I'll get this out there right up front: I'm not a fan of HP notebooks. Partially, becuase I've had limited exposure and find their model lineup frustratingly complex and partially because what experience I've had has tended to be dealing with reliability/repair issues on the cheap consumer models.
Still, I've finally been able to get a good decoder for the business line:
First number
6 = mid-range business
8 = high end
2 = ultraportable
Second number:
The higher the 2nd number the better generally, it denotes a market segment.
Third number:
year
10 = 2007
30 = 2008
4th number:
0 = Intel
5 = AMD
Final position: code letters:
s = cheap/value edition - lower end screen, no docking connector except USB solutions
b = mainstream business
p = professional business e.g. 6910p, 8510p
w = mobile workstation e.g. 8510w 8710w
If somebody has a better way to decode models, I'm all ears.
Saturday, September 27, 2008
Wednesday, September 24, 2008
LG 70 HDTV/Monitor
LCD prices for all types of panels have been contracting recently, but I'm very impressed with how much you can get for so little nowadays. I went shopping for a presentation display for work and brought an LG LG70 42" TV/Display. This is still a somewhat cost-reduced model when compared with flagship-style Sony products, but for $1099, I got a 42" 1080P screen that works flawlessly when hooked up to a computer via VGA. The TV detected the input immediately and asked if I wanted to "enjoy" this new connection now. The screen was set up immediately, correctly, and absolutely no waves, jaggies, dead/stuck pixels or "snow" were evident when using VGA. If I didn't know better, I would have sworn it was a digital signal.
My only beef is the dark, sparkly red stripe around the outside of the unit. It hides all of the buttons except for power and frankly looks a bit too "boy racer."
All in all, I'm very impressed at what's out there now for so little. If only I had the money for one of my own... it would make a kicking monitor.
Monday, September 22, 2008
Apple: In praise of XQuartz
As with many things Apple, The Jobs and crew like to bless a lot of common projects before distributing versions on the Mac. Recently, however, I came across some problems with the Apple distribution of X11 (an optional component on the OS disk) on 10.5.4. When launched, the App would appear in the dock, then disappear, then reappear again a few times. Checking the running processes, it started then entered a zombie state almost immediately-- before any logs get written.
The first system was a fairly modern MacBook Pro, but had a user profile that was migrated from a PPC Powerbook. Thinking this may be the problem, I uninstalled and then reinstalled X11 to no avail from the OS disk. I stepped through all kinds of diagnosis, running updates, clearing caches, checking all the config and shell profile files with no luck. I finally stumbled on a suggestion to try the XQuartz version of X11. Apple uses the XQuartz project as a basis for building their X11 distribution, but apparently don't do a good job all the time. The XQuartz version dropped right in and works great. The only downdside was that it requires a logoff.
The problem occurred the very next day for me on a PPC Mac running 10.5.4, so the problem may be something in the OS or configs we use. It doesn't appear to be platform-based. The same fix worked like a charm.
As some further notes, Apple may overwrite X11 with their point-releases of their OS, so reinstallation may be necessary at a later date. The X11 version, however, was last changed at 10.5.2, and was unchanged with the 10.5.3 and 10.5.4 releases.
The first system was a fairly modern MacBook Pro, but had a user profile that was migrated from a PPC Powerbook. Thinking this may be the problem, I uninstalled and then reinstalled X11 to no avail from the OS disk. I stepped through all kinds of diagnosis, running updates, clearing caches, checking all the config and shell profile files with no luck. I finally stumbled on a suggestion to try the XQuartz version of X11. Apple uses the XQuartz project as a basis for building their X11 distribution, but apparently don't do a good job all the time. The XQuartz version dropped right in and works great. The only downdside was that it requires a logoff.
The problem occurred the very next day for me on a PPC Mac running 10.5.4, so the problem may be something in the OS or configs we use. It doesn't appear to be platform-based. The same fix worked like a charm.
As some further notes, Apple may overwrite X11 with their point-releases of their OS, so reinstallation may be necessary at a later date. The X11 version, however, was last changed at 10.5.2, and was unchanged with the 10.5.3 and 10.5.4 releases.
Sunday, September 14, 2008
Linux - Linuxcommand.org
Just a quickie-- There are tons of Linux newbie guides on the 'net, but I found one that I like. The pages at linuxcommand.org show you not only the 'right' way to do things (starting with command line, pretty much distro-agnostic), but guide you on what you should know without a *nix basis.
Wednesday, August 20, 2008
Security: Passwords, Part III: Better, Stronger, Faster.
