same error.
Over at Foxnews, they have the Strakalogue, which chronicles things that make you go Grrr... They also have some interesting definitions of people like 'Oblivions', 'Obliviots', and 'ImporTants'.
I know its the CD protection on the disk that is causing this error, and that makes me go Grrr. I'm using their disk in my computer, I didn't download it from some warez website. I bought it with cold hard cash. Actually, my little one did.
Back to the computer store for another copy in-case this one is bad. With the advanced copy protections using things like digital signatures, bad sectors, and the like, it would be easy to get bad copies. I exchange it and head back home.
Same error after uninstall-reinstall. I even uninstalled and cleaned CloneCD from the computer just in case. No help.
I head down to my workshop, haul out one of my test computers, do a complete install of Windows XP only with all the patches. Install the game, and yes, it works, after a lot of thrashing about.
Hmmmm. So I head over to some of the areas on the web that help you make backup copies of software. I know that most of these sites are so you can get games for free, but I'm just looking to get my $30 out of what I bought. I use a program that analyses the disc, and tells me that it is using Safedisc v3.20.20 - Which uses a bunch of different methods to protect the disc.
I have no problem with that at all, until it comes to the point that I can't play a game I paid for on a computer that has nothing wrong with it.
I did find a solution to the problem at one of those sites. I'm not going to tell you where I found it or what it was, because I don't want to help people steal the games, but its safe to say its not hard to find on your own.
I certainly wouldn't blame anyone for taking the same steps I did to get something I paid for working. It is sad that I had to go that route at all.
UPDATE: Apparently my blog is high on the Google search list results for this same problem. I have received many e-mails from people with the same problem. Here's a Google Search you can try to get you what you need.
Jack's kids are huge Harry Potter fans. The youngest's birthday is coming up very soon, and as she just spent the week at Grandma's and Grandpa's, they gave her some money to buy her own birthday present.
I loved getting money as a kid, meant I was able to get what I wanted, instead of 'something close'.
Jack takes the kids to a local computer store to pickup a RAID controller for a client installation, and while we're there, they see Harry Potter and the Prisoner of Azkaban for both the PC and the Gamecube. We have 10 PCs and 1 Gamecube - yes, I know, I'm hopeless.
The Gamecube version is $40, and the PC is $30. The youngest just happens to have exactly $30, and decides she wants the game. So we buy the PC version.
I put the game CD into my computer and start the installation, which goes just fine. After the game installs, it tries to start and stops with the error, "CD ROM not found. CD/DVD emulationb detected, please disable CD/DVD emulation and try again."
OK - The CD is in the tray, don't know why it can't find it. However, I do use an old version of CloneCD that supports 'Virtual Clonedrives'. Why? Because I have kids. Kids are very rough on CD media. This way I can image the disk to the hard disk, and the kids know how to mount the images.
No problem, I disable CloneCD and try again.
Same error.
Over at Foxnews, they have the Strakalogue, which chronicles things that make you go Grrr... They also have some interesting definitions of people like 'Oblivions', 'Obliviots', and 'ImporTants'.
I know its the CD protection on the disk that is causing this error, and that makes me go Grrr. I'm using their disk in my computer, I didn't download it from some warez website. I bought it with cold hard cash. Actually, my little one did.
Back to the computer store for another copy in-case this one is bad. With the advanced copy protections using things like digital signatures, bad sectors, and the like, it would be easy to get bad copies. I exchange it and head back home.
Same error after uninstall-reinstall. I even uninstalled and cleaned CloneCD from the computer just in case. No help.
I head down to my workshop, haul out one of my test computers, do a complete install of Windows XP only with all the patches. Install the game, and yes, it works, after a lot of thrashing about.
Hmmmm. So I head over to some of the areas on the web that help you make backup copies of software. I know that most of these sites are so you can get games for free, but I'm just looking to get my $30 out of what I bought. I use a program that analyses the disc, and tells me that it is using Safedisc v3.20.20 - Which uses a bunch of different methods to protect the disc.
