JDPFu.com 2013

Stolen from my comment over at LH …

1. Launch a Distributed Denial Of Service attack, DDoS
2. Setup your own botnet
3. Spread spyware
4. Release huge password databases
5. Release hacks for PS3s

Most of the time, Cloud Computing = Careless Computing.

Just because something is free and easy, doesn’t mean you should actually use it.

OTOH, there are times where using the Cloud makes perfect sense. When you want the widest distribution of data/info possible. In that case, remote, carefree computing is perfect.

When in doubt, don’t put it into the cloud because you can never get it back regardless of what the ToS say. IT security professionals are split on whether anything can be secured in the cloud. Certainly there are ways to accomplish it, but those methods are probably out of reach for individuals. I would have zero expectation of any real security on shared hosts or shared storage, but many people consider me paranoid. If it were your corporate data in the cloud, wouldn’t you want someone who is paranoid validating the security architecture?

You visit a web site and like the article enough to want to post a comment … of some kind. Then the website has a block that prevents you from posting. Comment-blocking. They do this by:

• login required or
• 3rd party service for comments
• non-working captcha
• requiring javascript for commenting of any kind (usually for anti-privacy domains like google.com)

Boo. The internet should be anonymous, if you want it that way. Sometimes you just want to say something without the repercussions to other areas of your life.

If I were not afraid of the repercussions, I’d setup a database of logins to websites that you could use to post with. If I had friends in foreign countries with servers, we could setup a loose federation.

Wouldn’t it be nice if we didn’t have to choose against privacy?

BTW, you can post on-topic comments here without a login.

I was listening to a Linux Outlaws podcast where I heard a quote from Mr. Richard Stallman that caught me as true. I looked up the real quote.

“I suppose many people will continue moving towards careless computing, because there’s a sucker born every minute. The US government may try to encourage people to place their data where the US government can seize it without showing them a search warrant, rather than in their own property. However, as long as enough of us continue keeping our data under our own control, we can still do so. And we had better do so, or the option may disappear.” Here’s the source link.

Careless Computing. Your data is stored someplace else and no longer under your control. A good, clear, and accurate term.

There are good uses of Cloud Computing, but not without lots of very careful thought.

Notice to in-house SONY PS3 Developers

is not how real programmers create a random number to seed public/private key encryption.

If you haven’t heard, the PS3 private key has been cracked. . There may not be anything that SONY can do to solve this, but there may be. It is too early to tell and perhaps they thought ahead like the Blu-Ray guys did and have a way to invalidate the key stored on the device and replace it with something new. It is unknown what effect that will have on existing games, settings, and networking. This could be impossible to solve. OTOH, how many customers will really do this in the real world? Less than 1% I’d guess. What I’d be worried about are BluRay and Netflix perfect copies of content getting out.

BTW, I do not own a PS3. I’m still rockin’ a PS2 from about 10 yrs ago. ;)

By some standards, my 10,000+ digital photo collection is either very large or trivial. I suspect that professional photographers probably have hundreds of thousands of photos. Many of those will have different post-processing.

Organizing, backing up and archiving digital photos and images doesn’t have to be complicated to do well.

Organization

As you take the photos, place them into your organization. If you delay more than a week after returning from that once-in-a-lifetime vacation to Africa, then you probably will never perform any useful organization. Below are 8 steps to help you organize your photos efficiently.

Last year I found a few articles on how to setup Skype to work with a PBX like Asterisk or FreeSWITCH. This last weekend, I finally got Skype working using my home phones. The solution was tested on Windows and deployed on a Linux PC. I’ve deployed it on Linux as a replacement to expensive home phone service. Using Windows introduces many undesired issues for me (stability, license costs, etc).

I wanted the ability to extend this solution beyond a simple 1 line phone in the future, possibly adding a PBX and other PBX capabilities around this Skype-at-home use.

Features

• Use normal home phones just like regular phones. Making and receiving calls like you’d expect. Visitors to your home don’t need any instructions to make phone calls (except 911).
• Setup speed dial entries to both Skype and normal telephones. It would probably be useful to create 911 speed dial entries to your local police or fire department switchboards
• Cheapest home phone solution that I’ve discovered that doesn’t demand tracking of your web traffic.
• Voicemail

I was going to create a Top 10 List of 2010 here. Then started looking through the articles and some constant themes can out.

