Monday, March 18, 2013

God Made a SysAdmin…and a linkfest to feed them

One of the best 2013 ads I saw so far this year was this one during a small little scratch football game.

It worked for me on several levels.

However, soon a "parody” of sorts soon followed. First the words were developed by Chester Gifford and -- inspired - Matt Simmons of the great Standalone Sysadmin blog tossed together some images, and finally Drew Stemen contributed the voice-over.  The whole story is here; God Made a SysAdmin | Standalone Sysadmin

Full text at website God Made a Sysadmin

Brilliant!  I want to personally thank all those who appeared in the piece as well as the creative work and toil from Chester, Matt, and Drew. Who knows how much extra un-recorded time went into this project’s success? Well, a sysadmin would, naturally!

More Tips & Rumors

Networking News

Toys and Wonders

Cheers and may you have a marvelous work-week!

Claus Valca

Sunday, March 17, 2013

ForSec News Linkfest

I am super-behind on my blog posting of Forensics/Security news of note.

Here is a rapid-fire linkfest dump.

Some is old news and some is hot-off-the-press.

Cross-pollination is to be expected.

Enjoy!

Mostly “For”

Supplemented with some “Sec”

Please correct me I I am wrong but I am now seeing the terms “YAJ0” and “YAJU” pretty often in blog posts and titles.  YAJ0 seems to mean “Yet Another Java Zero-Day” and YAJU probably means “Yet Another Java Update”.  That both of these are now come in text-worthy shorthand forms is no LOL-ROLFLMAO matter.

And a final object lesson…

Be careful in your watchfulness to not overlook the obvious hiding in plain sight.

Cheers!

Claus Valca

Internet Explorer 10 (for Win 7), Firefox bits, and How Google Works

News of Microsoft’s release of Internet Explorer 10 for Windows 7 seemed to go off like a flare; lots of noise and brilliance…and then flickering out to nothing.

In my security posture of trying to keep all the web browsers installed on all our home systems current, I went ahead and jumped on IE 10 and installed it almost immediately after release on our Windows 7 systems. 

None of us (well except Alvis with her college portal) regularly use Internet Explorer.

I use still primarily use Firefox for my daily heavy-lifting at home, and supplement it with Chromium (a build version of Chrome).

Alvis prefers the public release version of Chrome…which self-updates BTW…so that is fine by me.

Lavie uses Firefox exclusively….also because of the bookmark sidebar feature.

But I leave Internet Explorer on our systems (for compatibility reasons with some applications and websites).

Anyway, it went on all out systems without much fuss…well, not really on mine. Lessons learned. If you want to manually put it on your system, just make sure of all the links you are offered, the one you are using is to the actual FINAL release installer and not one of the IE 10 “preview” release version installers. In my haste (and trust in the IE Blog post I used) I grabbed a preview version and had to go through a series of additional security updates and IE 10 release upgrades to eventually arrive at a fully updated version of IE 10.  I didn’t make that same mistake with subsequent installs on everyone else’s systems.

Meanwhile, these Firefox articles were pretty timely.

And Google has some great presentations to help you understand how their email and search services work.

Stay informed & Browse safe.

Claus Valca

Advanced Tips for Windows Defender with Windows 8

My primary recommendation for home users (friends, family, etc.) for a first-line Windows anti-virus/anti-malware protection remains Microsoft Security Essentials from Microsoft.

It is resource light - especially important on older Windows OS systems - and does an acceptable level of protection for average home users.  It gets pretty consistent high marks in most AV testing. Not the highest, but not the lowest.

And it isn’t scary with it’s presentation of threat findings.

So it goes on our own Windows 7 systems.

When Lavie upgraded to a Windows 8 system, Microsoft Security Essentials couldn’t be installed as in it’s wisdom, Microsoft bundles a MSSE version of Windows Defender on the system instead.  That’s just the way it is.  While essentially the same product, it doesn’t have some of the more granular control in setting scheduled scans, DAT updates, or on-demand scans.

So if you have Windows 8, and are using the stock Windows Defender as your AV/AM solution, then you might find the following “power tips” to using/tweaking Windows Defender helpful.

If you are looking for some extra sauce for your Windows 8 system, you might consider checking out Bitdefender Antivirus Free.

I am using it on my virtualized Windows 8 system and finding it just as simple to use and run as Microsoft Security Essentials…with the added benefit of a "web-based” console view to manage the AV system. If you install it on more than one system, then you can manage each system in the same console.  Handy.

