Diary of a Network Geek

What an interesting idea…

So, as many of my long-time readers know, I tend to straddle two worlds. By day, I’m a highly proficient, one-man, network-ninja death squad, but, by night, I’m a frustrated, hopeful writer who’s always looking for high-tech reasons to procrastinate. I think I may have found a project that bridges these two worlds in an article titled Subversion for Writers.

Subversion is a version control system which is primarily used by software developers to, well, track the version of their programming code. But, code is just specially formated text with very specific syntax and a really boring plot, so there’s no reason at all to not use it to track versions of a story or novel. And, in fact, that’s just what the author, Rachel Greenham, is proposing. I think it would be especially useful for novelists, since you could keep track of all the possible plot deviations and revert back to an earlier branch if things started to “go wrong”. In any case, it’s worth a look, even if you don’t use Linux or OS X, which is what she uses. (In fact, if you’d like to use Windows to do this, LifeHacker, who linked to her article, has a post with links to Windows clients for Subversion.)

Well, anyway, if you write a lot and are a geek like me and have some time to waste, it’s worth looking into, at the very least.

No, not really.

So, there’s obviously been quite a furor about this new law here in Texas that apparently requires anyone doing any kind of computer forensic work to get a Private Investigator’s License. Now, one of my favorite computer security bloggers, Security Monkey (aka The Chief) of A Day in the Life of an Information Security Investigator, has a blog entry about this. His sources in Texas have a different, more relaxed, take on this law. They seem to think that it’s only going to effect professionals doing investigative work for a third party. I think they’re wrong.
As at least one other commenter on A Day in the Life of a Computer Security Investigator pointed out, no matter what the lawyers think and say, only a judge sitting on a case can really interpret the law. And, only after that precedent is set can anyone say what the law covers and doesn’t.
Based on the Slashdot story about someone getting charged with a felony for using a fake name to sign up to MySpace, it seems like this is going to be an important step in the process. I mean, until that all important precedent is set, there’s no telling how people will try to use this new law.

As I wrote here the other day about this far-reaching law, I think it’s just another example of the sad state of our legal system. Laws like this have effects that are much, much further reaching than the bill’s author intended, and it’s ripe for abuse by our overly litigious society.

Advice from your Uncle Jim:
"Everything is funny as long as it is happening to somebody else."

The Houston Chronicle has an update on the law I mentioned the on Tuesday.

The Austin office of the Houston Chronicle did some more digging about the new law that would seem to require PC Techs in Texas to also become Private Investigators. According to the bill’s author, state Rep. Joe Driver, R-Garland, we’re all misinterpreting his new law. He claims that the law means “…anyone who retrieves data from a computer, analyzes it and makes a report to a third party must obtain a private investigator’s license.” To me, it’s almost the same thing.

As I read it, the law would require anyone performing computer security duties in *any* setting in Texas to get a PI License. That means that a corporate computer security officer, who’s job may include computer forensics, would be required to also be a PI.
Frankly, I’m torn between thinking that maybe this is a good thing and maybe it’s excessive. On the one hand, for someone who does independent security work, that background check and finger printing might be a good idea! On the other hand, it might make it impossible for someone in a small company to *legally* do their job.

I’ll give an example…
A small company may have a one or two person IT department who cover everything, like, for instance, me. If there’s a break-in to one of their systems, they would then have to be a licensed PI to investigate that, or they’d have to spend a similar amount of money on a consultant who was. In this case, I’d bet the law just would get ignored.

But, for the independent operator, who might not have any other controls or credentials which a consumer or consulting client can use as a measure of relative security, it might actually be a good thing. Again, I doubt that criminal background checks are being done on all independent computer security consultants right now and maybe they should be.

In any case, like many laws of this nature, they seem like a good idea on paper, but often have much further reach than their author intended.

So, now I need a Private Investigator’s license to work on PCs?

Yeah, according to articles at ExtremeTech and CW33, a recently passed law in Texas requires that ALL shops which include PC repair technicians have a PI license. Just so you know, a PI License isn’t for an individual, but, rather a business and all the employees would work under that umbrella license. Still, it would mean that at least one person go through the process of licensing, which has the following requirements:

• three years of investigative experience or a bachelors degree in criminal justice for investigations company license
• two consecutive years of legally acceptable experience in the guard company business
• successful completion of a two-hundred-question examination testing ability of the manager applicant to operate the guard company under the provisions of the statute regulating them
• criminal background check
• submitting fingerprints to have on file with the FBI
• ~$500 in registration fees, subscription fees, application fees, and fingerprint fees, payable yearly

(All that is from an article at Citronix Computer Techs. )

Now, it’s important to understand, too, that this is a brand new law, sponsored by a Private Investigation professional organization who are afraid of their profession becoming obsolete. Thankfully, there are also techs who have professional organizations, one of which is challenging the law, at least, according to KVUE.com.