1. Virtualization For Desktops and Servers
   • Tagged as Virtualization
   • Laptop Virtualization
   • VirtualBox Performance Tips
   • VirtualBox on Ubuntu
   • KVM on Ubuntu
   • Win7 and VMware
   • VM-Explorer for Backups
2. Disk Encryption
   • Laptops
   • Prevent Data Loss
   • Password Managers
3. Backups Rock!
   • Back-In-Time
   • KNOW You Have Good Backups
   • Rdiff-backup Isn’t Perfect
   • VM-Explorer for Backups
4. Risks and Concerns for Cloud Computing
   • Cloud in Centralized or Federated Services
   • Real World Cloud Computing Costs
   • Private Cloud Computing
   • Cloud Computing Risks
   • Understanding Software As A Service Risks
5. Quicken Runs on Linux – ’nuf said.
6. Security Isn’t Easy
   • Passwords – Never the Same and Use a Password Manager
   • Desktop Security Tips
   • Browser Security Settings
   • WiFi Router Security Checklist
   • Privacy Is Gone Online
   • Don’t Use Adobe Software
   • Windows Software to Avoid
   • Free Security Tips Ebook
   • Dealing with Computer Viruses
   • Been Hacked?
7. How To Build A Home Server – Cheap
   • Part 1
   • Part 2
   • Part 3
   • Part 4

Previous Best Articles Here

Happy New Year!

So I finally did it. I cut the TV lineup from 300+ channels to something called Limited Basic because they had a deal on ISP+TV for $30/month that I couldn’t refuse.
Last week, I dropped off all the equipment at the local Comcast office. What equipment?

• Motorola HD Tuner (not a DVR)
• ETA – phone to SIP converter
• DTA – weenie digital QAM tuner to lowest quality TV coax as possible

I had the triple-play from Comcast for the last 3 yrs. TV, Phone, and ISP. It was over $150/month; unlimited North American phone calls, 300+ TV channels, and a 12/3Mbps ISP connection. No real complaints except the price. For about $120 less, I have 22/5Mbps ISP, no phone, and the Limited-Basic TV which is supposed to be local channels, 5 shopping channels and 10 local access channels. I expected a single useful Spanish language channel – not the one I wanted. I’m certain the price will be higher than the $30/month promise due to local fees and taxes. How much higher is still to be answered.

Thankfully, I have an HD TV with a ClearQAM tuner. It used to get most cable channels from 2-118 – a little over 100 digital channels plus the 8 HD channels locally broadcast in my area. Since last May, most of those channels are encrypted. I get 2-27 analog with the DTV versions of those channels. No CNN, no TV-Guide, no USA, TNT, etc … still there are a few nice surprise channels – like Telemundo (Aurora), a few other Spanish channels and 3 HD PBS channels. I haven’t counted them all, but I think it is about 25 useful channels not counting any shopping or religious channels. I’m really pleased. OTA reception of HD where I live is hit or miss, so having cable access to those HD channels will be nice.

So, is was announced on Slashdot and Gawker that much of the Gawker user-password DB has been compromised. They claim to have grabbed 1.3 million user accounts. I’ve seen that my account, password (encrypted-hash) and email address were included in the breach.

Last night I did a little presentation on Using VirtualBox on a Desktop. I’d give myself a D+ for a grade on the presentation. Fortunately, it was a small and highly interactive crowd. I tried to cover too much stuff. Also, I showed how to do this on a Windows host OS with a Linux client OS to a Linux-specific crowd. Initially, I’d planned to show an install on a Linux host OS too. The physical machine had a really slow disk controller, so I wasn’t able to create a virtual disk to install the OS into. I tried it a few weeks ago on the test machine and it took 45 minutes to create a 10GB .VDI file. On my home machines, doing this is just a few minutes.

The good thing was that I covered some of the key performance choices in virtualization – multiple times. The good news is that the newer VirtualBox releases choose most of these settings automatically. I should probably create a blog entry for each of the different client OSes that covers performance choices. Anyway …