I have no problem with that at all, until it comes to the point that I can't play a game I paid for on a computer that has nothing wrong with it.
I did find a solution to the problem at one of those sites. I'm not going to tell you where I found it or what it was, because I don't want to help people steal the games, but its safe to say its not hard to find on your own.
I certainly wouldn't blame anyone for taking the same steps I did to get something I paid for working. It is sad that I had to go that route at all.
UPDATE: Apparently my blog is high on the Google search list results for this same problem. I have received many e-mails from people with the same problem. Here's a Google Search you can try to get you what you need.
Thursday, July 15, 2004
Get 1 GB of E-mail NOW
Jack likes options. OK - As an active Blogger, I could get a Gmail account. But it hasn't intrigued me. In fact, it has seemed like a lemmings-over-the-cliff fad that you just have to get to be 'in' on-line.
As if that's something to aspire to.
Anyway, I was checking around, and got send over to Spymac - 1 GB of E-mail, along with 100MB for storage space (like uploading graphics). Though I've just noticed that the free blogger now allows uploading of graphics. Hmmm....
Anyway it looks neat, and yes while the name is a little scary, I think its a good alternative. OK - It's Mac-centric, but does it really matter? It's a new service, so there are a few bugs. To activate your storage, you have to first go create your blog. I did that and pointed my blog to here.
Give it a try.
Jack likes options. OK - As an active Blogger, I could get a Gmail account. But it hasn't intrigued me. In fact, it has seemed like a lemmings-over-the-cliff fad that you just have to get to be 'in' on-line.
As if that's something to aspire to.
Anyway, I was checking around, and got send over to Spymac - 1 GB of E-mail, along with 100MB for storage space (like uploading graphics). Though I've just noticed that the free blogger now allows uploading of graphics. Hmmm....
Anyway it looks neat, and yes while the name is a little scary, I think its a good alternative. OK - It's Mac-centric, but does it really matter? It's a new service, so there are a few bugs. To activate your storage, you have to first go create your blog. I did that and pointed my blog to here.
Give it a try.
Tuesday, July 06, 2004
Knoppix, the Computer User's Friend
Jack's here, bored, waiting for some HUGE mailboxes on some Microsoft Exchange servers to move from one location in Kansas to here in Ohio. It's all coming across a T1 line. I need to have multiple Remote Desktop windows open to make sure things are going smoothly, and unfortunately, Remote Desktop Connection for the Mac only allows one RDC window to be open at a time. No matter, I have my trusty Netlux Notebook Computer I've mentioned before.
That was until the dreaded hard drive failure I've been talking about happened to me.
So earlier today I was wondering how I'd get the job done without going crazy logging in and out. Standing in front of a 19" rack in the server room for hours wasn't my idea of fun.
So what to do? Easy. Hard Drive failure won't stop Jack. I just whip out my trusty Knoppix 3.4 CD-ROM, boot it up on the Netlux, and instant Linux operating system complete with X-Windows, sound, network, and all the goodies you need. In fact I am listening to a Shoutcast stream on Port 80 (Firewalls are annoying, don'tcha know), typing this post, and have 3 RDC screens open (one to home for MSN Messenger, see previous content between parenthesis).
Jack uses Knoppix for many of his Computer Forensics' applications. You can boot into console mode, skipping the pretty X-Windows, which sometimes just gets in the way, and use dd, dd_rescue, md5sum, and other tools that are already compressed and waiting on the Knoppix disk. Amazing that you can get 2 GB of data onto a little 700MB disk, and have it all work.
Cheers to Knoppix!
UPDATE: You can also get Knoppix info at www.knoppix.net.
