Tag: computers

Posted on
by

It occurred to me today that if you lay out the three major players in computer operating systems and the three major players in web browsers, the results track remarkably well.

  • Windows and Internet Explorer. The dominant player. Obtained that position by being good enough, cheap enough, and promoted enough to win a protracted two-way battle. Detractors claim the victory was primarily due to marketing and business practices, not quality. Plagued by a public perception of insecurity. Currently trying to maintain that lead against an opponent unlike any they’ve faced before. Believes itself to be technically superior to the other options.
  • Linux and Firefox. Open source product with a core team and hundreds of volunteer contributors. Originally created as a replacement for a previous major player. Very extensible. Promoted as a more secure alternative, but has faced growing pains with its own security problems. Highly regarded among many computer power users, beginning to gain mainstream acceptance and challenging the dominant player. Believes itself to be technically superior to the other options.
  • Mac OS and Opera. Has been there since the beginning. Constantly innovating, pioneering ideas that get wider exposure when their competitors adopt them. Very dedicated fan base that never seems to grow enough to challenge the dominant player. Has been declared doomed time and time again, but keeps going strong. Believes itself to be technically superior to the other options.

It breaks down, of course. Traditional UNIX is missing from the OS wars, though it provides a nice analogy to Netscape for Firefox. The battle lines don’t quite track either, since the previous wars were Windows vs. Mac and IE vs. Netscape. And Safari’s missing entirely. But it’s interesting to see the same three roles in play.

Posted on
by

I got into work this morning to find my desk’s keyboard and KVM switch non-responsive. The only way to reset the switch was to turn it off and back on, which meant disconnecting all the keyboard and mouse cables. (A KVM switch doesn’t need much power, so many of them just draw power from the computer, the same way an actual keyboard or mouse would.) It switched immediately to the Linux box, which was happily displaying its screen saver, so I switched back to the Windows box where it had been… and it got stuck again.

OK, so the Windows box had crashed. It’s been doing that lately, though usually I actually get a blue screen with the dreaded IRQL_NOT_LESS_THAN_OR_EQUAL, which could mean anything from a driver conflict to failing hardware. I haven’t taken the time to track it down, but maybe I should. I rebooted the Windows box, which seems fine for the moment, though there’s no sign of the crash—or even my forced reboot—in the system log.

Then I switched over to the Linux box, and the mouse wasn’t responding. When the mouse gets messed up, sometimes it’s enough to switch out of X into text mode and back. No luck. Sometimes closing X entirely and starting it again is enough. Not this time. I actually had to reboot the Linux box to get my mouse back. That really annoyed me.

So here are three things that went wrong.

  1. The Windows box crashed. This is probably a driver or hardware problem.
  2. The KVM switch got stuck. This should not be possible. Even if it’s getting confusing signals from one set of ports, it should be able to switch to another port.
  3. The Linux box (Fedora Core 4) could not recover from having the mouse unplugged for 10 seconds. There should be an easy way to tell it to check for the mouse again.

It’s #2 and #3 that bug me the most. Maybe it’s the man-bites-dog effect (I expect Windows to crash and/or require frequent reboots, so it’s more annoying when Linux does it), or maybe it’s just the fact that they’re simple error-recovery issues. I mean, seriously, unplugging the mouse for a few seconds makes it unusable?

Update: I forgot to check the second Windows box on the switch. It also had stopped responding to the mouse even after I reset the KVM switch. I’m beginning to think that problem #3 was in the switch itself, not the Linux mouse driver, since the non-crashed Windows box had the exact same problem.

Posted on
by

Something that could help with the ever-shrinking window between turning on a new (Windows) computer and getting hacked by some automatic probe is to just make downloading security updates part of the setup process. I installed two Linux distributions this weekend, Mandrake 10.1 and SuSE 9.2, and both did this.

What I liked about the SuSE installer was the way the option was worded. The setup utility asks you if you want to “test your Internet connection.” It tests the connection by downloading the latest release notes and checking for updates! (Unfortunately, it somehow chose an old mirror of the SuSE site—not the one I used during the installation—and the process failed.)

