Practical Technology

for practical people.

August 26, 2010
by sjvn01
0 comments

Wi-Fi Convenient, but Dangerous

With the advent of standardized 802.11n Wi-Fi, it’s easier than ever to expand your business network wirelessly, but that may not always be a smart idea.

I’m sitting outside an office building in Portland, Oregon. The building has at least half a dozen businesses with about 40 Wi-Fi access points (AP). In the hour I’ve been sitting here, I’ve broken into 28 of these corporate networks.

While I certainly know more about networking than most people do, I’ve no special expertise. I’m no hacker. I’m just making use of a good network packet analyzer, Wireshark (formerly known as Ethereal) and several common-as-dirt, dead simple to use cracking tools.

The simple truth is that, given a few days and publicly available programs, any wireless network can be broken. Sadly, as I just rediscovered today, most Wi-Fi networks don’t require that much trouble. Heck, it barely requires any effort at all.

Indeed, two of the businesses (downtown businesses, mind you, not Harry’s Home Network) didn’t have any security on their APs. Sigh. Leaving an open AP isn’t just a matter of letting other people share your bandwidth. It’s also an open door into your network. Another three were even worse: They used the default passwords for their wireless routers and APs. As for the rest, most were little more trouble to unlock.

That’s because most Wi-Fi security protocols are pathetically easy to break. For example, it’s a good bet that every Wi-Fi device your company has supports Wi-Fi Wired Equivalency Privacy (WEP). And many of you, including ten of the companies I just “visited,” use WEP for security.

It’s just too bad that WEP was broken, for all practical purposes, back in 2001. WEP stops someone with no clue about Wi-Fi networking security, but those are the only people that it will stop. However, every vendor still includes WEP as part of their laundry list of supported protocols; some reputable sources, like Consumer Reports, as recently as 2009 recommended WEP’s use. Consumer Reports subsequently corrected its mistake, but alas its “better” recommendation, WPA (Wi-Fi Protected Access), is also pretty easy to crack.

Continue Reading →

August 25, 2010
by sjvn01
0 comments

Red Hat heads into the clouds, not into an acquisition

Get over it people. Red Hat is not getting acquired anytime soon. I know, I know, you’d heard all the rumors. Here’s the truth as I see it: If Red Hat gets acquired anytime soon, I’ll eat my fedora. It’s not happening.

What is happening, as Paul Cormier, EVP of Red Hat, announced this morning is that Red Hat spelled out more about its cloud strategy. Sorry, I know that’s not a tenth as exciting as an acquisition, but it’s just not in the works right now.

What is in the works is that Red Hat has spelled out more about its Red Hat Cloud Foundations. Red Hat’s plan is to provide companies with an infrastructure “capable of delivering an open source, flexible cloud stack, incorporating operating system, middleware and virtualization. Furthermore, this stack is designed to run consistently across physical servers, virtual platforms, private clouds and public clouds. Red Hat’s comprehensive solution set enables interoperability and portability, recognizing that customers have IT architectures composed of many different hardware and software components from various vendors.”

More >

August 24, 2010
by sjvn01
0 comments

What Google’s Data Center Can Teach You

Jeff Dean, a Google Fellow who has been with the company since 1999, gave a speech at the Web Search and Data Mining meeting in 2009 where he unveiled how Google puts together its data centers (PDF). Because the meeting was in Barcelona, Spain, his speech didn’t receive the attention it deserved in the United States.

After all, wouldn’t you like to know how Google manages to do what it does? And how the company’s experience and expertise can help you predict how your data center measures up?

A Google data center starts with high-speed, multi-core CPUs, Dean revealed. Each of these servers has 16GBs of RAM with fast 2TB (Terabyte) hard drives. These are kept in racks of 80 servers tied together with 10Gb Ethernet or other high-speed network fabrics. Finally, 30 or more of these racks are deployed into a single cluster. In addition, each rack and cluster has its own servers simply to manage and maintain each layer’s PCs and racks. Finally, add in additional storage to the tune of petabytes in storage area networks (SANs), and you have a single Google cluster.

More >

August 24, 2010
by sjvn01
1 Comment

Cut Costs by Using Linux Appliances for Branch Offices

I’m cheap. Given a choice between buying an elaborate, full-featured server requiring expensive technicians and administrators, versus turning an out-of-date PC into a single-purpose Linux server, I’m going to go with the Linux server every time.

It’s not that Linux isn’t expensive. It sometimes is. But if a department or a branch office just needs one or two specific server jobs, there are plenty of obsolete PCs and easy-to-set-up, special-purpose Linux servers that can fill the bill for little or no cost.

Linux answers these needs because companies like Novell, rPath, and network security vendor Vyatta offer dedicated Linux appliances for specific jobs. These Linux distributions, instead of giving you everything, give you just enough to fill a particular need.

Many Linux appliances are free to use. If your needs are particularly simple, or you have in-house expertise, you may not need to spend one penny to get them set up and then to maintain them. If it turns out you do need more help, the ones I selected for this article also offer technical support at reasonable rates.

More >

August 24, 2010
by sjvn01
0 comments

Microsoft LOVES open source!?

Microsoft claiming that it loves open source?! What next? Cats and dogs living together?!

Seriously, in a recent Network World interview, Microsoft’s General Manager of Interoperability and XML Architecture Jean Paoli said, “We [Microsoft] love open source” and that “We have worked with open source for a long time now.”

Really? But what about Microsoft CEO Steve Ballmer saying “Linux is a cancer that attaches itself in an intellectual property sense to everything it touches” back in 2001? Paoli dodged that one saying that confusing all open-source technology with Linux was “really very early on” and “That was really a long time ago. We understand our mistake.”

Actually, Paoli just proved with that statement that Microsoft still doesn’t get it. Ballmer was using Linux as the prime example of what he saw as the critical problem of the GPLv2 (GNU General Public License, version 2). Guess what? Linux, the world’s most popular open-source program, is still under the GPLv2. A lot of other great open-source software is licensed with it or its updated version, the GPLv3. The bottom line is that a lot of important open-source software is as dangerous (or not) as it ever was to Microsoft’s way of doing things.

More >

August 24, 2010
by sjvn01
0 comments

The Five Winners of Oracle suing Google

When Oracle sued Google over its use, or as Oracle would have it, Google’s misuse of Java intellectual property in Android, the first questions were why and what did Oracle hope to gain?

My only pet theory is straightforward and simple: Oracle wants to skim big-bucks from Android. But, even if a miracle happens and Oracle wins every one of their claims, we’re still talking years before Oracle sees a single red-cent.

Still lots of people will profit in the short run from Oracle. Here’s my list:

More >