You are here

rick's blog

The Danland Theme

I've migrated to the Danland Drupal theme. Danland is stable and it looks great right out of the box. Moreover, I find I have trouble with themes that use a dark-color background instead of a light or white one. The off-color looks fine when things work well, but fails miserably when anything goes wrong. I'm enough of a tinkerer to appreciate expressive error messages.

Wordpress tag: 
Post category: 

Replacing a Hacked Password

HackI just received a couple of spam emails from a friend who had had her email account hacked. The hacker sent the spam to everyone on her contact list. Here's what I told her:

First, replace your old password!

Second, choose a password that can't be guessed based on text in your emails!

Third, write down the password. Keep that piece of paper till you remember the password without looking.

Post category: 

A Temporary New Look

The web site now sports an incomplete custom theme. My earlier theme was rendered obsolete by a Drupal upgrade.

And that was atop unexpected down time: the upgrade process went poorly and I had to roll things back and try again.

Wordpress tag: 
Post category: 

A Hack at Best Buy?

This morning I received a flurry of unexpected email messages from Best Buy's "Reward Zone," one of those preferred customer programs. I was reading email when the messages arrived, so I immediately tried to log in to the account and check its status. I couldn't log in, so I immediately called Best Buy.

Wordpress tag: 
Post category: 

The Strike

CopyrightI took my site off line for roughly 24 hours as part of the Net-wide strike against impending US Congressional action. As a published author I applaud efforts made to protect my income from piracy. However, the current legislative efforts put the operation and culture of today's Internet at risk. They also undermine the concept of due process.

Post category: 

OS X Lion: No encrypted RAID after all

Full disk encryptionI installed Lion last night and spent today figuring out what does - and does not - work. As a huge fan of full-disk encryption (FDE), I'm disappointed in their drive encryption.

RAID may have been improved, but Lion's encryption features, including Time Machine encryption, are not compatible with Apple's RAID.

The diagram at right (from Elementary Information Security) shows how full-disk encryption (FDE) typically integrates into the system software. The diagram doesn't show where the RAID software might reside. I'd expect it to be very closely tied to the device driver. However, it appears instead that Apple placed the FDE below the RAID software. Perhaps this improves performance, or perhaps the choice was driven by design decisions invisible outside Cupertino.

The Time Machine improvement: they have explicitly documented how to switch in a new mirrored drive for an old one. I haven't tried their suggested process since the upgrade. I'd tried the suggested process a couple of years ago, only to have it fail. So we'll see how it goes.

Post category: 

Summer Broadband Usage

This is the Comcast report on our broadband usage last summer, after Alex and Courtney moved back home while they looked for an apartment.

Summer Broadband Usage

Comcast did not provide the annotations in red. The heavy dashed line is Comcast's 250GB "limit" on monthly broadband usage. I'm relieved that the limit is an advisory thing, so far, and not something they necessarily enforce.

Wordpress tag: 
Post category: 

The Five Worst User Interfaces

Call Lost - Redial?Bad user interfaces really annoy me. At best, a bad interface costs us time and effort. At worst, it can trick us into breaking something. A bad user interface is an assurance problem just waiting to happen.

Here are my nominations for the five worst user interfaces:

  • Recovering a lost phone call
  • Voicemail
  • Adding high-quality sound to a TV
  • Electronic calendars and time zones
  • Setting a watch

I've probably forgotten a few that are much more common and much, much worse. When you've lived with a bad interface for a really long time you adapt to it and forget how much trouble it causes.

Post category: 

The Ultimate USB Attack

After finishing a blog entry about the Homeland Security test using hacked CDs and USB drives, I took a look at a much nastier - though more expensive - attack.

Wordpress tag: 
Post category: 

Penetration via Human Nature

Bloomberg has posted an interesting summary of recent hacker triumphs based on social engineering attacks. The fundamental piece of hard news was that the US Department of Homeland Security ran a test last year in which they dropped CDs and USB drives around near some US government offices. The test detected that 60 percent of these were inserted into government computers.

Wordpress tag: 
Post category: 

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer