- Tiny computers
- The beginnings of a national ID for flyers?
- Linux file system security options
- 802.11n Draft 2.0 is Approved
- New OpenBSD Remote Security Vulnerability Found
- How to Handle Network Growing Pains
- The Business Case for Open Source Software
- Seagate's Full Disk Encryption (FDE) hard drive
- Spousal support on Outlook Web Access and IE7
March 27, 2007 | Comments: (0)
Just when I am starting to wonder how much smaller are computers going to get, I find outrageously small machines like Jack PC (made by ChipPC) and Space Cube.
Jack PC (3.4" X 3.4" X 1.5"):
Space Cube (2" X 2" X 2.2"):
Of course the CPU/memory/storage is going to be pretty limited on these little guys, but nothing embedded Linux can't do! :-) Unfortunately, it looks like Jack PC only runs WindowsCE.
Josh Kuo
Co-Owner of q!Bang Solutions
Mar 27, 2007
Posted by Josh Kuo on March 27, 2007 01:25 PM
March 27, 2007 | Comments: (0)
The beginnings of a national ID for flyers?
Every road warrior has dreamt about a frequent traveler line for the security checkpoint. If you're willing to go through a process just like what you'd go through for a security clearance, Clear is now offering a solution.
CAUTION! If you're the type that does NOT want your life pried into, this is NOT for you. However, if you don't mind a bit of prying in exchange for MUCH faster trips through airport security, then keep reading.
The downside is that you MUST complete the application in person and unless you live in New York, the list of enrollment sites is limited at this time. (San Jose, JFK, midtown Manhattan for now)
After you've enrolled in the program AND paid your fee ($99/year with discounts for multiple year signup's) you get a smartcard, a Clear account and the ability to use an iris scan at the new checkpoints being setup around the US. (NOTE: at least you don't get charged until you actually show up for the in person portion of the signup.)
In a past life I used to do work for the US Federal Government and as part of that job I gave a similar set of information for my background check. What TSA and Clear is asking for is nothing compared to a military background check and I for one don't mind the minor intrusion. (Though TSA and Clear had better be VERY careful about storing this info!)
I've signed up and am going to give this a whirl. Overall, I was hoping that this program would have been run by Homeland Security instead of a contractor or at least a single entity. The process of Clear sending the info to TSA who then does the clearance introduces more points of failure than a single organization. I'll just have to cross my fingers that no one takes any short cuts.
Brian Chee
Posted by Brian Chee on March 27, 2007 11:18 AM
March 15, 2007 | Comments: (0)
Linux file system security options
Maybe buying a FDE (Full Disk Encryption) hard drive is not an option for you right now, but that doesn't mean you need to compromise on your Linux file system security.
linux.com has an article on how to hide an entire file system. There are several approaches mentioned in the article, such as using the loop-AES loop back device, or using package such as FUSE or eCryptfs (though these come with performance penalties). Here is another site that provides a lot more options to just simply encrypt your file system the old fashioned way, including encrypting your home directory, using transparent cryptographic file systems, and also steganographic file systems.There is something for the network file systems as well, you can use SSH File System, which is built-on FUSE, a userspace file system framework for Linux (so normal users can create and mount file systems without super-user privilege). The advantages of SSHFS is that it can be a easy and secure replacement for NFS or other network file system, although I would imagine the performance is not going to be as great due to the encryption.
ReiserFSv4 (sponsored by DARPA) also supports encryption, but it may not be included in your favorite Linux distribution yet, and you may need to manually patch your kernel.
Josh Kuo
Co-Owner of q!Bang Solutions
Mar 16, 2007
Posted by Josh Kuo on March 15, 2007 09:18 AM
March 15, 2007 | Comments: (0)
The 802.11 Working Group voted 83.4% affirmatively to approve the Draft 2.0 of the 802.11n spec. The overwhelming affirmative vote was a bit surprising considering the rollercoaster-like ride the 802.11n spec has taken so far. With the approval vote today, the Wi-Fi Alliance can now begin certifying vendor equipment as being compliant to the 802.11n Draft 2.0 spec, which means that it will be fully compatible with the 802.11n standard once it is finalized. So vendors will be able to start rolling out new gear en masse!
High Mobley
Co-owner of q!Bang Solutions
Posted by Josh Kuo on March 15, 2007 07:40 AM
March 15, 2007 | Comments: (0)
New OpenBSD Remote Security Vulnerability Found
Wow! I was astonished to find the news this morning when I woke up. Core Security Technologies found that a malformed IPv6 packet MBUF header could be used for vulnerbility remote code execution on OpenBSD. What's remarkable about this is that such a vulnerability was found at all. Until this vulnerability came along, OpenBSD had gone over a decade with only ONE remote security hole in its default install. Stop and think about that. A decade is a darned long time in this industry. How many operating systems can claim this level of security? Certainly not Windows or Linux.
