Saturday, June 24, 2006

Laptop Information (in)Security

Unless you have been living under a rock for the past several months, you probably have heard with alarm about the rising number of data-security breaches. For example:

2.2 million active-duty personnel in VA data theft - How? An analyst bought home a laptop and external data-drive which was taken during a home burglary.

Not to be outdone by the VA, the Navy somehow let publish personal data of 28,000 service members and their families on a civilian Web site. Navy personnel data exposed on civilian Web site

Feeling left out, the Federal Trade Commission offered up two laptops with data "gathered in law enforcement investigations and included, variously, names, addresses, Social Security numbers, dates of birth, and in some instances, financial account numbers." Bummer. That's gotta hurt someone's pride.

AIG Customers At Risk After File Server Is Stolen - Forget hacking the server, just break in and steal the darn thing! Lost--names, addresses and SSN's.

Laptop theft exposes customer data

Not convinced? Here are more laptop losses, filled with vital data: Laptop Thefts: The Latest Form Of Identity Theft

Like lists? Check out Privacy Rights Clearinghouse's Chronology of Data Breaches Reported Since the ChoicePoint Incident. Deeply disturbing.

I'm convinced we have a serious problem with data security in our country. And I personally think the root of the issue is a little thing called accountability. Accountability means accepting responsibility for something entrusted to you and answering to someone else for any successes and failures in executing that responsibility. It concerns me that confidential data has become so common-place that it is just "data." Let me expound...

I personally really don't think that any of these security breaches were planned by the victims. I really feel that the persons who were entrusted with these laptops and servers took reasonable measures to protect the value of the hardware with which they were entrusted. Few people expect to have their car or home or place of business broken into. Otherwise they would have been prepared ahead of time. Laptops and servers and USB keys and portable drives can be replaced; easily. What they failed to take adequate notice of was the value of the data stored on those devices. Responding to the data loss at the VA alone is costing millions of our tax-payer dollars--not to mention the stress of all those families whose personal data is lost. Maybe the thieves will not be technically savvy and will just delete the data and move on. Maybe not. That's the problem. We don't know.

The VA was offering a reward for the return of the missing equipment. That's another problem. Just because someone turns in the hardware doesn't mean that some clever individual hasn't taken an image (copy) of the data and sold it for an even bigger "reward."

As we gain the ability to data-mine and process even larger amounts of data, we also gain the ability to concentrate that data in larger and larger amounts. The data looses it's individual value (representing a person and life lived) and becomes 1's and 0's joined to a larger set. The people using these databases then relate to the database, not the individuals they represent. Without a face now, it becomes impersonal and accountability shifts from protecting the individual to protecting the trade secrets that database represents to the company or organization. Think about it, just by being a member of our society, your personal information is now contained to some degree in hundreds--maybe thousands of databases--protected only by policies on paper and the willingness of individuals to follow those policies. Feel safe?

I'm not ranting about "big-brother" data-gathering. I'm a jaded child of the digital generation. I expect my surfing habits to be kept in my ISP's logs for years. I expect my banking transactions to be monitored. I expect my telephone calls to be tracked. I don't agree with it all, but neither am I against it all.

So what is the solution? More Federal and State legislation and oversight? Yeah. That always fixes things. No. Instead of working from the top downward, I really think we need to begin demanding more accountibilty from the businesses and government we all work at ourselves.

Why? Because we are our own biggest enemies. One example: a local financial institution hired a security firm to run a pen-test (penetration test) on it's branch. So what's the best way to hack a bank? Get all l33t black-hat hakor on 'em? Nope. They seeded some USB memory sticks with trojans and viruses and left them scattered around where the employees congregated outside the building. Of the 20 they dropped, 15 were plugged into the network's computers and going to town mailing confidential info to the home office. Dirty deeds done dirt cheap. For more info on this trick: Social Engineering, the USB Way

Back during one of our previous "World Wars" the Federal government led a propaganda campaign about the importance of keeping our secrets safe from the "enemy." Maybe you remember the phase "Loose Lips Sink Ships"? My point here is that during a time of national crisis, we worked together to identify and protect information that was critical to our survival; be it military information, personal information, or trade secrets. We understood that information was just as, or even more, important than physical security. I think we need to begin that campaign again. Even if it means the rise of cheesy propaganda posters--updated Flash-style!

So, until the "Loose Laptops Sink Ships" campaign kicks into gear in the halls of the Pentagon, what's the average Joe Citizen to do? Here are my suggestions--and these can be scaled accordingly from the family laptop level up to the corporate Chief Security Officer's (CSO) desk.

1. Assess your Data: You can't adequately protect what you don't know you have. Run a data-audit on everthing you can store data on: floppy's, CD's, DVD-R's, USB keys, portable/external hard drives (this includes those iPods!), laptops, desktop pc's, and servers. Take a good hard look and sort the information that is confidential (IP tables, personally identifying data, trade and agency secrets, system documentation, etc.) from that which is not (pictures of the family cat, your favorite anime list, etc.). You have to know what you have to assess the impact if it gets lost. Information Security Risk Assessment GAO Practices of Leading Organizations (PDF file)

2. Set a Policy: Who needs access to the sensitive data. Does having your Quicken files on the same pc where your daughter does her IM chat from seem a good idea? Maybe not. Limit what kind of devices can be connected to your pc's/laptops at work (ie, no non-issued USB's). If employees need to utilize data outside the office, consider restricting their acccess to it using VPN accounts directly off the secured servers and not the laptops. Make it difficult to save the data to the local drives. Put the policy in writing. Introduction to Security Policies (a four part series)

3a. Guard the Data--Encryption: This is where it begins to really become work. It doesn't suffice just to have written policy filed in drawer. It has to be implemented. The best way to protect your data is to utilize strong encryption methods. This way, even if the hardware is lost, the data cannot be breached. Windows XP Professional and Windows 2000 that have drives with NTFS filesystem formatting can utilize the optional Encrypted File System (EFS) to encrypt folders and their contents. Apple users can utilize FileVault. Linux users have a wealth of options at their disposal. I personally am using the open source program TrueCrypt. It is very easy to use, is free, and I don't seem to be noticing any performance hits at all (assuming your system has adequate memory, hard drive-throughput speed, and processing power). Leo Laporte and Steve Gibson talk about TrueCrypt here. Too many times users think that just because they have set and use a password to log into their desktop account, then their data is safe. Nope. Not even with NTFS. Just about any hackor or IT professional can probably get to the drive contents using a boot disk/cd and view and copy the files to their heart's content. Heck. I even have tools to let me easily reset the holy "administrator" passwords on Windows machines if somehow a user changes it on me at work. No, the only way to seriously protect data on a drive is to encrypt the data itself, not just depend on a passworded file or operating system.

