12.29.2005

[War] British Torture Memos

The British blogosphere leaks more damning memos and turd spray kicks off the fanblades of foreign imperialism...

Interesting.

12.23.2005

[Tech] Because I can...

In the car.

Doing 70 mph.

Crossing the Iowa/Missouri border.

Posting this blog entry.

The formula for success = Mac OSX + cingular GRPS + Motorola Razr V3 + bluetooth modem + these scripts

priceless.

12.22.2005

[Movies] Syriana

SEE THIS MOVIE!

"Syriana" was an amazing movie. This is the second movie in two months that I have seen George Clooney in that I have liked. The other was "Good Night, and Good Luck", the story of Edward Murrow.

[Politics] Bush roundup

Washington Times:

President Bush presents a clear and present danger to the rule of law. He cannot be trusted to conduct the war against global terrorism with a decent respect for civil liberties and checks against executive abuses. Congress should swiftly enact a code that would require Mr. Bush to obtain legislative consent for every counterterrorism measure that would materially impair individual freedoms.


The Daou Report's take on how the Bush spying thing will unfold (I kinda agree):

Here's why: the dynamic of a typical Bush scandal follows familiar contours...

1. POTUS circumvents the law - an impeachable offense.

2. The story breaks (in this case after having been concealed by a news organization until well after Election 2004).

3. The Bush crew floats a number of pushback strategies, settling on one that becomes the mantra of virtually every Republican surrogate. These Republicans face down poorly prepped Dem surrogates and shred them on cable news shows.

4. Rightwing attack dogs on talk radio, blogs, cable nets, and conservative editorial pages maul Bush's critics as traitors for questioning the CIC.

5. The Republican leadership plays defense for Bush, no matter how flagrant the Bush over-reach, no matter how damaging the administration's actions to America's reputation and to the Constitution. A few 'mavericks' like Hagel or Specter risk the inevitable rightwing backlash and meekly suggest that the president should obey the law. John McCain, always the Bush apologist when it really comes down to it, minimizes the scandal.

6. Left-leaning bloggers and online activists go ballistic, expressing their all-too-familiar combination of outrage at Bush and frustration that nothing ever seems to happen with these scandals. Several newspaper editorials echo these sentiments but quickly move on to other issues.

7. A few reliable Dems, Conyers, Boxer, et al, take a stand on principle, giving momentary hope to the progressive grassroots/netroots community. The rest of the Dem leadership is temporarily outraged (adding to that hope), but is chronically incapable of maintaining the sense of high indignation and focus required to reach critical mass and create a wholesale shift in public opinion. For example, just as this mother of all scandals hits Washington, Democrats are still putting out press releases on Iraq, ANWR and a range of other topics, diluting the story and signaling that they have little intention of following through. This allows Bush to use his three favorite weapons: time, America's political apathy, and make-believe 'journalists' who yuck it up with him and ask fluff questions at his frat-boy pressers.

8. Reporters and media outlets obfuscate and equivocate, pretending to ask tough questions but essentially pushing the same narratives they've developed and perfected over the past five years, namely, some variation of "Bush firm, Dems soft." A range of Bush-protecting tactics are put into play, one being to ask ridiculously misleading questions such as "Should Bush have the right to protect Americans or should he cave in to Democratic political pressure?" All the while, the right assaults the "liberal" media for daring to tell anything resembling the truth.

9. Polls will emerge with 'proof' that half the public agrees that Bush should have the right to "protect Americans against terrorists." Again, the issue will be framed to mask the true nature of the malfeasance. The media will use these polls to create a self-fulfilling loop and convince the public that it isn't that bad after all. The president breaks the law. Life goes on.

10. The story starts blending into a long string of administration scandals, and through skillful use of scandal fatigue, Bush weathers the storm and moves on, further demoralizing his opponents and cementing the press narrative about his 'resolve' and toughness. Congressional hearings might revive the issue momentarily, and bloggers will hammer away at it, but the initial hype is all the Democratic leadership and the media can muster, and anyway, it's never as juicy the second time around...

12.21.2005

[Politics] Impeach

We the people of the United States, in order to form a more perfect union, establish justice, insure domestic tranquility, provide for the common defense, promote the general welfare, and secure the blessings of liberty to ourselves and our posterity, do ordain and establish this Constitution for the United States of America.


Remember this? It is the Constitution of the United States. A document that Bush and his Administration view as a "Just a piece of paper." True, it is a piece of paper, a physical representation of the heart and soul of our democracy. Even as a piece of paper, it is an amazing tool. It is an instrument to protect the people from their own brutality and the brutality of the government. It allows people from all different walks of life, race, religion, and orientation to live together if not in relative peace, at least a functional government. It protects the minority from being oppressed by the majority. It is in a way an equalizer and uniter.