So consider using OpenBSD in your enterprise (or smaller business as well). It's obviously super secure, and there are some pre-built OpenBSD-based firewall appliance installers that you can easily use with any regular PC hardware. And if you have some in-house Unix experience, OpenBSD can be used to setup high-availability redundant firewalls which even share NAT state! So dip your toes in the pool and see how the water feels.
High Mobley
Co-owner of q!Bang Solutions
Posted by Josh Kuo on March 15, 2007 05:52 AM
March 14, 2007 | Comments: (0)
How to Handle Network Growing Pains
Ron Gorodetzky, co-founder of Revision3 and the Senior Systems Administrator at Digg, was a presenter at the Southern California Linux Expo 2007. His presentation entitled Admin++, what root never told you walks through his own personal experience helping to manage the technical-side of two start-ups and the growing pains along the way as the bandwidth, hardware, and software requirements grew. Ron recommends a lot of useful Linux tools to help you scale along the way, and his points on infrastructure, site and servers, can be used in any environment.
View his presentation slides here.
Posted by Cynthia Kuo on March 14, 2007 09:35 AM
March 12, 2007 | Comments: (0)
The Business Case for Open Source Software
With all the hype regarding Open Source Software (OSS), we sometimes forget logic in the excitement of trying to get on board with this latest trend. What we really care about (or should care about) is making a sound business decision regarding software. Think you should be hopping on the OSS bandwagon just because the software is free? Think again. There's a lot more to making a business decision for OSS than just the up front cost. As the Open Source zealots like to say, "Free as in freedom, not as in beer."
Of course, there are the financial benefits! With an Open Source license which does not restrict your use of the software, you can install as many copies of the software as you want. Since there are no licensing fees, you could install two or two hundred seats with no additional costs beyond the labor required to do so. Without licensing fees, you pay only for hardware and support costs. So not only the upfront costs are lowered, so are the ongoing costs of software ownership.
So what else is there to Open Source Software? Why does my company q!Bang Solutions try to pursuade our clients to use OSS when possible? It's the end of licensing restrictions that tell you how you can use your software. Tired of obtaining license keys from your software vendors every year or even every month just to keep your software running? Feel like your vendor is holding you hostage via your software licensing? With OSS, you never have to enter another annoying license code ever again. They just don't exist in the world of OSS. You don't even have to keep track of silly license validity seals or your purchasing paperwork to prove ownership. Never again will you fear the BSA (Business Software Alliance, not the Boy Scouts!) knocking on your door wanting to perform a software audit. The BSA even takes out advertisements on Google search pages for and up to $200,000 reward a disgruntled ex-employee can receive for reporting your company to the BSA! That's quite a powerful motivator.
My favorite benefit of Open Source Software is one that most people don't even think about. What happens if something happens to the software vendor? What if the vendor gets bought by its big competitor and that new owner wants nothing to do with supporting you? What if the vendor is affected by a natural disaster in some other part of the country (or world) and can no longer function? A perfect example is a small auto insurance company that we recently did some work for. They use a custom CRM application that is designed for small independent auto insurance companies. It's a special application that nobody has the source code for other than the vendor, whose technical division is located in Alabama. Our client has to get a license key from the vendor each month and enter that into the program, or else it will stop functioning. So what happens if a tornado rips through the vendor's offices? That horrible tragedy would put a huge burden on our client the insurance company. The insurance company would not be able to use their custom application which has all their customer data including payment information. They could pay an IT consultant big money to extract their data and import it into another program. For the money that it would cost them to save their data, they could just hire us to write a new OSS application that performs all the same functions as their proprietary one.
Or how about the vendors who just abandon a not-very-successful software product? It's not good business, but it happens. Maybe the software is not profitable and requires a lot of resources to maintain, so the vendor just stops development and no longer supports the software. Of course, that software vendor thinks about all the money that it spent in developing and supporting that software, so they feel that it's theirs and nobody else should get it for free. So instead of releasing the software and its code to the public, the software just dies off because the vendor couldn't let go of something it had spent its money on. And now your company is stuck with no support, no updates, no new features, and no bug fixes. Maybe you're even stuck with non-functioning software like in my example of the auto insurance company. Open Source Software does not die because the developers stop working on it. The software is still available for download so anybody can make new features or fix bugs and security problems. Nobody is left without the software that their company needs to function.
And since this is Open Source Software, you can choose anyone you want to support the software. You might be able to pay the developers for support. You can certainly find a third party to support the software. With OSS, if you are not happy with the support you are getting, you do not have to get rid of the software. You just get rid of the vendor who is providing the support and pay a different vendor for support. Of course, if you find that the software is not doing the job for you and you want to use a different application, go ahead and do so. Open Source Software almost always uses Internet standards for data storage, so it's simple to migrate your data out of one application and into another. The same cannot be said for a lot of proprietary software applications. Just like our auto insurance client above, pulling data out of the proprietary application and getting it into a new application can be quite a time consuming hassle!
