Forgot your password?
typodupeerror
User Journal

Journal: The monster and others...

Journal by GoneGaryT
Well now the monster has been up nearly 2 weeks. It runs Win XP, SuSE 9 AMD64 and FreeBSD 5.2/AMD64, not necessarily in that order. Is it fast? You bet.

But what really tickles me tonight is that my old Cyrix box took a Smoothwall Express 2.0 install and has found new life. I'll recommend Smoothwall to everyone right here and now, because it really is sweet. And I'll recommend xcdroast to everyone too, because that's what I used to burn the Smoothwall iso onto a CD and that too is sweet. I gave the guy $20 via Sourceforge the other night, because (although he uses the existing CD tools) he's really got it right. Nice.

Now, about that pr0n.....

User Journal

Journal: Birth of Monster.... just a PC

Journal by GoneGaryT
Likasay, my current PC is a Cyrix 686 @ 133MHz w/64Mb RAM, an old Matrox Mystique video card, a 3Gb and a 30Gb hdd, CD-ROM and not much else. The monitor is a !0 year old 15" CRT Western Digital. It has all been Good Enough for a number of years.

Was Good Enough. Until, of course, I started using a Dell 17" TFT monitor at work, which I really really like. So, I thought, maybe I could buy one for home. But then, the Matrox won't do 1280x1024, which I also really really like. So I'd need a new graphics card. But if I got a new graphics card, I'd probably need a new processor. And I'd really like to watch DVDs on the new monitor.. you see where this is going?

Over the Christmas period, I very nearly bought a high-end Athlon system from bestpricecomputers.ltd.uk, until I saw their "No bare hard disks" policy, which totally pissed me off. So I let the matter rest... until I went back to work and the Dell, that is.

The net result is that the old credit card has taken a hammering this week; if I was going to self-build, I had to make a fair job of it. This is what is about to arrive at my door - one of my colleagues has christened it "Monster", even though none of it has arrived, let alone been put together:

Quartz midi-tower case w/400W PSU
Chaintech ZNF3-150 motherboard
AMD Athlon XP 64 3200+
2x Crucial 512Mb PC3200 DIMMs
Zalman CNPS7000A-AlCu Ultra-Quiet CPU cooler

Maxtor DiamondMax Plus9 80Gb UDMA133 hdd
2x Seagate Barracuda 7200rpm 160Gb SATA150 hdds
NEC DVD+-R/RW 4x IDE burner
AOpen CD-RW 52r 52w 32rw IDE burner
Sony USB Ext FDD

AOpen GForce FX5900 128Mb graphics
Iiyama ProLite 17" TFT monitor.

I think that lot might do the trick... although I'm agonising over a M$ Bluetooth keyboard and mouse, as you do. And the mobo does 7.1 sound, so I might get some decent speakers. Stay tuned for the outcome...(the bankruptcy courts at this rate)

User Journal

Journal: Heads up: politics

Journal by GoneGaryT
Someone said something really interesting about the failures of capitalism here this week - sorry, didn't catch the username but hey.

Now communism was deemed a failed politic because all communist regimes end up pretty quickly as dictatorships. That's not communism, of course, but then that's why it fails - power ends up in the hands of the few rather than the many.

What geezer X pointed out this week is that monopolies represent a failure of capitalism. Capitalism is heavily based on the idea of competition, but when competition has been vanquished (c.f. Microsoft) one ends up with a dictatorship of sorts. Same end result as communism. Same bankruptcy of ideology.

Nice one, geezer X.

Security

Journal: Infosec Europe Advisory Council

Journal by GoneGaryT
Well this was cool.

I was invited, along with the great and the good of corporate / police / gubmint / broadcasting IT security people, to join the first meeting of the Infosec Europe Advisory Council. Now, let me set you straight:

Infosec Europe is really the big IT Security exhibition held at London Olympia every spring, organised by (gigantic) European publishers Reed-Elsevier. Every year, there are keynote speeches and panel discussions on the topic, usually covering the hot issues du jour. For me, it's legal stuff that rings the bell, because that's really the foundation of all policy. There's plenty other stuff that's good, though, like security vis-a-vis B2B, trust relationships etc. And vendor-specific is banned, BTW, which makes it all the more valuable. (Gotta watch out for other agendas tho' - ain't paranoia beautiful!). The main thrust is "what do we need, who will sell it to us, how do we convince the Board?" Ah, the faint smell of money :)

Anyroadup, the Managing Editor of Computer Weekly, Dr. John Riley, gently chaired the meeting of about 25 guests (people from gubmint, BBC, big finance... and me [not telling which sector, but sole rep]) at Claridges Hotel, Bond Street, London W1 for a fruitful couple of hours discussion (plus nice lunch) about what bites our particular asses.

It turns out that we're pretty much singing from the same hymn-sheet and our problems are conjoined. The gubmint (unless I heard this wrong) thinks loss of reputation through confidential information leakage is overrated (-1) whereas we think it's (+1) fucking serious. Interesting.

Risk assessment is an infant science in this field, said one. Yeah, you got gross risk and net risk, by what yardstick do you assess either?. I thinks he's right, but we tend to fly this stuff by the seat of our pants and we pretty much hit the mark, so the science is a luxury to look forward to.

Physical security? ISO 17799 (was BS7799, "a British invention" (c) Raymond Baxter) covers this, and there was some discussion on the topic. We know that we fail it unless we can influence HR on the issue.

