Practical Technology

for practical people.

January 12, 2010
by sjvn01
0 comments

The most insecure part of your network is…

I was recently reminded while troubleshooting a friend’s small business network of where most computer systems’ real security weaknesses lie. Where do you think it is? The desktop operating system, which was Windows XP SP3? The server operating systems, which were Windows Server 2003 SP2 and Novell’s SLES (SUSE Linux Enterprise Server) 11 SP1? Or, the Sonicwall TZ 210 firewall appliance?

The answer was, of course, none of the above. The weakest spot on your network is never your operating systems, your hardware, your applications, your security software or any of the rest of the technical side. The weakest link is always you and your people.

Whether it’s something as simple as that old stand-by of users putting a password on a yellow sticky note on their monitor or someone tricking their way into your office with a fake ID, your real security problem is the people sitting between their keyboards and their displays.

More >

January 12, 2010
by sjvn01
2 Comments

Another day, another SUSE/Moblin Linux netbook

Shame on me, I missed that during last week’s CES (Consumer Electronics Show), MSI wasn’t the only company to announce the release of a SUSE/Moblin Linux-powered netbook. Samsung also announced that they’ll be releasing this Linux mix on its N127 netbook.

This release, however, is still just getting out of the starting blocks. As several people at the show reported, the one sample netbook that Samsung was showing still had a Windows key emblazoned on its keyboard. Whoops!

The system also won’t be available in the States anytime soon. It’s being introduced first in India and Russia. Then, if all goes well, you can expect to see it in North America and Europe.

More >

January 11, 2010
by sjvn01
3 Comments

Windows goes rental

Windows goes rental Microsoft has quietly made it possible to, sort of, to rent both Windows and Office. While you were probably having great fun on New Year’s Eve, Microsoft was quietly making it possible for businesses to rent Windows and Office. This stealth move has the potential to make big changes in how businesses works with Office and Windows.

Now you can argue—-I would-—that Microsoft hasn’t actually let you own Windows or Office for years. On the business side, Microsoft’s volume licensing options, such as Software Assurance, requires companies to pay for the right to use Windows and Office, over the course of three years amounts to a rental program as far as I’m concerned. With this new program, as first reported by Mary Jo Foley, though, business customers could “pay a flat fee to use Windows or Office 2007 (Standard or Professional versions) for a year.”

You might think, as an individual user that you ‘own’ the operating system that came on your PC, but you’d wrong. You can’t sell the Windows that’s pre-installed on your PC. Now, you can sell a used copy of Windows, if you bought a copy of the Windows operating system and then deleted it from your computer. So, for example, if you bought a copy of Windows 7 to upgrade from your old PC’s pre-existing Vista, you can’t sell that copy of Vista. This is one of the many reasons I prefer desktop Linux.

More >

January 11, 2010
by sjvn01
1 Comment

Is your secure USB flash drive really secure?

If you’re like me, you’ve taken to carrying important data on USB sticks or flash drives. They’re handy, you can use them on any PC, and with built-in encryption even if you lost them it was no big deal. Bad news: It’s now a big deal.

The German security company SySS GmbH discovered that many, but not all, of today’s encrypted USB sticks and flash drives are actually vulnerable to a relatively easy attack. It is not that the encryption itself-usually AES (Advanced Encryption Standard) encryption–that has been broken. It hasn’t been. Despite what you may have read from some fear-mongers, AES remains unbroken.

What has happened though is that it appears many vendors didn’t think through how they let people use the encryption in the first place. When you use a new encrypted USB drive for the first time, the drive already has a default device password. When the device’s software asks for you to enter a password, it places its device password on your computer to authorize your drive and your password. Once on the computer, SySS discovered that you could watch the password authorization process.

That was bad enough. With it, a patient cracker could tease out what the device password was. What was worse was that the company discovered that companies were using the same device password on all their drives. Whoops!

More >

January 8, 2010
by sjvn01
0 comments

Will tablet computers finally matter?

or all the hype about the rumored Apple Tablet, the ‘will they or won’t they’ about Microsoft’s Courier tablet, and a host of real tablet-announcements such as Lenovo’s IdeaPad U1 and the Dell’s still unnamed slate, everyone seems to have forgotten one tiny, little fact. Tablets have been around forever and they’ve never, ever lived up to their buzz.

For those of you with short-memories, Go Corp., back in 1987 was the first company to really try to get tablet-based computing off the ground. It quickly crashed. Then, in 1993, Apple tried to make a go of pen/tablet-based computing with the Newton. It flopped. In the meantime, Microsoft started toying with the idea of a dedicated tablet in 2000. Guess what happened to all its plans? Yeah, they all pretty much came to nothing too.

The first company to get anywhere with a tablet was Palm with its PDAs (personal digital assistances) in 1996. While they were wildly popular in their day–I still have my own Palm III hiding in my office somewhere–Palm wasn’t able to maintain its momentum and today Palm is just one of many smartphone vendors.

More >

January 7, 2010
by sjvn01
0 comments

How Social Networking Works

I’m on a social network; you’re on a social network, these days it seems we’re all on at least one social network–like Facebook, Twitter, etc. etc–if not two, three, or even more.

To be exact, the Pew Internet & American Life Project’s December 2008 tracking survey found that 35% of adult internet users now have a profile on an online social network site. If you’re a teenager, the numbers jump to 65%, but, it’s the young adults who really are behind the social networks. 75% of them belong to at least one social network. Since then, the social networks have only continued to grow at an explosive rate.

How do the social networks manage millions of users and hundreds of millions of updates? The answers lie in open-source software and thousands of servers. Let’s take a look behind the doors of a few top social networks — Twitter, LinkedIn, Facebook, and MySpace — and see exactly how they pull their tricks off.

The first thing that jumps out at you is that they’re almost all based on open-source software. For example, the operating systems behind Twitter, LinkedIn, and MySpace are all Linux. Facebook uses F5 Big-IP, which is a family of Linux-based appliances that also perform network management.

More >