1. All systems are always vulnerable.
2. Never put important information on a system you are not willing to secure and defend.
3. Keep your users away from powers and abilities that will make your systems less secure.
4. Be aware of where your information is, how it moves, and who has access to it.

Color – Black
Shape – Arrowhead
Demeanor – Pointy, but a bit unstable

Last seen taking off from Vandenberg Air Force Base in California.  May be somewhere in the Pacific.  Can move pretty quickly, so be patient while trying to catch.  Might be a bit hot to the touch

If found, please call DARPA immediately.  Reward!!!!!

A couple of Fridays ago was “System Administrator Appreciation Day“.  This is the day where we all stop to remember those people, myself included, who act as the mechanics for the technology that we all use every day.  Be it the Linux SysAd, the Windows desktop administrator, the Oracle DBA, the Cisco network admin, or the cellular communications guy, we all work bad hours in dirty computer rooms and worse to keep the information super highway rolling.

On September 19, it will be “Talk Like A Pirate Day“.  This is the day where we all get to put on our eyepatch, raise the Jolly Roger, and swagger our way through the day while shouting out our doggerel to the masses.

It occurred to us at the office today that we could mix the two and celebrate “Talk Like a Pirate SysAd Day”.  Here’s some thoughts on good sayings for this auspicious event.

• Arrr, Linux be a harsh mistress.
• The cluster be keelhauled.  Clear decks for action.
• Batten down the hatches!  It be Black Tuesday and Microsoft has been in the captain’s rum!
• Man the long toms!  We be under a DDoS attack.
• Be careful what you say, matey.  Here there be trolls.
• No, you cannot have more space for your database, ye scurvy dogs.  Ye be already using every spare gigabyte that we have and we’re about to capsize the storage frame!
• Me first server she were a DEC 3800 running OpenVMS.  She were trim and yar, and me home were SYS$BOOTY.
• Which one of ye scurvy rats put pictures of naked womenfolk on me NAS?  I ought to make all of you walk the plank.
• Weigh anchor me hearties!  Of course it be heavy!  It be made of old 486’s fused together with Diet Coke, Mountain Dew, and Skittles!

What do you guys think?  Is there room on the calendar for another made up holiday?

A few weeks ago, I put up a little rant about the lack of security on the Roku device I use to access online entertainment content.

Now, a security researcher has published findings that indicate that implantable medical devices have little to no security protection.  Basically, if you can access an insulin pump, you can change settings to allow someone other than the doctor or its owner to control it, with possibly catastrophic consequences to the owner’s health.

Think about all of the wonder gadgets that doctors implant into people now.  A lot of them have some remote communication capability, and now it’s been confirmed that at least some of them can be modified to the detriment of the patient. 

Why would someone do something so horrific?  It could be someone who’s pissed at the company that makes them and wants to tarnish their reputation. It could be someone who wants money, and uses a demonstrated ability to kill patients to extort the pharmaceutical company.  Or it could be some script kiddy that wants nothing more than to prove that he’s the baddest mother in the valley today.

I’m not sure what can be done about this due to the relative primitiveness of the computers in the implanted devices.  By necessity, embedded systems like this need to be small, so a trade off of computing power for size happens.  The processors on these things probably just can’t handle any kind of encryption or sophisticated access controls. 

So grandma’s pace maker, the lady at the office with an insulin pump, and the little kid with a brain stimulator are at some risk.  Whether or not this becomes as big a problem as it could be remains to be seen.  Hopefully the manufacturers will listen to this research and work towards better locking down their future products.

The Register is reporting on a case in which investigators and prosecutors in a mortgage scam case are trying to force a Colorado woman to give them the passcode to the encryption she uses on her laptop.  The EFF has become involved, and I’ll be watching this case.

Basically, the question is whether, without violating the 5th Amendment to the Constitution, a person can be forced to divulge information that could lead to other information that would incriminate them.  In the past, the Supreme Court has said that a defendant cannot be forced to divulge a safe combination, so I don’t see where this is different.

Encryption of media is one of the basic things that we should all be doing in this age of dense, portable storage.  A laptop, smartphone, or thumb drive could contain a huge amount of your personal data, and losing it or having it stolen can give someone else the keys to your kingdom.  If you’re doing something that the government might find objectionable, encrypting your data is an absolute necessity.  If a drive is encrypted, it’s damn hard to get at the information without the keys to decrypt it.

I use Truecrypt to secure my removable media, and to store things like financial documents, resumes, contacts, and such on my laptop.  In addition, I use Apple’s baked-in encryption to encrypt my hard drive.  Granted, the stuff from Apple isn’t great, but it’s better than nothing, and if I came to the point that I had too much sensitive stuff on my laptop to manage it through encrypted directories, there are better products on the market for whole system encryption.  Oh, and don’t forget to encrypt your backups.

I’m not a packrat, I just keep all my old code stashed away for later use.

Yesterday I was given a tasking, and I thought I had until Monday morning to have it done.

This morning I found out I had to have it working before I leave work on Friday.

And another tasking came down the chute while I was wrist deep in code at 4:07 PM.

The thought that went through my head as “We who are about to die, salute you!”.

So I closed out the script I was writing from scratch, hunted through my old PERL code, and found two or three scripts that if modified a little and combined, should do the job.  Maybe not as  elegantly as the from the ground up re-write I was working on, but they will give us the output we need.  I got the 80% solution done in about 3 hours, and I’ll polish it tomorrow.  That’ll leave me with time to do the other tasking before the world stops turning due to lack of attention on my part.

Never throw away old code.  You never know when you’re going to need it.

After the issues with Blogger last week, I realized that I had never backed up my blog.  I’m actually kind of chagrined by that.  You see, in the day job, one of my jobs is to check that my systems are backed up and to work with the group that does backups to fix any issues.

I’ve been posting here for almost 3 years, and have over 1200 posts, with more than a few comments.  I’ve never backed that up.

Well, that’s fixed.  I’m going to make it a habit to download a backup every week so that when Blogger either pukes all over its shoes again or I decide to move to another platform, my brain droppings will be intact.  And I think I’ll add that to my off site backup rotation so that no matter what, my banana bread recipe will survive a Blogger apocalypse.