Jack's here, bored, waiting for some HUGE mailboxes on some Microsoft Exchange servers to move from one location in Kansas to here in Ohio. It's all coming across a T1 line. I need to have multiple Remote Desktop windows open to make sure things are going smoothly, and unfortunately, Remote Desktop Connection for the Mac only allows one RDC window to be open at a time. No matter, I have my trusty Netlux Notebook Computer I've mentioned before.
That was until the dreaded hard drive failure I've been talking about happened to me.
So earlier today I was wondering how I'd get the job done without going crazy logging in and out. Standing in front of a 19" rack in the server room for hours wasn't my idea of fun.
So what to do? Easy. Hard Drive failure won't stop Jack. I just whip out my trusty Knoppix 3.4 CD-ROM, boot it up on the Netlux, and instant Linux operating system complete with X-Windows, sound, network, and all the goodies you need. In fact I am listening to a Shoutcast stream on Port 80 (Firewalls are annoying, don'tcha know), typing this post, and have 3 RDC screens open (one to home for MSN Messenger, see previous content between parenthesis).
Jack uses Knoppix for many of his Computer Forensics' applications. You can boot into console mode, skipping the pretty X-Windows, which sometimes just gets in the way, and use dd, dd_rescue, md5sum, and other tools that are already compressed and waiting on the Knoppix disk. Amazing that you can get 2 GB of data onto a little 700MB disk, and have it all work.
Cheers to Knoppix!
UPDATE: You can also get Knoppix info at www.knoppix.net.
Wednesday, June 30, 2004
CTCon5 - Wars, Tournaments, and Fun!
What's this? CTCon, a outgrowth of my time over at Chaos Theory, a great bunch of people, who happen to be LAN gamers.
What's a LAN game? It is where a bunch of people bring their computers to a central location, usually a convention center, hotel, university, sometimes a warehouse, and play different networkable computer games. Quake III Arena, Battlefield 1942, Half-Life's Counter Strike, Unreal Tournament, and others.
NMP Consulting, the company I own, is running CTCon for its 5th year. Head over to the NMP CTCon Website and check it out!
What's this? CTCon, a outgrowth of my time over at Chaos Theory, a great bunch of people, who happen to be LAN gamers.
What's a LAN game? It is where a bunch of people bring their computers to a central location, usually a convention center, hotel, university, sometimes a warehouse, and play different networkable computer games. Quake III Arena, Battlefield 1942, Half-Life's Counter Strike, Unreal Tournament, and others.
NMP Consulting, the company I own, is running CTCon for its 5th year. Head over to the NMP CTCon Website and check it out!
Sunday, June 27, 2004
Hacking from Mac OS X Panther (Installing nmap, Nessus, and others)
In continuation of my previous post about installing Ethereal on OS X using Darwin Ports, I present to you an article on installing some basic tools to perform initial security audits from the Mac using OS X Panther (10.3.x).
You have to have Darwin Ports installed on your system to follow these instructions. Just follow the instructions from the link above. I'll wait until you have it done. Promise.
Back already? Good. Besides, no 'Security Workstation' is any good without Ethereal.
First we're going to install nmap, a command-line based port scanner. This one is easy, from a terminal window:
sudo port install nmap (remember this will ask you for your USER password, not your root password. The 'su' command asks for the root password.)
Wait a little while, and you've got it.
Since you are using a Mac, it would be a shame not to have a graphics front end. Therefore, the next step is to install nmapFE (nmap Front End). Just download and install it from the link I just gave you. It installs like any other 'normal' Mac program
Oh, and as I mentioned in the Ethereal post, you can install MacStumbler as well.
Now for the grand-daddy of Auditing tools, Nessus, a vulnerability scanner that can be pointed at a single host or range of hosts and probe for missing patches, open ports, or other OS and Application weaknesses. It's a bit of a bear to install, but using my favorite, Darwin Ports, it can be done. Here are the step-by-step instructions...
