Saturday, December 22, 2007

O'Reilly reads its blogs to you

OMG this is cool. Looks like most of O'Reilly's blogs have a reader built in (through the ReadSpeaker service). The voice is understandable, and if you don't like the embedded player, you can download MP3s for portability. Apparently this has been online since at least April 2007, and it's still being perfected; O'Reilly has a clearly linked feedback form every time you listen. Here are a few bugs I noticed:

  • It reads some graphic alt-text to me. Accessibility maybe, but irritating to me.
  • There seems to be a word or time limit on the length. I could only get it to read me short articles.
  • It resizes my Firefox browser window every time I click the "listen" link.
O'Reilly is a great source of blogs, and I have a terrible time keeping up with them. Sounds like a playlist in the making. Check out this entry on .htaccess, or for you bohemian types, here's a article on Dave Byrne. Click on "listen" in the upper right.

Monday, December 17, 2007

Google Maps doesn't know Israel?

I was surprised when I tried locating some Israeli cities for a history course and noticed that Google Maps is noticeably lacking any info on Israel. Both Google Maps and Microsoft Live Maps know that Jaffa (formerly an ancient city and battle site of the Crusades) is now a neighborhood in Tel Aviv.

What Google Maps fails to display are the many roads and other towns in Israel. I kept zooming out, looking for any detail, until I eventually saw the national border. Funny that surrounding countries have highways and cities marked, but Israel has absolutely nothing.

I did another search and found various theories regarding Google and the Israeli government. In fact, there is a 1997 US law specifically forbidding US operators from make hi-res aerial images of Israel (and only Israel) available. Apparently there have been issues with hi-res (>2m resolution) images of Israel for 2 years or so, but this is the first time I've noticed regular map features missing. Curious that Google chose to block information that is freely available at other online locations and any map store or atlas.

I guess my biggest concern is the transparency or rather lack of it. It makes me wonder about the motives and reliability of other Google resources. Bottom line: check multiple sources to verify your data.

Sunday, December 16, 2007

Online references for written sources

Here's the dilemma: you've got a paper due, and you waited longer than you should have to gather sources. You need some additional resources but don't have time to wait for library holds to come in. Sometimes having a source to cite is all you need. This works really well if you have a quote from somewhere else, i.e. a web page or Wikipedia (which instructors are beginning to hate as references).

Here are two options: Google Books and

Google Books and Amazon allow you a limited preview of some titles. Both sites allow you to search inside these previews. Do a search for the text string you're looking for. You can note the page number of your quote, pull up the publication info from the copyright page and voila, you have your source.

For example, I found a web page with an excerpt from The Technological Society by Jacques Ellul. I checked the local library, and they have the book, but it's in their maintenance facility. Argh. So I search for the title on Google Books and Amazon. Both services allow you to search inside. Both sites give you limited access to the text (Amazon more generously so) and page number.

By the way, I did pick up this book from a local college library, and it looks very promising. Anyone who feels like a slave to technology - a maintainer of tools rather than a user of them - will immediately see the implications of this work. It was written years ago and then translated from French, but Ellul's prescience is amazing.

Sunday, November 18, 2007

GreyHat Cyber Defense Workshop

I attended a recent network mapping workshop hosted by the University of Washington Grey Hat Group at the Tacoma campus. Although the nmap exercise was review for me, I found out about a couple new tools and an upcoming event that are worth sharing.

BackTrack is a sweet Linux distro that bundles some great security tools. Although Nessus is notably missing, apparently because of their new proprietary license for version 3, the distro appears much more up-to-date than Knoppix STD and Nubuntu.

DVL (Damn Vulnerable Linux), a play on Damn Small Linux, is neat little distro that you can use as a test target of your scanning and pen testing skills.

Finally, there is a cyber-security competition coming up in April 2008, to be hosted at a large Redmond software company. This is not a vendor specific event; it was held last year at a military base near Tacoma. Here's the rub: this appears to be the same weekend as LinuxFest NW, so I'm undecided on how I'll spend my weekend. LinuxFest is a lot of fun, and makes for a good family outing. My son enjoys it too; we both like the presentations, salmon bake, and world-famous raffle.

Thursday, November 15, 2007

More decent blogs

It's not like everyone isn't already suffering from information overload, but just in case someone missed the boat, here's another great RSS feed.

The Burton Group provides high-quality business analysis as a paid service. However, they also offer free RSS feeds to a handful of their blogs. The info is timely and deals with all manner of tech happenings. If you're looking for a new feed, plug into your RSS reader. The Application Platform Strategies blog is pretty interesting and not as intimidating as it sounds. Recent posts deal with intellectual property and Google's new Android OS.

And if you happen to not be reading this on an RSS reader or aggregator, here's a primer on readers. I've used Bloglines in the past and am currently pretty happy with the Google Reader.

Saturday, November 10, 2007

Block ads, tracking, and browser hi-jacks

I've found a very useful tool to block ads, cookie trackers, and known browser hi-jacks. I've been using it successfully for several years, and it significantly reduced the spyware on the machines I manage. It works by sending unwanted communication attempts to known servers back to the loopback address ( where, of course, that server doesn't exist. It works on Mac, Linux, and Windows by replacing the hosts file.

Simply download MVPS's custom hosts file, remove the .txt suffix, and place it in either /etc (Linux/Mac) or C:\windows\system32\drivers\etc (Windows), overwriting the file that's there. For a warm fuzzy, save a copy of the old hosts file first. For Windows, you should then either do a reboot or a dnsflush to help your network software recognize the new file entries.

