December 2006

At the turn of the year, you may well be thinking about donating some of your hard-earned to one or more worthy causes. After you’ve thought about more conventional charitable giving, I’d like to suggest the following organisations as candidates for a few more of your local currency units. Such a donation may not have the direct effect that you’d associate with something like disaster relief, but it might just increase in some small way the prospects of a better future for everyone…

• The Wikimedia Foundation asks you to “imagine a world in which every single human being can freely share in the sum of all knowledge”. If that sounds a bit grandiose, consider the number of times you use Wikipedia every day and how much you’re therefore saving because you don’t need to buy Encarta any more.

• The Electronic Frontier Foundation have been fighting to defend your rights in the digital world since before most people thought there might be rights in the digital world. If you join them, or send them a donation, there is more chance they will be around to defend your rights the next time they are threatened. And anyway, who wouldn’t want to support an organisation that sued Barney the dinosaur?

• Our digital world is as vibrant as it is in large part because of the way that creative people build on the work of others. I love being a part — however small — of that creative universe; that’s why I use Creative Commons licenses to mark many of my own works as free for other people to use, under certain conditions. For example, my flickr photostream and (as of this week) this blog are marked as free for non-commercial use as long as you give me attribution. You can support this approach to creativity by donating to Creative Commons. Of course, licensing your own work where appropriate is like a donation to every creative person out there; doesn’t that make sense too?

Happy New Year!

This post follows on from my earlier one on Moving a FC5 Root Partition to LVM. In this episode, I conclude the work by moving the /boot partition to the new drive and do everything else necessary to remove the old drive.

Squid Whistles.

These were the prizes found in a couple of “Christmas” crackers this year. They look like they are supposed to be whistles, but just on the off chance that they call something worse, I have not tested them.

How festive!

I’ve been getting more and more dependent on virtual machine technology over the last couple of years. Although I use Microsoft’s Virtual PC for Mac and the Parallels Desktop product from time to time, most of my virtual machines live on VMware Server under Linux or VMware Workstation running on my remaining Windows 2000 desktop machine. Today’s announcement of a public beta for VMware’s Fusion product for Intel-based Macs therefore came as a pleasant festive surprise. Of course, I downloaded it right away.

My first impression is that it seems to work just fine. The current beta version runs with a lot of debug code active, and the first thing you see is a warning that you’re not going to get a lot of performance out of it. The Beta EULA prevents me from commenting further on that front, and in any case both VMware Server and Parallels Desktop were less than stellar in their beta phases so it isn’t significant information.

Problems? So far, really very few. I brought up a Fedora Core 6 client from scratch in about half an hour, and downloaded an Openfiler virtual appliance and had it up and running in seconds. For some reason, I couldn’t connect to the OpenFiler appliance’s administrative interface from the host machine, but it appeared to be working fine from another machine. [Update: known issue in this build, see comments below.]

The current beta is missing any kind of snapshot facility, which is a pity as that’s one of the things that marks out VMware Workstation as such an excellent development tool. The other thing it’s missing is some of the GUI for doing things like adding more virtual hard disks to a machine. However, I found that if I stored the virtual machine on a removable FAT32 drive, I could swap it over to the Windows machine running Workstation, make changes there then swap it back to the Mac again. Neat!

Summary: very good for an initial public beta. If the final functionality comes up to Workstation’s level, particularly in the area of snapshots, I’m a customer.

A friend sent us one of these cards this year. It arrived during one of my periodic outbreaks of negative feeling toward the festive season, and quite changed the mood…

[It has been brought to my attention that some of my readers don’t know what a humbug is. Well, Wikipedia knows.]

In Real-World Passwords, Bruce Schneier analyses a corpus of passwords retrieved from a phishing attack on the MySpace social networking site.

The good news is that it’s clear that users are slowly becoming more aware of the security risks of bad password choice. The bad news is that things haven’t got all that much better, really. Scheier’s punchline:

We used to quip that “password” is the most common password. Now it’s “password1.” Who said users haven’t learned anything about security?

These days, it’s hard for me to get up much enthusiasm for any security solution that involves a lot of user education. As well as the apathy factor and the dancing pig factor, we’re fast outrunning the ability of even the most well educated user to keep up with the bad guys. I include myself with the mass of the bewildered in this respect, as evidenced by my previous post on remembering secure passwords.

The longer term answer to these problems has to involve a move away from relying solely on inherently weak technologies like passwords and towards technologies like multi-factor authentication and federated identity systems. If we don’t have to rely on the human brain’s limited ability to remember lots of secure (and therefore inherently hard to remember) passwords, we might stand a fighting chance of building secure systems.

-15C in Chicago

I spent a few days in the Hyatt/McCormick Place Arcology in Chicago recently, afraid to venture outside lest my limbs break off like brittle sticks in the -15C temperatures. So, here are some entirely unadventurous pictures taken out of the window on the 23rd floor of the hotel.