Menu

Michael Gracie

How to Know If You Are a Layoff

If you’re an operating system, you find out in parody.

If you’re a Wall Street banker, you’ll have to settle for sarcasm.

Monday Ugly in tech security

Like “Coyote Ugly,” but actually ugly:

First…hackers busted into the website of the US Consolate General in Russia. As if the US didn’t have enough problems off shore…

“This latest attack highlights the fact that no organization is immune from infection, and that no matter what the size of the company, it must defend its webpages fully to avoid being stung.”

No doubt there – attacks on institutions are commonplace – it’s just that they have good PR teams to keep it hush hush.

Next…a German onion router administrator gets arrested. Clearly not the guy’s problem, but getting arrested highlights the risks of running a Tor server in this day and age (as well as the cluelessness of some politicians regarding technology). What’s Tor? Inquiring minds check here first.

Last but not least… a bunch of laptops were pre-loaded with Vista, as well as a 13-year old boot sector virus. Plenty has already been said on Vista and it’s security. But I can’t help but chuckle.

Full disk encryption nowhere close to foolproof

The talk is directed at Bitlocker, the full disk encryption in Windows Vista, but it applies to all similar methodologies.

It’s simple. Fools don’t have physically secure, unencrypted backups. Fools think everything should run like lightning, regardless of the strain on the system. And, of course, fools lose passwords.

Doesn’t sound foolproof.

Might I suggest using virtual disk encryption, like that offered by PGP. It is slightly more cumbersome but puts less strain on the system and the “product” is portable – better design for fools (like me).

Spy agency help Microsoft build Vista

It may have been a good move to get some hardcore security guys involved in the development of Vista, but a lot of people are going to question why Microsoft looked to the NSA, which has been under fire recently for spying on people at the request of the Bush Administration.

Adding fuel to the upcoming fire…

The Redmond, Wash., software maker declined to be specific about the contributions the NSA made to secure the Windows operating system.

Then again, maybe the idea was to position the upcoming operating system to be used by political bloggers, and/or throw a bone to the 110th Congress…

The NSA also declined to be specific but said it used two groups — a “red team” and a “blue team” — to test Vista’s security. The red team, for instance, posed as “the determined, technically competent adversary” to disrupt, corrupt or steal information. “They pretend to be bad guys,” Sager said. The blue team helped Defense Department system administrators with Vista’s configuration .

So the “blue team” were the good guys.

I guess I’m wondering whether the only one that is going to turn out bad or good is the Microsoft PR Team, when the whole concept spins in or out of control.

UPDATE: Bruce Schneier asks: Is this a good idea or not?

The last day of the year – time for 2007 predictions

It is the last day of 2006. What better time for predictions…

From the experts:

Spamroll says:

  • Spam will not end in late January (and Bill Gates will remain mum thereafter)
  • Some spyware companies will be getting sued again by February, while the rest change their company name
  • The government will quit buying consumer data in March, after determining that who is buying TMX Elmo is in no way correlated with who has a tendency to be a terrorist
  • Everyone will be backing up their hard drives by April, but only if external hard drives are free
  • They’ll be encrypting them by May, because everyone will be running hacked versions of Vista
  • We’ll all take the summer off, since phishers already do
  • Back-to-school will piss off millions of children, and not much else
  • October will be much like September
  • Telcos will implement IPv6 for Thanksgiving, and everyone on the internet will know who everyone else is, once and for all (with the exception of MacBook Pro users, which are already being tracked via heatsink)
  • We’ll get a ton of self-serving predictions for 2008, a week early at Christmas

Happy New Year!

UPDATE: Sarcasm does work – someone is thinking about backup.

“I don’t care about Vista security.”

“I am shipping antivirus software for the platform anyway.” – Kapersky (another security company not worried about Vista security).

Vista’s early security outlook good for security firms

After a Russian hacker released a proof of concept flaw for Vista, security firm Determina validated the issue, and notified Microsoft of even five more.

No wonder security firms were unconcerned about losing business as a result of Vista. I wonder why they aren’t keeping quiet and just going about their business too, unless they think they will get some favors in return. Will they?

UPDATE: No matter – Microsoft is still supremely confident.

Love doesn’t last forever, but Vista activation might

Some may argue the first point, and with Valentines Day coming around the corner, we may have to wait that argument out. But, after cracking the Vista activation with cute workarounds, some decided it makes sense to add some longevity to the surepitous install.

We’ll see how long that sticks.

Vista and operating system security debate guidelines

Who should you listen too?

People are debating on the Vista OS, with particular regard to all the new security features purported within. Fair enough, but I don’t see much reason for Mac News being the ones doing it (or at least I’d be paying attention to someone other than Mac enthusiasts if I was contemplating a Vista purchase and was concerned about security).

Sincerely,

Your resident Mac user

Bad Vista or really bad Vista

The Free Software Foundation has launched a new site, BadVista, with a two-fold goal. The first is to beat the shit out of Microsoft Vista, and the second is expound upon the benefits of…what else…free software.

I love free software as much as the next guy, but I am not going to give this initiative the thumbs up. Sorry to say this, but It smells like a shill. Fine to beat up on Vista (everyone beats on Microsoft anyway), but don’t do it solely for the alternative promotion of your own cadre. If Vista sucks, let that sucking stand on its own – the FSF loses credibility otherwise.

There are enough cracked copies of Vista being hocked by spammers right now that I think a lot of people are going to be sick of hearing about how bad Vista is by the end of January anyway.