We looked at passwords and password strength in the context of a random password generator. That's a great tool and a wonderful ideal, but sometimes random strings can be a squeency bit hard to memorize and type.
Here are some tactics I've found for creating easily memorized passwords (with the understanding that you still need strong passwords and great security.)
I want to make one point, though, before I start: I've both been taught and seen that when you give people an example password, they will think that the example is itself a great password, and then use the example. Don't do that.
Acronyms: Take a phrase or sentence, using the first letters of each word. For example, "This password is for the backup administrator account" might become Tpiftbaa. That's not great (sufficiently random, but only 2 classes of character), but moving in the right direction.
Passcodes: Systems that will take a longer password can take a phrase or sentence in the form of a passcode. With the previous example, "This password is for the backup administrator account." could itself be the password. That's much stronger-- much longer and it adds the period as a third class of character, but remembering the little fiddly words can get tricky with these.
Patterns: Sometimes thinking outside the box is the key to a good password. Look at your keyboard and find a nice pattern. I'll use the keys on the left of a standard qwerty keyboard. Note that the keys make a cool "V" pattern-- hey, that's kinda random! "1qazse4" isnt' just a pattern on the keyboard, it's a decent password. The problem here is that somebody shoulder-surfing is much more likely to be able to pick up on your password because it makes an obvious pattern.
Transposing Characters: I hesitate to mention this one, because it's so easy to be lazy. Think you're 1337? Well, 'leet boy, you can use a "1" for an "i" or a "#" for an "H". This is a good tactic, but easy to abuse. "P@ssw0rd" is a very, very bad password- easily guessable. Use this tactic, but in conjunction with passwords that are good to begin with.
Mnemonics: Like anything memorized, attach them to other concepts or items-- or make up your own secret special meaning for your password. Pronounce it out loud in your mind-- just don't use things that are easily memorized but also guessable things about you.
Naughty Passwords: Since other mnemonics are often insecure, one trick you can use to make passwords more memorable is to use elements that are at least slightly naughty. Let's say your boss has a serious problem with rearward-facing pants bulge. Myb#aBFA would be a pretty good password! Breaking that down:
My
b(oss)
#(leet-h for has)
a
Big
Fat
Ass
Bet you won't forget that one so easily!
Here are some tactics I've found for creating easily memorized passwords (with the understanding that you still need strong passwords and great security.)
I want to make one point, though, before I start: I've both been taught and seen that when you give people an example password, they will think that the example is itself a great password, and then use the example. Don't do that.
Acronyms: Take a phrase or sentence, using the first letters of each word. For example, "This password is for the backup administrator account" might become Tpiftbaa. That's not great (sufficiently random, but only 2 classes of character), but moving in the right direction.
Passcodes: Systems that will take a longer password can take a phrase or sentence in the form of a passcode. With the previous example, "This password is for the backup administrator account." could itself be the password. That's much stronger-- much longer and it adds the period as a third class of character, but remembering the little fiddly words can get tricky with these.
Patterns: Sometimes thinking outside the box is the key to a good password. Look at your keyboard and find a nice pattern. I'll use the keys on the left of a standard qwerty keyboard. Note that the keys make a cool "V" pattern-- hey, that's kinda random! "1qazse4" isnt' just a pattern on the keyboard, it's a decent password. The problem here is that somebody shoulder-surfing is much more likely to be able to pick up on your password because it makes an obvious pattern.
Transposing Characters: I hesitate to mention this one, because it's so easy to be lazy. Think you're 1337? Well, 'leet boy, you can use a "1" for an "i" or a "#" for an "H". This is a good tactic, but easy to abuse. "P@ssw0rd" is a very, very bad password- easily guessable. Use this tactic, but in conjunction with passwords that are good to begin with.
Mnemonics: Like anything memorized, attach them to other concepts or items-- or make up your own secret special meaning for your password. Pronounce it out loud in your mind-- just don't use things that are easily memorized but also guessable things about you.
Naughty Passwords: Since other mnemonics are often insecure, one trick you can use to make passwords more memorable is to use elements that are at least slightly naughty. Let's say your boss has a serious problem with rearward-facing pants bulge. Myb#aBFA would be a pretty good password! Breaking that down:
My
b(oss)
#(leet-h for has)
a
Big
Fat
Ass
Bet you won't forget that one so easily!
Intel: Plenty o' News from the IDF
A lot of info is starting to stream out of IDF (courtesy News.com as they have a concise article.) Short takes follow:
A dual-core Atom is coming, but only for the "Nettop"/thin client segment. Intel doesn't feel that it's power-efficient enough for the "Netbook" mobile market.