- Nessus normally needs wget and/or lynx to allow it to install the script 'nessus-update-plugins', which downloads the latest lists of vulnerabilities that nessus uses to perform it's tests. So from a terminal session, issue the following commands:
1. sudo port install wget
2. sudo port install lynx
(or you can just 'su' to start, and leave off the sudo on these commands)
lynx is a cool text-based browser, which can come in handy from time to time to check out some not-so-trustable webpages. wget allows you to retrieve files, sort of like ftp, but different.
- Now we're going to install Nessus itself. First, the libraries, then the core, then the plugins. You can do it all by starting with step 3, because Ports will get all the dependent programs/files needed, but I like to be complete:
1. sudo port install nessus-libraries
2. sudo port install nessus-core
3. sudo port install nessus-plugins
- Now you need to add Nesses to your PATH variable:
1. export PATH=$PATH:/opt/local/bin:/opt/local/sbin
This line should be added to .profile from the Terminal, and .bashrc in X11. In fact, I now is the time to switch from Terminal, and to X11's xterm. If you don't want to restart your sessions, issue the command on the xterm line. Be sure you are su'd to root.
- Now we have some other commands needed to finish setting nessus up. You must create a Certificate for nessus clients to run against, and add a user (different from your login), and update your plugins:
1. nessus-update-plugins
2. nessus-adduser
3. nessus-mkcert
You can do these in any order, and follow the instructions (except for nessus-update-plugins, it just loads).
- Now something different. If you don't follow this step, you will get the nasty GTK error similar to the one I saw with Ethereal.
1. With your normal user login issue the command 'xhost +' (without quotes) this will allow anyone to connect to the local display.
2. Change to root, by issuing the 'su' command (without quotes)
3. Now type the following command: export DISPLAY=:0.0
- As root, you can start the nessus server:
1. nessusd -D (This will take a little while to load)
- I would suggest placing these last 4 command into a script. First 'vi startnessus.sh' (without quotes) to start the VI editor. Then press 'i' on your keyboard to enter insert mode, and place the following 4 lines in the file:
xhost +
su
export DISPLAY=:0.0
nessusd -D
press [escape key]:wq to save the file and exit VI.
Now issue this command: chmod 777 startnessus.sh
Leave startnessus.sh in your Users/Username directory, or place it somewhere in your PATH. Now you can start nessus by typing startnessus.sh on a line by itself.
-If all goes well, you can now issue the 'nessus' command (without quotes) to start the GUI client interface. Enter your username and password you created in the nessus-adduser step, and click on 'login'. You will be asked to accept a certificate. Select option #2 for accepting the Cert (or like the instructions say, if you are paranoid, choose 1 or 3).
Now wait.
It took a long time for the login process to complete on my system. In fact, the GUI stopped responding, and I thought it was 'locked up'. It just takes a long time to load.
Congratulations, you now have all the basic tools to poke around your network or any network you are authorized to snoop. If you need help in running any of the programs above, check their websites and RTFM, and if you still have questions, stop by my IT Forum at www.nmpforum.com, and I'll help you out if you ask intelligent questions. :)
In continuation of my previous post about installing Ethereal on OS X using Darwin Ports, I present to you an article on installing some basic tools to perform initial security audits from the Mac using OS X Panther (10.3.x).
You have to have Darwin Ports installed on your system to follow these instructions. Just follow the instructions from the link above. I'll wait until you have it done. Promise.
Back already? Good. Besides, no 'Security Workstation' is any good without Ethereal.
First we're going to install nmap, a command-line based port scanner. This one is easy, from a terminal window:
sudo port install nmap (remember this will ask you for your USER password, not your root password. The 'su' command asks for the root password.)
Wait a little while, and you've got it.
Since you are using a Mac, it would be a shame not to have a graphics front end. Therefore, the next step is to install nmapFE (nmap Front End). Just download and install it from the link I just gave you. It installs like any other 'normal' Mac program
Oh, and as I mentioned in the Ethereal post, you can install MacStumbler as well.
