Monday 18th February, 2008
This article is eye-opening to say the least. It's a guideline written in 1997 on how to get Microsoft's platforms accepted as de facto standards. Here are some classic quotes, but you should read the full article to get a fuller flavour. :)
Working behind the scenes to orchestrate "independent" praise of our technology, and damnation of the enemy's, is a key evangelism function during the Slog. "Independent" analyst's report should be issued, praising your technology and damning the competitors (or ignoring them).
Analysts sell out - that's their business model. But they are very concerned that they never look like they are selling out, so that makes them very prickly to work with.
Get a well-known consultant on your side early, but don't let him publish anything blatantly pro-Microsoft. Then, get him to propose himself to the conference organizers as a moderator, whenever a panel opportunity comes up. Since he's well- known, but apparently independent, he'll be accepted ...
lt's amazing what some people will do for a T-shirt.
Interesting peek into an alien mindset.
Monday 11th February, 2008
Personally, when I first saw the headline, I thought, "So what?" However on closer reading, it seems that Hotmail has been deliberately rigged not to work with Firefox 2.0 and GNU/Linux. To work around it, all you need to do is use User Agent Switcher to masquerade as Firefox running on Windows, and it works just fine. There is no technical reason why it shouldn't work, this just seems to be a deliberate attempt to block Linux users from Hotmail.
The funniest part of this whole story is when the author contacted Hotmail support with his woes, explaining that Firefox 2 wasn't fully supported under GNU/Linux, and he received a reply recommending him to use Outlook Express, as well as details of the steps required to set up Outlook Express on Windows XP and Vista.
Sunday 27th January, 2008
I'm always interested in security tips for Linux. This article is short and sweet and contains brief snippets of advice from the likes of Ted Ts'o, Andrew Morton, Linus Torvalds, and Fyodor (yes, he of Nmap fame) on how they secure their Linux desktops and networks.
Wednesday 9th January, 2008
Bruce Schneier is a security advisor for whom I have a lot of respect. He is one of the keynote speakers at Linux.conf.au 2008, and he is being interviewed here prior to that event.
When this guy speaks, if you're interested in security, then it's well worth listening. You don't have to be technically minded. What's important is if you can be open to Bruce Schneier's mindset, it will change the way you think about security. He just comes at it from a completely different angle.
One other site of interest for the security-conscious is Bruce Schneier's blog, Schneier on Security.
Wednesday 28th November, 2007
There's an alarming post on the Ubuntu forums warning of a recent trend whereby new Ubuntu Linux users are being tricked into running dangerous commands which will delete home directories, or overwrite the system disk, or the like.
One of the great strengths of Linux in particular and Open Source software in general has been the approachability and helpfulness of the community, and it seems some dweebs think its funny to exploit this openness and trick a new user to trash their system.
It's made me think. A significant part (**) of the security of a system lies in the users. Linux and Unix have always been professional operating systems, written by professionals, for use by professionals. When you use the command line to ask a *nix system to do something, the assumption is that you know what you're doing. That system won't ask you if you're sure you want to do what you've typed. It'll just do it. I don't think that should change. For me it's part of the attraction.
I've only used Ubuntu once. I was impressed, but not that much that I would leave the distro I currently use :) . It seemed to me that the Ubuntu people have made it possible to do pretty much anything you might want to do using the GUI, and this is the attraction that has brought in many (welcome!) newcomers to Linux. However the command line is far more powerful and flexible than any GUI, and as people slowly come to realise this and naturally start experimenting, I feel more issues of a similar nature may arise.
If you want your PC (running Linux or Windows) to remain safe and secure, you need to have a particular mindset. "Wary" probably describes it. "Keeping it simple" and experience definitely helps.
(** This is not to say that all systems are equal. Not by a long shot.)
Monday 26th November, 2007
Yes, I know that Windows flaws are ten a penny. It's just that this one is quite amusing.