A 6-core Dunnington Xeon is planned as Penryn's siren song.
Roadmaps for Nehalem are starting to get fleshed out, with on-die video options and an 8-core version announced.
And this is all before next week's nVidia announcements! Biggest rumor? nVidia breaks into the x86 market...
A dual-core Atom is coming, but only for the "Nettop"/thin client segment. Intel doesn't feel that it's power-efficient enough for the "Netbook" mobile market.
A 6-core Dunnington Xeon is planned as Penryn's siren song.
Roadmaps for Nehalem are starting to get fleshed out, with on-die video options and an 8-core version announced.
And this is all before next week's nVidia announcements! Biggest rumor? nVidia breaks into the x86 market...
Tuesday, August 19, 2008
Security: Passwords part Deux: When Passwords Go Bad
It's probably worth a few minutes to talk about what constitutes a bad password.
Anything guessable is bad. Anything that's easily compromised through brute force is bad.
OK phew, that was hard! Now, on to the specifics. Users often don't really have a clue about passwords in general and see them as at best a necessary evil and at worst a horrible pain in the ass. Users will go to heroic lengths to "beat the system." Getting around these problems often involves management, but at least be vigilant for what happens.
Using really poor passwords: People use the names of their kids, their pets, their address, their kids' birthdays, their pets' birthdays, etc. These are all very easily guessable, bad passwords. The ultimate cliche is a password of "password." BAD USER! NO COOKIE! You'll see other common passwords like favorite sports teams, TV/movie characters, cities, states, brand names, etc. used. Your defense against this is setting up a password system that requires complexity and tests for dictionary words and other likely bad passwords.
Practicing Poor Password Security: Taping your password to your monitor, the underside of your keyboard, or scribbling it on the bottom of the tissue box all happen, often. No matter how complex your passwords are, writing it down in a public space removes all security. Anybody who can get to their desk can get in with their passwords. All you can do is have a policy set up such that when this is caught, the user gets their proverbial hand spanked, changes their password immediately and is informed not to do it again.
Using the Same Password in too many Places: This is another easy one, but hard if not impossible to test for. At least encourage your users to use different passwords for work than for any other use and if you have a more secure network or if they act with higher privilege than normal, ask them to use a 2nd password for that task so that a single compromise won't compromise every system.
Re-using the same passwords excessively: So if you have a password policy that the user has to change the password monthly, and can't use the same one doesn't preclude the user from just having two passwords and rotating them monthly. You can set policy such that they can't re-use more than X number of passwords (3-6 is common.) That's actually pretty reasonable. If users rotate a larger number of passwords less frequenty, it's not so terrible. The danger comes in when users combat this annoyance by just changing one character or identifier in the same base password. If "Password1" just becomes "Password2", the whole point of rotating passwords has just been invalidated. If you can, ensure that when a user changes a password that it's >1 character different from the old one.
But sometimes, admins fail as well. I've seen a production database system that contained credit card data at a major company that was just secured by a password-- not a username/password pair. Understanding that people are lazy, a co-worker sat down one slow afternoon and tried strings. About one in four turned out to be a valid password. These weren't exotic strings either-- mostly sports teams, common dictionary words, etc. Thankfully the admins realized this was a huge security hole and fixed it in short order.
If you can, ensure that passwords are as complex as possible and be vigilant for users trying to undermine your best efforts.
Anything guessable is bad. Anything that's easily compromised through brute force is bad.
OK phew, that was hard! Now, on to the specifics. Users often don't really have a clue about passwords in general and see them as at best a necessary evil and at worst a horrible pain in the ass. Users will go to heroic lengths to "beat the system." Getting around these problems often involves management, but at least be vigilant for what happens.
Using really poor passwords: People use the names of their kids, their pets, their address, their kids' birthdays, their pets' birthdays, etc. These are all very easily guessable, bad passwords. The ultimate cliche is a password of "password." BAD USER! NO COOKIE! You'll see other common passwords like favorite sports teams, TV/movie characters, cities, states, brand names, etc. used. Your defense against this is setting up a password system that requires complexity and tests for dictionary words and other likely bad passwords.
Practicing Poor Password Security: Taping your password to your monitor, the underside of your keyboard, or scribbling it on the bottom of the tissue box all happen, often. No matter how complex your passwords are, writing it down in a public space removes all security. Anybody who can get to their desk can get in with their passwords. All you can do is have a policy set up such that when this is caught, the user gets their proverbial hand spanked, changes their password immediately and is informed not to do it again.
