You can’t fool them.
Click toowoo indeed: www.weebls-stuff.com/toons/owls/
r.
31/May/2008
23/May/2008
Quirkology
Can highly recommend this book. Picked it up at the airport flying to
Jersey, and had finished it a couple of days later.
www.quirkology.com/UK/index.shtml
r.
22/May/2008
last chance to see MASS
This Saturday is your last chance to visit MASS
www.shardcore.org/mass/
Come join us in sunny Brighton for the last day of the festival,
there’s plenty of other stuff going on to keep you amused after you’ve
seen my art show, so no excuses!
chaos in the print shop
i never tire of rube goldberg machines…
videospew.com/post/33390002
21/May/2008
sockin it to the man
Fucking microsoft, asshats.
send me a security appraisal why don’t they…
anyway, my response ::
Hi Clive,
I have had a quick look at what appears to be a copy
and paste security assessment below.
While security is obviously important to us, there is
much in the assessment which is unrelated to our
current configuration. This server is not used as a
mail server and there are, as such no logins or
accounts; concerns client may hold concerning this are
entirely unfounded. We don’t use php session ID’s..
etc…
Any half decent security consultant will understand
that system security is only as strong as its weakest
link. And in this situation with a large percentage
of client machines running Microsoft’s Internet
Explorer, I would respectfully suggest that this is
our weakest link in content delivery.
A simple web search of “internet explorer exploits” ::
www.google.co.uk/search?hl=en&q=internet+explorer+exploits&btnG=Search&meta=
returns 1,830,000 pages
An article from leading UK technology portal The
Register states that “Internet Explorer exploits posed
the fastest growing web security threat to enterprises
in the last quarter, according to web security
services firm ScanSafe.”
I also understand that many of the machines used by
editorial staff to include content run this software,
and would be surprised if client were not also
utilising their own products.
If we move the focus away from packages and back to
the operating system the situation is no more rosy for
our clients architecture. I am sure we all have seen
windows update applying “security hotfixes” on a
nearly daily basis. Without a guarantee from client
that the most recent “hot fix” will be the last it
seems that this is tacit acknowledgment of serious
security holes currently pervading in their software.
A simple search of “Windows Exploits” ::
www.google.co.uk/search?hl=en&q=windows+exploits&btnG=Search&meta=
returns around 3,880,000 results
Again, stepping our security analysis up some levels,
I would like to leave this with a story imparted to me
by security consultant working for a national
government :: “The thing with system security, is that
it can never be 100% watertight. Imagine a situation
in which any of the people trusted with access
received a phone call from people holding their family
at gunpoint”
My take on the situation is that any potential
attackers are much more likely to use the widespread
and easily exploitable security problems in clients
products, than attack our Linux box. Quite why they
would want to is another matter.
We will work to applying the latest Red Hat updates
and trust that this continues to ensure that our
infrastructure continues to be the strongest link in
the chain.
Bests,
om
_________________________________________________________________
Change the world with e-mail. Join the i’m Initiative from Microsoft.
im.live.com/Messenger/IM/Join/Default.aspx?source=EML_WL_ChangeWorld
20/May/2008
19/May/2008
16/May/2008
PAYG mobile broadband
I’ve been waiting for this sort of thing for ages, ie. pay as you go
mobile broadband access:
www.three.co.uk/personal/products_services_/mobile_broadband_/payg.omp
Means working on trains is a distinct possibility for me now. Although
the Grauniad tech section did talk about Leopard issues, so intend to
do some more research first.
r.
14/May/2008
Both wrong and compulsive
via therealdavorak – twitter
twitter.com/therealdavorak
DISCLAIMER
The information in this email (including any attachments) is confidential and
may be legally privileged. It is intended solely for the addressee. Access
to this email by anyone else is unauthorised. If you are not the intended
recipient, any disclosure, copying, distribution or any action taken or
omitted to be taken in reliance on it or on any information contained in it,
is prohibited and may be unlawful.
Internet Communications are not secure and therefore Probability plc does not
accept legal responsibility for the contents of this message. Although
Probability plc operates anti-virus programs, it does not accept
responsibility for any damage caused by viruses being passed. Any views or
opinions presented are solely those of the author and do not necessarily
represent those of Probability plc.