Cheers.

--Claus V.

Abandon Hope all ye who log into the Web…

Sigh.

I really shouldn’t have read Bruce Schneier’s CNN Opinion post over the weekend: The Internet is a surveillance state

I’m not a tinfoil-hat wearing guy…Stetson is more my thing, but I think he makes a valid point. The rate at  which we generate capturable data in our daily lives continues to get easier and easier. Almost every local or national store I do business at wants to capture my email address or phone number. More than a few look offended at me when I decline to immediately sign up for a “consumer rewards” card at checkout.

Our ISP’s and our cellular providers likely capture more data about our web-habits, our locational habits, and all points in between.

I seriously doubt we could successfully fly “under the radar” even if we ditched all things electronic, because even if we don’t directly create “data track patters” via digital activities, our “off-line” actions would continue to get logged by others who remain plugged in.

I’ve come to accept that -- even it my head is dizzy from the constantly accelerating pace of data collection we subject ourselves to -- what really, truly, frightens me are the following things;

  1. Others who collect that data just don’t seem to be able to keep it secure.
  2. The personal consequences for data loss/theft/abuse become larger and more catastrophic in impact.
  3. More and more people seem to just not know or care about data collection or protection.
  4. Data collection to these business, organizations, entities seems to be a right -- not a privilege.
  5. Your rights to control (and knowledge about) the data collected on you seems to get more and more removed from your ability to do anything about it.

In many people’s minds it has just become another price to pay for the privilege of eating at the trough.

The consumers are the consumed. Reminds me of a digital version of a certain classic film.

Bruce’s well composed post reminds us in IT…gatekeepers, sysadmins, for/sec incident responders, and policy makers that our own cry should be “Data is people!”  And never, ever forget it.

Filed under “Oh Bother”

Cold Java

I was feeling so smug and confident having recently thrown in the towel with Java here at the Valca homestead and removing it from all of our Windows systems.  At seeing notice of the latest Java releases I automatically began moving towards my Java download site to snag the updated…when I realized I didn’t need to.

When I set up my father-in-law’s new (to him) laptop with Windows 7 I didn’t install Java. He asked me about Java when I was showing him just how similar Windows 7 would be to him from his old XP system. He said he was wondering how he needed to update Java since it was always complaining on his old XP system. He looked relieved when I told him he probably wouldn’t need it so I didn’t event install it. The Java update notices in the system tray just confused him to no end.

So Saturday, Alvis started complaining about her on-line college class course not working on her laptop.  A “sidebar” was missing used to navigate the course and material.

Hmm.

At first I thought it had something to do with the upgrade to IE 10 I did on her Windows 7 laptop. It’s been Spring Break so she hasn’t worried about classes since the update.

I added the college domain into the IE compatibility mode and that helped (the site now saw the browser engine as IE 7) but didn’t fix the issue.

According to the college, their program was only supported on IE, not Chrome or Firefox or Opera. I tried.

More troubleshooting with their helpfully unhelpful wizard.

Eventually I figured out it was trying to call to Java. Well, that made sense since I removed it at the same time I upgraded to IE 10.

So I did the “correct” thing and installed the latest, most secure version of Java, 1.7.17.  Only it still didn’t’ work as that was an “unsupported” version of Java.

SO I did the next-best “correct” thing and installed the latest, most secure previous version of Java, 1.6.43…and went into the Java control panel applet to disable use of the 1.7.17 version (and showed Alvis how to toggle between them). That works for me at work with a particular Symantec Java console applet that likes 1.6 but not 1.7. Alas, the college’s web portal still saw the 1.7 version and wouldn’t run.

(Side note: The Java 1.6 download versions aren’t easily accessible to install directly from Java.com as it is no longer being publically made available.) I had to grab a copy off a trusted third-party software mirroring site. Later I was able to finally find a public link to it on Java after-all: Java Downloads for All Operating Systems Version 6 Update 43). That will probably be the end of the line for 1.6 so you better bookmark this link if your Java app doesn’t like 1.7 builds.

SOOOO I uninstalled Java 1.7.17 completely.  And then the web-app portal was happy and Alvis could finish the course homework she had put off over Spring Break.

And all the hard work and victory I felt about us “plain home users” not needing to fuss with Java evaporated.

So it looks like I will have to continue to regularly scratch that itch on at least one of our home systems for the foreseeable future.