Using the Same Password in too many Places: This is another easy one, but hard if not impossible to test for. At least encourage your users to use different passwords for work than for any other use and if you have a more secure network or if they act with higher privilege than normal, ask them to use a 2nd password for that task so that a single compromise won't compromise every system.
Re-using the same passwords excessively: So if you have a password policy that the user has to change the password monthly, and can't use the same one doesn't preclude the user from just having two passwords and rotating them monthly. You can set policy such that they can't re-use more than X number of passwords (3-6 is common.) That's actually pretty reasonable. If users rotate a larger number of passwords less frequenty, it's not so terrible. The danger comes in when users combat this annoyance by just changing one character or identifier in the same base password. If "Password1" just becomes "Password2", the whole point of rotating passwords has just been invalidated. If you can, ensure that when a user changes a password that it's >1 character different from the old one.
But sometimes, admins fail as well. I've seen a production database system that contained credit card data at a major company that was just secured by a password-- not a username/password pair. Understanding that people are lazy, a co-worker sat down one slow afternoon and tried strings. About one in four turned out to be a valid password. These weren't exotic strings either-- mostly sports teams, common dictionary words, etc. Thankfully the admins realized this was a huge security hole and fixed it in short order.
If you can, ensure that passwords are as complex as possible and be vigilant for users trying to undermine your best efforts.
Intel: i7 (Nehalem) will have a Turbo Mode
The Intel IDF Conference is going on as we speak, and Hardware-Infos.com (auf Deutsch) is reporting that Nehalems will have a mode similar to Santa Rosa Meroms where the chip will dynamically "overclock" itself on the fly on a single core when the need for high performance on a single execution thread is indicated. At this point, it's being called a Turbo-Mode, even though the Intel branding for this feature is unknown at this time. Details are still sketchy, but this is another very interesting detail about the i7/Nehalem platform.
In layman's terms, let's say you have a 4-core, 2.66 GHz CPU. If you're running something that only uses one core, but needs all the power it can get, you have no benefit over a 2.66 GHz dual-core CPU or even a theoretical single core version of the same. These are already maximum speeds, with the CPUs running at lower speeds when performance isn't needed. What this system will do is transparently to the user allow a single core to go faster than the rated maximum while reducing maximum speed on the remaining cores. No word yet on if this will work on a system that's already overclocked. I hope to have more info as this leaks out into the English language press.
Monday, August 18, 2008
Security: Passwords
There's not much to say about this one that's not common sense, but more common sense is better.
Passwords should be "strong" -- that is, not easily guessable or hacked via brute-force. The longer it is, the better. Combining different types of characters (upper-case letters, lower-case letters, numerals and 'special characters' like punctuation) is even better. Your birthday, the name of your dog, etc. are all very, very bad passwords. They're not as good as two-factor authentication, but often they're all you get to work with.
Sometimes you have to crank out password after password (or one Really Good password) and that's a job best left to a random password generator. If you just need some passwords, I like the PCTools Random Password Generator web page.
Passwords should be "strong" -- that is, not easily guessable or hacked via brute-force. The longer it is, the better. Combining different types of characters (upper-case letters, lower-case letters, numerals and 'special characters' like punctuation) is even better. Your birthday, the name of your dog, etc. are all very, very bad passwords. They're not as good as two-factor authentication, but often they're all you get to work with.
Sometimes you have to crank out password after password (or one Really Good password) and that's a job best left to a random password generator. If you just need some passwords, I like the PCTools Random Password Generator web page.
Sunday, August 17, 2008
BoingBoing has a list of the top 101 classic computer and computer-related advertisements "of all time!!!11!eleventy-one" (OK so, I made up the last part.)
I'm not old enough to remember a few of these, but others bring back some fond (and not so fond) memories. Enjoy!
I'm not old enough to remember a few of these, but others bring back some fond (and not so fond) memories. Enjoy!
Monday, August 11, 2008
VIA to Exit Chipset Manufacturing
VIA saw the handwriting on the wall... with the "Intel Platform" being one of their big strengths along AMD acquiring ATI for their chipset design, it's getting tough for 3rd parties to compete in the chipset market. VIA is officially announcing that they're leaving the 3rd party chipset market. nVidia's already on shaky ground with respect to chipset design and manufacturing, so that only leaves SiS at the extreme budget (read: low profit margin) end of the spectrum. My only fear is that 3rd parties are good for overclocking and tweaking, serving as a great market force in that respect.
VIA will continue to design and manufacture chipsets for their Nano processor- just not for Intel or AMD CPUs.
VIA will continue to design and manufacture chipsets for their Nano processor- just not for Intel or AMD CPUs.