Posted on
by

Via Email Battles: First ‘warspamming’ case reaches court.

Basically the guy (allegedly) drove around LA with a laptop looking for insecure wireless networks, then connected to them and sent spam using people’s home accounts.

The term comes from wardriving — driving around looking for unsecured networks — and warchalking — marking walls or sidewalks to indicate the presence, type and speed of the networks found. Early wardrivers discovered that Pringles cans make good amplifiers.

Further etymology: according to the Jargon File, war-driving is a play on war dialer. War dialers were programs that would call up a series of phone numbers looking for modems, faxes, or other phone-based systems it might be able to crack into. And that term started out as wargames dialer, a reference to the film War Games. (Whew!)

It turns out that warspamming is older than I thought: the term was coined two years ago, though this is the first case to go to trial. The defendant is being tried under CAN-SPAM, which went into effect this past January.

An interesting statement from the article:

If Tombros is convicted or pleads guilty then warspamming — also known as drive-by spamming — will move from being just a theoretical possibility to a genuine threat.

What, so in the two years since someone came up with the idea, no one has ever seen it done? And we have to wait for a conviction to determine whether it’s happened now? We don’t need to wait for a trial to know that spammers — an annoyingly resourceful lot — are using thousands of virus- and spyware-infested home computers as zombies. Warspamming doesn’t even require programming skills (or ties to virus writers — although I understand access to already-compromised networks has become a brisk business on the black market.) Surely someone has logs to show that it’s been done.

Update October 4: The defendant was convicted. Apparently, this is the first conviction obtained under CAN-SPAM. (via The War on Spam)

Posted on
by

When I worked at a computer lab in college, the main security focus was preventing lab visitors from screwing around too much with the computers. We just ran Windows NT and locked it down as hard as possible. The worst network-based threat I remember facing was WinNuke, and that was just as likely to be another lab tech. Some of the early email viruses started circulating while I was there, but since it was a public lab, we didn’t provide any email programs; people would telnet into the mail server and use Pine. (This was pre-Hotmail, too.)

In my wired-for-ethernet campus housing, however, all bets were off. I watched people remotely controlling each others’ computers as pranks, or discovering hackers had gotten onto their systems from halfway across the planet, and figured it was safer to use Linux most of the time. This actually got me in trouble with the network admin at one point, who decided I must be running a server and shut off my port. It did at least teach me to disable services that were turned on by default, though I saw no indication that anything on there was actually being abused.*

Firewalled

Then there were firewalled environments. Still back in college, we rigged up my parents’ house for a home network. My brother put together a Linux box to dial into the Internet and act as a gateway, and effectively everything inside the network was safe from direct attacks. No point in internal firewalls, and since everyone was savvy enough to avoid the really nasty stuff (which was easier at the time), virus scanners were only a precaution, rather than a necessity.

For the past few years I’ve mainly worked with Continue reading

Posted on
by

I should’ve written this up when we bought it, but there are two main reasons I went with the Netgear WGT624 router over another brand with similar features.

First: familiarity. Since I hadn’t researched specific models, I wanted a brand I knew or had used before. This meant Netgear, Linksys, or Belkin.

Belkin was out of the question. In fact, I was muttering about how I’d never buy a Belkin router, when I was approached by a Belkin representative who proceeded to explain about how much better their product was than any of the others. The problem is that Belkin lost my trust last year when they set their routers to redirect web requests to their own advertisement page. (Basically one every eight hours until you bought the filtering service or clicked on an opt-out link on that web page). Aside from the annoyance factor, there’s a lot of web traffic that isn’t actually trying to load a web page. It could be your antivirus program trying to download new definitions, or your news reader updating an RSS or Atom feed. It could be Windows Update. Sure, they eventually disabled the “feature”, but come on!

So at that point it basically a toss-up between Netgear and Linksys. The Netgear packaging was more focused on the networking capabilities, and the Linksys packaging was more focused on the parental controls, so I went with the Netgear.