Jun 132019
 

The news this morning is that former PM Jean Chrétien suggested that Canada should stop the extradition proceedings against Huawei CFO Meng Wanzhou, as a means to win back the freedom of the two Canadian hostages in China, Michael Kovrig and Michael Spavor. (Yes, I called them hostages.)

The case against Huawei runs a lot deeper, however, than the financial fraud Ms. Meng is alleged by US authorities to have committed.

There is also the question of espionage, including the possibility that Huawei’s 5G equipment cannot be trusted because of firmware or hardware level backdoors.

I repeatedly encountered the suggestion that this issue can be trivially remedied by using end-to-end encryption. Unfortunately, end-to-end encryption, even if properly implemented (ignoring for the moment our own Western governments’ recurrent pleas to have built-in backdoors in any such encryption algorithms), solves only part of the problem.

It still allows Huawei to steal metadata, such as where calls are routed or the amount and nature of data traffic between specific endpoints. Worse yet, no encryption prevents Huawei from potentially sabotaging the network when called upon to do so by the Chinese government.

For this reason, I reluctantly came to the conclusion that the US ban against Huawei is justified and appropriate. It must, of course, be accompanied by a suitable increase in spending on researching 5G communications technologies, because otherwise, we risk shooting ourselves in the foot by banning the use of equipment that is technologically superior to the available alternatives. This is a new situation for the West: The last time the West faced a great power adversary that matched Western scientific and technological capabilities was in the 1930s, with Nazi Germany.

As for Ms. Meng, I think the suggestion to suspend the extradition process is wholly inappropriate. It would signal to the world that Canada is willing to suspend the rule of law for the sake of hostages. However strongly I feel about Messrs. Kovrig and Spavor, however strongly I desire to see them released, this is not a price Canada should be willing to pay.

 Posted by at 5:56 pm
Mar 302019
 

Content management software that I use, Joomla! and WordPress in particular, have been complaining for a while now that the PHP version that runs on my servers is outdated and potentially unsecure. Not exactly true, as PHP 5.4 remains part of the official Red Hat/CentOS release, but it would certainly be prudent for me to attempt an upgrade.

I tried to do just that last night, on a test server. And it was a miserable failure, a waste of many hours that I will never get back, to make no mention of the heightened risk of cardiovascular disease due to my elevated blood pressure caused by all that frustration.

The relatively easy part? PHP 7 complaining that its just-in-time compilation feature ran out of memory. Easy-peasy, I can disable JIT. Check.

But then: several of my Joomla! sites refused to run, with a cryptic and ultimately meaningless error message and nothing in the logs. And at least one Joomla! site just got itself into an infinite redirect loop. But why?

I tried many things. I kept looking for answers on Google. Nothing worked. Eventually I took two of my Joomla! sites that are very similar in nature, and began comparing their settings, side-by-side. One worked, the other didn’t. Why?

I then stumbled upon a custom Joomla! module, one that I wrote to support some ads that appear on my sites. This module was installed on the site that failed, but not used on the other. I disabled the module and, presto, the site was working with PHP 7. I re-enabled the module and the site was dead again. So… why?

Well, the module contains some PHP code. Which, after some preamble that allows it to connect to the internal data structures of Joomla!, begins the real work by accessing the MySQL database that contains the actual ads:

$conn = mysql_connect("localhost");
mysql_select_db("www");
$res = mysql_query("SELECT PAGEID,ADTEXT FROM ...

Oops.

You see, mysql_ calls have been deprecated and REMOVED from PHP starting with version 7.

And I have hundreds, if not thousands of lines of legacy code* (including, e.g., my calculator museum at rskey.org) that rely on this old library.

So I guess that PHP 7 upgrade will have to wait a while longer. Looks like I have no choice but to rewrite the affected pieces of code everywhere, as there is no other long-term solution. (Even if I find a third-party PHP plugin that re-enables mysql_ codes, how long will that continue to work? How reliable will it be?)

What a muckup. Grumble. And I do have other work to do.

 Posted by at 10:40 am
Mar 282019
 

Even as Facebook is battling white supremacism and fighting accusations of racial profiling, there is more nonsense going on.

In the past few days, I received several Facebook requests from accounts purportedly owned by young women, whose profiles contain sexually explicit, rather pornographic images and videos.