Intel: New CPU Releases 8/11/2008
It's official! Several new models have released today, with one oldie but goodie seeing a massive price drop. All prices listed are from Newegg.
The E7300 (Dual-core, 2.66 GHz 3MB Cache) released at an affordable $144.99, a tremendously powerful entry at this price point. The only gotcha is a lack of hardware virtualization support.
The E8600 (Dual-core, 3.33 GHz 6MB Cache w/VT) is out at $279.99, a very workable price for such a fast stock speed. This guy is going to be a serious gaming powerhouse.
The Q9550 (Quad-core, 2.83 GHz 12 MB Cache w/VT) is now down to $339.99 at the 'egg. Once the pinnacle of slightly affordable quad-cores, the price is down quite a bit from last week. Hovering around $600 previously, this is now a realistic option for a mid-high end system.
All of these CPUs are now listed in stock. Expect some moderate price drops across most of the rest of the CPU range as well.
The E5200 is still MIA, but expected soon. I'll keep you posted. The street price should be around $90 for a 2.5 GHz, 800 MHz dual-core. Not shabby for a low-mid range system, and likely a strong overclocker.
The E7300 (Dual-core, 2.66 GHz 3MB Cache) released at an affordable $144.99, a tremendously powerful entry at this price point. The only gotcha is a lack of hardware virtualization support.
The E8600 (Dual-core, 3.33 GHz 6MB Cache w/VT) is out at $279.99, a very workable price for such a fast stock speed. This guy is going to be a serious gaming powerhouse.
The Q9550 (Quad-core, 2.83 GHz 12 MB Cache w/VT) is now down to $339.99 at the 'egg. Once the pinnacle of slightly affordable quad-cores, the price is down quite a bit from last week. Hovering around $600 previously, this is now a realistic option for a mid-high end system.
All of these CPUs are now listed in stock. Expect some moderate price drops across most of the rest of the CPU range as well.
The E5200 is still MIA, but expected soon. I'll keep you posted. The street price should be around $90 for a 2.5 GHz, 800 MHz dual-core. Not shabby for a low-mid range system, and likely a strong overclocker.
Sunday, August 10, 2008
Intel: Nehalem to be Branded Core i7
It appears the rumors are true. The next-generation Intel Nehalem architecture (successor to the Core 2 family) will be branded Core i7, at least for the Bloomfield versions.The picture of release information is also getting a little clearer. Intel's original Q3 2008 promise might be a little more like very late Q3 to Q4 date for the processor being released in anything remotely approaching "volume." These will all be higher end processors with three models ranging from $284 to $999 in thousand lots. Low-end and mobile CPUs are due in Q3 2009. I'll go out on a limb and say that some price cuts/new models will introduce some sort of mid-high end CPUs around the Q1/Q2 2009 time frame, with Core 2 still being a strong low-mid contender through 1H 2009.
The Bloomfield logo is pictured at right, with the Extreme part (at the $999 price point) supposedly sporting a black/grey logo.
Monday, August 4, 2008
Industry: nVidia to Leave the Chipset Market?
Xbit Labs and the Inquirer are reporting that nVidia is set to leave the chipset market entirely, with the Inq saying it's a done deal. Digitimes is proposing a more moderate view on the rumor, while the Tech Report has an article that contains a full, apparently official rebuttal from nVidia. There seems to be more than a grain of truth here as nVidia hasn't reached a deal with Intel to be able to license QuickPath Interconnect for the upcoming Nehalem processor. With no plans in sight yet to support new Intel motherboard technologies after roughly Q3 2008, that leaves nVidia with their original market, AMD.
There's just one problem with that... AMD finally has an in-house chipset maker with the ATI acquisition and they're pushing their own ATI chipset-based products. So faced with stiff competition over the bottom 20% of the market, what's nVidia to do? Is SLI doomed? Will nVidia break the software restrictions on SLI and allow SLI in Intel or even ATI motherboards? What about some of the cool tech that's trickling out like hybrid SLI?
With the failure of mobile G84/86 chipsets and falling stock prices, things must be a bit tense over at nVidia right about now. Competing aggressively with Intel has to be in the cards for nVidia to remain relevant in the chipset market.
Sunday, August 3, 2008
Security: Security through Obscurity
Security through obsurity frankly sucks. Sometimes you can't get around using it, so it's worth understanding what it is so you can avoid it whenever you can. Simply put, making something appear to be something else, or hiding an insecure service rather than securing it is poor security.
