July 29, 2007

More Geekiness... this time for non-geeks

The other day Venomous Kate was blogging about wireless connections away from home.

The last time I took advantage of a hotel’s free Wi-Fi turned into a nightmare, although I didn’t realize it at the time.

See, my firewall conflicted with the hotel’s Wi-Fi service so, following the instructions on their “troubleshooting guide,” I made an ‘exception’ in the firewall setup so I could get internet access. It was that or be unable to monitor spam on my blogs for the five days I’d be there and, as any blogger can tell you, that’s just too long to go without checking in. So, against my better judgment, I did what they advised.

To quote part of my comment as to what to do when anyone tells you to mess with your firewall because of a problem connecting...

NO.NEIN.NON.NYET! DO.NOT.DO.THIS!

That pretty much covers the basics, but maybe I should give you a little more information.

First of all, wireless access sucks pond water. Period. It's not very stable, it's certainly not secure, and it tends toward lots of funkiness. That being said, most everyone wants to use it, so here are a few things to keep in mind.

1) It is NOT secure! Period. I won't go into various reasons, but just know that anyone with a few tools and a little know-how, can snoop your traffic over an unsecured wi-fi... with a little more know-how they can snoop your connection over a secured wi-fi.

2) Nearly everyone codes wi-fi access interfaces to work best with Internet Explorer. Deal with it. You can gripe and moan and stomp your feet, but that's the way life is right now. My suggestion - if you have a computer with Internet Explorer and you need to log on to the system in order to be able to browse, use IE to log in. Once logged in, you can use your browser of choice to surf the net. I use Firefox - I have often had to do this at hotels - it works.

3) Never ever turn off your firewall or change a setting in your firewall to fix a problem connecting to the network. This leaves your computer open to anyone else who is on that network not to mention any nasty malware floating about.

The authentication connections through hotels, coffee houses, and airports are all meant to go through the browser - port 80. The standard setup for firewalls is to allow browsing through port 80 - this is the only connection you need. They should be able to authenticate using this method and you should be able to get online.

If it doesn't work and most especially if they want you to mess with your firewall - you need to bite the bullet and find a different place to get your wi-fi.

I can't begin to tell you how many people have been badly burned by the advice "turn off your firewall and see if it works". After they do this, then they call me... "my computer is a complete mess - it doesn't work right. I was on the phone with my (ISP, tech support for a device, you name it) and they told me to turn off the firewall, now I can't do anything". I want very much to get hold of whoever gives out such advice and beat their collective empty heads against a wall.

So, there you have it. You may just be SOL when it comes to that wi-fi connection. Better to miss a few days online than to end up with a compromised computer sending your data to a server in Russia. You may get lucky and turning off your firewall for a time won't be an issue. Sadly, with all the automated scripts out there, just churning away looking for "open" computers, your chances of escaping unscathed are pretty much nil.

Posted by: Teresa in WebTech at 12:56 PM | Comments (5) | Add Comment
Post contains 654 words, total size 4 kb.

For the Geeks

Network World has an interview with Russ Housley - First Chair of the IETF (Internet Engineering Task Force). While I realize this won't interest most people out there, I thought it was a great read.

Many of the IETF’s original protocols were designed without built-in security. How hard will it be for the IETF to go back and rework these protocols to require security?

Usually bolting security on after the fact leads to an incomplete solution, but that’s what we’re going to have to have. It’s not possible to turn off the Internet today and start up the secure Internet tomorrow. It just can’t be done, and no one would tolerate the outage if we could. The genesis of my continuous, incremental improvement philosophy is realizing that we can’t turn off the insecure Internet and turn on a more secure Internet even if we had consensus for what that meant.

This is one of the most sensible things you'll ever hear said. Far too many people who work with computer code in any form, are not satisfied with taking things in steps. For them it's "all or nothing" anything else is simply not good enough. They labor under the delusion that everyone has the time, energy, expertise, and/or cash flow to change every single system they have to the latest and greatest - right this very minute. Some of them are even young enough to have no idea that there are extremely old legacy systems out there that will never be able to change - but businesses can't stop using them for various reasons.

It's a huge job and I wish him the best of luck over the next couple of years. I also hope his sensible approach makes some inroads with others at the IETF. The internet needs the features that can slowly be implemented. If the steps aren't bogged down by those with a different outlook, I think he can accomplish some great things while he's First Chair.

Posted by: Teresa in WebTech at 12:01 PM | No Comments | Add Comment
Post contains 333 words, total size 2 kb.

July 23, 2007

There Are Two Rules

When it comes to guessing in the computer world.

1)Never give a timeframe of when a problem will be solved.

2) Never speculate on the cause of a problem to anyone except the people you are working with to solve said problem.

At one time or another I have broken both of these rules. Although not in as public a manner as Duke University.

You see back on July 18th the following story was reported by Computerworld.