Here is one of the mildest ones (the majority of the images in this and other accounts from which I received friend requests were far, far more explicit in nature, including images depicting intercourse):

I do not wish to be a prude here; I am, after all, a middle aged male in relatively good health, and certainly not immune to, ahem, shall we say, visually stimulating images (though I admit I was never a fan of hard-core pornography. Not my cup of tea.)

But these Facebook accounts are obviously not accounts owned by bona fide young women trying to seduce older, happily married males like myself. They are probably overweight middle-aged male scam artists doing their shady business from their parents’ basements. Or worse yet, organized crime operating out of shady boiler rooms somewhere in Eastern Europe or Asia.

Thanks but no thanks. I have presently no desire to break my marital vow, but even if I did, there are better, safer ways.

As for these friend requests, I just block them and report the accounts to Facebook.

 Posted by at 2:08 pm
Jun 162018
 

When I was a teenager, the classic novel, The Count of Monte Cristo by Alexandre Dumas, was one of my favorites.

And one of my favorite chapters in that book was a chapter with an uncanny (not to mention unusually long) title: “How a Gardener May Get Rid of the Dormice that Eat His Peaches”. In it, Dumas describes a classic hack: exploiting the human in the system. By bribing an operator of France’s early optical telegraph network, the book’s protagonist is able to plant a false message, which ultimately contributes to the downfall of one of his mortal enemies. In short: a targeted cyberattack on a telecommunications network.

What I did not know, however, is that this chapter may have been inspired by real life events. About ten years before Dumas published his novel, the brothers François and Louis* Blanc managed to hack the telegraph network in a manner even more sophisticated than the hack described in Dumas’s book. Yes, the real-life hack relied on bribing operators, too, but it also involved a case of steganography: inserting a coded message that would piggyback on the original telegraph transmission. Not only did the scheme succeed, like any good hack it remained in place and undetected for two years. And when it was finally detected, the Blanc brothers were charged but never convicted; there were, after all, no laws on the books back in the 1830s against misuse of data networks.


*Well, that’s what Wikipedia tells me. It appears that the twins are misidentified as Francois and Joseph in several English-language publications. Francois was later known as The Magician of Monte Carlo, a casino that he owned and where he first introduced the single-0 style roulette wheel.
 
 Posted by at 7:52 pm
Nov 102017
 

I’ve seen several news reports commenting on the fact that Donald Trump was using Twitter while visiting China. That despite the fact that Twitter is one of those Western services that are blocked by China’s “Great Firewall”. Some even speculated that Trump was using a military communications network or some other exotic technology to circumvent Chinese restrictions. (As if the US military was foolish enough to let this idiot of a president’s unsecure smartphone access their network.)

But reality is much more mundane, as I know quite well from personal experience in China.

When you are traveling with a phone registered to a foreign service provider, your Internet connection initiates from that provider’s network. So insofar as the Internet is concerned, you are not even in China. Your connection initiates from your home country. In my case, whenever I used my phone in China for Internet access, I accessed the Internet from an IP address registered with my Canadian cellular service provider, Rogers. I had unrestricted access to Google, Facebook, CNN and other news sites, with no Chinese restrictions.

Trump probably did exactly what I did, except that he probably worried about international data roaming charges and data caps a little less than I. He grabbed his phone, turned it on, and used it without a second thought. (OK, that’s not exactly like me. Trump was probably not surprised to see Twitter work on his phone in China, because he probably knows very little about the Great Firewall. I was mildly surprised myself, especially as I went there prepared for the worst, with multiple overt and covert VPN options prepared just in case I needed them. Which I did… but only when I was using the hotel Wi-Fi instead of the cellular network.)

 Posted by at 9:21 am
May 292017
 

Is your mother proud of you being a crook?

I have asked this question many times in recent months; basically, every time I receive a call from the “computer support department”, trying to tell me how my computer is full of viruses or whatever.

I usually don’t expect an answer; as a matter of fact, I usually just hang up, although more often than not, the other party hangs up first before I get a chance. Understandable… that’s what they are trained to do by their criminal masters.

Today, for some reason, I chose not to hang up. And the gentleman on the other and of the line asked me to repeat myself instead of hanging up on me. I obliged. After a moment of silence, I actually got an answer.

“Well, sir, I need the money.”