Aside from the security benefits, it will speed up your internet connection, since you don't have to download ad graphics. It will display a red 'X' for those graphics in your browser.

You'll notice that the Google search results that point to ads don't work anymore. If you need to see certain ad servers, simply edit the file and comment out those entries. Warning: don't curiously plug any of the host entries into your browser; some of them are very nasty and/or malicious (that's why you want to block them in the first place!).

Wednesday, September 19, 2007

Do you know about Google alerts?

You can set up alerts in Google to automatically notify you when news stories (or other content) appear on the internet. This is great if you want to stay on top of specific topics but don't want to manually look for the stuff every day. If nothing new is available, you won't be notified. Otherwise you'll receive an e-mail with links to the appropriate news stories.

I have alerts set up for certain tech developments I want to stay on top of, in addition to news on certain companies. I love getting daily updates on stories in which I am interested.

Wednesday, August 29, 2007

The Shadow IT Department

This fantastic article entitled "Users Who Know Too Much and the CIOs Who Fear Them" really struck a chord in me. It talks about how your users will engineer around you to get their jobs done.

I think the folks in both the engineering and security fields should give this a read. Although we don't take an obvious financial hit by not innovating, we are affected. We need to be aware that when we say "no," we are encouraging (forcing?) users to go around us, potentially affecting productivity and probably affecting security. An interesting question to ask oneself when considering a user request is "how could they engineer around us if we say no?" Read "I, A User" for an example.

The capability of your IT needs to be on par with what's available outside your organization. Two of the biggies that stuck out for me: collaboration and mobility. Both availability and usability have to be up to snuff, or users will go elsewhere.

Sidebar: Tools for Managing Shadow IT
More on Shadow IT

Wednesday, August 22, 2007

What happens if Google goes down?

As I listened to the Net At Nite podcast hosts discuss Page Flakes this morning, I was thinking about personalised home pages and online presence. I realized that, like hosts Leo and Amber, I'll try a service for a while, then let it trickle off.

Right now, I seem to have many of my eggs in Google's basket. Blogs, homepage, rss, etc. I started to wonder, "what would happen to my stuff if Google went down?" Not as crazy as it might seem, as Google recently shut down it's pay video service and the corresponding DRM server, effectively disabling all videos purchased by customers over the past few years. Although they later extended the shutdown notice, users will still lose the ability to play their videos six months after final shutdown.

So, when I went to look at the Fake Steve Jobs blog a bit later, I was rather ironically shocked to discover that blogspot was down. "Server error. Try again in 30 seconds." I tried my blog. Same thing.

As you can see, it's up now, but this situation gives one pause in storing stuff online. At the very least, I think I'll be backing up my posts monthly, even if it's to something as simple as an html file.

(BTW, Page Flakes is very cool.)

Wednesday, July 25, 2007

Friendly HTTP Errors Are Not

Debugging ASP pages? Then friendly HTTP errors will drive you mad.

Friendly errors will show you something like HTTP error 500 - server error, instead of
Active Server Pages error 'ASP 0126' Include file not found. Needless to say, the latter is much more helpful.

This is easy to turn off within IEs advanced settings. However, minds greater than mine have decided I don't need access to that tab.

If this is the case for you, simply run RegEdt32 and look for the following value name: Friendly HTTP errors. It should live under [KEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]. Change the value to NO, exit RegEdt32 and restart IE. You may also have to dump your browser cache.

Wednesday, July 18, 2007

Using WINDIFF to compare 2 directories

Have you ever copied the contents of a folder and the operation erred out midway because of a permission conflict or corrupt file? How do you determine which files are in the new location, so you can restart the copy operation? File-by-file comparison can be difficult if you're dealing with a large number of files.

The DIFF command has been around for a while in the Unix world, and does just what we want. It compares two directories (or files) and reports the differences between them. With WINDIFF, this functionality is available for Windows.

Syntax: C:\>windiff path1 path2


C:>windiff \wwwroot\GLOBAL\img \Backup\global\img

Generates this:
.\thumbs.db identical
.\vsd.gif identical
.\vssver.scc identical
.\windows.gif only in \wwwroot\GLOBAL\img
.\xls.gif only in \wwwroot\GLOBAL\img
.\zip.gif only in \wwwroot\GLOBAL\img

If you don't have WINDIFF, it is available as part of the WinXP SP2 Support Tools suite (

Monday, June 25, 2007

No remote access to Macs for updates? No problem!

I was looking into getting remote desktop access to some of the Macs I manage. The reason? As a lazy (in a good way) sysadmin, I didn't want to keep going down to my lab to update the Macs when security patches came out. I wanted something that came with the box, a la Windows Remote Desktop (RDP). I didn't want to install third party products like VNC or pay for anything extra.

VoilĂ , here is the solution:

ssh username@remotehost
sudo softwareupdate -l
sudo softwareupdate -i name_of_update

Friday, June 22, 2007

Firefox doesn't like limited users

I run as a limited user on my XP machines, and Firefox doesn't like this. Even after I install/upgrade Firefox as an admin user, I get "One or more files could not be updated..." each time I run Firefox as my regular user.

Josh Flanagan has a fix for this. I hope the Mozilla folks fix this for the next release or my confidence will begin flagging.