ROI on security figured large (we all gotta earn our crust) and it was generally agreed that we need explicit standards / protocols / minima (consequent of, if not described by, ISO 17799), not only to enable us to release budget on security, but to enable trust in B2B too. The 'Board' also needs to have a concise picture of the jungle if they're going to make realistic decisions. This points to a need for better, faster log contcatenation, analysis and summarisation - and I'd pay good money for that. Logs are everything in this game. If you can't measure it, you can't manage it, right?

Hand in hand with this go training standards. CISSP was mentioned, but was thought maybe not yet accepted, with the Masters degree from Royal Holloway College seen as superior. Neither were seen as prerequisites to the job; age and experience are perhaps still ahead. It's not as if there were a recognised "International Institute of IT Security Analysts" complete with professional exams, and that's part of the problem. It's a pretty dynamic field, though. There's something new every 5 minutes (dammit), so how do you avoid obsolete exams?

"Business must continue; if not, security has failed" bang-on, geezer - that goes on the wall, no dissent on that. This brought up issues of availability vs. security and confidentiality. Bit of an old chestnut, really.

Use of biometrics is still not seen as a single source of verification; there was talk of combinations like one or two biometric parameters plus a PIN, combinations of passive and active methods. (Hmm, just made those classifications up, BTW. Probably read them somewhere...)

Finally, talk of 'good governance' and 'the Board' taking responsibility for security, the failure so to do resulting in unmitigated disaster all round. Fair comment.

The feta cheese tarts were tasty too. And the wacky little prawn cocktail things. Neat. Very neat. It was cool, y'know?

User Journal

Journal: St*p Bu$h demo, London 2003-11-20

Journal by GoneGaryT
Yesterday I took a day's annual leave. The peace protest was setting out at 2 pm and I beetled down there for a bit. Like the Rev. Jesse Jackson said last year, you've gotta keep on with this if you're going to get anywhere.

While I waited for friends and covered myself in protest stickers ("Bush Off! Blair Out"; "A Killer comes to town..."; "St*p Bu$h"), the roads filled at an exponential rate as participants of all ages thronged to the rendezvous. Pretty soon Malet Street was over capacity and we joined a detour to an overspill area. The noise wound up and never really dropped for the next four and a half hours as everyone ambled off.

Not so many pre-printed placards this time, lots of personal sentiment ("I fart in your general direction"; "Estate Agents against Bush" were personal favourites), plenty of costume, mummers with a papier-mache cannon, everyone considerate to eachother and angry with the regime. 1984 had arrived about 17 years late, but we're living in a tribute from Mad George to sane, eternal war and endless lies for a diet.

Nuns at the windows of the Quaker's (who's gonna burn in Hell, girls? Us or them?). Whistles, every other person's got a whistle, I've got a whistle and we're whistling phrases to the drums, passing a refrain back and forth, sure, they can hear us.

Malet Street, loudspeakers outside the UCL Halls, impromptu live rap, nuff respect. On the street are a couple of bits of paper, wow! "Fraudulent Event Note" worth "One (BIG) Deception", "9-11" in every corner, Bush instead of Lincoln, swastikas on his tie, this dollar bill is an absolute work of art. On the back, faintly under the upper 9-11s, "Bush knew", under the lower "Cheney did it". Yeah, I'll buy that on the evidence. Don't forget that little rat-fucker Guiliani either.

Reading a lot of popular opinion, most dumb-fuck telly-dribblers haven't quite caught up with the real program, but here are 100,000 (police est.) to 300,000 (organiser est) folk that can think their way out of a paper bag. Sick and tired and angry with the blatant stupidity of it all; we're on a runaway train and need to get a sprag in those wheels. We think plenty noise helps a good deal towards this.

British Museum, Aldwych, Strand, Waterloo Bridge and round the IMAX, onwards and loud as you like, Thames sparkling in the lights of the South Bank, wind turbine spinning in Jubilee Gardens. It's new, daresay our Ken ("Red" Ken Livingstone, leader of London, formerly same of GLC), organised that as a subtle hint to the residents of old County Hall, converted to expensive apartments in a fit of spite by Thatcher's scum. Looks great. Must go all night, swoosh-swoosh-swoosh.

A pink wood and cardboard field gun immobilised. Hard work, guys.

Back over Westminster Bridge and past Parliament, noise at a crescendo, then up Whitehall. A solitary pro-Bush supporter, flanked by 6 police, it's quite ok with us freedom-loving sorts. Here we go, up to Downing Street and someone says "Boo" and another "Boo" and then everyone booing in a pantomime fashion as we pass. Same treatment for the American flag further along. More of the same for the British flag. Partisan we ain't.

Another diversion and an enormous crescendo, then we're there at Trafalgar Square, 6:30 and we've missed all the speeches and pillorying, but we had suits lugging laptop bags, office workers joining and extending the march. Music til close of play at 7 pm, we chilled and danced to Primal Scream's "Screamadelica" before heading to favourite bars and the satisfaction of a good day's work.

Two young American guys outside a bar in Cambridge Circus, want to know what it's all about. We tell them, oh they have some choice things to say, like that damn brother in Florida cheating GWB into office, they're still sore about it. They're from Ohio, they don't know about Diebold. I tell 'em. They're speechless. Poor fuckers, they've got to go back and deal with that too.

The degree of technical confidence is inversely proportional to the level of management.

Working...