The bug ... resides in a feature known as Web Proxy Autodiscovery (WPAD), which helps IT administrators automate the configuration of proxy settings in Internet Explorer and other web browsers.
So far so good. But wait, Microsoft fixed this problem years ago!
... the flaw affects every version of Windows including Vista and is actually the continuation of an old vulnerability that Microsoft supposedly fixed years ago.
Oops.
Microsoft appears to have released a patch for the vulnerability in 1999. But the patch only protected domain names ending in .com, so WPAD servers using all other addresses have remained vulnerable.
Hilarious! These idiots would have you believe that the security of Microsoft products rivals that of Linux? Unbelievable.
Sunday 11th November, 2007
This article, Windows Is Free, is a discussion about the impact of pirated software on free software, and is an interesting analysis of people's attitudes to using pirated software. Interesting and thought-provoking stuff.
Friday 19th October, 2007
gcal is a remarkable console-based program.
- It can be used to print calendar information, much like
cal, but with much more flexibility.
- It can display holiday information for over 300 different countries and states.
- It can display astronomical information such as sunrise, sunset, the current phase of the moon and much more.
- It can also be used as a diary or personal reminder.
- It can print the current date and time. (No, really! :) )
- It can be used to display the start and stop of daylight saving.
I'll be providing examples of how to use gcal in all these ways. Bear in mind that this article just scratches the surface with regard to what gcal can actually be used for. You are limited by your imagination!
Thursday 13th September, 2007
There is a small storm in a teacup brewing over recent events in which it's been confirmed that Microsoft has updated copies of Windows XP and Windows Vista without the users' consent, even if auto-updates have been turned off. Obviously these folks don't read (or is it "understand") the Windows EULA which they clicked on and agreed to when they first started their newly-purchased PC (or when they actually paid for and installed the software.)
Most users of Microsoft Windows seem to have their collective heads buried in the sand. The thing the don't seem to get is that Windows users are just that, users. They don't own the software, they have just purchased the right to use it. Microsoft explicitly retain ownership and the right to update their system as and when they choose.
I don't understand why people are acting so shocked. Windows doesn't belong to you. If it bothers you having a third party changing files on the PC you use without your permission, you can always use an OS which you do own.
Wednesday 5th September, 2007
(This article has been updated
from the original, which focused on Solaris 8 only,
to include Solaris 10-specific
entries. Where the commands or entries for Solaris 8
and Solaris 10 differ,
they are written down in
purple for Solaris 8
and
green for Solaris 10.
In addition, I have added an extra note about changing the NIS Makefile
in the event that you're not going to use group passwords.)
This is a step-by-step account of the method I used to install
and configure a NIS master and slaves on servers running Solaris 8
(and more recently, Solaris 10).
The steps detailed for Solaris 8 should work fine on earlier
versions of Solaris, but
as I have not explicitly tested other versions (except as clients)
you may encounter issues. The clients used with this setup ranged
from Solaris 7 to Solaris 10.
The installation was in a medium-sized Solaris-only farm (100+ hosts).
Configuring NIS on Solaris is not quite as straightforward as it
is on other OSes (such as some Linux distros). This didn't really
surprise me, even though NIS is Sun's product. What this does allow
is a more tailored end product.
There are three points I'd like to emphasise concerning this article:
- This article is not an definitive how-to; there is more than one
way to implement NIS. This way works, it's relatively
straightforward, and is more secure than a default NIS installation.
- This article is not an endorsement of NIS over other naming systems.
My recommendation to the client was to use LDAP, but NIS had been used
before, they were more or less happy with it *, and it did what they
wanted it to. Having said that NIS is still used on many sites,
it's versatile, it's easy to set up and maintain, and it can be made more
secure without too much extra effort.
- This article describes the set up of NIS only. Administration
is another matter altogether.
(* The client's existing NIS setup was very old and exhibited quirky
behaviour on some rare occasions.
In addition, it had allowed encoded password values
to be seen when running ypcat passwd. This was not acceptable.)