Bush, your ignorance of this document will be your downfall. America is not a fascist state, nor are you a dictator. You will be held accountable for the damages you have done to this country and the world.

It is time for you to be impeached. Clinton was impeached for less.

I think Bruce Schneier sums it up best with his Op-Ed in the Star Tribune as to why Bush's authorization of NSA domestic spying without oversight is dangerous.

12.20.2005

[Word] liberticidal

liberticidal

the act of killing liberty

seen in an Alternet essay, in regards to the USA PATRIOT Act.

12.18.2005

[Politics] Impressions of the Presidential Address

George is still shovelling the same manure.

The plan is the same plan we had for Vietnam.

Iraq had nothing to do with 9/11. We're foreign invaders.

You cannot fight terrorism like a war. Terrorism is something you struggle against.

We're inventing our enemies faster than we kill them.

A civil war in Iraq may be inevitable.

This was the opening salvo of a world war for the control of the last cheap, reliable, and mildly easy remaining fossil fuel resources on earth.

Democracy cannot flourish under the barrel of a gun or under an Islamic theocracy there and it cannot survive in a police/surveillance state or Christian theocracy here.

He put up a good front but you can sense how cut off, isolated, angry, and on edge George is. He knows things are falling apart. His infallible faith is not comforting; it's creepy.

Impeach.

12.17.2005

[Poetry] America

mango fuck frustrations
dark thoughts cycling through weevils
assmother shit storms
incoherent ramblings fucked mental state
screwy non-conformist banality
christian facist state
the dogma is oppressive
I can hear myself scream through jello
no voice ever heard
all children left behind
SUV terrorists haunt the roads
incorrect view of beauty
TV mind control
soulless soul suckers sucking the souls of the soulful
comeupance happenstance

[Musings] Domo Arigato Mr. Roboto

Domo. b

Nacht des Nerd.

Sitting in the Bean Factory. Listening to Styx. Micky just left to grab some dinner. He and I have kind of started a tradition of meeting before I go to Nerd Night at the Bean Factory and just catching up. Micky is one of my oldest friends, all the way back to the days of high school. I consider him almost a brother.

The coffeeshop was full not two minutes ago and now it is empty. Weird.

Next up on the playlist 'Linus and Lucy' by the Vince Guaraldi Trio.

Last week was a blur. I am still processing all of what happened.

Been feeling a little uneasy due to all that has happened last week with politics. Something big is brewing, I can't place what yet, but something big. I am waiting for the other shoe to drop. Bush has seemingly gone 180 on a number of issues. WTF? The Senate thankfully blocked the Patriot Act renewal, but Bush says he will still personally authorize eavesdropping on private citizens with minimal justification. On the plus side torture has been outlawed, which really should never have been an issue, we used to set the global example on this sort of thing, the fact that we even had to have a discussion about the legality of torture is a great illustration of how far we as a nation have fallen.

Saw 'Aeon Flux'...ugh. Nothing like the cartoon. I am not surprised. I was kind of expecting to be disappointed since they annouced that Charlize Theron would be Aeon. 'Aeon Flux' was a cartoon that I felt would be difficult to translate into live action and I was proven right. None of the tension was there, too much was explained (the cartoon left a lot unsaid so that you had to work it out for yourself). I am looking forward to 'Underworld Evolution', I have a major weakness for Kate Beckinsdale in tight leather. I also want to see:

Syriana
Broke Back Mountain
Ice Harvest
King Kong


Oh another thing, if you ever find yourself in the situation of selling a house, do NOT allow FHA or VA loans. I know this will diminish your pool of available buyers, but it has been a god damn nightmare. We have attempted to close on the sale of our old house 5 times now and the FHA paperwork has fucked it up each time. Our house was advertised for sale 'AS IS', the buyers really wanted it, but in the 11th hour they converted their conventional loan into FHA, and it has been hell ever since.

Ah well.

12.14.2005

[Engineering] The sorry state of...

{rant}

The sheer mediocrity of design and engineering in household objects is amazing to me. A couple examples:

I have a humidifier. It just died. Well, more like the motor rusted out. A humidifier is what makes my apartment liveable, my skin not itch, my allergies not overwhelm, and keeps my piano and cello from turning into cracked kindling.

So I decided to do some comparison shopping for a new humidifier, seeing as I don't particularily intend to buy a replacement Hunter humidifier, since the nonfunctional one I have has a wicking system that doesn't work, a leaky water reservoir, and a humidity control that cannot seem to understand "On" at 40% and "Off" at 60%. Oh, and the motor had already been recalled due to fire hazard!

