The Technical Exorcist

December 8th, 2007

Western Digital's DRM Infected Hard Drive

Posted by exorcist in Hardware

Western Digital makes a huge Network-Ready hard drive that blocks all music formats from being shared with other users. This means you can pull music files off your hard drive, but you can’t let anyone else pull music files off your hard drive. There are legal, legitimate reasons why I could want to share my files with other users. I guess I’ll be preferring Seagates drives.

More information can be found on their website, or on this Register article.

The commentator Chronos is full of you-know-what when he says WD has to cover their asses due to Common Carrier laws. Common Carrier laws apply to “organizations that transport persons or goods”. Western digital does not transport data, they provide tools that may be used to transport data, so they are no more liable for what gets transported than a boat manufacturer.

October 14th, 2007

Acer using Lenovo Images???

Posted by exorcist in Interesting

I was working on some new Acer PC’s at work, when I noticed something that struck me as rather suspicious. The default profile is named “Acer User” as you might suspect, but in the Windows Directory structure, it is named “Lenovo User”. As you might already know, Acer and Lenovo are fierce competitors in the computer field. Why in the world would Acer have the words “Lenovo User” in their directory structure?

The only other times I’ve found the Profile name and the Directory structure do not match is when you change the name of a profile. Is Acer using Lenovo disk images, and then renaming the profile?

Has anyone else noticed this kind of anomaly on an Acer? Does anyone have any explanation?

September 3rd, 2007

New Resident

Posted by exorcist in Website Updates

We have a new resident here in the Ethereal Land. I just got him moved in tonight. He writes about what he sees as he watches the trades. Check out his cabin on the main map, or visit him here.

July 23rd, 2007

Tremble, Microsoft

Posted by exorcist in Interesting

This is the last thing they want to hear after the resounding slap of Vista’s face hitting the pavement.

July 7th, 2007

Sony VAIO customer service

Posted by exorcist in Interesting

Piling on top of Sony’s many sins, it seems that the Sony VAIO customer service is abysmal. It furthur demonstrates that Sony is not a customer oriented company, and that has practical implications.

June 29th, 2007

Google Maps Own

Posted by exorcist in Interesting

Google has just added a feature to Google Maps that improves it to the point were I don’t think the competition has much of a chance unless they follow suit. You can now alter your driving directions with a simple click and drag interface!

Read the article on The Register Here

June 23rd, 2007

An interesting computer sim.

Posted by exorcist in Interesting

According to The Register, The US Department of Defense is creating a simulation of the world to model how various countries and peoples will react to various “stressors”—acts of God, Wars, etc. Reading the article, it sounds like a very interesting concept. I doubt it will be very accurate, though. When you’re working on that scale, everything is so complex I don’t see how the program could harvest sufficient information to be even close to correct.

April 17th, 2007

Combining Hardware and Software Firewalls?

Posted by exorcist in Mail

Recently I was trying to explain to someone why there was no point in installing a software firewall on a PC that was already protected by the hardware firewall on a NAT router. We both agreed that there was no point in having a software firewall monitoring incoming traffic. The router performs the same port controlling functions as the software firewall, and provides NAT services as well, effectively hiding the connected workstations. Since the hardware firewall is more difficult to penetrate, neither of us thought it likely that anything that couldn’t be stopped by the hardware firewall would be stopped by the software firewall.

The value he saw in the software firewall was that, unlike the hardware firewall, it would monitor outgoing traffic. He postulated that this “program control” would provide a second layer of security. If a malicious program eventually made its way onto the system, and then tried to phone home, the software firewall would warn him, and he would get a chance to deny it access to the internet, limiting the amount a damage done. This is one of the angles the vendor pushed the product from, and it passes the common sense test, so it is a fairly reasonable conclusion to come to—if you only spend a brief moment thinking about it.

My objection is that it is so stone-cold simple to get around program control, anyone clever enough to break through your other security measures would slip by it as easy as a rear-wheel drive car slips on ice.

The easiest method is for the hacker to change the name of his piece of malware to match another program on their system that requires internet access, for example “Internet Explorer”, or “Yahoo Messenger”. If they looked closely, the might see clues that something was amiss, but programs like these are always being updated, so it wouldn’t seem out of the ordinary that they needed permission again. The user would click allow without bothering to look twice.

But there’s another easy method that won’t cause any alert to display. All the hacker would have to do is load his little joke as a plug-in for your favorite browser. Web browsers typically don’t notify you when a new plug-in is added. It’s assumed that you added it, so of course you already know about it. A plug-in almost never alters the programs executable, so it would not be detected as a change in the program by a software firewall’s program control. It would get access to the internet just by piggy-backing on the rights of your web browser. Don’t believe it could work? You can prove it does. Just download and install a plug-in that accesses a remote server for your favorite web browser, and see if your software firewall picks it up as a change. You could try Forecastfox for Firefox.

And those are just two easy ways off the top of my head. A real nerdy hacker might try to insert the information he’s trying to send into unencrypted packets being sent out by other applications, and then intercept them on the other end. If I can come up with three ways of doing it without trying, you know your favorite enemy can come up with sixteen.

From my viewpoint, calling a software firewalls “program control” security is analogous to calling a T-shirt body armor. They both offer approximately the same level of protection.

April 5th, 2007

A Powerful flashlight

Posted by exorcist in Cool Toys

This guy made a flashlight that gives off 4000 lumens. That’s a lot.

March 14th, 2007

BugMeNot

Posted by exorcist in Uncategorized

One site that I’ve found to be very useful is bugmenot.com. This site helps you get around the free registration that is required on so many sites. There a good number of reasons why you’d want to do this. Registration is a pain, and takes time. Registration unfailingly requires you to provide them with your email address, which they may sell to other companies, increasing the amount of spam messages you receive. Sometimes they even require your postal address so they can send you junk via snail-mail.

Here’s how it works. Someone registers for the website, creating a throwaway account. They then submit that login to BugMeNot.com. When you want to visit the site, you put the URL for the site into BugMeNot, and it gives you the login and password. No Spam, and no hassle.

I make it even easier for myself by adding this button to my Opera internet browser. (Link only works in Opera.)

Next Page »