For example, having a file out on an unsecured network share called passwords.txt that contains, say, passwords is just stupid. That's less than no security; it's a tempting target for any prying eyes.
Renaming that file to csfr4pw.txt seems like it might deter casual onlookers, but anybody interested in your data can trivially grep or search through file contents and notice that it contains sensitive passwords. Likewise, other automated tools like nmap can help attackers easily determine what services are running where.
Find a better way to secure the data. Put it behind a protected share, encrypt it, or even just alter the contents to say "the passwords are stored in a tamper-evident envelope in a locked cabinet." Though technically part of "defense in depth," this is one tactic you should avoid if at all possible.
Saturday, August 2, 2008
Games: The Wonderful End of the World mini-review
The Wonderful End of the World is a casual game from developer Dejobaan Games ("making video games for over 75 years...") I was a big enough sucker to play the demo on Steam, and was hooked enough to buy the game. What is it? In short, it's Katamari Damacy with an attitude. The plot? You're a disembodied sprit that must collect as much of the world as possible before the world ends. The mechanism? Walk into something smaller than you and it sticks to you. As you collect stuff, you get bigger and can collect larger items. Sound familiar? There's not a lot of gameplay here that hasn't already been done in the Katamari universe.
tWEotW does bring a lot of attitude and style to the table, though. The levels are far less repetitive than Katamari Damacy, with levels themed after classic video games, an Internet cafe, a wacky mall, etc. There are also several running jokes-- organgutans show up in the oddest places, and if you look around you'll see some bizarre stuff in the levels. There is a minor difference over the Katamari games in that you're graded primarily on the number of items you collect rather than the ultimate size you attain. The two are linked, but the distinction is important to understand. You're graded after each level.
There are 12 levels in all, and 11 of them are easy to unlock. The final level is only unlocked if you get an A or A+ on every single level.
There were a few problems-- the game is fixed resolution with limited setup options. Unlike most Katamari Damacy levels where the game decides what to render based on the scale of your character, tWEotW has an inefficient rendering engine that renders everything all the time. On my anemic system, I had severe slowdowns in the larger scale levels. There are plenty of cases where your character can get stuck between objects-- it's not always clear where the edges of your character get calcullated. The game will eventually move you until you're unstuck, but the time lost is a pain. There's also one minor bug in the final level where you can pass through walls in certain areas.
Conclusions the level design is fairly well polished and wonderfully quirky. The game on the whole is pretty easy--expect to "win" in 2-5 hours with some replay value. I passed every level with at least a B on the first try. But some levels were hard to raise from a B or A- to an A in order to unlock the last level. The developer sells this game for $20, but Steam has it for $10. Is it a fun diversion at $10? Yeah, probably worth it, but I'm not sure if it's worth it at $20.
6/10
Security: Defense in Depth
Defense in Depth isn't just a military tactic anymore. This is another basic building block of IT security. In short, don't rely on one specific type of security for your valuable data and expect attacks to come from every vector possible.
Defense in depth starts with securing your systems physically. Anything that's really sensitive should be behind locked doors. Firewalls, separate sensitive networks, OS-level security, anti-virus, anti-malware, intrusion detection systems, and many other tactics can help ensure that what needs to be secure actually is.
Typically you'll want to combine multiple levels of security for additional assurance.
Wednesday, July 30, 2008
The Usual Subjects
Finding a good deal on pretty much anything is tricky nowadays. Fortunately, deal aggregators do most of the work for you. You'll often see Internet forum posts with a note to "check the Usual Suspects" for deals, coupons, etc. The big computer OEMs --Dell, Lenovo and HP in particular are noted for running big sales. These sites aren't just good for computer/electronic stuff, either. I've scored free magazine subscriptions and all sorts of cheap stuff.
Who are the usual suspects? I like to use these guys, in rough order of preference:
Got any more? Post a comment and tell me about your favorite!
Who are the usual suspects? I like to use these guys, in rough order of preference:
- Slickdeals.net
- NewEgg Daily Deals
- Dealnews.com (And affiliates, DealCoupon and DealMac)
- Dealsea.com
- Buy.com Deals
- GotApex
- FatWallet
Got any more? Post a comment and tell me about your favorite!
Monday, July 28, 2008
Gateway Ditches Direct Sales
It seem like so long ago, but once upon a time, Gateway was one of the darlings of the early direct-sales model. They were exceedingly competitive with the likes of Dell through the P2/P3 era and instrumental in the whole paradigm of ordering custom-configured computers first over the phone and later over the web.
Gateway, now a subsidiary of Acer, has floundered tremendously in the last few years. The idea of selling product directly and indirectly through Gateway Country stores floundered and they had begun selling through retail and e-tail channels.