Now for the grand-daddy of Auditing tools, Nessus, a vulnerability scanner that can be pointed at a single host or range of hosts and probe for missing patches, open ports, or other OS and Application weaknesses. It's a bit of a bear to install, but using my favorite, Darwin Ports, it can be done. Here are the step-by-step instructions...
- Nessus normally needs wget and/or lynx to allow it to install the script 'nessus-update-plugins', which downloads the latest lists of vulnerabilities that nessus uses to perform it's tests. So from a terminal session, issue the following commands:
1. sudo port install wget
2. sudo port install lynx
(or you can just 'su' to start, and leave off the sudo on these commands)
lynx is a cool text-based browser, which can come in handy from time to time to check out some not-so-trustable webpages. wget allows you to retrieve files, sort of like ftp, but different.
- Now we're going to install Nessus itself. First, the libraries, then the core, then the plugins. You can do it all by starting with step 3, because Ports will get all the dependent programs/files needed, but I like to be complete:
1. sudo port install nessus-libraries
2. sudo port install nessus-core
3. sudo port install nessus-plugins
- Now you need to add Nesses to your PATH variable:
1. export PATH=$PATH:/opt/local/bin:/opt/local/sbin
This line should be added to .profile from the Terminal, and .bashrc in X11. In fact, I now is the time to switch from Terminal, and to X11's xterm. If you don't want to restart your sessions, issue the command on the xterm line. Be sure you are su'd to root.
- Now we have some other commands needed to finish setting nessus up. You must create a Certificate for nessus clients to run against, and add a user (different from your login), and update your plugins:
1. nessus-update-plugins
2. nessus-adduser
3. nessus-mkcert
You can do these in any order, and follow the instructions (except for nessus-update-plugins, it just loads).
- Now something different. If you don't follow this step, you will get the nasty GTK error similar to the one I saw with Ethereal.
1. With your normal user login issue the command 'xhost +' (without quotes) this will allow anyone to connect to the local display.
2. Change to root, by issuing the 'su' command (without quotes)
3. Now type the following command: export DISPLAY=:0.0
- As root, you can start the nessus server:
1. nessusd -D (This will take a little while to load)
- I would suggest placing these last 4 command into a script. First 'vi startnessus.sh' (without quotes) to start the VI editor. Then press 'i' on your keyboard to enter insert mode, and place the following 4 lines in the file:
xhost +
su
export DISPLAY=:0.0
nessusd -D
press [escape key]:wq to save the file and exit VI.
Now issue this command: chmod 777 startnessus.sh
Leave startnessus.sh in your Users/Username directory, or place it somewhere in your PATH. Now you can start nessus by typing startnessus.sh on a line by itself.
-If all goes well, you can now issue the 'nessus' command (without quotes) to start the GUI client interface. Enter your username and password you created in the nessus-adduser step, and click on 'login'. You will be asked to accept a certificate. Select option #2 for accepting the Cert (or like the instructions say, if you are paranoid, choose 1 or 3).
Now wait.
It took a long time for the login process to complete on my system. In fact, the GUI stopped responding, and I thought it was 'locked up'. It just takes a long time to load.
Congratulations, you now have all the basic tools to poke around your network or any network you are authorized to snoop. If you need help in running any of the programs above, check their websites and RTFM, and if you still have questions, stop by my IT Forum at www.nmpforum.com, and I'll help you out if you ask intelligent questions. :)
Thursday, June 24, 2004
How To Install Ethereal Packet Sniffer on OS X with Open Darwin and Ports
If you've been reading Jack's other posts, you will see that Jack has caught a little bit of the OS X bug. (Jack's friends are hoping he gets better soon).
One of my favorite network utilities for Windows and Linux is Ethereal, an Open Source (Freeware) network packet sniffer used for capturing network traffic for analysis. Since OS X is based on a derivation of Darwin, there had to be a version of Ethereal for OS X. I popped over to the Ethereal website and sure enough, there were links to installing Ethereal for OS X using either Fink or Darwin Ports over at the OpenDarwin project.
