After the usual patient information form, there was a "mutual privacy agreement" that asked me to transfer ownership of any public commentary I might write in the future to Dr. CirkaTranslation: If you write a bad review about me, I'm going to claim ownership of it and delete it.
Wednesday, May 25, 2011
Your Rights: Eroding
Want to share negative opinions about a healthcare professional? Think again.
Tuesday, May 24, 2011
A new job for Chuck
Maybe Chuck can get a new job installing fiber in New England.
Actually, now is a good time to promote Chuck's blog: chuckbag. Lots of good stuff.
And seeing he's the only person reading this blog, I hope his loop detection mechanism is working
Actually, now is a good time to promote Chuck's blog: chuckbag. Lots of good stuff.
And seeing he's the only person reading this blog, I hope his loop detection mechanism is working
Saturday, May 21, 2011
Thunderbolt, round II: Apple, not Intel, files for trademark
Engadet reports an interesting development with Thunderbolt: Apple has filed for trademarks for the name, not its key developer Intel. Ultimately, this is likely to lead to more fragmentation of the peripheral connection space. Didn't Apple learn from the IEEE1394, iLink, Firewire naming confusion?
Friday, May 20, 2011
USB killed the Thunderbolt star
Extremetech has a good review of why Thunderbolt has already failed and why we shouldn't blindly listen to what Apple says.
Your Rights Eroding
Troubling news from California, where state legislators are set to allow warrentless searches and seizures to protect copyright holders. Both the RIAA and MPAA are obviously in favor of expanding the powers of law enforcement to protect their intellectual property and income, but one would hope that elected representatives would be looking out for citizens and the Constitution.
Remember, California is also where a questionable warrant was issued to seize a bloggers electronics, and then dropped, when Apple lost a prototype iPhone.
Remember, California is also where a questionable warrant was issued to seize a bloggers electronics, and then dropped, when Apple lost a prototype iPhone.
Thursday, May 19, 2011
Pattern Matching with iptables
iptables is the de facto linux firewall/packet filter. I just learned how to use pattern matching to filter unwanted HTTP requests.
Looking through apache logs, you'll see lots of people searching for vulnerabilities:
[error] [client 82.192.66.72] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 123.30.109.21] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 146.48.80.154] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
I am using fail2ban to watch the apache error logs and dynamically add iptables rules. I've had some success, but given that there are certain errors that: 1) I frequently see in the logs; 2) I know I should never see, I'm using the iptables pattern matching to filter the packet before it even hits Apache.
The technique is well documented here. The key line is :
Looking through apache logs, you'll see lots of people searching for vulnerabilities:
[error] [client 109.169.62.102] File does not exist: /var/www/database
[error] [client 199.71.213.70] File does not exist: /var/www/phpmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/phpMyAdmin
[error] [client 199.71.213.70] File does not exist: /var/www/PHPmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/pma
[error] [client 200.1.192.31] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:) [error] [client 199.71.213.70] File does not exist: /var/www/phpmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/phpMyAdmin
[error] [client 199.71.213.70] File does not exist: /var/www/PHPmyadmin
[error] [client 199.71.213.70] File does not exist: /var/www/pma
[error] [client 82.192.66.72] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 123.30.109.21] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
[error] [client 146.48.80.154] File does not exist: /var/www/w00tw00t.at.blackhats.romanian.anti-sec:)
I am using fail2ban to watch the apache error logs and dynamically add iptables rules. I've had some success, but given that there are certain errors that: 1) I frequently see in the logs; 2) I know I should never see, I'm using the iptables pattern matching to filter the packet before it even hits Apache.
The technique is well documented here. The key line is :
This will match an HTTP request for a file /w00tw00t.at.ISC.SANS. which is used in vulnerability scans. The above link goes into even more detail on how to specify which packets (eg- exclude connection requests (TCP SYN) packets)
# iptables -I INPUT -d xxx.xxx.xxx.xxx -p tcp \ --dport 80 -m string --to 70 --algo bm --string \ 'GET /w00tw00t.at.ISC.SANS.' -j DROP
Wednesday, May 18, 2011
Memristors: A fundamental shift in computing
Memristors are a new type of electronic component that is currently in development. They were theorized back in the 70s based on the fundamental properties of voltage, inductance, and capacitance. It makes the forth basic element to the existing resistor, capacitor, and inductor.
Memristors combine the function of transistor and memory, or to put another way, a logic circuit that remembers. This represents a tighter integration between processor and memory, much more so than just adding cache to a processor.
HP thinks memristors have a promising future in by [overcoming] the bottleneck of the Von Neumann architecture by integrating memory storage and data processing in a common circuit. Intel, however, seems to be following a more conventinoal approach to continue growth in computer power.
Memristors combine the function of transistor and memory, or to put another way, a logic circuit that remembers. This represents a tighter integration between processor and memory, much more so than just adding cache to a processor.
HP thinks memristors have a promising future in by [overcoming] the bottleneck of the Von Neumann architecture by integrating memory storage and data processing in a common circuit. Intel, however, seems to be following a more conventinoal approach to continue growth in computer power.
Tuesday, May 17, 2011
Interactive RF visualization
The Radio Frequency (RF) spectrum can be a confusing place to navigate. Running from a few kilohertz to man gigahertz, there's a lot packed in there. This is a great tool to help explore what various frequencies are used for.
New Fangled Lighting
Compact Florescent Lighting (CFL) has been touted as a major environmental improvement over inefficient incandescent. Problem is they contain mercury and improperly disposed are horrible for the environment. Solid State Lighting (SSL) based on Light Emitting Diodes (LEDs) are much more efficient but also much more expensive.
Having said that, I'm definitely sold on the wonderful world portrayed in this video:
GreenChip lighting lets you flip the switch remotely, thumbs nose at IPv4 depletion
Having said that, I'm definitely sold on the wonderful world portrayed in this video:
GreenChip lighting lets you flip the switch remotely, thumbs nose at IPv4 depletion
Subscribe to:
Posts (Atom)