Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

Annoyances

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Monday, August 29th, 2011 01:27 pm

Periodically, as shown in the partial screengrab below, some feature of Firefox (currently 6.0) itself or of one of my Firefox add-ons decides to border some apparently-random tab — not necessarily the active tab — in red, for no apparent reason, with no detectible pattern behind its choice, and without any further information or explanation.

Has anyone else ever experienced this and figured out what's doing it?  I've tried several times to figure out why it's happening without any success.  If something is trying to alert me about something, real or imagined, it'd be, like, you know, useful if it'd give me some kind of hint about what it is that it's tryign to alert me to.

Tags:

On password strength, and related issues

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Wednesday, August 10th, 2011 05:38 pm

XKCD starts the whole thing off.

There is an appalling amount of misconception about identification security out there today.  And the real underlying problem is that far too many people who use or build sites or services either don't think in terms of security in the first place, or don't understand enough about security to get it right.

But you know one of the things I hate the most about the whole subject?

"Security questions".

Why do I hate security questions?

Because without a single exception that I am aware of, sites that use security questions will not let you define your own questions.  They make you pick from a list of preselected "security" questions. And virtually without exception, the correct answers to anywhere from about 60% up to all of the questions you get to choose from are matters of public record.  Anyone trying to conduct a serious social engineering attack against you has probably researched you enough to gather all of those answers in advance, and it probably only took a couple of hours at most.

What on earth is the point of using SSL, applying password rules that at least rule out the most trivial passwords, and then FORCING me to pick one or more of a list of "security" questions, the answers to every last one of which are public record?

I've complained in the past to people who work in banking security about this, and had it explained to me in reply that the trouble with letting people choose their own security questions is they can't make people choose good questions.

You know what?  I DON'T FUCKING CARE.  The answer to some people choosing weak security questions is NOT "Force everyone to use weak security questions".  If you force me to have weak security questions that I can identify myself with in the event that I "forget" my password, you have just made it pointless for me to use a strong password, because any potential social-engineering attacker will simply bypass my password.  So now, I have to use deliberately false answers to all of my security questions.  And THAT means that now I have to write them down, or I'll never remember which false answers I used to which questions on which sites.

Wells Fargo USED to let you choose your own security question. They don't do it any more.  "Because we can't stop people from choosing bad questions."

No, but you can for damned sure prevent them from picking GOOD ones.

Tags:

These aren't the droids you're looking for.

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Thursday, July 7th, 2011 11:06 pm

Well ... it happened.  I'm an early adopter of a device I thought I'd never want.  I pulled the trigger about an hour ago and ordered a new Motorola Droid 3.  On the first day of availability, Finagle help me.  I'm still hoping I did the right thing.  I don't really want a smartphone, but I have to carry one for work, and the issued Blackberry is driving me screaming crazy.

The Droid 3 does have a lot going for it.  It has what looks like the best physical keyboard to be found on a phone (I do NOT get along well with phone touch screens, and can't imagine the horror of trying to use one to type), a fast dual-core processor, a large, high-resolution screen, standard 1450mAh and optional 1930mAh lithium-ion batteries, and an optional induction-pad charging system.  It's an international phone that'll work on both CDMA and GSM networks. It's not 4G, but I don't care about that since I'll only ever be within 4G coverage on rare occasions anyway.  Various pundits have complained about the preinstalled MotoBlur skin, but I figure I'll give it a chance.  Hopefully it won't come with TOO much preinstalled Verizon crapware.

And I'll only have to carry one phone ... and it won't be a Blackberry.

Tags:

Techno

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Sunday, May 22nd, 2011 12:37 pm

The iTunes 10 update fiasco:  Or, in which Apple screws its customers again.

This is not unique to Apple, of course.  A number of Microsoft games (Halo 2, for example) require DirectX 10 — as in, the installer will refuse to run unless you have DirectX 10 installed — even though they use no DirectX 10 functionality.  DirectX 10, of course, is available only for Windows Vista and later.  There is no apparent reason for this other than Microsoft trying to force Windows users to buy upgrades to Vista.

Tags:

For Science!  ...Well, sort of.

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Monday, January 31st, 2011 06:02 pm

Hey, hydrology is a science!

But today we're talking about causality.  Cause and effect.  A game that you'll play whether you like it or not.

Cause:  Gunstock Acres Village Water District has a leaking (possibly burst) water pipe somewhere in the area¹, and they've been shutting off main valves to try and localize it so that they know where to dig to fix it.