You'd think that there would be something out there that people like and has been reviewed well. Nope. Almost all humidifiers on the market are two stars out of five at best. They suck. Warm mist ones bascially steam clean you, and you have to clean them constantly. Cool mist ones (evaporative), while the more natural way of doing things, tend to break and have lots of issues, including bacteria, dust, etc. The only model that seems to be well thought of is the VENTA line, which is a German company. Here's the problem with their novel turning disc humidifier: It costs over $400! And you have to fill it with anti-sediment solution every few days thats $50 a year. And you have to replace the filters fairly often. I can buy a whole new humidifier every time mine gets dirty for less that the upkeep costs on some of these units. What a waste. At some point the cost/benefit analysis will favor just buying distilled water at the grocery store and filling the humidifier with that every single day.

How amazing that we can perform feats of engineering wonder, and yet reliably getting a little bit of water into the air quietly, cleanly, cheaply, and in a low-maintainence manner, seems beyond the collective talents of the world's manufacturers. Someone, please, come up with a 2.5-4 gallon humidifier that is quiet, low on required cleaning, sanitary, doesn't generally require replacement filters or solutions, has a working digital humidistat, and doesn't break. I don't need some gaudy wood paneled whole house unit. My apartment is 525 square feet, I'd have nowhere to put it.

I DID find something that can reliably turn the humidifier on and off to keep a consistent humidity (important with cellos). This is an industrial grade humidistat with a 7% on/off range, adjustable humidity, and I could use it with any humidifer. The only hiccup is that it costs $120. For just the switch that turns the humidifier on and off! Still, since my cello is worth thosands, and my piano at least a grand, it seems like a decent investment. I still have to find a decent (or egad, maybe disposable) humidifier to hook it up to, and then not go broke or nuts replacing filters and cleaning the damn thing. I also find it funny that this model is called the THC-1, and the unit is sold on lots of 'home grow' sites. Probably because its being used to control the humidity on pot crops and not pianos.

Another item: razors. I have a very good razor that properly used works extremely well. I almost never use it. Why? Because it is a straight razor (cutthroat strop razor) from Solingen, Germany, and I have an aversion to bleeding to death if my hand slips. Most of the time I grind away with a POS Norelco electric, you know the crappy burn-your skin ones with the little circular blades that go dull in about a month and cost almost as much as a new razor to replace? I understand that Grundig makes some decent high-end shavers, but again, they cost a fortune (which tends to go with the Made in Germany label). The only piece of razor equipment that I have that works well is my beard trimmer, and that is because I removed the safety head and trim raw. Oh, and it blows through AA batteries in about a month. Do engineers know how much AA batteries COST? They aren't cheap unless you buy them in 100 packs, and who wants that. Please, please, will somebody engineer a decent razor that is safe, painless, effective on my bony jawline, is a close but not-too-close shave, has a decent power reserve, and does not cost a fortune?

I know these are not easy things to engineer. But we put a man on the moon! Maybe we can get some NASA folks to take a few weeks off and come up with something that works. And maybe we can get ISO standard razorblades, wicks, filters, toner cartridges, etc. so these manufacturers can stop trying to screw us with proprietary refills.

The list goes on, but I get the distinct feeling that the overall quality of almsot every household product has gone down markedly in the last few decades. Everything is not-so-cheap disposable junk. Consumer electronics alone could take up a weeks worth of bitch-blogs.

Manufacturing concerns of the world: please, quit building crap. We are an abstract value society in that we think we value products. Real materialist socieities would have, as Benjamin Hoff put it, no landfills. There would be no poorly manufactured products. Stop taking the Wal-Mart approach to building stuff and actually build quality again.

And I'm STILL looking for a decent alarm clock!

{/end of rant}

12.13.2005

[Tech] Does the Yahoo! Mail spam filter even work?

Seriously.

Gmail works fine. My SpamAssassin setup for my ISP mail at home works better. I still get 30-40 (out of 100) mail messages a week that are spam and that are not caught by the spam filter and moved to the junk folder. On Gmail, I have had 0 (I can't believe it either) spam messages that were not caught and moved to the spam folder.

[Politics] Companies I have or will boycott and why.

The following companies for their actions do not deserve my (or your) business.