"Ports" appealed to me over "Fink" because of the closeness to BSD Ports, which is the idea behind the whole Darwin Ports project.
OK - So I need to install Darwin Ports. Jack decides to take his own advice and RTFM (Read the FINE Manual) before installing it.
Hmmmm. What do we need. Jack's Powerbook G4 - 17 is equipped with Panther, but Jack doesn't have the original Panther install disks. That's OK, I'm sure I can find everything online.
First I need to open up a Terminal. Done. (It's in the Applications/Utilities folder)
Now we need to use CVS, which allows you to install a program by downloading the latest code (you 'check it out') and compiling it on your computer.
So I issue the appropriate command and get the "CVS not found" error. Oops. Going to have to install it. Maybe Jack didn't RTFM close enough.
I need to get Xcode, which contains CVS, so I head over to Apple's Developer Website and go through the sign-up process (it's free for the lowest level), head to the download section. Download xCode 1.2 and install it.
Whee!
OK - Now I follow the instructions (RTFM) at opendarwin and do an install of Darwin Ports by issuing the following commands (in order):
% cd ~/
% cvs -d :pserver:anonymous@anoncvs.opendarwin.org:/Volumes/src/cvs/od login
% cvs -d :pserver:anonymous@anoncvs.opendarwin.org:/Volumes/src/cvs/od co -P darwinports
OK - Being the Linux Guru (NOT!) I am, I know we aren't done. We just have the code downloaded. Now it's time to compile. (Besides, the FINE MANUAL tells us this in the next step!)
% ./configure
% make
% sudo make install
The last command will ask you for your USER password (not the ROOT password of OS X, which is normally locked). Things will scroll by for a while after each command, so be patient. After you are done, Voila! - Darwin Ports is installed.
OK - Almost.
You need to add /opt/local/bin to your PATH. This is where "Ports" is installed, and unless you want to cd /opt/local/bin before you issue your ports command, you need to add this path to your BASH profile (The Panther Default Shell).
Be sure you are in your /Users/Username directory, in Jack's case this is /Users/jack and issue the following command:
vi .profile
This will open the VI text editor and allow you to edit your hidden (the "." at the beginning of the filename means its a hidden file) BASH profile. Hopefully yours like Jack's is empty.
Press "I" to enter insert mode and type the following on the first line (with the EXACT case here):
export PATH=$PATH:/opt/local/bin
Then press the following keys: [esc-key]:wq
This writes the file (changes) and quits vi.
Unless you want to quit and restart terminal, you'll have to issue the command to add the path to your current path. Just type "export PATH=$PATH:/opt/local/bin" (without the quotes) on the terminal line.
Type: cat $PATH (remember, it is CASE SENSITIVE) to confirm /opt/local/bin is in your path.
Whew.
OK, now to install Ethereal. YAY!!!!
It's easy, just type: sudo port install ethereal
Now you will have to wait a looooong time, as port will go out to the opendarwin server, and download all the dependent programs as well as Ethereal itself. You can type 'sudo port deps ethereal' (without quotes) before you start to see what other programs have to be installed. Several of those programs have dependencies as well.
After you've had breakfast/lunch/dinner - depending on your internet connection speed and how fast your Mac is, ethereal will be installed. Yeehaw!
Now as long as you have put in the PATH I have indicated, you can type 'ethereal' (without quotes) at the command line, and you will see.....
"Gtk-WARNING **: cannot open display:"
Now this really pisses me off to no end!
SIGH. GRUMBLE. KICK GROUND. BEAT MAC.
WTF? Now what? Time to do some Googling. Jack googles for a while and finds not much information, because Jack is getting to be too impatient to dig 10 pages deep in google's results.
So a few days go by, I try uninstalling and reinstalling ethereal. Still no luck.