That was an unexpectedly candid admission, not that I was not aware of this basic truth. These callers, usually in boiler rooms somewhere in India or Pakistan, do this because they need to earn a living.

But it’s one thing to earn a living, it’s another to defraud vulnerable people, old ladies and whatnot. I told that much to this agent. He just repeated himself, defensively: “But I need the money.”

So I told him that I understand. That I, too, was a refugee once 30 years ago. (True.) But even when I had no money, I did not start defrauding people. I asked him to think about this, please; then thanked him and hung up.

Did I accomplish anything? I don’t know. Is it valid to compare my situation 30 years ago: granted, a refugee, but a refugee in a first world country (Austria) with no family to worry about and with guaranteed shelter and food at the Traiskirchen refugee camp, which I declined to take advantage of only because I found work (no fraud involved, but it’s true that I had no work permit) and I was able to afford better accommodations?

Yes, I read Les Misérables. No, I do not want the poor to be disproportionately punished, with no grace or mercy.

Still, I think there is an ethical line to be drawn here. No matter how great your need is, I still don’t think this moral justification applies when you work for a criminal enterprise, earning a living from defrauding vulnerable people halfway around the world.

 Posted by at 2:21 pm
May 062017
 

One of the major events during last year’s presidential campaign was the hacking of e-mails of the Democratic National Congress. In particular, the hacking of the e-mails of campaign chairman John Podesta.

How it happened is simple. Podesta received a bogus e-mail, purportedly from Google, that there was an unauthorized attempt to log in to his account, and that he should change his password. A helpful link in the form of a button was provided.

Podesta’s assistant was suspicious and asked for expert help. The expert inadvertently described the e-mail as “legitimate” (presumably, he meant to write “not legitimate” or “illegitimate”) but advised that Podesta should change his password, and provided the correct (Google) link for password changes.

The assistant forwarded the e-mail to Podesta, adding in her own words that “The gmail one is REAL”. This prompted Podesta to change his password… using the fraudulent link provided to him in the original message. By doing so, Podesta inadvertently disclosed his e-mail password to Russian hackers.

How do we know that they are Russian? There are many reasons to believe this to be the case, but I just noticed another peculiarity. (It is possible that I am not the first to notice this, of course.) Look at the subject line of the Podesta e-mails:

Subject: Sоmeоne has your passwоrd

Now try searching for the word “Someone” on this page using your Web browser’s built-in search feature (hitting Control-F activates this feature in most browsers). Can you see (or rather not see) how nothing in this Subject line is highlighted?

That is because several of the o’s in this subject line were typed on a Cyrillic keyboard, and they are Cyrillic characters. A Cyrillic ‘о’ appears very much the same as a Latin ‘o’, but it has a different code (hexadecimal 043e as opposed to 006f):

Funny thing is… I got this subject line straight from Wikileaks. You know, the same Wikileaks who are protesting high and low that the e-mail dump is not from Russia. Yet on their very own Web site, the e-mails that resulted in the Podesta hack contain Cyrillic characters. Go figure.

 Posted by at 8:34 pm
Feb 022017
 

“After a second notices he ran it on db1 instead of db2″… This sentence (somewhat shortened, to make a fitting title) describes the beginning of a colossally effed up night at GitLab.com.

In response to a spike in system load, which resulted in lag on a replication server, the operator thought that maybe restarting the replication server with a clean slate is a good idea. So he decided to wipe the replication server’s data directory.

Unfortunately, he entered the command in the wrong window.

I feel his pain. I did make similar mistakes before, albeit on a much smaller scale, and the memories still hurt me, years later.

I have to commend GitLab for their exceptional openness about this incident, offering us all a valuable lesson. I note that others also responded positively, offering sympathy, assistance, and useful advice.

I read their post-mortem with great interest. In reaction, I already implemented something that I should have done years ago: changing the background color of some of the xterm windows that I regularly open to my Linux servers, to distinguish them visually. (“Create issue to change terminal PS1 format/colours to make it clear whether you’re using production or staging”).

Of course similar incidents and near misses also changed my habits over the years. I rarely delete anything these days without making a backup first. I always pause before hitting Enter on a command that is not (easily) reversible. I have multiple backups, and tested procedures for recovery.

Even so… as Forrest Gump says, shit happens. And every little bit helps, especially when we can learn from the valuable lessons of others without having to go through their pain.