Wal-Mart - for being generally the definition of the word evil. (low wages, overtime scandal, lack of women in management, stingy charity donations by the Walton family, exploitation of workers, union busting)

Northwest Airlines - for their Union busting tactics. MPR reported this morning that the Mechanics Union will vote to end the strike in defeat. Northwest effectively busted the Union by hiring 900 permanent replacements. It is only a matter of time before NWA either goes out of business (either due to lack of cash, or by merger) or targets the other 3 Unions. NWA, like the other major carriers are stuck in an outdate business model that will not work in this economy without massive public bailouts (NWA has been saved twice by the state of MN and once by the Federal gov't). Sadly bankruptcy in this country is a financial tool by businesses and does not carry the compnay-ending meaning it once did.

Target - for having policies that allow pharmacists to deny medication to customers. There was recently a case where a pharmacist at a Target in Missouri denied a women her prescription for the morning after pill. Kmart, CVS, and CostCo fire pharmacits who deny prescriptions to be filled. I sent a letter to Target and received this cop-out of a response:

Dear Target Guest,



Target places a high priority on our role as a community pharmacy and our obligation to meet the needs of the patients we serve. We expect all our team members, including our pharmacists, to provide respectful service to our guests, particularly when it comes to their health care needs.



Like many other retailers, Target has a policy that ensures a guest’s prescription for emergency contraception is filled, whether at Target or at a different pharmacy, in a timely and respectful manner. This policy meets the health care needs of our guests while respecting the diversity of our team members.



Your thoughts help us learn more about what our guests expect, so I’ll be sure to share your feedback with our pharmacy executives.



Thanks for taking the time to share your questions, thoughts and comments. I hope we’ll see you again soon at Target.



Sincerely,



Jennifer Hanson

Target Executive Offices


I call this a cop-out as Target does not have to fill the prescription, they can ask the person, or point the person somewhere else. Pharmacists should be neutral and non-judgemental. This last boycott is a quite a blow as my wife and I were loyal Target shoppers. We will become ones again, all Target has to do is issue an apology and change their policies so that prescriptions can be filled in store without discrimination.

Here is my response back to Target:

Subject: Re: Filling Prescriptions at Target
To: "Target.Response"
While I appreciate you taking the time to provide this response, I feel you answer is more of a dodge. It remains clear that Target will continue to value the individual mores of the Pharmacist over the right to customer to have receive healthcare. This position countermands Target's responsibility to provide healthcare in a timely and nondiscriminatory fashion.

Until Target provides healthcare on a uniform basis, rather than subject to the whims of the pharmacist, I and my wife will be boycotting Target.

We are no longer assured of the level of service that Target will provide to us.



There are many other companies that I can list, but these are my top 3.

12.10.2005

[Tech] Lisa 2005 - Day 8

LISA 2005 Trip Log: 12/10/2005
==================
Day 8 - travel day

Woke up at my usual time...surprisingly. Packed. I was amazed I was able to fit everything into my travel bag. I hope it is not too heavy for the flight. I do have a second, smaller duffle in case of weight restrictions. I am hoping it will not be too much of an issue as the flight here was not completely full, I am hoping the one back is not.

San Diego has been lows in the 40s, highs in the upper 60s all week. MN has been lows in the -0s and highs in the upper 10s, it will be a bit of an adjustment. I miss home. I miss nerdwife. I miss my cats. I am also anxious as there are a few things at work I would like to try now. My tech-soul has been recharged.

Checkout: 10am

Flight leaves: 6:15pm

Filler: Went to the ocean, spent a few hours looking at the tidepools. Fascinating. Saw the Loma Point lighthouse. Drove by SeaWorld.

Lunch: Shakespeare Pub and Grill. British pub that had and excellent ale seletion and great fish and chips. Ate too much, felt uncomfortably full.

[Politics] Kyoto

Repugnant.

We have burned whatever credibility we once had as a nation.

12.09.2005

[Tech] Lisa 2005 - Day 7

LISA 2005 Trip Log: 12/09/2005
==================
Day 7 - Tech Sessions and Referreed Papers (Last Day)

Tech Sessions and Refereed Papers
-------------------------------
How Sysadmins Can Protect Free Speech and Privacy on the Electronic Frontier, by Kevin Bankston, Electronic Frontier Foundation

notes: EFF representative spoke about the legal ramification of electronic privacy.
The USA Patriot Act and the Internet:
-can get "whole online profile" with subpoena rather than court order
-pen-traps extended to the internet, but no clear distinction between routing/addressing/signaling and what is content
-reduced controls on national security related surveilleance like FISA and NSLs
-users cannot rely on the law to protect their online privacy, they have to rely on the SAs
-FISA gives forver gag orders on providers and forever no notice to target
-NSL; National Security Letter, legal "tool" of the FBI, no court oversight and minimal reporting to congress, no procedure to challenge, recent abuses by the FBI. Scary stuff, the FBI only has to prove to itself you are under suspicion to issue a NSL. Great question about the constitutionality of NSLs.
-DoJ is refusing to explain its limits of power in regards to electronic wiretap and do not have to report to Congress.
SysAdmins
-learn about the law
-teach users about tech
-minimize your logs (short-term retention policies, only keep what you need, review OSP best practices, develop procedures for dealing with legal requests)
-be the surveilleance gatekeeper (and the squeaky wheel), you can serve as a check against abuses of power
-support anonymizing technologies (like TOR)
FBI has stopped using carnivore.