IPhones flood wireless LAN at Duke University

The built-in 802.11b/g adapters on several iPhones periodically flood sections of the Durham, N.C., school's pervasive wireless LAN with MAC address requests, temporarily knocking out anywhere from a dozen to 30 wireless access points at a time. Campus network staffers are talking with Cisco Systems Inc., Duke's primary WLAN vendor, and have opened a help desk ticket with Apple. But so far, the precise cause of the problem remains unknown.[emph mine --ed]

You will note the part that I have highlighted in the passage above. Whenever you see those words in relation to a computer problem - this means the rest of the article that speculates as to cause is complete garbage. When you don't know what the problem is, you can't possibly know what's causing it! Period.

Today the following headline was in an email I received from Computerworld.

now says Cisco, not iPhone, caused Wi-Fi snafu

(yes, that's the headline as I copied and pasted from their site - I'm assuming it was not proofread very thoroughly as it looks like "Duke" was dropped from the beginning).

July 21, 2007 (Computerworld) -- Duke University said yesterday that widely publicized problems with its campus wireless network it had originally blamed on Apple Inc. iPhones had instead been traced to Cisco Systems Inc. hardware. A fix has been applied, the school added.

The network problem just happened to follow the release of the iPhone. It doesn't surprise me in the least that something like this would happen. The press itself is a leading culprit in speculating about causes with little or no information. You would think though, that people who write about computers for a living would have seen this happen often enough to give them pause before taking the word of a Public Relations person about cause and effect of any type of computer glitch.

It looks like the the 24/7 news media has infected everyone with the bug of placing "instant blame" for any sort of problem. Thus we have blame for problems being assigned before there is ever any evidence of what caused the problem. Was there a brand new techy gadget released this week? Well, that MUST be the cause of the latest system crash... what else could it be?

*sigh*

Posted by: Teresa in WebTech at 03:20 AM | Comments (1) | Add Comment
Post contains 461 words, total size 3 kb.

July 21, 2007

I Am About To Update My Treo

There is new software that is supposed to fix several bugs on the 700 Series of Treos. OTOH the installation page says:

This update will erase all data on your device.

I have my online backup and my Hot Sync back up. Yet I have this awful feeling that I may just lose everything... thus my life will come to an abrupt stop. I hate this kind of thing. I've got my Treo set up just as I want it - I don't want it all blown to smithereens for an update. *sigh*

Oh well, time to execute the program and maybe my Treo - we'll see.

UPDATE: Success! It took a couple of hours and a couple of times I thought I had made irredeemable mistakes - but in the end, the update was accomplished.

Yes, it wiped everything. Therefore I will now sing the praises of BackupBuddy.net! Yes, I shelled out the money for it (the pro version) and this is what I got...

-One Treo with NONE of my stuff on it (let's call it a brand new Treo)
-Installed the Backup Buddy software onto the system.
-took it outside for better reception - I get 2 bars out there
-five minutes later (slow connection here) EVERYTHING is back including activation codes for other software I have on this thing.

While I could've spent several hours re-installing and syncing the programs through the Treo's Hot Sync...

BackupBuddy.net worked even better than I hoped. Now I know if I ever lose my Treo or break it - that nightly backup is doing its job. Yes, I was worried. This was the first test of the backups I've been doing. It came out with flying colors. Five minutes and all was restored exactly as it was before.

Whew!

Posted by: Teresa in WebTech at 08:30 AM | Comments (1) | Add Comment
Post contains 306 words, total size 2 kb.

July 02, 2007

Hey Apple! Are You Ready?

We now resume regular blogging which will have the usual effect of scaring off anyone who happens to stumble by. Ah well, such is life.

Apple is now in the big chair. They're the ones with all the eyes on them. They have THE big product. They aren't quite used to it. Other than people thinking their stuff is cool - they usually don't sell like Microsoft, so the hackers don't find it worthwhile to invest lots of time in hacking them.

The iPhone may just change that.

The game is on for hackers trying to spot security vulnerabilities in Apple's iPhone and already they're scoring points.

Less than 72 hours after the iPhone's introduction, researchers have reported at least one flaw that could allow an attacker some level of control over the device, while other hackers have uncovered passwords hiding in Apple software that could prove key in gaining root access, they said.

When you're the big kid on the blog - no matter how cool you try to look you are now the target.

Since Friday's release of the iPhone, hackers have raced to spot bugs in the device or get it to behave in ways its designers didn't intend. Researchers have yet to unlock the phone so it can be used on networks other than AT&T's or get it to run Linux, but they say they're making progress.

They've also assembled a Wiki designed to foster the sharing of information relating to topics such as breaking the activation, unlocking the phone so it can run on multiple networks and allowing the running of third party applications.

Yes, Apple, you've created something new, shiny, and popular. Are you ready for the hackers, who are bored silly with Microsoft? They're all set for you. I hope you've stocked up on Jolt, frozen pizza, and M&M's to keep your techies happy while they try to patch the bugs.

Posted by: Teresa in WebTech at 05:27 PM | Comments (4) | Add Comment
Post contains 323 words, total size 2 kb.

<< Page 1 of 1 >>
40kb generated in CPU 0.03, elapsed 0.0303 seconds.
70 queries taking 0.0129 seconds, 235 records returned.
Powered by Minx 1.1.6c-pink.