 Posted by at 10:13 am
Dec 132016
 

This morning, when I woke up, the regular status e-mails that my servers greet me with told me that there is a major CentOS update (version 7.3). Cool. Unfortunately, it meant that I needed to upgrade as many as five servers. This includes my main server, its physical backup, my backup server in NYC, another “in cloud” backup, and yet another server that I help administer. I began this process shortly after 8 in the morning, after I finished breakfast.

And as usual, a major upgrade like this brings to the surface little problems, little annoyances such as folders that had incorrectly configured SELinux permissions. No big deal, to be sure, but several such little things can consume hours of your time.

And then, it was also Microsoft Patch Tuesday, the second Tuesday of the month when Microsoft releases scheduled updates to Windows and other products. As soon as I was done with CentOS, my attention turned to my Windows machines, including my main workstation, its backup (actually, the same physical machine that also acts as my server’s backup in a dual-boot configuration), my wife’s desktop computer, two laptops, and last but not least, my old desktop that I still keep around as a backup/test computer.

Moreover, I also decided to update three virtual machines (one running Windows 7, the other two, Windows XP) that I keep around both for test purposes but also to have older software, older configurations available if needed.

Furthermore, when I update Windows, I tend to check and see if any other software packages need updating. On some computers, I run Secunia PSI, which keeps track of many applications. But even on other systems, I had to update Java (if installed), Adobe Flash, Chrome and Firefox.

And on older hardware, the process can be painfully slow.

To make a long story short, by the time I finished the bulk of this work, it was 7:30 in the evening. And one computer (a really low powered old netbook) is still doing its thing, even though it’s well past 11 PM now.

No wonder I didn’t accomplish much today.

Of course all of this needed to be done. Since I am a one-man band, I don’t have an IT department to rely on, but it is still important for me to keep my systems secure and well-maintained.

Nonetheless, it feels like one hell of a waste of a day.

 Posted by at 11:22 pm
Nov 232016
 

This was a potential nightmare scenario. Imagine if we found out that the swing state results of the Nov. 8 election were altered by hackers. Imagine if an investigation found that Hillary Clinton won these states after all, and hence, won the electoral college.

Remember the hanging chads of the 2000 election?

Remember the hanging chads of the 2000 election?

Why is it a nightmare? Because it would likely lead to a constitutional crisis with unpredictable consequences. Donald Trump would be unlikely to concede. But even he did, tens of millions of his supporters would likely find the results unacceptable. Even the predictable disaster of a Trump presidency is preferable to a crisis of such magnitude.

And last night, the specter of just such a crisis was raised, in the form of a New York Magazine article (which was soon echoed by other news outlets), reporting on the doubts and suspicions of prominent scientists who noted a bias in the county-by-county results, more likely to favor Trump in counties where votes were counted electronically.

But not so fast, says fivethirtyeight.com. You cannot just compare the raw results without accounting for demographics. And once you take demographics into account, the apparent bias disappears. And while fivethirtyeight notes that it is difficult to validate the integrity of the voting system in the United States, nonetheless the burden of proof is on those who claim electoral fraud, and so far, the burden of proof has not been met.

I no more welcome a Trump presidency today than I did two weeks ago, but an orderly transition is still preferable to the chaos of a constitutional crisis.

Meanwhile, Clinton’s lead in the popular vote count increased to over two million votes (yes, they are still counting the votes in some states, including mighty California). This in itself is unprecedented: never in the history of the United States did a candidate win the popular vote with such a wide margin, yet lose the electoral college.

 Posted by at 6:31 pm
Nov 172016
 

It is rare these days that a piece of spam makes me laugh, but today was an exception. After all, it is not every day that I receive an e-mail notice, pretending (kind of) to be from UPS, informing me that my “crap” has been shipped:

Still trying to figure out though if the language was intentional, or simply a mistake made by a non-native English speaker unfamiliar with certain, ahem, idioms.

 Posted by at 1:16 pm
Nov 152016
 

I just came across this recent conversation with Barack Obama about the challenges of the future, artificial intelligence, machine learning and related topics. A conversation with an intelligent, educated person who, while not an expert in science and technology, is not illiterate in these topics either.