This weekend, Gateway announced that they're giving up entirely on direct sales, and going to a 100% pre-configured, non-customized sales model. Last week, buying a pre-configured computer at 'retail' was just an option if you wanted a Gateway. Now, you get a choice of pre-configured systems and no more.
I'm going to call this one as a bad move, even if there are massive cost-savings that can be passed down to consumers. They're basically giving up on the business markets and high-end prosumer, leaving the low-margin "plain old computer" buyer.
Good luck, Gateway...
Sunday, July 27, 2008
Admin Tip: Cable Storage
You've probably accumulated a number of basic computer cables and need to keep a stock of stuff like DVI, VGA, Power, USB A-to-B, etc. Fortunately, most of these come in a standard 6'/2m size!
Get a coat rack or two-- depending on how much you need to store--and affix it to a wall or hang it behind a door at least 4'/2.5m off the ground. Loop the cables over each hook, looping halfway down the cable. Each hook gets its own type of cable. I can get between 25-50 cables per hook, but this will obviously vary with the coat rack you choose and the thickness of the cables.
If you keep Cat 5/5e/6 networking cable in bulk, you can use one hook for each length and/or color. The only problem here is that cables longer than 10' will end up being looped anyway, or they'll be too long for this method.
This is a real time saver in two ways: No more constant bundling cables for storage, and you can easily see and grab what you need when you need it.
Get a coat rack or two-- depending on how much you need to store--and affix it to a wall or hang it behind a door at least 4'/2.5m off the ground. Loop the cables over each hook, looping halfway down the cable. Each hook gets its own type of cable. I can get between 25-50 cables per hook, but this will obviously vary with the coat rack you choose and the thickness of the cables.
If you keep Cat 5/5e/6 networking cable in bulk, you can use one hook for each length and/or color. The only problem here is that cables longer than 10' will end up being looped anyway, or they'll be too long for this method.
This is a real time saver in two ways: No more constant bundling cables for storage, and you can easily see and grab what you need when you need it.
Security Basics: Authentication and Authorization
A key pair of linked concepts, Authentication and Authorization are so fundamentally important to networked computing, yet often ignored as "assumed knowledge." The fact is that most networked operating systems handle Authentication and Authorization pretty well if configured properly, but I want to cover the basics in case there are any problems. Pay attention, there will be a quiz later!
Authentication is a process by which you prove that you are who you say you are. The most common form of authentication is a user password. In this case, you provide some piece of information only you and the computer know. If you have that info, you are (as far as the computer is concerned) who you say you are.
You have probably also seen biometric authentication systems like fingerprint scanners, and some of you may have seen Handheld Authenticators like the RSA/SecurID system. In the first example of biometric data, something you know is replaced by something you have-- and in the case of your finger, something hopefully you and only you have.
Two-factor authentication builds on the previous two concepts. You need something you have plus something you know. You the basic form at an ATM machine. To make it give you money, you need your PIN code and your card. A thief would need both rather than an either-or to get access to your account. From an administrative standpoint, you may need to consider something like a SmartCard system or an RSA/SecurID system. For SecurID, you have a physical token/device (key fob usually) that generates one use-codes. You combine these one-use codes from the authentication device with a PIN number only you know. Instead of a password, you now have not only a two-factor password, but a one-time two-factor password!
The most common way for this to break down would be to share passwords or use shared accounts (accounts that aren't meant to be tied to a specific person and more than one person has the password.) For authentication to be reliable and secure, you must not have any situations where one person knows another person's password! If you just can't resolve this, realize that it's an insecure situation and work to mitigate the risk.
Authorization is the other half of this coin. Once a system can reliably tell that you are who you say that you are, now the system can give you permission to do what you should be able to do-- this is often revered to as user privilege or privs in admin-speak.
As an admin, you'll typically work within the specifics of your networked OS/system to grant and modify user privilege as required by your organization. Users should operate under the concept of least privilege. That is to say, that they should have the rights to do what they need to do, and not more than that. Granting them extra permissions is a risk that the users may engage in dangerous activities (installing spyware, snooping through HR payroll databases, etc.)
Your risk here is threefold:
- You need a strong authentication system to ensure that you know who is logging in to your systems.
- You need to be vigilant in that the IT group is setting up permissions properly, without any loopholes and obeying the principle of least privilege.
- You need to guard against outside threats which will use exploits in the system to elevate their privilege beyond what they should have.
