Archive for September, 2004

Do I really look THAT naive?

September 13, 2004

Heh… I got yet another hilarious scam email. Seriously, these people never cese to amaze me. Are people still falling for these?

MRS TERRY PEKINS
BLESS THY O’ LORD

Greetings to you and your family in the name of God. In my search for a
reliable and God fearing person and having gotten your contact through
prayersand painstaking efforts I have decided to seek your help in carrying out
my last wish .My names are TERRY PEKINS. I’m a 65yrs old woman and a British
living in Dubai (United Arab Emirate). He was a merchant and owned two
businessesin Dubai.

I was also married with two children. MY HUSBAND and two children
died in a car accident six years ago. Before this happened my business and
concern for making money was all I lived for. I never really cared about
other values in life. But since the loss of my family, I have found a new
desire to assist helpless families. I have been helping orphans in
orphanage/motherless homes.

I have also donated some money for humanitarian needs in Sudan, South
Africa,Cameroon, Brazil, Spain, Austria, Germany and some Asian countries.
Only recently I saw on television the colossal loss of properties andlivelihood
of people in Canberra, Australia through fire.
I was moved with great pity and compassion that I decided to make a
contribution on assisting people over there.

Before I became ill, I kept $12.5 Millio in a long-term deposit account in a finance company.
Presently, I’m in a hospital where I have been undergoing treatment for oesophageal cancer.
I have since lost my ability to talk and my doctors have told me that I
have only a few months to live. It is my last wish to see this money
distributed to victims of this fire outbreak in Australia and other charity
organizations.
Because relatives and friends have plundered so much of my wealth since
my illness, I cannot live with the agony of entrusting this huge
responsibility to any of them. Please,I beg you in the name of God to help me collect the
deposit and the interest accrued from the company and distribute it
accordingly.
Use your judgement to distribute the money and keep 5% of it to yourself.
Feel free to reimburse yourself when you have the money for any cost you
incur during the process of collecting and distributing the money. If you
are willing to help, CONTACT AT terry _pekins@ tiscali .co.uk
please reply as soon as you can. May the good Lord
bless you and your family.

Regards
MRS TERRY PEKINS

Seiously – do I really look that naive?

Front Page is the root of all evil?

September 9, 2004

Which means that Front Page squared is equal to ‘all evil’ – and it sounds about right. Don’t ask me to prove this though, cause I don’t remember how to do proofs anymore hehe

Anyways, people who user Font Page should be shot… I inherited a Dept website which is both poorly designed, and poorly coded. And since all the desing elements are coded directly in the html, to chage the design I need to make changes on all the pages! Gah!

Font tags should be outlawed! And FP loooves to abuse them – sometimes it just sticks them in at random here and there. I keep finding redundant unnecessary nbsp characters enclosed in even more redundant unnecessary font tags all over the code! Horrible!

So I’m thinking about cooking up a little perl script which would wipe out all the font tags from these html files forever (since I’m moving all this stuff to css anyway). I found this quick rgexp refresher just for that occasion 🙂

Do you use a strong password?

September 6, 2004

I simply can’t make myself to use strong passwords… I know I should. But I have no memory for numbers – these things just do not stay in my brain, unless they carry significance. I really do need mnemonic devices to remember numbers. But if a number has mnemonic significance then it is not trully random – and there exists a strong corelative link between me, and my password (If a number is significant for me, then someone could possibly see this significance). And despite that I still use words and significant numbers.

I do not think I’m vounerable to a standard dictionary attack though – I do use capitalization, and I do not use real words that could be found in a dictionary and I do use numerical values. Still, there is no way I could remember a trully random password of an acceptable length… But then again I guess I’m still preaty good at the password deal.

After all I know people who absolutely refuse to use passwords. In fact this applies to the 80% of our user base at work. They will tell me to just make the thing to store their four letter dumb-ass password because there is no way they will remember it. And of course what is the best is the company-wide total abandonment of any kind of password security effort. One password for all accounts policy, combined with a staff trained to blurt out their passwords over the phone, stick them on the keybords, or abuse auto-login features in every piece of software they get is scaring me a little bit…

But then when I think how much hassle would it be to actually re-train the users, and change the passwords policy… It would simply be impractical for few reasons:

  1. Our users do not remember passwords, and will loose them on a regular basis. Which means I will need to keep a database of everyones password and be prepared to answer 10-20 password questions a week. And of course storing all the passwords in one place is essentially the same as “one password for all” scheme we have now. All it takes is for someone to compromise my machine – and they have acces to everyone elses password.
  2. Our email is hosted by an extenral company and so I can’t change/reset passwords for the users whenever I want. I need to make a phone call, and make the email/website guys do it. And that is always a hassle. Furthermore this makes the email account passwords essentially static, as users cannot change them themselves.
  3. If I decide not to store passwords, and users loose them they will have to either send me the machine, or I will have to tell them the Administrator password over the phone – and then they are bound to write that down, send it to a coworker etc… If I make them send the machine each time I need to reset a password my boss will kill me or make me pay the fedex bills. Either way – not secure and ceritanly not healthy for me.
  4. Only 2 machines I serviced so far did not have a full complement of trojans, keylogers and other spyware installed on them. And these belonged to the dot-com era e-business developer turned financial examiner, and my boss who is the only person who uses his work machine for work-only-related stuff. Everyone else had at least one keyloger lurking somewhere. So, since we have keylogers running wild on these machines, there is already no password security to speak off.