Barack Obama Talks AI, Robo-Cars, and the Future of the World

And now I feel like mourning. I mourn the fact that for many years to come, no such intelligent conversation will be likely be heard in the Oval Office. But what do you do when a supremely qualified, highly intelligent President is replaced by a self-absorbed, misogynist, narcissistic blowhard?

Not much, I guess. I think my wife and I will just go and cuddle up with the cats and listen to some Pink Floyd instead.

 Posted by at 11:35 pm
Nov 122016
 

If there was a single cause that sank Hillary Clinton’s bid for the presidency, it was undeniably the “e-mail scandal”.

Which is really, really sad because it was really no scandal at all. I just read a fascinating account (written back in September I believe) that offers details.

Some of what happened was due to ineptness (either by Clinton’s team or the State Department’s), some of it was a result of outdated, inconvenient, or unreliable technology, some of it was just the customary bending of the rules to get things done… most notably, there was no recklessness, no conspiracy, no cover-up, just the typical government or, for that matter, corporate bungling. (And as I noted before, Clinton’s e-mails were likely more secure on the “home brew” server sitting in a residential basement than on the State Department’s systems.)

 Posted by at 4:47 pm
Jul 132016
 

Today, I took the plunge. I deemed my brand new server (actually, more than a month old already) ready for action. So I made the last few remaining changes, shut down the old server, and rebooted the new with the proper settings… and, ladies and gentlemen, we are now live.

Expect glitches, of course. I already found a few.

The old server, of which I was very fond, had to go. It was really old, the hardware about 7 years. Its video card fan failed, and its CPU fan was also making noises. It was ultra-reliable though. I never tried to make this a record, but it lasted almost three years without a reboot:

$ uptime
 12:28:09 up 1033 days, 17:30, 4 users, load average: 0.64, 0.67, 0.77

(Yes, I kept it regularly updated with patches. But the kernel never received a security patch, so no reboot was necessary. And it has been on a UPS.)

This switcharoo was a Big Deal, in part, because I decided to abandon the Slackware ship in favor of CentOS, due to its improved security and, well, systemd. I know systemd is a very polarizing thing among Linux fans, but my views are entirely pragmatic: in the end, it actually makes my life easier, so there.

Anyhow, the new server has already been up 13 minutes, so… And it is a heck of a lot quieter, which I most welcome.

 Posted by at 12:45 pm
Jun 092016
 

Dictatorships can be wonderful places, so long as they are led by competent dictators.

The problem with dictatorships is that when the dictators go bonkers, there are no corrective mechanisms. No process to replace them or make them change their ways.

And now I wonder if the same fate may be in the future of Singapore, described by some as the “wealthiest non-democracy”.

The Ministry of Information and the Arts

To be sure, Singapore is formally democratic, with a multi-party legislature. But really, it is a one-party state that has enacted repressive legislation that require citizens engaging in political discussion to register with the government, and forbids the assembly of four or more people without police permission.

Nonetheless, Singapore’s government enjoyed widespread public support for decades because they were competent. Competence is the best way for a government, democratic or otherwise, to earn the consent of the governed, and Singapore’s government certainly excelled on this front.

But I am beginning to wonder if this golden era is coming to an end, now that it has been announced that Singapore’s government plans to take all government computers off the Internet in an attempt to improve security.

The boneheaded stupidity of this announcement is mind-boggling.

For starters, you don’t just take a computer “off the Internet”. So long as it is connected to something that is connected to something else… just because you cannot use Google or visit Facebook does not mean that the bad guys cannot access your machine.

It will also undoubtedly make the Singapore government a lot less efficient. Knowledge workers (and government workers overwhelmingly qualify as knowledge workers) these days use the Internet as an essential resource. It could be something as simple as someone checking proper usage of a rare English expression, or something as complex as a government scientist accessing relevant literature in manuscript repositories or open access journals. Depriving government workers of these resources in order to improve security is just beyond stupid.

In the past, Singapore’s government was not known to make stupid decisions. But what happens when they start going down that road? In a true democracy, stupid governments tend to end up being replaced (which does not automatically guarantee an improvement, to be sure, but over time, natural selection tends to work.) Here, the government may dig in and protect its right to be stupid by invoking national security.

Time will tell. I root for sanity to prevail.

 Posted by at 1:45 pm
Apr 152016
 

Not for the first time, one of my Joomla! sites was attacked by a script kiddie using a botnet.

The attack is a primitive brute force attack, trying to guess the administrator password of the site.