Effect:  We have no water....

[1]  And yes, that, in turn is an effect of ... something or other else.  But it's uncertain exactly what.  Maybe cold, maybe corrosion, maybe frost heaves.  They won't know until they open the² ... er, I mean, dig up the pipe.

[2]  Oh, come on, with that subject, you knew I'd have to work Heisenberg and Schrödinger into here somehow if I could, even if only by reference.

Tags:

In which "Antec Outside" no longer means anything

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Monday, November 22nd, 2010 04:18 pm

Well, anything good, anyway.

I'm about to rebuild my workstation, babylon5, with current technology.  Since I work remotely and cannot have the machine down while I do this, I ordered a new case along with the rest of the parts.  Can't really go too far wrong with Antec, right?

Oooooohhhh, yes, we can. The Antec 300 Illusion case I selected arrived Friday.  I didn't, unfortunately, pull it out of its box and examine it until last night, because, well, it's Antec.  What could be wrong with it?

Well, what's wrong with it is that it's cheap, flimsy crap.  I've seen thicker steel on soup cans.  The plastic front bezel feels fragile, and though you need to regularly open it to clean the filter screen behind it, they couldn't be bothered to put it on hinges.  It snaps on and off ... right up until the snap tabs break off, that is.  Then it'll stop snapping on.  Said filter screen is also held on by plastic snap tabs, and not very confidence-inspiring ones at that.  The [tiny, cheap] fan speed controllers for the preinstalled fans dangle loosely inside the case, with no way provided to secure them.  (At least, that's what I assume they are. They might be fan LED switches.  The almost-nonexistent manual doesn't say.)  The steel of the case is so thin it oil-cans, there are nastily sharp sheet-metal edges all over the place inside, part-to-part fit is poor, there are no locks or latches on anything, the drive bays are non-removable...  and Antec is selling this as the mid-tower offering in their high end gaming case series.  I haven't seen such nasty, poorly made crap since the $29.99 no-name cases on the bottom shelf at Fry's.

The last Antec case I bought, in 2002, you could probably break a hollow-core door down with if you had to.  This one?  I'm prepared to bet it'd collapse if you dropped it.  I'm quite certain one drop would distort it into unusability.  It scarcely has the structural strength of a decent beer-can.

The Antec name used to mean top-quality cases. Now?  If the Antec Three Hundred is anything to go by, it now apparently means "cheap overpriced trash, shop elsewhere."

To add further annoyance, I didn't notice until this morning that the return policy on it is "Return for replacement ONLY, no refunds."  I guess NewEgg knows it's a piece of crap.

Well, maybe I can unload it on Craigslist at half price, or transplant some old parts into it later out of a case I want to keep and sell it as a cheap machine...

Tags:

Victory achieved

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Wednesday, July 29th, 2009 11:07 pm

In the matter of the Inspiron 4100 fan/i8k problem, that is.  After poring through documentation and source code at some length, I made it through the [IMHO unnecessarily obfuscated by Ubuntu’s fear of root] procedure to install all the “dependencies” [the majority of them actually more sort of ‘suggestions’, really] and configure, build and install a custom kernel on Ubuntu, with 90% of the drivers and modules for devices and filesystems that are not present on that laptop and will never, ever be used disabled, with APM instead of ACPI, with a modified i8k module that never tries to mess with the Fn-keys, and with the undocumented required directives in the required (but optional!¹) /etc/i8kmon file divined from inspection of code. And lo, wonder of wonders, after spending only all day on it², the fans on the machine now run in a temperature-sensitive fashion as intended, and without disabling the keyboard and trackpad.

What’s more, startling though this might be, the machine booted at least 50% faster without having to probe several hundred assorted unused drivers and modules.  (But ubuntu really discourages you from building a custom kernel, unless you’re a developer.  They have reasons for this that they’re quite convinced are good, in complete contrast to most distributions I’ve ever used that tend to suggest that one of the first things you do after you finish installing is build a custom kernel configured for your hardware instead of continuing to use the generic one that has EVERYTHING turned on.)

Of course, by the time I got done with all this, the disk had overheated, and no sooner did I get the fixed laptop upstairs to [livejournal.com profile] cymrullewes than it went into thermal catatonia.  So I guess we’re still going to need to replace that disk. It’s slated for replacement with a 16GB SSD that should be faster, cooler, and of course silent, and with any luck draw less power.  Most importantly, it’ll no longer be at risk from minor drops; the laptop will now have no shock-sensitive mechanical moving parts and no protruding devices.