I'm surfing around, and find MacOSXHints, a WONDERFUL website for OS X newbies like me!
There's several articles about Ethereal, and all Mention X11. Well, isn't that what OS X already uses???
Of course, Jack finds out the answer is NOOOOOOOOOOOOOOOOOOOOOOOOO!!!!
So, over to Apple's X11 page and download and install X11, which allows for Unix-like (read Darwin) programs to be run. Yay!
After it downloads and I install it, there's a new Icon in my Applications/Utilities Folder. "X11"!!! I add it to the Dock, and click on it, to find that yes, I have a new XTERM window!
Here we go, I carefully check my path (cat $PATH), yup, /opt/local/bin is there. Now type 'ethereal' (without the quotes, of course) and Woo-Hoo! Ethereal is running.
BTW - If you have a Powerbook G4 or other Airport equipped Mac, en0 is the onboard wired ethernet adapter, and en1 is the Airport wireless.
Happy sniffing!
UPDATE: If you want to locate some wireless networks, you can download MacStumbler, but be forewarned, it cannot put the AirPort card into "Monitor" mode on the Mac, so you can't find networks that aren't broadcasting SSID's. This means no AirSnort for OS X either.
UPDATE2: Note that when you start X11's XTerm, to get all the features of Ethereal, you'll have to start it by typing 'sudo ethereal' (without the quotes) and enter your user password. If you want to run it as root by su'ing, you'll have to type 'xhost +' (without the quotes) to allow any user to use X-Windows, then you su, then you can run ethereal if you have the proper pathing.
UPDATE3: Keep your Darwin Ports up to date with the latest available programs. First you must login to CVS as listed above (Just do the first command, not the second.), and issue the following commands:
If you've been reading Jack's other posts, you will see that Jack has caught a little bit of the OS X bug. (Jack's friends are hoping he gets better soon).
One of my favorite network utilities for Windows and Linux is Ethereal, an Open Source (Freeware) network packet sniffer used for capturing network traffic for analysis. Since OS X is based on a derivation of Darwin, there had to be a version of Ethereal for OS X. I popped over to the Ethereal website and sure enough, there were links to installing Ethereal for OS X using either Fink or Darwin Ports over at the OpenDarwin project.
"Ports" appealed to me over "Fink" because of the closeness to BSD Ports, which is the idea behind the whole Darwin Ports project.
OK - So I need to install Darwin Ports. Jack decides to take his own advice and RTFM (Read the FINE Manual) before installing it.
Hmmmm. What do we need. Jack's Powerbook G4 - 17 is equipped with Panther, but Jack doesn't have the original Panther install disks. That's OK, I'm sure I can find everything online.
First I need to open up a Terminal. Done. (It's in the Applications/Utilities folder)
Now we need to use CVS, which allows you to install a program by downloading the latest code (you 'check it out') and compiling it on your computer.
So I issue the appropriate command and get the "CVS not found" error. Oops. Going to have to install it. Maybe Jack didn't RTFM close enough.
I need to get Xcode, which contains CVS, so I head over to Apple's Developer Website and go through the sign-up process (it's free for the lowest level), head to the download section. Download xCode 1.2 and install it.
Whee!
OK - Now I follow the instructions (RTFM) at opendarwin and do an install of Darwin Ports by issuing the following commands (in order):
% cd ~/
% cvs -d :pserver:anonymous@anoncvs.opendarwin.org:/Volumes/src/cvs/od login
% cvs -d :pserver:anonymous@anoncvs.opendarwin.org:/Volumes/src/cvs/od co -P darwinports
OK - Being the Linux Guru (NOT!) I am, I know we aren't done. We just have the code downloaded. Now it's time to compile. (Besides, the FINE MANUAL tells us this in the next step!)
% ./configure
% make
% sudo make install
The last command will ask you for your USER password (not the ROOT password of OS X, which is normally locked). Things will scroll by for a while after each command, so be patient. After you are done, Voila! - Darwin Ports is installed.
