Skip navigation

Category Archives: Uncategorized

Hackaday

sudo_final

It was just one of these nights. We were sitting at the O’Neil’s San Mateo Pub, taking a break after a long day at the Maker Faire. Hackaday was hosting an informal drink-up and a steady stream of colorful characters has just started flowing in. That’s when we met [Robert Coggeshall].

XKCD comic #149 [xkcd, 149] It started off as a normal discussion – he runs Small Batch Assembly and does a lot of interesting things in the maker space. Then he brought up a fascinating detail – “Oh, did you know I also co-invented sudo back in the 80’s?”

If you ever did as much as touch a Unix system, you’ll know this is a big deal. What came as an even bigger surprise was that something like sudo had to be “invented” in the first place. When thinking about the base Unix toolkit, there is always this feeling that it all…

View original post 503 more words

Advertisements

Hackaday

retrotechtacular-tty-demystified

From time to time we realize that sayings which make sense to us probably will have no meaning for future generations. Two of the examples that spring to mind are “hang up the phone” or in a vehicle you might “roll down the window”. And so is the case for today’s Retrotechtacular. Linux users surely know about TTY, but if you look up the term you actually get references to “Teletypewriter”. What’s that all about?

[Linus Akesson] wrote a fantastic essay on the subject called The TTY Demystified. We often feature old video as the subject of this column, but we think you’ll agree that [Linus’] article is worth its weight in film (if that can be possible). The TTY system in Linux is a throwback to when computers first because interactive in real-time. They were connected to the typewriter-mutant of the day known as a teletype machine and…

View original post 100 more words

Backups, as far as many folks are concerned, are one of the most boring topics imaginable. Of course, that only extends to the point at which you need them; then they’re still boring, but you really really hope you have them. Most of the time, backing up your data is simple–if you’re at home, get an external drive, plug it into your machine, and make sure you back things up regularly.  If you’re at work, things often get a lot simpler than that: someone from IT provides you with a backup solution or even makes it happen without your needing to intercede. At work, backups become something of an assumed thing (provided that you’re not the person in IT who’s administrating them). Things only start to get sticky when you take that work computer home.

Imagine a situation in which your employer has issued you a laptop for work (not too hard to do, I should think). Because it’s portable, and maybe because it’s a better machine than what you own, you use it for non-work purposes, loading it with personal documents, photos, music, maybe even games. Depending on your organizational ethic, some of these personal files may be mixed in with your work documents (which are often considered to be the property of your organization, though your mileage may vary from this hypothetical situation). With your personal files mixed in with work files, your employer is now spending disk space on backing up non-essential (from their point of view) files; this is also probably known as wasting that space inside the walls of your tech office.

Yes, storage is cheap, but implementing that storage still takes time, which raises the question of how to deal with the issue of backing up only the files which your company can claim ownership over. Yes, you can issue backup drives to employees and put the onus of backups on them, but that raises its own set of problems.  User error happens, and often even the most vigilant of users will forget to make that backup at some critical juncture. Even trusting your users and stressing to them that they are responsible for their own backups, there are some users whose files are too important in one way or another to trust only to their own backups.  Too many users carry their backup drive, if it’s easily portable, in the same bag as their laptop, thus ensuring total loss of data in the event of a theft.

Cloud storage would seem to be a solution: just drop your files into a special folder, and they’re automagically available anywhere you have internet.  The problem comes back to separating personal data from work data, specifically in the event of employee termination or retirement. Not all cloud storage is created equal, and the most well-known solutions are mostly consumer/individual-oriented rather than enterprise-oriented. For Google Apps organizations, Drive is a fine solution, though it has its limits–permissions are nowhere near as fine-grained as you would find in a Windows domain or a UNIX-like filesystem, which presents a problem in more security-oriented organizations where a data breach could have serious consequences. If data is on a Drive account managed by a company’s domain, it is still recoverable if an employee leaves. This is not possible, though, with personal Google accounts, Dropbox, or other such services.

In the end, there isn’t any one easy solution–a robust data security/recovery strategy requires several levels and different considerations for different groups of users. No two organizations are likely to have exactly the same needs, but the questions should be largely the same.

Fore those of you who are into networking and Lego.

Righteous IT

Hal Pomeranz, Deer Run Associates

Tell me what this is:

If you said, “Hey! That’s a TCP header diagram in Lego(TM)”, or perhaps, “Holy &^%@! That idiot made a TCP header diagram in Lego(TM)!”, then you’re exactly right!  This is another one of those wild, wacky ideas that we dreamed up in the middle of one of my SANS classes (note to the SANS staff: shorter breaks might be a good idea).  I bet my students never thought I’d actually do it.

Of course, you know I couldn’t stop with just doing the TCP header:

Now why am I wasting all that space on the building plate in each case?  Why so you can put them together of course:

The use of color here really highlights certain portions of the packet header.  For example, the source and destination addresses and ports really jump out.  But there are some other…

View original post 460 more words

So, after exchanging some ideas with myself over on Twitter, I decided that I should put up a formal poll here.  Your feedback, whether you’re a first-time reader or a repeat offender is appreciated and will absolutely be taken into consideration.