3(b). Guard the Data--Lock Down Access: This means determining if your location needs to set computer policies that disable use of floppy drives and USB ports via a password protected BIOS. Or maybe you need to implement IP and email monitoring to catch attempts by persons attempting to send files over the Internet or store them on network or other virtual-network drive shares. Yeah it's a hassle when you are issued a company laptop that you can't connect anything to via the USB ports, but that's the point. Do your restrict the use of CD/DVD burners at your location? It just takes a few minutes to burn Gigabytes of data onto a DVD now. Also assess the physical security: do you have a cable-lock for your laptop? Do you avoid leaving the laptop in your car? Do you lock it up even at your residence? Does your server or network room have a hardened door and locks to avoid penetration and theft? What is to prevent a thief from doing a smash-and-grab and walking off with the workstations off the office desks? Lock Down Your PC

4. Track it if Lost: Just because it still got stolen doesn't mean your responsibility has ended. Federal and State laws may require you to notify all the impacted individuals in the case of personal data loss. Your clients might want to know their data is off on vacation. And law-enforcement will always appreciate some leads. There are a number of software and hardware products and services available for tracking down lost equipment. STATE OF THE ART; Making Sure A Laptop Won't Stray

5. Ensure Supporting Software Protection: This seems silly but be sure you are running sufficient network and workstation software protection. This includes anti-virus applications, firewalls, anti-malware scanners (my favorites include LavaSoft's Ad-Aware, Safer Networking's SpyBot Seach & Destroy, Sunbelt Software's CounterSpy, Windows Defender, to name a few), and don't forget about root kit protection (Sysinternal's Rootkit Revealer, F-Secure's BlackLight). These products and others like them help to keep your system protected from data-breaches by malevolent forces.

6. Monitor and Audit it: Make sure you are running periodic inspections to ensure the policies you established are being adhered to. Ask for your employee's devices and audit them for compliance. You can't enforce what you don't know about. Adjust your policy according based on your findings.

7. Don't need it? Destroy it!: Just because you are done with a secure file or hard-drive doesn't mean you should just toss it away. It is getting much easier to recover "deleted" data using any number of freely available tools off the Web. And we are not talking about "Mission Impossible" danger and difficulty levels here. All too often folks have been finding other person's data on drives that were discarded. Couple's Supposedly Destroyed Hard Drive Purchased In Chicago Bummer. There are two products I recommend for secure multi-pass wiping of data prior to disposal: to entirely wipe a drive before disposal I use Darik's Boot and Nuke disk, and for securely deleting individual files and folders in Windows, I use Heidi's Eraser application which integrates into the shell for easy usage. It can also wipe the free-space from drives as well. And that USB key or unused iPod? Wipe those as well or take a hammer to them. Just as effective. Have data tapes, cd's or floppys that you don't need to retain any longer? Drop them into an industrial-grade shredder, or strip the tape, break the CD's and pop the floppy disk out of the case and cut it up.

If we all take personal responsibility in our homes and places of business (be they corporate or government) and hold the persons charged with their safekeeping accountable, then maybe we can begin to put a face on all those loose 1's and 0's out there--after all, it's our face on them.

It's not that the tools and policies aren't there. It just seems--more cases than not--that we aren't following them to begin with. We are failing in our accountability and personal responsibility. Lets get busy and start changing things.

And as for me...I think I'll go apply for a new job over with Public Security Section 9.

Additional Data Security Resources:

U.S. Security Awareness

Security Awareness Program

The Information Assurance Awareness posters

Security Awareness/Motivation Poster Page: Central Coast Security

SecurityFocus website

Laptop Security

Microsoft Shared Computer Toolkit for Windows XP Handbook
Chapter 7: Security Checklist

SANS (SysAdmin, Audit, Network, Security) Institutes's Reading Room

SANS Institute - Popular Resources On Computer Security

NIST Computer Security Division's CSRC Home page

NIST Computer Security Division's CSRC Links and Resources

CERT Coordination Center

That should keep you reading for a while...

06/29/06 Update--Security Guru Bruce Schneier reflects on how economies of cost may be a deciding factor on security policies and implementation efforts. Interesting perspective. It's the Economy, Stupid. Observant commenter Jim Thompson alluded to this as well in his earlier comment here.

See you in the skies,

Tuesday, June 20, 2006

360's and Re-Partitions

Picked up my iPod's USB cable from work before heading into the field. I completed my data to CD burns tonight and all went well.

If you didn't catch the title of my last post--it was a play on this. Funny how the weirdest small things you learn in school kinda pop out on you.


So, I had the scare of my life today.

I was driving the 610 Loop over by the Astrodome. A heavy downpour had broken out and the rain was coming down hard. I had dropped my speed down to about 55 mph as I worked my way over to make my upcoming exit. It's about 4 lanes here (per freeway side). Out of the corner of my eye I see a white blur as a Suburban passes me two lanes over at more like 65-70 mph (posted speed was 60 mph). It changes lanes and instantly starts to do this slow-motion pirouette--at forward speed right in the middle of all the surrounding cars and trucks. I immediately begin to slow down not knowing where this thing is going to end up.

It continued to do its mad ballet spin over into the right two lanes. Then it made more 360 turns over into the far left lane. All the while my brain is grimly calculating the possibilities of any evasive action I might need to take yet still calmly admiring the beauty of the full-speed spinout. It swayed left and right like a small boat caught in a vicious sea, Physics fighting to determine if it was a candidate for rollover, or eventually leading by hand to a violent rest into one of the concrete retaining barriers.

