Home

technology

Happy 234th Birthday, Marines!

2009, November 10 - 18:59 by thehailo   Tags:

Planting the Flag on Iwo Jima

 

On this day, in 1775, our Continental Congress called forth by resolution a Corps of Marines. That was the birth of the United States Marine Corps, and from its humble beginnings at Tun Tavern to the battlefields of Iraq and Afghanistan today, there is no mistaking a Marine.

To begin to understand why the Corps holds its birthday so sacred, you must begin to understand the Marines’ history. As the Marine Corps Hymn goes, “From the Halls of Montezuma, to the shores of Tripoli,” the Corps has distinguished itself on battlefields across many foreign shores in both war and peace. Over 40,000 Marines have given the ultimate sacrifice in the name of our freedom, and over another 200,000 wounded. These wounds are not just physical, but mental and spiritual as well. Every Marine who has served in combat comes back with something they would rather forget, and they carry it with them the rest of their lives.

»

Academia Tackling Next Generation Hash Function

2009, February 25 - 12:34 by thehailo   Tags:

The National Institute of Standards and Technology logo.National Institute of Standards and Technology (NIST) is at it again. After the last competition to develop a new encryption standard to replace the aging Data Encryption Standard (DES), NIST's in full swing hosting the forum to develop a next-generation hash function.

Hash functions form the backbone of modern information security by letting you create unique digital fingerprints of your data. Encryption ensures no one else can read your data, but hashes allow you to validate who is on the other side of the conversation and to tell if someone alters your data. However, amazingly, hashes have never undergone the scrutiny that encryption algorithms have. The most common hash functions today were developed by private companies or by government agencies like the National Security Agency developed SHA family of functions. A drawn out, public competition has never been held for hashes.

»

IE8 Steps Up Security - Slightly

2008, April 9 - 13:03 by thehailo   Tags:
Since Firefox restarted the browser wars innovations have been pouring in, and it appears the next generation or browsers will be no exception. While most of the new features in Microsoft’s upcoming Internet Explorer 8 focus on usability and performance, a couple of security enhancements have leaked into the limelight. The major announcement so far is IE8’s “Safety Filter” which builds upon the existing Phishing Filter. To recap the Phishing Filter uses a local white list and a server-side blacklist to check websites in real-time for the possibility that they’re trying to defraud the user. In IE8 this is being expanded to look for malicious code attempting to take control of the users’ computer.
IE8's New Safety Filter
»

Should AT&T Filter the Internet?

2008, January 25 - 12:09 by thehailo   Tags:
Alright, let's think about filtering the Internet logically from AT&T’s perspective. It's easy to say the idea sucks, especially if one fears that he will be filtered or have his privacy invaded. The real question, though, is does this even make sense for AT&T? First off, there is the real issue behind this debate: bandwidth. The current collection of American internet service providers simply does not have the bandwidth it promises to customers. This varies, but one major regional ISP gave the factor of 2MB of bandwidth per month per customer. Perhaps that was more true ten years ago, but the current generation of consumers use much more than that. For every few grandmothers who check their email once a weekend, there is someone else consuming GB's of data each month eschewing the graph. But the fact remains – the contract a consumer signs says (for example) 8Mb/s is the speed cap; nothing is stated about limiting how much one can download or how often he can utilize that cap. In theory one could use that all day, every day.
EFF_ATT_NSA_200trans.png
»

Five Common Misconceptions About Linux

2007, August 10 - 02:29 by Anonymous   Tags:

The Linux XGL Cubed Desktop EffectHaving used Linux solely for nearly four years now, I've gained a respect for what Linux can and can't do. By no means is it the perfect solution for every problem, but there are some misconceptions heard again and again that I plan to set straight.