OK - Almost.
You need to add /opt/local/bin to your PATH. This is where "Ports" is installed, and unless you want to cd /opt/local/bin before you issue your ports command, you need to add this path to your BASH profile (The Panther Default Shell).
Be sure you are in your /Users/Username directory, in Jack's case this is /Users/jack and issue the following command:
vi .profile
This will open the VI text editor and allow you to edit your hidden (the "." at the beginning of the filename means its a hidden file) BASH profile. Hopefully yours like Jack's is empty.
Press "I" to enter insert mode and type the following on the first line (with the EXACT case here):
export PATH=$PATH:/opt/local/bin
Then press the following keys: [esc-key]:wq
This writes the file (changes) and quits vi.
Unless you want to quit and restart terminal, you'll have to issue the command to add the path to your current path. Just type "export PATH=$PATH:/opt/local/bin" (without the quotes) on the terminal line.
Type: cat $PATH (remember, it is CASE SENSITIVE) to confirm /opt/local/bin is in your path.
Whew.
OK, now to install Ethereal. YAY!!!!
It's easy, just type: sudo port install ethereal
Now you will have to wait a looooong time, as port will go out to the opendarwin server, and download all the dependent programs as well as Ethereal itself. You can type 'sudo port deps ethereal' (without quotes) before you start to see what other programs have to be installed. Several of those programs have dependencies as well.
After you've had breakfast/lunch/dinner - depending on your internet connection speed and how fast your Mac is, ethereal will be installed. Yeehaw!
Now as long as you have put in the PATH I have indicated, you can type 'ethereal' (without quotes) at the command line, and you will see.....
"Gtk-WARNING **: cannot open display:"
Now this really pisses me off to no end!
SIGH. GRUMBLE. KICK GROUND. BEAT MAC.
WTF? Now what? Time to do some Googling. Jack googles for a while and finds not much information, because Jack is getting to be too impatient to dig 10 pages deep in google's results.
So a few days go by, I try uninstalling and reinstalling ethereal. Still no luck.
I'm surfing around, and find MacOSXHints, a WONDERFUL website for OS X newbies like me!
There's several articles about Ethereal, and all Mention X11. Well, isn't that what OS X already uses???
Of course, Jack finds out the answer is NOOOOOOOOOOOOOOOOOOOOOOOOO!!!!
So, over to Apple's X11 page and download and install X11, which allows for Unix-like (read Darwin) programs to be run. Yay!
After it downloads and I install it, there's a new Icon in my Applications/Utilities Folder. "X11"!!! I add it to the Dock, and click on it, to find that yes, I have a new XTERM window!
Here we go, I carefully check my path (cat $PATH), yup, /opt/local/bin is there. Now type 'ethereal' (without the quotes, of course) and Woo-Hoo! Ethereal is running.
BTW - If you have a Powerbook G4 or other Airport equipped Mac, en0 is the onboard wired ethernet adapter, and en1 is the Airport wireless.
Happy sniffing!
UPDATE: If you want to locate some wireless networks, you can download MacStumbler, but be forewarned, it cannot put the AirPort card into "Monitor" mode on the Mac, so you can't find networks that aren't broadcasting SSID's. This means no AirSnort for OS X either.
UPDATE2: Note that when you start X11's XTerm, to get all the features of Ethereal, you'll have to start it by typing 'sudo ethereal' (without the quotes) and enter your user password. If you want to run it as root by su'ing, you'll have to type 'xhost +' (without the quotes) to allow any user to use X-Windows, then you su, then you can run ethereal if you have the proper pathing.
UPDATE3: Keep your Darwin Ports up to date with the latest available programs. First you must login to CVS as listed above (Just do the first command, not the second.), and issue the following commands:
% cd ~/darwinports/dports
% sudo cvs -q -z3 update -dP
Subscribe to:
Posts (Atom)