I passed it as it Physics suddenly tired of the game and left it at rest halfway on the left shoulder and halfway in the fast lane--right in front of a vehicle and a semi, 90 degrees to the lane-flow.

By some sort of miracle, the Suburban had missed the pack of cars that were around it when it went into the wild spin and also as it came to rest before it hit any barriers. Wow. It seemed pretty clear to me that a small flow of water was running down the freeway decline and the Suburban had hydroplaned. Because it was changing lanes, that may have been enough to send it into the spin.

I felt like I was in the middle of a NASCAR event. It was terrifying and beautiful at the same time. Fortunately no one appeared hurt and no damage occurred to anyone's vehicles. All in all, I estimate it did about 8 full 360's.

Sheesh, people. If it rains on the have to slow down! Even here in Texas!

Re-Partitioning an "Active" Windows Drive

Mike over at The Japan Years blog asked me about partitioning an active drive--like when you don't want to start from scratch. Let's see what I can quickly share:

First, (very simply) a partition is set of space specifically allocated on your hard-drive. A hard drive can have just one partition (C:) or many (D:...Z:). It is pretty much limited to how big your hard-drive is and how you divide up your partitions.

Why would you even care to partition your drive? Lots of reasons. I personally use them like "super" folders. My system has 4 partitions of equal sizes. C:=System and program files, D:=pictures, E:=music, F:=archive/storage/on-drive backup copies. Also, if my system needs to be reinstalled, I can do so without worrying too much about harming my user-data (assuming the drive itself isn't bad). Some people "dual-boot" their pc's so each different operating system may want its own partition to install the system (Linux or Apple).

Personally, I like to set my (XP) partitions up at the very beginning when I am doing a fresh install of Windows. It will prompt you to create partitions if you would like. Great time to do it. However, if you buy a pc/system from a OEM company, you will often not get an XP system disk, but a "system-restore" disk that just puts an original image back on your drive--like it was shipped from the factory. Not usually helpful in setting up a different partition structure.

But (like Mike asked) how do you partition a disk if you already have your system on it and don't want to (or can't) reload your entire system from scratch?

I suppose everyone has their own method and software to do this, but here are some options to look into:

One of the best known programs I am aware of to do this fairly easily is Symantec's PartitionMagic. It isn't very expensive and is a pretty dependable program. I recall it being "wizard-based" so should be usable even by "non-techies". If I had to tell someone what to use, I'd most likely recommend this one first and foremost. It can handle all current Windows file-system formats.

Ranish Partition Manager is a powerful freeware tool. It also lets you run a simulation mode. One drawback is that it is more "geeky" and it does not support NTFS partitions. In Enterprise class deployments, most Windows 2000 and XP systems use NTFS partitions for various reasons. I set my home pc's C: to be a NTFS partition, but my others are FAT32.

(How do you find out what file system your Windows system uses? Double-click "My Computer" then, starting with your C: find each hard-drive icon listed and right click the icon. Left-click the "properties" item listed. Under the "general" tab it will list what file system is set up on that drive partition.)

If you are Linux minded, there is a Linux application called QTParted. FAQ here. The best way to use it on a Windows system would be to download a burn a Linux Live CD that has it installed. Then you can (usually) boot your system with the Linux CD run the QTParted application. This is also a fairly technical procedure. I believe the Knoppix live CD comes with this app as does the SystemRescueCd. Other distros likely do as well.

Finally, the always resourceful Lifehacker site has two articles on re-partitioning Windows drives as well with suggestions.

I know I have some other tech-heads out there as well. Feel free to kindly drop your suggestions and insights into the comments as well for our friend. (It's almost midnight and I might not be communicating as clearly as I think I am.)

Lastly...and MOST IMPORTANTLY (tm), back up all your important data first to another hard-drive, iPod, CD's/DVD's, all of the above, etc. before setting out to re-partition an active hard-drive. Why? Well, it's kinda like brain-surgery. Yeah, if you follow the directions--nothing bad "should" happen, but if it does, most likely it will be "very bad" maybe even non-recoverable. So keep that in mind. Read the guides, do some Googling on your choice of poison and get your backups done first.

Then...dive in and operate!

Riding the skies with fear and wonder,

Monday, June 19, 2006

My Kingdom for a Cable


I've given up on addressing the laundry. It's washed--I've decided to see if it will fold itself.

I remain hopeful about starting to get my thoughts straight on the data-security post.

I've watched Kamikaze Girls. It was deeply entertaining. Quirky. Kinda like if Quentin Tarantino decided to remake Amelie in Kill Bill style. Well worth picking up--regardless if you are Japanese film fan or not.

I had to settle for burning just a couple of backup disks at this point. Instead of doing an image of my drive, I've just been burning cd's of my important folders and files. Sometimes it's better to do an image of your hard drive. Other times just getting the files themselves gives you more flexibility. The burner in my main unit is 10x speed (yeah, I know) and was taking just too long to process the files. So I got the brilliant idea to just dump copies onto my 40GB iPod and then hook it up to Lavie's pc and run the burns off it (since her cd/dvd writer is significantly faster).

Worked great--well half-way.

See, I connect the iPod to the main desktop pc using a Firewire cable. Only, it turns out Lavie's laptop doesn't have a Firewire port. And I left my iPod's USB 2.0 cable at work.

Oh my kingdom for want of a cable.

Anyway. Another day. In the meantime I've been zipping up the folders to save space on the cd's. I use two main zip program: ZipGenius and 7-zip. I like 7-zip a touch better, but the interface is really a pain. ZipGenius integrates nicely with the shell and also has some useful plugins. As an added bonus, if you have a really big folder you are zipping, you can let it break the zip up into cd sized chunks. Handy. For light single-file or so zip jobs, I just use the ones integrated in freeCommander or A43.

Here's a bonus tip for those of you who are backing up your zip files to cd. Save room and be sure to drop the zip-program(s) setup-file to each cd as well. You may find down the road that you need to unzip them and if there are any compatibility problems with future versions or a different compression application, having the original compression program/version you used handy will save you a ton of grief.

Hope your skies are clearing,

Rain-Day--Houston Style

Well, it's been a rainy morning.

My office has been closed so today is a "open-swim" day around the Valca household.