1. Linux is Behind the Times

One comment heard often is “Linux was five years behind XP, and it's ten years behind Vista!” Well, here are some facts:

 

 

  • Windows began separating the basic user from the administrator account by default in Vista, over 15 years behind Linux.
  • Windows added a firewall in 2001, over seven years behind Linux's 1994 addition of ipchains.
  • Linux was the first operating system with x86_64 support, beating Windows XP Pro x64 by two years.
  • Windows added an attractive 3D accelerated graphical interface in Vista, a full year behind Linux's XGL.
  • Linux's package management system can install, uninstall, and update software from one interface. Everything installed from Apache to OpenOffice.org and Quake 4 may be updated with one press. Windows has nothing like this on the road map.

 

And Linux isn't slowing down. The Xen project has added an incredible level of virtualization to Linux, with more work going into the kernels development to add enterprise ready virtualization built-in. Microsoft promised built-in Xen-like virtualization in Windows Server 2008 next year, but has announced that feature has been delayed and should be available sometime after launch, possibly in its first service pack, meaning Linux will lead with built-in virtualization by at least a couple of years before Windows catches up.

»

Firefox 2 versus Internet Explorer 7: The Face Off

2006, October 29 - 03:57 by thehailo   Tags:
Alright, the lines in the sand have been drawn. After nearly a half decade Microsoft has released Internet Explorer 7 (IE7), the follow-up to the most widely used browser in history. Standing face to face is Firefox 2 (FF2), the follow-up to the open source browser that's attracted millions of users and taken away market share from IE unlike anything else Microsoft has ever faced. Now it's time for the face off. Mozilla and Microsoft have pulled out all the stops to ensure their major releases offer all they've got, and they've been released mere weeks apart. Who's managed to pull ahead?
»

Getting into the Business of IT Security

2006, October 18 - 16:32 by thehailo   Tags:
The IT security field is vastly understaffed, but at the same time it can be incredibly difficult to break into. It's not that there's necessarily too many people in the field, but there has been a flood of low qualified college kids into the field because it's become so lucrative. Partially due to this hiring has become a nightmare, companies want people with established track records and college degrees; basically people they feel they can trust and people they feel will get the job done, and cheap. That's really a key. Because there has been a flood of low level security professionals, the average starting salary has dropped drastically in recent years. Reports and ads will always say otherwise, but this is a hard lesson I've learned first hand as I've entered the market place. Then again, every thing's relative. While my pay isn't where I'd like it to be (whose is?), it's not bad to start a career above the national salary average. Really, I can't complain.
»

Protecting Your Databases

2006, June 24 - 02:44 by thehailo   Tags:
Here's something else I did for work recently. Again it's heavily commercial, but skip the parts about “yay SonicWALL!” for plenty of good advice. In the future I'm going to rework my writing style so it's unbiased, but then summarize in a separate area how SonicWALL's can take care of the point being discussed. Then with only minor revising I'll be able to toss it up here without all the commercial hoo-ha. ------ Many organizations keep their most important information in databases. Customer records, private business information, trade secrets, it's all there. A database compromise can go beyond downtime to the loss of customers and consumer trust, legal risks, and failure to meet industry regulations opening up the possibility of huge Government penalties and lawsuits. As with any other risk, databases can be largely protected through a combination of technology and policy. Following is a basic list of both the threats and how to mitigate them.
»

2006: The Year of the Linux Desktop...For Real

2006, March 16 - 05:50 by thehailo   Tags:
I know I know. This has been said repeatedly by media outlets and "professional analysts" for at least the past half decade, so why bother reading this? Well simply put, I've never said it before. I've been following Linux for awhile now and while I switched in February 2005 I still didn't recommend it to others until the past few months. What's changed my mind and why have I suddenly felt Linux's time has come? Read on.
»

Trusted Computing Isn't

2006, February 7 - 17:41 by thehailo   Tags:

Back in early 2003 I was reading about Microsoft's Palladium initiative, later renamed the Next-Generation Secure Computing Base (NGSCB), and especially the fact that Trusted Computing really should not be mentioned in the same sentence as security. Well come a few years later and that is truer than ever. If you ever looked at NGSCB, it is soon clear that its intent is not to secure our computers from others, but rather to secure content providers from us. While the white papers and overviews often talk about how great Trusted Computing is, they often leave out how it is really being implemented. Do not get me wrong, Trusted Computing does have potential.

»