links:

http://www.eff.org/osp

Tech Sessions and Refereed Papers
-------------------------------
Weblogs, Wikis, and RSS for System Administrators
by Jonas Luster, Socialtext, Inc.

notes:
Humans have a need to communicate and an amazing ability to adopt, adapt and improve upon new communication technologies.
Wikis, collaborative work, structure enforced by community standard, not code, fertile ground or wasteland theory?
If you provide an area for your users to contribute input, it can create a fertile area for ideas to grow.
Syndication, brings content out to the world, pushes it out.
If setting up an internal blog site, do not use a public blogging site. Also do not encourage syndication, as you could leak information out.
DSC; Disseminate, Syndicate, Collaborate.

links:
http://homepage.eircom.net/~kmgaughan/esolang/index.html
http://wordpress.org/
http://www.jluster.org/

WIPs
-------------------------------
10 Works In Progress on a variety of topics from VNCmanager, to network traffic visualization, to user education.

-------------------------------
Dinner - Casa Guadalajara; excellent Mexican food
-------------------------------

Post-Conference. LOPSA had a party, but it was low-key. We had found a small libation place not far from here. The selection was not great, but peach cider was purchased. We then sat on a balcony on the 8th floor until late talking of life, technology, privacy, our jobs, what we would like to see in technology, our 'first time'...using UNIX. I feel to sleep the moment my head hit the pillow because the exhaustion of the past week had finally caught up with me.

12.08.2005

[Tech] Lisa 2005 - Day 6

LISA 2005 Trip Log: 12/08/2005
==================
Day 6 - Tech Sessions and Referreed Papers

Tech Sessions and Refereed Papers
-------------------------------
Refereed Papers

Toward a Cost Model for System Administration, by Alva L. Couch, Ning Wu, and Hengky Susanto, Tufts University

notes:
The intangible cost of system administration is approx proportional to the amount of time to complete requests.
Holy shit, perhaps one of the most mind blowing talks I have attended. Their findings show an elegant proof-positive of what most SAs feel.
Documentation is the best cure for long wait times (and hence reduces cost).
His results show that ticket trends follow a Poisson analysis.
He applies statistical analysis to determine average time to resolution.
Temporal conditional probability.
For <2 Admins available, you get a chaotic response to the request queue, whereas if you have 2 or greater, you get a better smoother response characteristic to the request queue. With 1 Admin, running at capacity, you cannot predict a recovery/uncontrolled model.

links:

Voluntary Cooperation in Pervasive Computing Services, by Mark Burgess and Kyrre Begnum, Oslo University Colle\ge

notes:
Systems are not computers, they are human-computer interactions.
Theory around decentralized management.
Hive and collective relationships.
links:

Network Configuration Management via Model Finding, Sanjai Narain, Telcordia Technologies, Inc.

notes:
links:

-------------------------------
Lunch - skipped
-------------------------------

Tech Session
-------------------------------
Network Black Ops: Extracting Unexpected Functionality from Existing Networks
by Dan Kaminsky, DoxPara Research

notes: rescheduled presentation of Wednesday.
IDS make a promise of security, but serious vulnerabilities exist due to limited packet-centric view.
Applications do not live in packet-space.
All major firewall vendors have their own weaknesses. No single tool right now can address all issues.
IPS systems should NOT ban invalid traffic.
DNS poisoning, used to selectively hijack network traffic.
Automatic network shunning very bad idea.