Alvis is with Lavie's parents taking painting lessons. Lavie had to go to work--one of the drawbacks of working just a few miles from the office.

It lightninged and thundered all night long, but getting up to the local news coverage was still a real shocker. They keep comparing this to Allison, but it seems more like Frances to me, with sections of freeways underwater again.

So, what to do? Here's my list for the day:

1) finish the laundry/folding.
2) finally watch "Kamakaze Girls" on the VCR and new tele.
3) maybe start my blog post on data-security.
4) do some house-cleaning on my hard-drive.

Number four is the most pressing to me. I have a 120GB HDD on my main system. I've got it divided into four partitions: c:=system, d:=pictures, e:=music, f:=storage. It's starting to get a little full. I tend to save program installation (setup) files pretty good. I like to keep older versions around for awhile in case the newer one turns out bad, I can roll it back. Problem is I now have tons of these older versions on my HDD and it is time to take out the trash. I've still got a big spindle of cd's so I might just do some organization then burn them to cd before deleting. I've been putting it off for a quite a while, but the house is quiet now so it may be a good time.

See you in the (clearing) skies

Sunday, June 18, 2006

That's Widescreen, Baby!

Our good old Magnavox 27" TV started to die two weeks ago. It was developing some floating bars at the very bottom of the picture.

I did a good job ignoring it until the picture starting collapsing together from the top and bottom by several inches. Repeated power on/off's sometimes got it stabilized, but other times not.

We've had it for at least 8 years so I guess it's been good.

Time to begin considering a replacement...

My only criteria was that it had to be under $500 and be a no larger than 27". We don't have a large living room so this is a good size that balances viewability with decor. Other than that I was pretty open.

The price and size constraints put a damper on looking for flat-panels. That's ok. I wasn't really wanting all those bells and whistles. We watch quite a bit of TV/DVD for our entertainment but I'm not feeling the pressure to adopt HDTV quite yet.

While surfing the BestBuy site for TV's I noticed that tube-units were being made in the 16:9 ratio format. Cool. That would be nice. I always have envied the widescreen format. After much looking I had pretty much picked out Toshiba's 26DF56 unit. It was in our price-range, size and even was a wide-screen format. Nice. Lavie agreed.

We got to the store and started trying to find the unit. The labeling was kinda off from the displays as they had been doing some unit reshuffling. Lavie found one we thought was it and was happily awed. They spun it around for me so I could check the inputs on the back had way too many for the model we wanted. What was up?

Turns out it was Toshiba's 26HF85 model we were looking at. It was pretty much like the other one, but it was HDTV ready (meaning you had to hook it to a HDTV receiver to get the HD signal). Because it was HDTV ready, it had the higher 1080i picture resolution and a ton of extra bells and whistles for signal upgrade, conversion, etc...Lavie loved it. I was impressed. But this would be way outside our budget right?

Well....we took it home for about $350. It ended up being on clearance (and a floor model) and was actually cheaper than the one we were looking at, even with it being HDTV ready. Wow.

Now I am not an audiophile--I just like sound that is good for my ears. Same way with TV technology. I love a beautiful quality picture, but I am not deeply discerning when it comes to TV technology. Seemed like a good deal. Being a floor model could have it's pluses and minuses. Minus: Could have been abused or already had a lot of tube-hours on it. Had a small scratch on the front frame. Pluses: Already broken in, good value, and still covered under the store warranty as if were bought new.

It took me about two hours to get it fully programmed and set up. I still need to do a little bit of work getting my DVD player settings tweaked for outputting to the 16:9 format TV. It has lots of options to accommodate that pairing. What I've gotten worked out so far looks incredibly crisp and clear. Wow. I had been feeding my DVD signal to the TV via S-Video input, but this thing came with component video inputs so I am using those for the DVD to TV signal. It is really incredible.

I always wondered about how the 4:3 standard signal got stretched to fit the 16:9 screen format. Know I know! This model handles it one of 5 ways: "normal" with grey bars to the left and right sides and the "square" picture in the center, three wide-screen views with it stretching the picture horizontally in a proportionately greater spread from the center outward, stretching by clipping the top or bottom, or "full" which stretches it vertically and horizontally to fit. I've found that depending on the show we are watching, you will want to pick the best one. For news and sports shows that have "crawler" feeds at the top or bottom--"full" mode is best, even though it seems to throw the proportions off a little. Shows that don't have those the first wide-screen option works best as it looks the most natural, but clips some of the top and bottom image off in the process.

And those widescreen DVD movies? Wowsers. Who wants to go to the noisy, sticky theatre now? Forgeddaboudit!

So, time will tell if we got an awesome bargin or not. But in perspective, we paid over two times as much for the Magnavox that is going out to pasture than we paid for this one. I hate to think about "big" TV's being disposable, but it seems the price has come down so much on them, especially the tube models, that it is cheaper to replace them than repair them.

I have it on a surge protector along with the other A/V items, but I am trying to decide if putting on my spare UPS unit might be a good idea or not. (In my mind) the UPS should clean up the power-signal and maybe help the TV's power supply unit last longer. Don't know. Maybe I should drop Dan a line.

That's Widescreen, Baby. Sweet!

(And that wasn't even my Father's Day gift! That turned out to be the Eureka Seven anieme collector's box set--with DVD/manga/t-shirt and 2-disk CD soundtrack. Score. My girls are good!)

See you in front of the TV this week!

Wednesday, June 14, 2006

Request for XP Advice...


I know there are some loyal friends out there. My wicked-cool Google Analytics account tells me so.

I'm needing some advice.

I'm going to be putting together a DVD data disk to support XP Professional systems. I've got a ton of tools picked out for it (mostly the stuff on my USB drive).

On my Windows 2000 disk like this, I have a good collection of Microsoft support essentials: W2K SP4, various security patches and drivers (major ones), etc. But I don't really know what specialized Microsoft stuff to collect for XP.

Let me be specific...I'm looking for stuff from Microsoft. Critical patches and software "enhancements" for the business environment. Things that I might want to have handy if I loose network access but still need to install or to save the time to download off the net.

Here's what I have so far:

XP SP2. (I don't see a real need for this as our images already include the SP2 level on the install, but figure it would be good to have anyway.)