The frustrating thing is that the kiddie uses a botnet, accessing the site from several hundred remote computers at once.

A standard, run-of-the-mill defense mechanism that I installed works, as it counts failed password attempts and blocks the offending IP address after a predetermined number of consecutive failures.

Unfortunately, it all consumes significant resources. The Joomla! system wakes up, consults the MySQL database, renders the login page and then later, the rejection page from PHP… when several hundred such requests arrive simultaneously, they bring my little server to its knees.

I tried as a solution a network-level block on the offending IP addresses, but there were just too many: the requests kept coming, and I became concerned that I’d have an excessively large kernel table that might break the server in other ways.

So now I implemented something I’ve been meaning to do for some time: ensuring that administrative content is only accessible from my internal network. Anyone accessing it from the outside just gets a static error page, which can be sent with minimal resource consumption.

Now my server is happy. If only I didn’t need to waste several hours of an otherwise fine morning because of this nonsense. I swear, one of these days I’ll find one of these script kiddies in person and break his nose or something.

 Posted by at 11:50 am
Apr 102016
 

I’ve been encountering an increasing number of Web sites lately that asked me to disable my ad blocker. They promise, in return, fewer ads.

And with that promise, they demonstrate that they completely and utterly miss the point.

I don’t want fewer ads. I don’t mind ads. I understand that for news Web sites, ads are an essential source of revenue. I don’t resent that. I even click on ads that I find interesting or relevant.

So why do I use an ad blocker, then?

In one word: security.

Malicious ads showed up even on some of the most respectable Web sites. Ad networks have no incentive to vet ads for security, so all too often, they only remove them after the fact, after someone complained. And like a whack-a-mole game, the malicious advertiser is back in no time under another name, with another ad.

And then there are those ads that pop up with an autostart video, with blaring sound in the middle of the night, with the poor user (that would be me) scrambling to find which browser tab, which animation is responsible for the late night cacophony.

Indeed, it was one of these incidents that prompted me to call it quits on ads and install an ad blocker.

So sorry folks, if you are preventing me from accessing your content because of my ad blocker, I just go elsewhere.

That is, until and unless you can offer credible assurance that the ads on your site are safe. I don’t care how many there are. It’s self-limiting anyway: advertisers won’t pay top dollar for an ad on a site that is saturated with ads. What I need to know is that the ads on your site won’t ruin my day one way or another.

 Posted by at 9:19 am
Sep 212015
 

Today, I spent a couple of hours trying to sort out why a Joomla! Web site, which worked perfectly on my Slackware Linux server, was misbehaving on CentOS 7.

The reason was simple yet complicated. Simple because it was a result of a secure CentOS 7 installation with SELinux (Security Enhanced Linux) fully enabled. Complicated because…

Well, I tried to comprehend some weird behavior. The Apache Web server, for instance, was able to read some files but not others; even when the files in question were identical in content and had (seemingly) identical permissions.

Of course part of it was my inexperience: I do not usually manage SELinux hosts. So I was searching for answers online. But this is where the experience turned really alarming.

You see, almost all the “solutions” that I came across advocated severely weakening SELinux or disabling it altogether.

Since I was really not inclined to do either on a host that I do not own, I did not give up until I found the proper solution. Nonetheless, it made me wonder about the usefulness of overly complicated security models like SELinux or the advanced ACLs of Windows.

These security solutions were designed by experts and expert committees. I have no reason to believe that they are not technically excellent. But security has two sides: it’s as much about technology as it is about people. People that include impatient users and inadequately trained or simply overworked system administrators.

System administrators who often “solve” a problem by disabling security altogether, rather than act as I have, research the problem, and not do anything until they fully understand the issue and the most appropriate solution.

The simple user/group/world security model of UNIX systems may lack flexibility but it is easy to conceptualize and for which it is easy to develop a good intuition. Few competent administrators would ever consider solving an access control problem by suggesting the use of 0777 as the default permission for all affected files and folders. (OK, I have seen a few who advocated just that, but I would not call these folks “competent.”)

A complex security model like SELinux, however, is difficult to learn and comprehend fully. Cryptic error messages only confound users and administrators alike. So we should not be surprised when administrators take the easy way out. Which, in a situation similar to mine, often means disabling the enhanced security features altogether. Unless their managers are themselves well trained and security conscious, they will even praise the administrator who comes up with such a quick “solution”. After all, security never helps anyone solve their problems; by its nature, it becomes visible only for its absence, and only when your systems are under attack. By then, it’s obviously too late of course.