Dan has a tool to dynamic display interdepencies of active networks in a living, organism-like display. Was amazing to view even a small netowrk.
Streamed video via DNS...had to see it to believe it.

links:
http://www.doxpara.com/
http://www.prolexic.com/
http://www.securityfocus.com/pen-test
http://www.securitydocs.com/Vulnerability_Management/Auditing/Pen_Test
http://tor.eff.org/
http://www.doxpara.com/?q=/node/1129
http://www.adultswim.com/shows/robotchicken/

Plenary Session:
-------------------------------
Picking Locks with Cryptology, by Matt Blaze

notes:
Spoke 3 slides about mechnical locks and switch topics to eavesdropping, countermeasures, policy, and wiretapping.
TNEC (Trustyworthy Network Eavesdropping and Countermeasures) - NSF funded research project
Wiretaps for legal use, are broken into two types "Pen Register" and "Full Audio".
Wiretapping technologies:
-telco records; get phone records from telco, retrospective, like pen register
-loop extender/dialup slave; real-time connection to law enforcement
-CALEA/J-STD-025A; standard interface between agency and telco, new (1996)
Possesion of wiretapping equipment is a felony offense (18USC2512).

links:
http://www.countermeasures.pimall.com
security article
http://netsec.blogspot.com/

-------------------------------
Dinner - LISA Reception, buffet food, $500 of funny money, gambling. Met someone from a smaller regional hospital who uses some of the same tools we do.
-------------------------------

BoFs, did not make it to any of them because I went to the SUN Reception.

The SUN reception was a good choice. I was able to meet many, many, many talented people from SUN, from a kernel engineer to a tech writer for http://docs.sun.com (chief writer), to a security expert on PKI. My colleague and myself spent the better part of two hours engaged in very good discussion about OpenSolaris, OpenSPARC, Solaris 10, zones, patch management (updatemanager, smpatch, etc), systems management (SunMC), new technologies (T1) and cost vs power analysis of various platforms. I need to give a lot of credit to SUN for sending engineers and technical writers to this conference, it shows a committment to the SysAdmins and the engineers are able to get real-world experience (and ancedotes) about the products they work on.

Tomorrow is the last day of the conference. I miss home. The conference started out strange and slow, but these last few days have been what it is all about, SAs from all over the world, as well vendors, scientists, managers, and security experts coming together and sharing ideas and experiences. BoFs are nice, but I actually value the 'Hallway Track' more as you can get to know the other people on a personal level as well as a technical level. I will leave here this year with new contacts and a new friends.

12.07.2005

[Tech] Lisa 2005 - Day 5

Tutorials are over (for me). Today starts the tech sessions and the conference in full force. They opened the gates and the barbarian vendor hordes have arrived (but they have put them in their own room and left the window open a crack so they can breathe).

LISA 2005 Trip Log: 12/07/2005
==================
Day 5 - Tech Sessions and Referreed Papers

Tech Sessions and Refereed Papers
-------------------------------

Keynote - Scaling the Search, Dr Lu, Yahoo!

Tech Session 1 - AM

Invited Talk 2 - Network Black Ops: Extracting Unexpected Functionality from Existing Networks
Dan Kaminsky, DoxPara Research
[CANCELED, lecturer did not show]

Went to Refereed Papers:

GULP: Unified Logging Architecture for Authentication Data, by Matt Selsky adn Daniel Medina, Columbia University

notes: only keeps 28 days worth of data in Oracle DB, no archives, no backups, not ready for prime-time yet.
links:
http://www.columbia.edu/acis/networks/advanced/gulp/

Toward an Automated Vulnerability Comparison of Open Source IMAP Servers, by Chaos Golubitsky, Carnegie Mellon University
notes: IMAP vulnerability was determined by a weighting of the available f(x) calls via the network API and assigned a score. Interesting idea for analyzing potential security risks via complexity of code.
links:

Fast User-Mode Rootkit Scanner for the Enterprise, by Yi-Mon Wang and Doug Beck\, Microsoft Research
notes: very energetic speaker. They are scanning based on the principle of di\ffing a running system and a stopped system. On a running system a stealthy ro\otkit will hide itself from all the APIs, but it will still exist on disk, by s\canning a disk of a non-running system, you can now find the rootkit by what sh\ows up. If they don't hide, however, the GhostBuster tool cannot find it, but \other tools should be able to find it.
links:
http://research.microsoft.com/csm/strider/
http://research.microsoft.com/rootkit/
http://www.schneier.com/blog/archives/2005/02/ghostbuster.html

-------------------------------
Lunch - Pizza in Fashion Valley...a strange place. Had lunch with SAs from Sweden, very informative, good exchange of ideas and culture.
-------------------------------

Tech Session 2 - Afternoon
INVITED TALKS I - What Big Sites Can Learn from Little Sites, by Tom Limoncelli, Cibernet Corp.

notes:
links:

Afternoon break - bought a few tech books, wander through the barbarian vendors hordes.