WindowsDefender. (Even though it is buggy beta, some protection is better than none.)

XP Service Pack 2 Support Tools (unpacked)

IE6 SP1 - In case I ever need to do a clean reinstall.

User Profile Hive Cleanup Service (I like this extra level of protection for my users. I've seen to many corrupted profiles on my W2K systems lately...)

Update for Windows XP (KB918005) - Patches XP laptop systems to address battery drain in specific circumstances.

We don't really use the .NET framework software on our machines, but it is a big download so maybe that would be good to keep handy....

I'm nosing through Microsoft's Windows Update Catalog (a really handy manual update download resource for IT sysadmins) but so far not much has struck me. (You need to be running IE 5.5 or better to view this page.

So team, what else do you recommend? As Dwight would say, "Comments are open!"

Here are some links in gratitude:

Picture above is from "Websites as Graphs" Put in your website and it will (slowly) display a graphical image of your site-map. Pretty. via BLDGBLOG.

Hunt Down memory leaking apps in Firefox: Leak Monitor. via downloadsquad. So to answer Dwight's question to me...I haven't had any bad memory leaks with Firefox (even with those tons of extensions I run) even with just 512MB system RAM. The worst offenders I've caught were java-script leak problems with: GMail, CNN, and, yep, Go figure. Then again, I usually don't leave Firefox running all day. I open and close as needed.

FEBE and CLEO: Firefox extensions to back up your extensions. FEBE lets you take an installed extension and repack it as an installable .xpi file. Handy if you have made some "tweaks" to them. CLEO will take the extensions and/or themes you select and package them all as a single .xpi so you can install at once. These tools look to be really useful! via Lifehacker.

This new Shuttle product the XPC X100 looks trim and proper with a high coolness factor. Might make a nice living-room pc.

In the "Creepy" department. BLDGBLOG has found "Transformer Houses." These bizarre things are attempts to conceal ugly power sub-stations as residential homes. I've seen cell-towers made to look like trees, but this is creepy. Anybody know of any similar things around Houston?

See you in the skies,

Friday, June 09, 2006

Wireshark, Numbers, Image Tools

The wonderful open source packet capture program Ethereal is now Wireshark.

AnalogX has a great collection of freeware applications for networks, music, programming and systems--including PacketMon. A really small but useful packet capturing application. Fits on a USB stick great!

Don't pass up a look at Foundstone's free security tools. Heavier duty fare here. Network security applications, forensic tools,

Symantec figured out the source of those wierd spam messages with funky number combos in the message body are actually the result of what is named the W32.Beagle.FC trojan.

Quoting from Symantec's description, once a pc is infected, the trojan "...steals email addresses from the compromised computer and sends the information via HTTP to the domain. The threat sends spam emails with random text in order to verify if the gathered email addresses are live to build a validated email list for sending malicious code or spam in the future."

Between Lavie and I, we have ton's of image software. Lots of complicated Photoshop and other similar image editing stuff. Dad recently asked about how to cut down the size of some digital camera images he had taken. They were so big, he was having trouble sending them out over his ISP email system.

I recommended he resize his massively large images down to a more palatable, email friendly size. Despite the number of applications at my disposal, I keep coming back to these:

FastStone Soft has a number of great freeware utilities that can get the job done:

FastStone Image Viewer - jam packed with all kinds of goodies. This is a flagship product. A great thumbnail browser as well. It's the image tool I go to first and most.
FastStone MaxView - mid-feature image viewer and manipulator.
FastStone Photo Resizer - purely designed to resize, rename, crop, convert and handle image conversions in batch mode.

PhotoFiltre is another heavy-duty I-can't-believe-it-is-free image editing program. The developer's site also has great tutorials, plug-ins and a gallery to really showcase what it can do.

ImageWalker is also a favorite of mine. I don't use it as much as I do FastStone Image Viewer, but I really love the "Filter Factory" plugin it comes with. Really fun way to manipulate images. It's still at version 2.20 after all this time, but I recently found the developer's ImageWalker Blog and he has version 2.30 Beta download from there!

Lastly, take a look at the Paint.NET application. It is now up to version 2.63 and looking really sharp. It's not a Photoshop killer, yet. But continued development looks very promising. Lavie's having fun playing with it.

Interesting Tidbits. I must say.

Double-Play Goodness

Last Saturday I did one of those "Dad" things that's almost as beautiful as the perfectly turned double-play....

Alvis had been wanting to get wet...really in "wave-pool" wet all week. I knew we had a busy Saturday lined up, but had promised we would do all we could to make it to the wave-pool. By 4pm however, the day was still full and we were setting off to pick up a few last-minute gifts for Lavie's birthday.

I had called to the local bookstore to find out if they had the "Magister Negi Magi" manga editions we were hoping to get for Lavie--no dice. So that meant a longer journey to one of those "FOX" bookstores (you know, as in "You've Got Mail"). Alvis wasn't happy as she had done the math in her head and quickly calculated that this would probably mean no wave-pool. We had the standard father-daughter "discussion" about priorities and thinking of mom over ourselves. Dear Alvis's brain and heart were dealing with the conflictive feelings like only a pre-teen girl can really understand.

So, in a moment of pity and conflict myself, I quickly turned the car around and we shot out to the local mall. Maybe we could make it. However, a quick check on the cell-phone did confirm there was no way we could possibly get all the stops done AND make the wave-pool. They closed an hour earlier than we thought. Bummer. Now what?

We made an adjustment and picked up Lavie's birthday gifts. Somewhere between the food section and the manga section of the bookstore, inspiration hit.

At our next stop in Target getting cards (they have had the best selection of cards lately!) I sauntered over to the toy rows and started looking around the pool toys. Alvis perked up a bit. I bent down and looked at that wonderful invention known the world over as the "Slip'n'Slide." Ohhh! That did it. Alvis's face brightened like sunbeams breaking through storm-clouds. I asked her if she recommended the standard model (sheet of plastic, hose to water it down) or the "Bounce 'n Splash" model (an inflatable cushioned landing zone and a "pool" of water at the end).

"Definitely the Bounce model," said Alvis sounding suddenly much more grown-up and suspiciously like a most professional product consultant.