So in the end I just aknowledge the fact that all the stuff going on here has no security whatsoever, and move on. At least the data we deal with is not super-confidencial not it is all that interesting. And we do not need to answer to any security controll entity. So unless someone is particularly interested in the latest audit of the company “X” we are to obscure to really become a target.

I know – this is really a horrible thing to say, but there is no way I’m stirring so much trouble and make my users hate me with passion just to bring up our password security up a notch. Unless we have a good reason, the boss wont even hear of any security related projects which will waste time of the guys in field, and generally introduce so much hassle and confusion.

So since I’m not a BOFH I’ll just keep things the way they were. And if people complain, I will be more than willing to fix these things somehow…

I hate Microsoft!!!

September 3, 2004

Aaaarg! I’ve been noticing that all my apointments on the pocket PC have aquired one hour drift – usually they were 1 hour later, or earlier than I scheduled them. I never had time to sit and figure it out so I would usually just fix it real quick and go on…

I finally figured out wat was causing the hour drift – sync-ing with Outlook! For some wierd reason anny appointment I make in outlook appears on the pocket pc an hour later than it should after syncing. When i fix it on the pocket PC, and sync again, the appointment in outlook gets bumped up an hour earlier!

An hour and 20 something knowledge base articles later I found the reason for this. Apparently the Windows CE calendar developers completely fuxored daylight savings time and outlook botches it as well. MS KB says to enable daylight savings adjustment in Outlook calendar properties – but for the life of me I can’t do it. I check the box, hit OK then go back and it is still unchecked! Grrrr….

So after fuxing around with Outlook for nearly 2 hours I remembered why I have stopped using this piece of crap in the first place. But then I remembered that my pocket pc has the auto sync and typing appointments is easier using keyboard than using stylus… So I decided to start using outlook for my calendaring again… Gah… I wouldnt dare using it for email – to scary perspective. But I figured I might as well utilize it for callendar in an offline mode – especially since I can sync up. Well, I learned my lesson – I’m never using MS shit again!

I wish I could sync up with Sunbird… Oh well… I don’t need to sync – maybe I’ll figure it out at some point bit right now I just don’t feel like bothering. It’s just not worth my time…

Awww… Mac users are cute!

September 3, 2004

So I’m assisting a proffesor in a kind off “Intro to Computers” class as part of my GA duties. And I was lucky enough to get this adorable mac girl who has no clue about windows – how refreshing! Usually you get to see long time windows users who can’t deal with their own operating system of choice – here we have a profficient mac user who wants to learn windows just in case she needs it!

In comparison – Windows is a much more difficult OS to learn. It is not intuitive, has many quirks and idiosyncracies, inconsistent interface, hidden features, etc. Mac OS has much more streamlined and uniform GUI and a more even learning curve. And it is a very stable system – the first thing windows users learn is that “computers” are mysterious and will often crash or do wierd things for no reason – and there is no way around this. They grow to accept this as a self evident axiom and hence they tend to shy away from computers in general.

No wonder that this girl seems to be way more mompetent than an average windows user is. First of all – educated and well thought out choice of software and hardware. Second of all, learning her first computer steps on a mac she did not develop a standard windows user trait – the fear of unadvertantly breaking the OS.

Windows is dominant OS for one simple reason – good marketing, and excelent branding! Windows was simply the most sucessfull GUI based OS for the x86 platform and thenks to agressive marketing, affordable price (yup, back in the day windows was the cheeper alternative) and monopolistic practices crushed all the competition in the desktop area. It was not better, it was not easier, it was not universal, or standardized.

Anyway, a mac girl in the class gives me a perfectly valid reason to plug Mac OS and Linux as perfectly acceptable alternatives to winoze. I really hope that this semeste I can get across the massage that: “computer != windows”

It is great to have someone so untainted by windows in class – and I will try to make sure that her lack of familiarity with OS does not disadvantage her in this class. After all why should she be punished for choosing the superior product?

I am a windows user, and I work maintaining windows workstations. Unfortunately this is the OS I grew up with, and the one I know inside out – but I try to separate myself from the OS platform as much as possible. I prefer system independed applications, or ones that have multi system implementations… I’m a java programmer for the simple reason that it allows me to code whatever OS I have underneeth me… It is not that I love Mac OS – it is just that I do not love Windows. I in fact I do not want to pay for Apple hardware – so Linux is my favorite OS platform at the moment. However, some more time must still pass untill I will be as proficient with Linux as I am with doze now…