[1]  Optional, as long as you don’t actually care whether i8kmon ever starts, or are willing to start it manually yourself every time you boot the machine.  Because /etc/init.d/i8kmon will start /usr/bin/i8kmon if and only if the “optional” file /etc/i8kmon not only exists, but contains the undocumented directive ‘set config(daemon) 1’.

[2]  Most of which, true, was spent waiting for the kernel (and several hundred drivers that I didn’t need) to compile.  I actually stopped the kernel build three times to disable building of yet more unneeded drivers that I realized I had forgotten to disable.

  • Current Location: Gilford, New Hampshire
  • Current Music: Richard Wagner :::: Overtures :::: Parsifal  [ddj]
Tags:

Seeking Ubuntu help

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
Tuesday, July 28th, 2009 11:25 pm

We seem to have run into a showstopper problem with Kubuntu er ... Xubuntu (my thinko) 9.04 on [livejournal.com profile] cymrullewes‘ Dell Inspiron 4100.  The problem was not, to my knowledge, present on 8.04.

The laptop has two cooling fans, one on the CPU, one on the video chipset.  On Ubuntu 9.04, the fans never start, and the laptop overheats.  We’ve found that this behavior can be fixed by installing the i8k module and using i8kctl to manually turn the fans on and off, or i8kmon --auto --daemon to automatically turn them on and off based on temperature.

There’s just one problem:  The moment the i8k module loads, the onboard keyboard and pointing devices are permanently disabled until the laptop is rebooted.  An external USB keyboard or external mouse work, but this somewhat defeats the point of a laptop.

So, the end result:  If you load i8k, the laptop is thermally stable, but unusable without an external keyboard.  If you don’t, it’s usable, but only until it overheats.

Any of my readers happen to know a solution to this problem that does not involve buying a newer laptop?

(Of course, I suppose we could always go back to 8.04 and just not let it update to 9.04 again.  I’m fairly sure this problem was not present on 8.04 ... but I’m not certain, because it’s not my laptop and I rarely use it.)

  • Current Mood: catch-22
  • Current Location: Gilford, New Hampshire
Tags:

Forty years ago today

unixronin: Astronaut on EVA (Space)
Monday, July 20th, 2009 04:28 pm

“Houston, ah . . .         Tranquillity base here.  The Eagle has landed.”

  • Current Location: Gilford, New Hampshire
Tags:

A TEMPEST in a ... wall outlet?

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Wednesday, July 15th, 2009 10:13 am

Bruce Schneier points to a paper on keyboard sniffing by detecting crosstalk between poorly shielded keyboard cables and power lines.  He also observes that the NSA has known about this principle for decades.

What I want to know is, why haven’t we switched to optical interconnect cables yet?  Component-stereo CD changers have had digital-optical outputs for over ten years now, and the home audio industry is hardly known for leading the field in interconnect technology.  Mice, keyboards — heck, ALL HIDs — monitors, external disks, even powered computer speakers:  they could all easily use optical-fiber data connections.  Many devices would still need power, of course, but the low levels of power required by devices that don’t already have their own separate power supply could be carried on a braid layer around the fiber.  Most speeds of what we’re still calling Ethernet can already run over fiber.  There’s no technical reason why we should be using copper cables any more for anything except supplying power — and copper is becoming expensive enough that it was actually cost-effective for thieves to steal 45km of undersea Internet cable from the seabed off Korea in order to sell it as scrap.  Even telephony devices run over copper only because telephones have historically been line-powered devices and the installed base is too huge to easily change.

Make sure computer cases are properly shielded and power supplies back-filtered to prevent feeding RFI back into their own power lines, and we could probably virtually eliminate RFI emissions from computers except for the display — and as a bonus, it would reduce their susceptibility to RFI and crosstalk.  (Even with magnetically-shielded computer speakers, I’ve had crosstalk issues when a monitor cable passes a few inches too close to a powerful speaker.)

Reason says it ought to be possible to RFI-shield flat-panel displays too.  (Perhaps a transparent conductive coating on one of the face layers?)

  • Current Location: Gilford, New Hampshire
  • Current Music: And One :::: Virgin Superstar :::: Panzer Mensch  [ddj]
Tags: