Category: rants

General rantings and raving.

The tragic tail of my G5

I had previously bloged about the liquid cooling system leak in my dual powermac g5. Since the major hardware replacement (mother board, cpu module, hard drive, power supply and trim pieces) I had been having intermittent mouse problems. I know, it sounds weird.

After working for a random amount of time my mouse would ‘lock up’. The light on the bottom of the mouse goes out and no amount of swirling it or chucking it at the wall would make the cursor move.

After this I would use launch bar to open iterm and issue ‘sudo shutdown -r now’ to shut it down properly. It reboots to come back with still no mouse support. I reset it again and it works.

Some times it locks up multiple times per day, other times I will go two whole days without a reboot.

I have used three different mice, spread out over every usb port the som’a’bitch has. I have no other usb devices plugged in and have no after market ram.

Called AppleCare again and they sent out another mother board and repair technician.

Once the new mother board was installed the machine wouldn’t start.

They put a new mother board (the fourth) and power supply on order and the technician is scheduled to return tomorrow.

Wow has this machine been a nightmare! Don’t get me wrong, I don’t blame Apple. I have had a number of other Apple machines that proved to be absolute work horses and tough as nails… this one is just… different.

The good news of the whole thing, is that I got to take pictures of the G5’s liquid cooling system with its top down. No fancy logo’d shield covering it.

Enjoy.

G5 cpu module, topless

In this image you can clearly see the Delphi logo. How strange to see that logo in a computer.

G5 topless: pump and hoses

The pump and some hoses.

G5 topless: hoses, hose clamps, radiator cap.
In this one you can see the radiator hoses, clamps and radiator cap.

Is it safe to remove my usb flash drive?

I recently purchased a SanDisk Cruzer Titanium 1gig flash drive.

I loved that drive! Past tense. I loved the fact that it was an ‘all in one’ unit. No stupid cap. I loved the fact that it nicely retracted inside its impressive looking titanium casing. I loved the fact that (the marketing would have you believe) a truck can run over it and it will continue to function.

Its use was not bus intensive. I would keep common drivers, tools and install files on it. Things that I use constantly through out an average day at work. I wasn’t storing MP3 files or the like, that would cause the drive to constantly be written to and read from. It would normaly be plugged in, used for about 5 minutes, and ejected… properly. I ALWAYS eject or stop my flash drives before removing them.

Now, one week into its use it stopped working. All together. Not a normal “I can’t read the file system, do you want to format?”, but more along the lines of “I don’t recognize what this USB device is”.

Having purchased it from mwave and not newegg, I was unaware of the horrible horrible reviews this drive got. But apparently this is a common issue.

I RMA’ed the drive directly to SanDisk. They had me another drive in about a week so I started using it in the same manor I did the last one.

One (1) week of using this one it stopped working again with the same problem as the last one.

I got annoyed and purchase a new 4gig Corsair flash drive from newegg. I used it in the same way I used the last two deceased SanDisk drives, and now (after about 3 weeks of use) it says it can’t read the file system.

I think it may be that I am using the drive in about a half dozen machines a day (apple and pc), but my two techs think its because I acutely take the time to properly disable the device as opposed to just yanking it out and letting the operating system scold you.

Does anyone have any opinions or data that could explain what the real reason is?

Late winter in Michigan

It’s such an amazing time of year in this state. We have so many great things to look forward to.

The sky and the roads are the same washed out white color. The sky; because it would be criminal to see the sun. The roads; because they (as is the case with everything else this time of year) are absolutely caked with salt.

The snow that has gathered on the side of the road takes the most attractive black dirt color.

Some of the snow has melted to reveal all of the garbage that the lazy Michiganders toss out the window. Garbage that has been hidden under snow for most of the winter.

Between the constant freezing and thawing, and the ungodly amount of weight that Michigan law allows for trucks, the roads are at the peak of their disrepair. Anyone who lives in Michigan or has visited knows how poor our roads are.

Ya, its just downright lovely.

Microsoft’s serious commitment to security

In many recent interviews Microsoft has vowed their firm commitment to security all the wile demonstrating the exact opposite.

Case in point: On December 28th US-CERT issued security advisory VU#181038 pertaining to all versions of Microsoft operating systems. This is a 0-day vulnerability.

We all know that US-CERT generally issues advisories (at least) a few days after the initial discovery. In this case the vulnerability and corresponding incidents where first discovered on December 27th according to McAfee.

Upon examining the Microsoft security bulletin 912840 associated with this vulnerability you will notice that it was Published December 28th. The same day as the US-CERT announcement and one day after its initial discovery. A serious vulnerability that effects ALL versions of the number one most used operating system in the world, and they wait a day to even post an advisory on their web site?

Even this isn’t what bothers me the most. What really got me was when I visited Microsoft.com trying t to find more information. At current they have a giant flash animation (it takes up about 75% of the page) that contains a sun flower set against the recognizable windows “blue sky, green grass” backdrop wearing sunglasses with the heading “start having fun”. So this vulnerability isn’t being displayed prominently. Lets look closer at the front page and see if we can find a link to information on this vulnerability. Look all you want, its not there. No mention on the home page at all.

So lets click on security. Its sure to be listed there. Once again, look all you like. You won’t find it.

No patch exists, it results in a remote code execution on a fully patched Windows XP, 2003 server, etc and Microsoft makes no mention of it on both their home page and their security page.

I think its time Microsoft stop jawing about this commitment to security and start demonstrating it.

Common Criteria and windows

It was just announced that MS Windows XP SP2 and 2k3 server have been accredited with the Common Criteria evaluation level 4+.

For those of you who don ‘t know, the common criteria is an ISO standard that was created to provide a common way of evaluating and rating security. It combines the USs old Orange Book evaluation with the DoD ‘s redbook and the Canadian CTCPEC and the EUs ITSEC. It has 7 Evaluation Levels of Assurance (EALs) 1 being the lowest and 7 being the highest.

Now here is ware things start to get shaky. Windows has achieved 4+. Novell has had 4+ for Open Enterprise server for some time and it appears that Suse and RedHat are both going for evaluations and will likely achieve 4+.

The reason for this is that 4+ is the highest level of accreditation that a commercial product can hope to achieve. It is this fact that makes me believe the Common Criteria is doing a disservice to the security community.

I find it hard to believe that additional security can not be added to windows, that it can ‘t be more secure than it is now. But yet we have hit a wall with the CC. What motivation does Microsoft or others have to improve on their security if they are already accredited at the highest possible level?

Sony

What kind of security related blog would I run without making mention of the Sony DRM fiasco?

I do not think they could have screwed up more if they tried.
1. Hired incompetent coders to write drm software
2. Allow coders to steel code from open source projects without code over sight (and oh the hypocrisy)
3. Stick it on tons of CDs and allow it to use root-kit like cloaking to hide it.
4. When people find out make them jump through hoops and install an active-x component in order to get it uninstalled. Dont forget that the uninstall itself produces instability.
4. Post this and make it sound like you are blaming the authors.
5. Say lines like “Ultimately, the experience of consumers is our primary concern…” when the fact this whole mess exists to begin with is proof of the contrary.

All and all I think this was one of the best things that could happen. I don ‘t think the general consumer was angry enough about DRM to make any real changes. This certainly tipped those scales and I thank Sony for that. I believe the freedom that they and RIAA and MPAA enjoy will be greatly reduced or at least closely watched now.

Even if our corporations and government that is responsible for overseeing them is corrupt doesn’t mean we can ‘t still be heard.

I ‘m at a loss as to how the…

Equifax Canada has notified 600 Canadian citizens that their credit
files were illegally accessed. Most of those affected reside in British
Columbia. The breach was reportedly due to “improper use of the access
codes and passwords of one of Equifax ‘s customers.”
http://news.com.com/2102-1029_3-5750434.html?tag=st.util.print

Now… Lets re-read that last line.

The breach was reportedly due to “improper use of the access
codes and passwords of ONE (1) of Equifax ‘s customers.”

Now what the hell?! The explanation given accounts for ONE (1) credit card number being comprimised, whats the story on the other 599?!

Comcast hell

I spent literaly all day yesterday at my parents house setting up a Comcast cable modem and getting a router all good to go so they can use it in any room of the house.

The house was purchased from myself so it was fully wired for a cat5 network. They have 2 laptops and two desktops that I was configuring for it. NOTHING went right. Network adapter drivers didnt install, the cable modem account wasnt set up properly by comcast and so on and so forth. I will heading back over to finish it up today.

It should be cool as hell to see my mom, sister and grandma using the net and email regularly though.

“In a moment it will be time to execute rock concert movement number 2, the up and down jumping movement. Ready… go..”

Heh, anyway. With the huge stress of running my own business and looking for gainfull employ I have begun the disgusting habit of smokeing (again). It sickens me to see the prices of a pack of cigerettes (almost $5 per pack) with all the new sin taxes they have stacked onto it; so I began rolling own. The cost turns out to be about $1 per pack this way. It still doesnt justify me smokeing… but hay.. whatever.

Trustix

For a wile I have been planning on writing a “Trustix Vs. OpenBSD security” article for a few security portals.

I finaly got around to starting it this weekend by installing Trustix on a test box.

I must now say that I am calling off the article. Trustix may or may not be secure. I didnt get that far. It is honestly one of the most buggy Operating Systems I have had the displesure of working with in recent years.

It can be as secure as it wants. If its unusable it doesnt matter. 🙂

Seriosly though, It looks like a striped down redhat 7.3 down to the pre X redhat installer. They chucked in a couple different packages (The OpenBSD ftpdaemon, snort and a few others) hacked some of the daemons to tighten them up a bit and called it good.

Thanks but I ‘ll stick with OpenBSD when mission critical security is at stake.

Navigation