Plan still forming in my head, we then stopped by the grocery store and loaded up on picnic goods: potato and pasta salads, Frostie blue-cream sodas, Stewart's Key-lime cream soda, peach-tea Snapple. Plastic plates and utensils. Pink and Green Jello cups. The mandatory super-colossal seedless watermelon. Alvis loaded up the cart with three, ten-pound bags of ice carried at one time (is she really that big now?). We swung by Popeye's and grabbed a mix of fried-chicken and corn on the cob.

Racing back home we dumped everything but the chicken in the cooler and drug it out into the back yard. Alvis quickly changed into one of those darling gym-shorts/swim-suit top combos that daughters seem to love to drive their dad's mad in. Ten minutes later we had inflated the Slip'N'Slide and had it staked out in the backyard and Alvis was flying down the runway. Slipping and, well, honestly...sliding! The grass still smelled pleasantly fresh of green onions (a few are growing "wild" in the yard) and cut grass from the morning's mow.

Lavie got home from her afternoon errand run about thirty minutes later. We surprised her big-time. She joined me on the gliding swing and we held hands and watched Alvis continue to scream and giggle and perform different techniques for our enjoyment. Eventually we tucked into the cooler and chicken. Yummers. A round of Frisbee toss followed--playing that stupidly fun game of "let's see how many times we can toss it around before someone drops it."

Eventually the day wore down. Watermelon rinds littered our small compost pile. A big mud-pit had developed at the base of the Slip'N'Slide where Alvis's takeoffs happened. Bottles of pop littered the ground near the trash-can. Lavie and I held hands and negotiated with Alvis for "just ten more minutes..OK? I promise!"

Dad and Alvis ended up turning the perfect double-play. Wave pool, you ask? Forgotten.

Summer had officially began.

Spectator linkage

Turuya Ryokan - When I finally get over to Japan. I have to stay in a ryokan. It's like a traditional Japanese hotel. The Turuya Ryokan (English site) has a long and proud history. If I could decorate our home in any style--this would be very close to my perfect dream.

Speaking of home decorating, HG-TV is offering a fabulous web-based room planner. Pick your room, adjust the size, add furniture elements. Adjust. And re-adjust. Really fun and it is guaranteed to save your back from unnecessary strains.

Watashi to Tokyo blogged a while back about room layouts in Japan. One interesting thing I learned is that often, floorplans are listed in "tatami" units. Some are so strange, it really makes one wonder.

Danny Choo also expounded about the wacky world of rental/ownership life in Japan. It's one of those situations where you are crazy to rent, but also crazy to own. Nice humorous overview of some of the ups and downs of looking for property in Japan.

Bad news for you Windows 98/95/ME/Bob users out there! Not only did Mozilla seem to indicate Firefox 3.0 will not support any pre-W2K Microsoft OS, but Microsoft itself admitted that Windows 98 had a security flaw in Windows Explorer that was just so bad, itwasn't worth the effort to try to fix. Official support (security updates) is ending in July anyway for Windows 98/98SE/ME.

Want to fondly remember old web-browsing software? Can't find a version to run anymore on your old Windows 3.11 pc you still have chugging away in the garage? Head on over to's Browser Archive. I installed Mosaic on our systems when I got my first job with my company and used Netscape Navigator at home back when it wasn't cool.

Microsoft may be planning an August release of IE 7 Beta version 3 - via AMCP Tech Blog.

Instructables has a pretty simple to follow guide on how to repair your remote controls. I have a fancy 32" TV that has a dual tuner built-in so I can run picture-in-picture without needing a VCR. Only problem is that it only can be controlled with the factory remote. Universal controllers don't work that feature. It's a real drag as the remote doesn't work. I've hacked it along for a long time, but it seems the metallic coating on the bottom of the rubber buttons that contacts the circuit board on many of the key buttons has finally worn off. I've heard somewhere that painting them with the same metallic goo used to repair breaks in a car's rear-window defroster will bring them back to life....

Finally, every now and then, I break out my artist-grade black-ink marker set and get to sketching. I love pen and ink sketches. I was delighted, then, to find Mattias Adolfsson's blog: MattiasInks. Inspiring stuff for the ink-sketchers. Mattias's "full" web-page has even more content.

Which leads me to close with Ed Emberly's web-page. As a kid, I spent almost every summer checking out Ed's illustration books for kids (and the kids at heart) from our public library. I would patiently followed the instructions and drew my basic shapes, added lines and dots and stuff and somehow end up with wonderful Emberly cars, buildings, dogs, flowers, bugs. I really liked the thumb-print people.

See you in summer skies,


Sometime I could scream.

Worked for over an hour on a post. Decided to go ahead and save a few minutes time by using the Blogger editor. I almost always use the Performancing blog editor extension.

Well, wouldn't you know, the Blogger editor crashed. Bad.

I "recovered post" but it had less than a third of what I had typed. (I wonder what's really going on when I see Blogger flash that it was saving a draft copy automatically.)

I'm too tired to retype what I lost. Too bad. I was on a roll. Maybe I'll finish salvaging it tomorrow night.

Performancing seems to do auto-saves better. Yes, as an IT guy I know to run frequent saves on documents. I generally do. Sometimes, though, I get in the zone typing like crazy and I forget. Usually nothing bad happens. Sometimes.....well, you know.

Think I would have learned, huh?


I'm going to look at some beautiful photos taken by the Japan Years crew and try to calm down. Then I'm going to bed.

Oh yeah, you Americans out there, when you wonder where almost the rest of the civilized (and uncivilized) world dropped off the face of the map to for the next few weeks--just remember one thing:


(Team Mandolux, Team Wallpaper Stock, Team Microsoft, Team Yahoo, Team FIFA, and Team Google)

I can't decide which team to root for.

(Oh yeah. Now Blogger just went down for maintenance--so I can't even
post this half-hearted attempt now. Great. Well, maybe I'll stick it up in the

Sunday, June 04, 2006

Tiny versus Modular Home Concepts

Let's digress from tech for a moment, shall we?

One of the subjects I first covered as a new blogger was the phenomenon of "tiny homes." These are very small sized homes.