Friday, July 25, 2008
Sysadmin Appreciation Day
Did you remember to appreciate your Sysadmin? I'll take any chance I get. For the record, I "enjoyed" the day troubleshooting graphical issues with a Red Hat Enterprise 5 box and setting up an Open Directory installation. I didn't get any cookies, though...
Friday, July 18, 2008
Happy 40th, Intel
All the best-- 40 years is a few lifetimes in the tech industry. Of course, this wish comes with a fervent request that you not repeat the debacles of Netburst, RAMBUS and the FDIV bug. I will gratefully take a nice Wolfdale off your hands if you have one to spare, though!
Thursday, July 17, 2008
Hardware: Hector Ruiz out at AMD
Tuesday, July 15, 2008
Xbox 360: The E3 Bombshell
I'll preface my first gaming post by saying this: I'm an old school PC gamer-- old school enough to go back before the original PC took the gaming marketshare crown from the Apple ][ and Commodore 64/Amiga. I tend to prefer PC gaming as it affords me a high degree of tweaking/modding, I like the keyboard/mouse interface as a minimum standard and I like the immediacy of sitting right in front of the screen. I still bear Microsoft and the Xbox franchise some minor ill will for diminishing the former glory of the PC gaming market.
With all this in mind, the Xbox has scored a slam dunk this E3. Forget the Mii-alike avatars. Forget the media content and Netflix deals. Even forget the option to run from the hard drive. Those are the icing on the cake. The real meat here is that the update will handle standard widescreen monitors from 17" through 22" at native resolution.
I no longer have to invest in a different type of setup-- I can re-use the monitors I already have. Good HDTVs are expensive, but a $250 monitor isn't a bad way to go.
And let's not forget the games. The Xbox franchise has been hammering nails in the corpse of the PC for a long time, but it's polishing the hammer for the console market too. Let's be blunt-- The Wii competes for gamer time and dollars, but isn't playing the same games as the other 3 platforms. The PC is just the Xbox's poor stepsister from Microsoft's standpoint, so that leaves Sony. Sony is quintesentially Japanese. I own a PS2 primarily for Japanese Console RPGs-- the greats from SquareEnix, Bandai Namco, Atlus and the like. These are quirky and fun and things I can't do on a PC. Final Fantasy X was the king of that generation and the FFXIII franchise looks to be the king of the current generation. The loss of the main FFXIII game's PS3 exclusivity is an Epic Fail. It means that people (like me) with limited budgets on the fence as to which console is better for Japanese games will tend to go with the non-Japanese contender.
While there is still some pretty good exclusive PS3 content (Little Big Planet arguably the biggest now), Sony now has to move units based on more games that are non-exclusive. Luckly it holds the ace of being a great BluRay player in its sleeve.
The real news here is for the PC market. With Microsoft putting more genres of content squarely into the Xbox arsenal, it gets harder to resist. The ability to use existing/inexpensive high quality monitors is the cherry on top.
With all this in mind, the Xbox has scored a slam dunk this E3. Forget the Mii-alike avatars. Forget the media content and Netflix deals. Even forget the option to run from the hard drive. Those are the icing on the cake. The real meat here is that the update will handle standard widescreen monitors from 17" through 22" at native resolution.
I no longer have to invest in a different type of setup-- I can re-use the monitors I already have. Good HDTVs are expensive, but a $250 monitor isn't a bad way to go.
And let's not forget the games. The Xbox franchise has been hammering nails in the corpse of the PC for a long time, but it's polishing the hammer for the console market too. Let's be blunt-- The Wii competes for gamer time and dollars, but isn't playing the same games as the other 3 platforms. The PC is just the Xbox's poor stepsister from Microsoft's standpoint, so that leaves Sony. Sony is quintesentially Japanese. I own a PS2 primarily for Japanese Console RPGs-- the greats from SquareEnix, Bandai Namco, Atlus and the like. These are quirky and fun and things I can't do on a PC. Final Fantasy X was the king of that generation and the FFXIII franchise looks to be the king of the current generation. The loss of the main FFXIII game's PS3 exclusivity is an Epic Fail. It means that people (like me) with limited budgets on the fence as to which console is better for Japanese games will tend to go with the non-Japanese contender.
While there is still some pretty good exclusive PS3 content (Little Big Planet arguably the biggest now), Sony now has to move units based on more games that are non-exclusive. Luckly it holds the ace of being a great BluRay player in its sleeve.
The real news here is for the PC market. With Microsoft putting more genres of content squarely into the Xbox arsenal, it gets harder to resist. The ability to use existing/inexpensive high quality monitors is the cherry on top.
Subscribe to:
Posts (Atom)
Posts