..and the Emperor Flash is found to have no clothes…

For those who care…

Stay safe.

--Claus Valca.

Google Reader’s Demise: A Big Deal for being not that big a deal

At first I almost overlooked notice that Google Reader service was shutting down this summer.

Fortunately for me a wealth of articles burst forth on the Web and the noise couldn’t be missed.

I’ve enjoyed reading the perspective and comments left by users of RSS and Google Reader in most all of the above articles I’ve found.

As a very recent user of Google Reader, my perspective is a bit unusual.

Very early on, I realized the power and usefulness of RSS/Atom feeds to collect, centralize, and allow rapid mass monitoring of consumption of the wealth of material on the web.

Without RSS/Atom feeds that I subscribe to, I seriously doubt I could process the 90-120 sites I go to for news, tips, and areas of interest.  On any given day, they provide me between 300-400 articles to sift through.  And because of RSS/Atom feeds, I can usually complete that process in about 30 minutes or less.

There is no way I could do that by checking each site directly via bookmarked web-pages. I would miss tons of updated content and probably get loose hours of my time trying to do so.

For years I have relied upon Windows RSS feed reader clients running on my system.

First I used Sage which is an add-on for FIrefox. for a while development slowed and a few issues pushed me to the NewsFox add-on next. It worked very good.

I had flirted back in 2008 and did a RSS Reader Roundup…Valca Style. There were lots and lots of feature-rich RSS feed reader clients for Windows back then.  But I kept with reading my feeds in Firefox through the add-ons.

Eventually, however some of the peculiarities of running a RSS feed reader in your primary browser began to create issues.  It would run in a background tab session, but would “lock-up” the browser as it pulled feeds down during refreshing.

So in 2012, I revisited the search for a desktop Windows RSS feed client and eventually found that Omea Reader fit the bill for me a bit better than my runner-up choice, Feedreader.

Since I am using a local-client-based RSS feed reader, Google Reader was a service I was aware of but didn’t care about. When I found a new site to follow, I would subscribe directly in my client to the RSS/Atom feed and move on.  If you use RSS/Atom feed reading with this approach you too might overlook or care very little for the status of Google Reader.

But here is where the impending loss of Google Reader does matter to me, a lot; I got an iPhone.

This is the rub. While I am feed reading directly on my PC, my feed client does all the work pulling in and managing the individual feeds.

When I got my iPhone, I looked at the RSS iOS apps available and they all seemed to require some third-party back-end API to manage the feed subscriptions, and would then pull the article/feed information down and present it.

So I got my Google Reader set up by exporting my Omea Reader’s subscription pile as a single OPML file, imported it into Google Reader, downloaded Phantom Fish - Byline. Ironically, “Google Reader on the go” is their product tag-line.  Then I connected Byline to my Google Reader and away I went with my RSS feeds on the road.

While I can live without checking my RSS feeds during the day (as I survived just fine before my smartphone adoption), it does make the time spent at the end of the day on my local PC client reader that much faster since I come at it mostly caught up.

However, at this time Byline hasn’t seemed to offer any information about their plans to cope with the shut-down of Google Reader.  Reeder for iOS also looks pretty good, but it also can use Google Reader. Feedly is working on a back end API that hopefully will mimic Google Reader. I like the thought very much, but the iOS app itself is a bit too GUI/graphic intensive. I like the streamlined, more text-based format of Byline and Reeder. Is it possible to recreate a Byline/Reeder experience in Feedly?

There are lots and lots of RSS apps for iOS. However they all seem to leverage a back-end API to collect the feed subscriptions from.

What I really would like is to find a RSS iOS app that allows me to import my OPML file directly to it, and let it operate as a “standalone” RSS feed client directly in-app (like my desktop RSS feed reader) and not need to depend on a third-party API to pull the feeds down from.

I’m confident that other developers will step into the void, and as Samer Kurdi at freewaregenius posted, this might indeed turn out to be a good thing.

It’s just going to cause a fair amount of anxiety and chatter among hard-core RSS feed users until it sorts itself out.

At least we have until July 2013 to see who steps up and delivers, both for the RSS feed ecology in general and the iOS/smartphone app ecosystem in particular.

Until then I will keep on RSS-feeding with my desktop client with nary a worry, but obsess about a future without RSS feeding on my iPhone until a savior is found.

Cheers.

--Claus Valca