Funny, I’ve always thought about getting a PI license and now I may be forced to do so! On the other hand, the $4000+ fines and possible jail-time are a great excuse for why I can’t help people at work with their private PCs!

TypePadfromIntel

Originally uploaded by Network Geek

The folks at WordPress better wake up and take notice.

So, you probably know by now that I run this blog via WordPress. And, in the past, I’ve recommended the free blogging service provided by WordPress.com. Well, while installing software on a new PC I’d put together at work today, I saw the screen to pictured here. If you click the link and take a closer look at the screen, you’ll see an option to install a three month TypePad account. TypePad, like WordPress.com, has both free and paid accounts. So, this would give someone three months of the paid TypePad service.

I don’t know what this cost the folks at SixApart, who own TypePad, but this is some damn clever marketing, in my opinion. If this is included with every Intel motherboard sold… Well, let’s just say that I think it would get a lot of people trying this service and starting a paid account. It’s like Microsoft giving schools huge rebates and offering student editions for cheap to make sure that their software is what the fresh crop of workers are trained to use. It’s good marketing. At least, it sure seems to have worked well for Microsoft.

WordPress, are you watching this?

My users think I’m a magician or a sorcerer.

Frankly, I’m not sure which is better.
In any case, this week I finally cleaned up the last remnants of some nastiness that one of my users got himself into. He followed a link from Google search results to what seemed like a perfectly legitimate blog. He was looking for some poetry reference in the Sex In The City movie. (Yeah, I know, I know. A big, tough oil industry service guy looking for poetry in a chick flick. Go figure!) Well, when he got to this blog, it had an embedded player with what it claimed was a clip from the movie. But, when he went to play the clip, it told him he needed to update his Flash player and provides a “helpful” link. That’s when all manner of unholiness broke loose on his computer.

Well, he got updated, all right. With spyware and virii. I lost count of how many and what kind there were. One changed his time and date format to include the text “VIRUS ALERT!!”, so that it appeared next to the time on his Taskbar. Another made his main hard drive, his “C” drive, disappear from his My Computer! And, at least one of these was the FakeAVAlert trojan, but I never did figure out which one scrambled his My Computer. The funny thing was, after running every anti-virus and spyware removal tool that I normally use, the drive was still hiding somewhere. But, he was running from that drive just fine! Well, I searched for a day or two, while doing the rest of my normal gig, but never could find why this had happened.
I did, however, find a fix. TweakUI from the Windows XP Power Toys. I loaded that on his computer then went in to it under the My Computer section and, sure enough, the local drive was shown as being hidden. I corrected that and **SHAZAM**!!
UPDATE: It occurred to me this morning, after posting, that I should let you all know how to fix the clock issue in more detail.  The setting is found in the Control Panel, under Regional Options, which is not quite intuitive.  Under Regional Options, choose Custom, then find Time and adjust the format per the screen instructions.  If you’re in Windows 2000, once Regional Options is open, choose the Time tab and adjust accordingly.

Yep, just like magic, I am.

I finished Rainbows End by Vernor Vinge last week.

There’s a reason Rainbows End was awarded the Hugo for Best Novel in 2007. It is, to put it simply, a great book. There were parts that got a little slow for me, but, over all, it was a great piece of work. Of course, it probably didn’t hurt that I knew Vernor Vinge taught Computer Science and that the book had won the award. That is why I got it to read, after all.

The story follows one Robert Gu, a famous poet who’s fallen victim to Alzheimer’s Disease, as he’s cured and reintegrates into society.  The “down side” of his cure is that he’s lost the miracle of his poetry.  Somehow, whatever the cure does to fix the dementia alters Robert’s brain in such a way that he is no longer the man he used to be.  And, he’d do just about anything to get that magic back.  The story also follows Robert’s son, daughter-in-law and granddaughter as they deal with his regained ability to interact with the world.  The twist comes in with the fact that his son, Bob, and daughter-in-law, Alice, are in the military as part of the group who keeps America, and the world, safe from terrorists of all stripes.  International spies find a way to use Robert’s desire for regaining his poetic skills to get inside Bob and Alice’s command.  Their goal is somewhat less clear, but it involves a plot to manipulate the minds of the unsuspecting world public to “improve” everyone’s way of life.  Of course, things rarely work out the way anyone intends.