I know that we've all been in the situation where you're waiting on a new feature to be released from your proprietary software vendor. They promised it would be available two months ago, and they've been "working around the clock" to finish it, blah, blah, blah... In the world of Open Source Software, if you can't wait on someone else's schedule for a new feature, then you add that feature yourself. What? You don't have programmers on staff? You can always outsource to a programming company and have them do it for you. Even better, you can pay the software project's developers to add the feature. Many OSS developers aren't accustomed to being paid for their efforts, so money can be a great motivator. The point is that you always have some options.
Sure, the cost savings of Open Source Software is a great benefit and a strong reason to choose OSS over proprietary software. However, you now have a few more points to consider as you mull over your software decisions. I hope that I have convinced you that the "freedom" benefits of Open Source Software are just as important as the "free" parts, if not more so.
High Mobley
Co-owner of q!Bang Solutions
February 26, 2007
Posted by Josh Kuo on March 12, 2007 10:53 PM
March 12, 2007 | Comments: (0)
Seagate's Full Disk Encryption (FDE) hard drive
I remember this announcement back in 2005, when Seagate first announced that they would release a hard drive with full disk encryption (FDE). Well, they now have the Momentus FDE line of notebook drives (5400RPM) with 192-bit Triple-DES encryption, and it will be part of ASI's $2,150 laptop. The 2.5" drive is aimed at corporate users and managers who need to deal with storing sensitive data on laptops. The product specs are here. Hardware encryption is definitely the way to go for FDE, since using software to encrypt every read/write operation would be way too slow even on a modern CPU. Seagate claims that with their on-board encryption, it only takes up 1~2% of the CPU resources. I wonder how well the VIA chips with AES built-in would handle the encryption. It would make an interesting benchmark...
One of my first questions is: "What happens when the user loses his/her password?". We all know that at some point, some person will lose his or her password. According to this article, there can be up to 4 master keys, and up to 4 user keys. So, if a sales rep quits unexpectedly, the sales manager can still use the master key to recover data on the laptop. Seagate also suggests it is possible to remotely manage the hard drive, to configure its user accounts and such. I hope administrators remember to NOT send their admin password for the hard drive in clear text over the Internet...
All in all, it looks like Seagate has brought to market a good product with the Momentus FDE line of drives. It has some good applications for corporations and government types as well.
Josh Kuo
Co-Owner of q!Bang Solutions
Mar 12, 2007
Posted by Josh Kuo on March 12, 2007 09:55 AM
March 06, 2007 | Comments: (0)
Spousal support on Outlook Web Access and IE7
Microsoft Knowledgebase article #911829
Just a heads up that as other work from home spouses start bugging you to upgrade their home computer in that there is a gotcha in Outlook Web Access and Internet Explorer 7.
The symptoms show up as a blank editing window (i.e. message body, etc) where only a little x shows up in the top left corner of the message body that looks just like an unlinked image if a picture is missing from a web page.
During my spousal tech support session, I found LOTS of threads dating back to the Internet Explorer v6 days that have documented this issue, with threads continuing into items regarding Windows Vista deployments. The fix is simple, but requires someone from the IT group to apply patches to the Exchange server as documented in this knowledgebase article that has references all the way back to Exchange 2000.
So until your spouse's IT group updates their Exchange environment, a work around is to install Firefox on the Vista box and put Outlook Web Access into compatibility mode officially known as Outlook Web Access Light that provides access for non Internet Explorer browsers. The downside is that your spouse is going to complain that it doesn't look the same, and that's because the active-x plugins needed for a true Outlook look and feel are missing.
On a related note, we recently got to play with Exchange 2007 and got a great briefing on the Access Anywhere theme being pushed as Exchange, SharePoint, etc get integrated into a nice but bit heavy Content Management System. I found it a truly awesome package in the level of super tight integration across Exchange, SharePoint, InfoPath, SQL and a passel of other Microsoft products, but the demo sucked up three of my servers leaving me wondering just how appropriate this would be for small to medium sized organizations.
As a counter point, I should mention that the PLONE system has quite a few of the most popular Microsoft Office Sharepoint Server (MOSS) features, and is browser agnostic. While not anywhere as tightly integrated with things like business intelligence systems, PLONE is still a pretty nice system and fully extensible using Python. Not to mention that finding a PLONE hosting site is a whole heck of a lot easier than finding a MOSS hosting site if you don't feel like blowing the bucks on rolling your own.
Posted by Brian Chee on March 6, 2007 02:16 PM
TOP STORIES
WiMax OK for commercial useAgile mgmnt for small teams
Why developers avoid Vista
CBS to buy CNET Networks
Icahn's letter to Roy Bostock
Yahoo opens up Search Monkey
AT&T limits iPhone purchases
Silverlight gets put on Linux
Intel to develop PC with Alibaba
Cybercriminals can rent a botnet
ADDITIONAL RESOURCES
- Virtualization: A Step by Step Approach to Success
- Dialing up Agility with Business Transformation
- 5 Things You Need to Know About Storage Virtualization
- Is your smaller organization ready for High Availability?
- Is system maintenance doing more harm than good?
- Virtual Test Lab Automation: Manage development infrastructure
