Wednesday, May 25, 2011

Your Rights: Eroding

Want to share negative opinions about a healthcare professional?  Think again.
After the usual patient information form, there was a "mutual privacy agreement" that asked me to transfer ownership of any public commentary I might write in the future to Dr. Cirka
Translation: If you write a bad review about me, I'm going to claim ownership of it and delete it.

Tuesday, May 24, 2011

Media Manager

Trying out Miro, an open source, multi-platform  alternative to iTunes.

Obvious

In case you didn't know where the power cord goes

A new job for Chuck

Maybe Chuck can get a new job installing fiber in New England.

Actually, now is a good time to promote Chuck's blog: chuckbag.  Lots of good stuff.

And seeing he's the only person reading this blog, I hope his loop detection mechanism is working

Saturday, May 21, 2011

Get out of my way, I'm a MOTORIST

So true

Thunderbolt, round II: Apple, not Intel, files for trademark

Engadet reports an interesting development with Thunderbolt: Apple has filed for trademarks for the name, not its key developer Intel.  Ultimately, this is likely to lead to more fragmentation of the peripheral connection space.  Didn't Apple learn from the IEEE1394, iLink, Firewire naming confusion?

Friday, May 20, 2011

USB killed the Thunderbolt star

Extremetech has a good review of why Thunderbolt has already failed and why we shouldn't blindly listen to what Apple says.

Your Rights Eroding

Troubling news from California, where state legislators are set to allow warrentless searches and seizures to protect copyright holders.  Both the RIAA and MPAA are obviously in favor of expanding the powers of law enforcement to protect their intellectual property and income, but one would hope that elected representatives would be looking out for citizens and the Constitution.

Remember, California is also where a questionable warrant was issued to seize a bloggers electronics, and then dropped, when Apple lost a prototype iPhone.

Thursday, May 19, 2011

Multitail

multitail allows you to 'tail' multiple files at the same time:

What is it in short?

MultiTail follows files in style, it is tail on steroids.

E-Ink enabled snowboard

Uber cool

Pattern Matching with iptables

iptables is the de facto linux firewall/packet filter.  I just learned how to use pattern matching to filter unwanted HTTP requests.

Looking through apache logs, you'll see lots of people searching for vulnerabilities:
[error] [client 109.169.62.102] File does not exist: /var/www/database
[error] [client 199.71.213.70] File does not exist: /var/www/phpmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/phpMyAdmin
[error] [client 199.71.213.70] File does not exist: /var/www/PHPmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/pma
[error] [client 200.1.192.31] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:) 
[error] [client 82.192.66.72] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 123.30.109.21] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 146.48.80.154] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)


I am using fail2ban to watch the apache error logs and dynamically add iptables rules.  I've had some success, but given that there are certain errors that: 1) I frequently see in the logs; 2) I know I should never see, I'm using the iptables pattern matching to filter the packet before it even hits Apache.


The technique is well documented here.  The key line is :

# iptables -I INPUT -d xxx.xxx.xxx.xxx -p tcp \
 --dport 80 -m string --to 70 --algo bm --string \
'GET /w00tw00t.at.ISC.SANS.' -j DROP
This will match an HTTP request for a file /w00tw00t.at.ISC.SANS. which is used in vulnerability scans.  The above link goes into even more detail on how to specify which packets (eg- exclude connection requests (TCP SYN) packets)

Wednesday, May 18, 2011

Memristors: A fundamental shift in computing

Memristors are a new type of electronic component that is currently in development.  They were theorized back in the 70s based on the fundamental properties of voltage, inductance, and capacitance.  It makes the forth basic element to the existing resistor, capacitor, and inductor.

Memristors combine the function of transistor and memory, or to put another way, a logic circuit that remembers.  This represents a tighter integration between processor and memory, much more so than just adding cache to a processor.

HP thinks memristors have a promising future in by [overcoming] the bottleneck of the Von Neumann architecture by integrating memory storage and data processing in a common circuit.  Intel, however, seems to be following a more conventinoal approach to continue growth in computer power.

Tuesday, May 17, 2011

Interactive RF visualization

The Radio Frequency (RF) spectrum can be a confusing place to navigate.  Running from a few kilohertz to man gigahertz, there's a lot packed in there.  This is a great tool to help explore what various frequencies are used for.

New Fangled Lighting

Compact Florescent Lighting (CFL) has been touted as a major environmental improvement over inefficient incandescent.  Problem is they contain mercury and improperly disposed are horrible for the environment.  Solid State Lighting (SSL) based on Light Emitting Diodes (LEDs) are much more efficient but also much more expensive.

Having said that, I'm definitely sold on the wonderful world portrayed in this video:
GreenChip lighting lets you flip the switch remotely, thumbs nose at IPv4 depletion