So the next time you set up a system with proper security, think about the consequences of implementing a security model that is too complex and non-intuitive. And keep in mind that what you are securing is not merely a bunch of networked computers; people are very much part of the system, too. The security technology that is used must be compatible with both the hardware and the humans operating the hardware. A technically inferior solution that is more likely to be used and implemented properly by users and administrators beats a technically superior solution that users and administrators routinely work around to accomplish their daily tasks.

In short… sometimes, less is more indeed.

 Posted by at 7:17 pm
May 152015
 

Whenever I travel, I think a lot about Internet security. For purely selfish reasons: I do not wish to become a victim of cybercrime or unnecessarily expose my own systems to attacks.

The easiest way to achieve end-to-end encryption is through a virtual private network (VPN). Whenever possible, I connect to my own router’s VPN service here in Ottawa before doing anything else on the Interwebs. The connection from my router to the final destination is still subject to intercept, but at least my connection from whatever foreign country I am in to my own network is secure.

A VPN has numerous other advantages, not the least of which is the fact that to the outside world, I appear to have an Ottawa-based IP address; this allows me, for instance, to use my Netflix subscription even in countries where Netflix is not normally available.

The downside of the VPN is that I am limited by the outgoing bandwidth of my own connections. But in practice, this does not appear to be a serious limitation. (I was able to watch Breaking Bad episodes just fine while in Abu Dhabi.)

Unfortunately, a VPN is not always possible, as some providers, for reasons known only to them, block VPNs. (I can think of a few workarounds, but I have not yet implemented any of them.) Even in this case, I remain at least partially protected. I have set up my mail server such that both incoming (IMAP) and outgoing (SMTP) connections are fully encrypted. This way, not only are my messages secure, but (and this was my main concern) I also avoid leaking sensitive password information to an eavesdropper.

When it comes to Web sites, I use secure (HTTPS) connections whenever possible, even for “mundane” stuff like innocent Google searches. I also use SSH if necessary, to connect to my servers. These days, SSH is an absolute must; the use of Telnet is just an invitation for disaster.

But of course the biggest security risk while one is on the road is the use of a public Wi-Fi network anywhere. Connecting to an HTTP (not HTTPS) server through a public Wi-Fi network and logging in with your password may not be the exact equivalent of telegraphing your password to the whole wide world, but it comes pretty darn close. Tools that can be used to scan for Wi-Fi networks and analyze the data are readily available not just for laptops but even for smartphones.

Once an open Wi-Fi network is identified, “sniffing” all packets becomes a trivial exercise, with downloadable tools that are readily available. Which is why it is incomprehensible to me why, in this day and age, most providers (e.g., hotels, airports) that actually do require users to log in use an unsecure network and just intercept the user’s first Web query to present a login page instead, when the technology to provide a properly secured Wi-Fi network has long been available.

In the future, no doubt I’ll have to take even stronger measures to maintain data security. For instance, the simple PPTP VPN technology in my router has known vulnerabilities. Today, it may take several hours on a dedicated high-end workstation to crack its encryption keys; the same task may be accomplished in minutes or less on tomorrow’s smartphones.

So there really are two lessons here: First, any security is bettern than no security, as it makes it that much harder for an attacker to do harm, and most attackers will just move on to find lower hanging fruit. Second, no measure should give you a false sense of security: by implementing reasonable security measures, you are raising the bar higher, but it will never defeat a determined attacker.

 Posted by at 2:46 pm
Mar 252015
 

Curse my suspicious nature.

Here I am, reading a very nice letter from a volunteer who is asking me to share a link on my calculator museum Web site to cheer up some kids:

rachel1

And then, instead of doing as I was asked to do, I turned to Google. Somehow, this message just didn’t smell entirely kosher. The article to which I was supposed to link also appeared rather sterile, more like an uninspired homework assignment, with several factual errors. So I started searching. It didn’t take very long until I found this gem:

Then, searching some more, I came across this:

Or how about this one:

Looks like Ms. Martin has been a busy lady.

So no, I don’t think I’d be adding any links today.

 Posted by at 7:33 pm