Recently NPR ran an story on how "tiny home" proponents are responding to the needs of those impacted by the recent Gulf-Coast visitors Rita and Katrina: Tiny Houses Find a Friend on the Gulf Coast

Related links:

Tumbleweed Tiny House Company
Cusato Cottages: The Katrina Cottage
The Martin House Company: House-to-Go
The Small House Society

There seems to be something appealing in this concept. It is more home-like than a travel-trailer. And there definitely is a "kawaii" factor about them. No getting around the fact it is a major life-style change. You are forced to decide what bits of humanity are essential to your comfort and happiness--all else must be shed and not very conducive to most "family-living" plans.

Following a different flight-plan, Retrothing touched on modular housing. Here, you select the modules you want in your home-design and they put all the elements together. This seems more my style--modern and contemporary and clean--but still with unmistakable logic and order. (Stop laughing at me, Lavie!)

Muji+Infill Modular Housing (Japanese site) - Living in a Hurricane-zone, the concrete appeals to me.
Huf Haus - but it doesn't much compare to the post and beam look of these designs.
Oldcastle Precast Modular Group - Good and sturdy concrete boxes - just need some more work to make them more "home-style" for single-family dwellings.
fabprefab's containerbay - Houston is an international port city. Lots of shipping containers on the road. Considering that and the possibilities of modular homes, led me to this site.
Loft Cube -- Nice design work.

land+living -- modern design website. Not directly related but I liked it anyway.

Enjoy and dream.

Saturday, June 03, 2006

Fast and Easy Video Web-Cam Setup

(Or...How to set up a web-cam for free video-to-video calling in 9-steps or less!)

In a previous post I mentioned that I had recently picked up a new toy for the pc. It's a web-cam. Not impressed? Well up to this point neither was I.

To be honest, I have considered web cams as being a very "niche" pc accessory. Let's be honest between friends. You know exactly what I'm talking about; watch a sunset, watch the traffic, watch fish in a tank, remote monitor a LAN room, watch the sorority girl and her friends...umm...share study techniques? Anyway, not really useful for daily living enhancements.

Each summer Alvis heads off to spend summer weekdays on the "farm" with Lavie's parents. We stay in touch throughout the day and night by phone, but she is a pre-teen now and sometimes a phoned "good-night" doesn't just cut it. The in-laws have a nice, new and decently-fast Dell along with a DSL connection. Green Acres it isn't anymore! I have our Shuttle system and cable-broadband. I figured the in-laws were sufficiently advanced now in computing to handle video to video web-cam operations and this would allow both Lavie to stay in better touch with her mom as well as us staying in closer touch with our daughter during the week's absence.

So, Claus was on a mission. Set up two web-cams for video-to-video calling--Jetsons style.

Step 1. Make sure your system can handle it.

As I mentioned we both had good pc's (both are running Windows XP SP2) able to handle the processing demands easily. We both also had broadband Internet service. OK. Check. Mission cleared to proceed.

Step 2. Get a web-cam.

(Well, in this case...get two.) I went to our local BestBuy and found two Logitech QuickCam Communicate STX web-cams. The specs were decent and quality seemed nice. It uses a fixed-focus lens and had automatic brightness adjustments. USB connection. Getting a matched set makes setup that much easier and if something goes wrong on the in-law's side, I have an exact duplicate to compare software, drivers, etc. against. It also comes with a built-in microphone and glows with a purdy blue light when "active"--just like my Shuttle does.

Step 3. Installation of Hardware.

I loaded up the software driver CD that came with the web-cam. Being an IT pro. I instantly decided against the default installation and chose "custom". This way I could install just the drivers and basic software. I didn't need or want any of the other imaging software "candy" that came with it. Once the drivers were installed, I checked for updates (none found) and rebooted the system. Before it came back up, I plugged in the web-cam and XP recognized it and finished setting it up. There is a little icon in the tray now for additional tweaking of colors, brightness, etc. I've decided to leave it visible (for now).

Step 4. Installation of web video-to-video software.

Now this was the challenge. In order to make a video-to-video call, both parties need to find a way to hook up and get their web cam signals trading. The Logitech cam I picked up comes with a good selection of software on the included CD including popular ones like AOL-AIM, MSN Messenger, and Yahoo! Messenger. Unfortunately, I've spent too much time pulling these applications off the pc's where I work (unauthorized installations and a security issue) I've developed an (maybe unfair) bias against them. Also, I really don't like all the "extras" they seem to come with. There was also Microsoft's NetMeeting software (easy usage guide here) that I was familiar with.

In the end however, I decided to try a relatively new video calling service called SightSpeed. It had a nice interface and got high marks across the net. They also offer free unlimited video calling as well as a reasonable "Pro Service Plan" for less than $5.00 a month with enhanced features over the free "Basic Service" plan that I chose. Convinced it was a legit service, I registered: "I want the basic plan, no I don't need to buy a web-cam, but thanks for asking, here's what I want for my user name, password and email address". I responded to the email confirmation to activate my account. I downloaded the application and then installed it. Quick and easy--finished this whole process in less than five minutes.

The software then ran through a well-designed, but simple to follow configuration and optimization routine and then it was ready.

To connect to your friend/family member, you just have to add the other party's SightSpeed registered email address in your contact list. When they are not available, a grey dot is next to their name. When the are on line but not connected, there is a red dot. When your connected, it's green. How simple is that?!. You can view your video call full screen or in a window and you can also text-chat at the same time. The interface is clean and pleasing and options easy to adjust on the fly.

The whole process seemed very intuitive--that's a Good Thing with me.

Step 5. Go back to BestBuy and sheepishly obtain two USB microphone headsets.

I really should have done this to begin with. The problem--I quickly found out--was feedback from the pc speakers being too close to the web-cam microphone rendered the sound impossible to work with. If you are going to do web-cam video-to-video calling, take my advice: You may think you look like a geek, but you are a geek if you use video-to-video calling. Just get the thing and use it. You'll be glad you did. It effectively isolates the sound from the microphone and makes it much easier and clearer to hear each other. Just do it.

Step 6. Repeat steps 3 and 4 on the other party's pc.

This assumes you have already got two headsets from step 5.

Step 7. Make your call!