Referreed Papers:

About the Integration of Mac OS X Devices into a Centrally Managed UNIX Environment, by Anton Schultschik, ETH Zurich

notes:
links:
http://isg.ee.ethz.ch/tools/tetre2/
http://www.sepp.ee.ethz.ch/
http://isg.ee.ethz.ch/tools/
http://isg.ee.ethz.ch/tools/isgtc/ (great idea for work)

RegColl: Centralized Registry Framework for Infrastructure System Management, by Brent ByungHoon Kang, Vikram Sharma, and Pratik Thanki, University of North Carolina at Charlotte

notes:
links:
http://isr.uncc.edu

Herding Cats: Managing a Mobile UNIX Platform, by Maarten Thibaut and Wout Mertens, Cisco Systems, Inc.

notes:
links:

Evening:

Dinner was the Mexifest sponsored in the vendor room. Good hallway discussions.

NetApp/Symantec/Decru Mixer. Good times had by all.

12.06.2005

[Tech] Lisa 2005 - Day 4

LISA 2005 Trip Log: 12/06/2005
==================
Day 4 - Tutorial T7, T12

Breakfast

-------------------------------
T7 - Over the Edge System Administration
by David N. Blank-Edelman
-------------------------------
goal: learn to think outside of the box to solve SA related problems and new approaches to SA concepts.

OUT OF THE BOX: Due to 'inetd' any program can be a network program (i.e. iostat).

IDEA: Use laptops to monitor UPSes.

IDEA: Laptops for DR purposes (put all documentation and whatever is needed on DVD and laptop and ship to a secure site).

Brutal File Manager - DOOM style interface to delete/manage files.

WWW::Mechanize::Shell - cli interface via perl to web pages

IDEA: GrokItBot as a tool to query systems...hook the bot from a system to IRC

DBD::AnyData - turns any data into db queries

SexChart - illustration of out of the box ways to represent interdependencies between things.

Website for status for downtime.

Rendevous at a trusted host:
ssh -R 4321:localhost:80 trustedmachine
ssh -L 80:localhost:4321 trustedmachine


-------------------------------
Lunch - light pasta salad and Mahi-Mahi
-------------------------------
sat in the sun.

-------------------------------
T12 - Solaris 10 Security Feature Workshop
by Peter Galvin
-------------------------------

Research FLAR w/ master + differential updates;
Master - base OS + EIS patch set
--->diff 1 - VxVM/VxFS pkgs installed but not configured


T7 links:
Rory Blyth - Neopoleon.com
monotone: distributed version control
Welcome to the home of the Brutal File Manager
Peek-a-Boo Overview
psDooM: DooM for Sys A&#39;s
URLToys/.flux Homepage!
MaLinux
SourceForge.net: AVFS: A Virtual Filesystem
Gmail Filesystem
lesspipe, an addon for the browser less
Infobot Homepage
Ofnibot
Flooterbuck Infobot - A modular infobot
B L O O T B O T . H O M E
Suttree » GrokItBot
Alice Hill’s Real Tech News - Independent Tech » Must Read: 122 Ways to Speed Up Windows XP
Peep: The Network Auralizer
AAJM
nilsimsa
XML.com: Working with Bayesian Categorizers
the sexchart archive
Code
Sitemap for The Treehouse - Trygve Lode&#39;s official site with movie trailers, music videos, mp3 files, and more
cvoid - big giant television
LAFFEY: spinner
Disk Space Problems (Perl for System Administration)
http://www.otterbook.com/materials/lisa02nph2-src.txt
Developments of the Honeyd Virtual Honeypot
Sys Admin > Spam Supplement 2004
http://smtptrapd.inodes.org/
PORTKNOCKING - A system for stealthy authentication across closed ports. : ABOUT : summary
portknocking
sexpathchar.tgz
rsyncBackup
duplicity: Main
rsnapshot
Welcome to Dirvish
BackupPC: Open Source Backup to disk
murk
Unison File Synchronizer
Easy Automated Snapshot-Style Backups with Rsync
Holy Shmoly! :: Easy Automated Snapshot-Style Backups with Rsync
Distributed Internet Backup System
Magic Mirror Backup(tm)
312&#39;s Home Page
Advanced OpenSSH
autossh
fsh -- Fast remote command execution
Punching holes into firewalls
Anti-Proxy - infoAnarchy Wiki
SSHKeychain - About
How MUD&#39;s Work, MUD Design
DoxPara Research

T12 links:
Home at OpenSolaris.org
blogs.sun.com


I had some documents I needed to sign and fax and I had a bit of hilarity tonight. First, the Town and Country Resort business center is terrible (and horribly expensive). The computers were down, they do not have a networked printer and printing was $1/page and faxing was $10/3 pages. I decided against it, so I called the local Kinkos. Kinkos must have been undergoing some kind of regional DoS, virus attack, or system upgrade because all self-serve computers within a relatively close distance of the resort were down. They could print my document, but it would be a 5-10 wait as they are backed up and this is their busiest time of year. Screw that.