Well, as you can imagine, there are some very good reasons this won the Hugo for 2007.  It is a very good book.  I got a little distracted in the middle when life got a little strange, but, for the most part, the plot moved along at a good pace and always had something interesting to offer.  One of the attractions for me was the view of future computer technology that Vinge describes in this book.  His concept of wearable computers that are partially integrated into clothing and contacts seems like a logical step from where scientists are experimenting today.  Vinge presents this, and all the hard science-fiction in this book, in a realistic, no-nonsense way that makes it all seem very plausible.
He also draws some believable characters who’s actions are logical and reasonable given their motivation and the circumstances.  I can easily see myself doing some of the same things these characters do, both good and bad.

In short, if you enjoy science-fiction, there’s plenty to enjoy in Rainbows End by Vernor Vinge.  Definitely a change for me, but a good one which I heartily recommend.

At least, as much as you can secure anything.

Some time back, I pointed you all toward an article about extending your wireless connection. Some of you expressed concern regarding security in relation to wireless connections in general and, specifically, after expanding the range of your wifi router. So, I thought I should get you all some links on how to batten down the hatches, so to speak.
I do think it’s important, though, to say a little something about security in general first.
Nothing is totally secure. If a computer is on a network, it can be compromised eventually, given enough time and money. Security is a matter of degrees, of balancing ease-of-use with peace-of-mind. And, while having wifi makes mobile communication easy, it is, by it’s very nature, insecure. Anything that broadcasts over an unsecured medium can only be so secure, you know? So, I think it’s important as you look at the links below to keep in mind that a determined attacker is going to get into your wifi network, no matter what you do. And, personally, I am more than a little paranoid, so there are just some things I wouldn’t do over a wireless network.

Okay, so, without further ado, here are the links:
First, if you don’t mind the pop-ups on About.com, here are Ten Tips for Securing Your Home WiFi Network. They’re not bad, but, really, some of them aren’t all that secure. Or, rather, they just give a somewhat inflated sense of security. Still, they’re better than nothing.
Better than those tips, though, is the Lifehacker Guide to Setting Up a Wireless Home Network. This takes you through setting up a wifi router and network from scratch and gives you fairly good tips about securing it along the way. (But, make sure to follow the link to their article ToDo – Secure Your Wireless Home Network!) Better still, follow the article at Ars Technica titled The ABCs of Securing Your Wireless Network.
Freakishly, Microsoft, who’s not known for their security practices, has an article about making Windows XP wireless a little more secure. If you run XP, it’s worth a look.
And, finally, for those of you with a little extra time, some spare computer resources, and a high level of paranoia, read the Step-by-Step Guide at SearchWindowsSecurity.com titled How To Create A VPN For Your Wireless Network. (Or, if you’d rather download a printable PDF, check out TechRepublic’s A Secure Wireless LAN Hotspot For Anonymous Users. It’s another way to do the same thing.) Frankly, it doesn’t get much more secure than that!

Hopefully, that gives all those curious minds out there enough to chew on to keep you off the streets at night!

I love OpenSource software.

I especially love it when it’s free. I love free extensions for OpenSource software I use on a regular basis, too. Microsoft Office isn’t the only game in town and people do develop for OpenOffice.

If you haven’t yet, check them out.

There’s something about this that appeals to me.

When I was fresh out of college, I won a trip to Long Beach with a bunch of amenities. A buddy of mine and I went, since we were both single, and enjoyed ourselves, in spite of the worst rainy season the greater L.A. area has seen in more than 20 years. I mean, roads would shut down after we’d use them, forcing us to find another way back to the hotel and I think we only two days of sun. The day we arrived and the day we left.
But, what I remember most was a t-shirt I saw at a tourist shop on Catalina. It was a Parrothead shirt that had the lyric “I used to rule my world from a payphone” on the back, with a nice, relaxing picture of a hammock between two palm trees. The idea of being so unattached, free and mobile really appealed to me, but, alas, it’s a life I’ve never known.

Now, what does that have to do with a USB drive? Well, thanks to Lifehacker, more than you’d think. Have you ever thought about how nice it might be to travel with all your information and favorite applications, but leave your laptop behind? Yep, free and easy living. All you need is a good-sized USB thumb drive and three articles: Top 10 USB Thumb Drive Tricks , Carry Your Life On A Thumb Drive and Tiny USB Office (via LifeHacker). That’s it. Your key to carrying your life in your pocket. Well, your digital life, at any rate.

And, before you write this off, I know a guy who did just what they describe. He loaded everything that mattered to him on a thumb drive and had no computer at all for more than a year. Of course, now, he has a MacBook, so you can take that with a grain of salt. But, also, according to ZDNet, Microsoft is coming out with a product to help you do all this via their suite of programs and operating systems called “StartKey“. You know when Microsoft gets behind an idea, you’ll see it implemented, one way or another.
So, do you all think you could do it? Could you make the switch?