Everything is working like a charm. We tested this out on our internal network using Lavie's laptop in the living room and the Shuttle in the den. Nice.

Step 8. Final Deployment.

Repeat step 6 again but do the final setup of the second camera and mic on the in-law's pc. Show them how to set it up and use it. Make sure some written notes are left. Done!

Step 9. Sit back and enjoy!

You are now an "IT Hero (TM)" and "Cool Dude (TM)." Bask in the glory and enjoy the delight from the girl and Girl (and impressed in-laws to boot).

I really like SightSpeed's service and cannot say enough about it. The video compression is quite nice. There is some "choppiness" in the video, but I think that is coming from the speed differential between our cable broadband versus the in-laws' DSL. Neither pc seems to be slowed down at all by the software or video-to-video process. The whole SightSpeed experience is a breath of fresh air for setting something like this up. Tech geeks should be pleased with the quality and ease of configuration. Noobies should have no fears in any of the registration or setup or usage process. Their website is full of wonderfully approachable video tutorials and there is great documentation and troubleshooting tips. I'm sold on SightSpeed. Anything that is "in-law proof" is good enough for this IT guy!

One other thing: If you do try to experiment with web-cam video-to-video calling on your internal network, you run the risk of really confusing the crap out of your router/switch if you aren't careful!

After taking the web-cam off Lavie's laptop and trying to connect to SightSpeed, their software couldn't see their server any more. Nada. Turns out the router got confused with the port-forwarding. The website PortForward does a wonderful job guiding you to select your router model, then your specific application and illustrating clearly how to modify your router's port settings to handle the special port traffic. If you don't use/have an internal network, but just hit the web directly to your ISP you shouldn't have to worry about this. My firewall (ZoneAlarm) didn't have any issues with SightSpeed once I granted permission for that software's traffic to pass through.

(IT geeks really need to go and bookmark PortForward and keep it handy. It's a great and wonderful tool for living in peace with your home-router if you use more specialized applications regularly (like SightSpeed or TightVNC for example).

So there you go! No more excuses. Go set up your web cam and get connected, Jetson style!

See you in the skies!

Firefox Commenting Extensions

Here is a list of some more Firefox extensions I've recently adopted. Many may be useful for power blog commenting:

CoLT (copy link text) - This extension allows you to right-click a link and copy both the link-text (visible) as well as the HTML code (non-visible) then paste it where you want (like say a comment). There are some more options as well with it. So now you don't have to remember that HTML code to type in link references! Cool.

Copy URL+ - This is a deceptively simple copy extension. At it's most basic, it allows you to capture the web page address you are on to the clipboard. Then you can paste it: in a comment, in an Email, etc. At it's most powerful, it allows you to add and customize the format options for your selections with a little user.js file editing. The developer has a very good list of these alternative codes you can use at the bottom of that link's page. Just copy, paste and tweak the numbering. Nice.

Copy Plain Text 0.3.2 - Another handy copy tool. This one allows you to select a block of text on a web-page, then copy just the text-only--stripping out the HTML coding and formatting.
Just paste the plain-old text. Really handy for commenting as well.

coComment - This free comment tracking service offers a Firefox extension. You must register first. Once you have registered and installed the extension, the next time you leave a comment on a supported blog you have a little box that displays around the Post Comment button. You can enter a tag if you want. When you post your comment it records the posting information and then monitors it for you. The notification icon is kept out of the way down in the bottom status bar of the browser. Kinda nice. I've just came across this one so I haven't had opportunity yet to put it through the paces.

FavIcon Picker - This one's been in my pile of extensions for a while. It allows you to customize the bookmark icons in Firefox. However, as Rachel Cunliffe points out, if you want to streamline things in your bookmark toolbar, and your bookmark icons are nice, just edit the properties and remove the name. Just use the icons alone. Sweet. Some users are saying that the posted version doesn't work with 1.5.3+ I haven't had any trouble--but you might need to download the xpi file, and edit the version number. See a previous post about Hacking the Fox. Combine it with the standalone freeware application AM-DeadLink (I LOVE IT!) and it will check your browser's (IE,Firefox, etc.) bookmarks for both dead/expired links as well as snagging any FavIcons.

Sage - I've been using Sage as my RSS reader of choice for over a year now. I had been using the "Scarlet 'n Gray Two Column" style theme, but yesterday switched over to the "Mozilla Two Column" style. I like it much better. Anyway...nice style selections to fit just about any viewing preference.

Spellbound (latest beta development version) - This extension and the dictionary add-in will ensure that you don't make any more spelling errors in your posts, unless you just really want to on purpose. It doesn't require the Performancing blogging extension to work, but that really helps too.

ListZilla - Really handy extension tool from roachfiend. This gem generates a plain text or HTML file that lists all your themes and extensions loaded into Firefox. The HTML code output also cleverly generates a link directly to the source page on the web. Handy if you need to create a list for "emergency installation" purposes. Like I have just done below!

My Currently Enabled Firefox Extensions: (40)

All-In-One Sidebar 0.6.4
BugMeNot 1.3
CoLT 1.3.2
Copy Plain Text 0.3.2
Copy URL + 1.3.2
Download Statusbar 0.9.4
Ez Sidebar 3.1.2006011301
Fasterfox 1.0.3
Favicon Picker 0.3.0
FoxClocks 1.2.77
FoxyTunes 1.2.5
Google Notebook
IE Tab 1.0.9
Image Zoom 0.2.5
ListZilla 0.7
LiveLines 0.4.5
MeasureIt 0.3.5
Moji 0.8
Moji-En 0.4
Moji-J_Places 0.4
Moji-JpNam 0.4
Moji-Kanji-En 0.4
New Tab Button on Tab Bar 1.0
Outlook 2003 Blue 1.5.3
Performancing 1.2
Print Preview
Reveal 1.0.6
Sage 1.3.6
Save Image in Folder 0.9.1
Sort Extensions and Themes 3.0.3
SpellBound (Development Version)
SpoofStick 1.06
Tab Clicking Options 0.6.4
Tab X 0.9.2
Tabbrowser Preferences
Viamatic foXpose 0.3
x mod 0.6.5

Whew! See you in the skies!