Tonight more BoFs and Quest for Food II - the Hunger.

BoFs:
-------------------------------
Mac OSX


Logging and Logfile Analysis


Beer and Ice Cream Social

Invigorating hallway discussion on a wide topic of subjects, Security, 55808 packets, science, science history, mathematics, Active Directory vs LDAP, the finer points of good beers, ales, lagers and beverages of all types.

News:

Sun Microsystems has announced that it will be open sourcing SPARC.

12.05.2005

[Tech] Lisa 2005 - Day 3

Tutorials
-------------------------------
M7 - Security Without Firewalls
by Abe Singer
-------------------------------

Lunch - took a nap, watched 'Underworld' Extended Unrated Edition

-------------------------------
M14 - The Latest in Hacking Tools & Techniques
by David Rhoades
-------------------------------

M14 was an outstanding tutorial. The lecturer put it together as a multi-media session and real demo of tools.

links from M14:
State of Oregon vs Randal Schwartz computer security case
Maven Security Consulting Inc - Info Security Consulting & Training Services - Home
The Cross-Site Scripting Virus
Tsunami hacker convicted | Channel Register
Teen jailed over Paris Hilton hack
Keyboard-emanations.org
Cassandra: index.html
WiGLE - Wireless Geographic Logging Engine - Plotting WiFi on Maps
WiGLE Google Map
Airsnarf - A rogue AP setup utility
Airsnarf - Rogue Squadron
The Shmoo Group
Wi-Fi phishing scam targets business travelers - Computerworld
FrSIRT Exploits and 0day-exploits
The Metasploit Project
http://www.sensepost.com/research/bidiblah/
SensePost
SpiderFoot
Knopper.Net Consulting
IWHAX - News
News - Rexploit
PHLAK :: [P]rofessional [H]acker&#39;s [L]inux [A]ssault [K]it - :: News
VoPSecurity - Home
New Caller I.D. spoofing site opens
http://www.shmoo.com/idn/
Spotting the pharming websites - IT Security News - SC Magazine UK
Description of a new feature that users can use to read non-digitally-signed e-mail or nonencrypted e-mail as plain text in Office XP SP-1
How Not to Get Hooked by a â~@~XPhishingâ~@~Y Scam

---end links---
5 of us played a little game last night called 'Quest for Food' as we toured portions of San Diego in search of a good meal. We were only 50% successful.

The BoFs (Birds of a Feather) sessions started to night. Saw a really good one by some authors at MAKE magazine, might have to get myself a subscription.

I put my feet in the pool and watched the stars.

12.04.2005

[Tech] LISA 2005 - Day 2

System down at work back home.

Tutorial
-------------------------------
S8 - Issues in UNIX Infrastructure Design
by Lee Damon
-------------------------------

S8 links:
NIKOLA Disk Layout Plan
19th Large Installation System Administration Conference (LISA &#39;05)
LISA&#39;05 Wiki: Home Infrastructures.Org: Best Practices in Automated Systems Administration and Infrastructure Architecture: Home
Bootstrapping an Infrastructure
Syslog-ng faq
Products :: BalaBit IT KFT ::
Cfengine - an adaptive configuration engine
NIKOLA
Nagios: Home
Condor Project Homepage
Sun N1 Grid Engine 6
PBS Professional 7.0
OpenPBS
Logging with syslog-ng
OpenAFS
The Berkeley Automounter Suite of Utilities
LPRng Web Page
---end links---

goals: know the questions to ask about considerations for planning UNIX infrastructures. A philosphy class, not to teach answers, but questions.

Lunch: conference provided...mexican...bad mexican

Over lunch checked out the grounds. This place is kind of like a cross between fantasy island and something from a bad 70s movie. Found a large shopping complex behind the property and a small creek with ducks.

Trip to Fry's Electronics...geek world.

Spent some time in Scripps Medical Center with a friend attending the conference (minor pool accident). The ER, late at night was...interesting. A woman told me the gov't is trying to kill me and that she is tired of all the 'reptile alien bullshit.'

This conference has not had a dull moment.

[Tech] LISA 2005 - day 1

Travel Day

Left MN in a blizzard to arrive in San Diego with clear, 61F weather.

Picked up my registration material and my 'tags'; Sheriff, Scribe, Has Been

Met a Sys Admin from Norway named Stieg.

My hotel room overlooks a pool...sweet!