RSS

Bookmark and Share


MyTake


Firewall 1 - Chromecast 0 
Wednesday, August 14, 2013, 9:38 PM - Hardware, Software, Security
Posted by Administrator
I unboxed my new Chromecast device yesterday. Setup was fairly straightforward, I entered my Wifi information, only to continually get an error that it "could not connect to the internet." I thought I might have has a Wifi issue, not connecting for some reason, maybe out of range or a DHCP issue. I was finally able to track it down. It turns out that it didn't like my DNS firewall. On my network I have blocked use of all DNS servers besides mine to handle problems like DNS Changer. I saw this traffic:

19:19:10.284578 IP 10.0.3.247.59034 > google-public-dns-a.google.com.domain: 57629+ A? pool.ntp.org. (30)
19:19:10.300858 IP 10.0.3.247.55306 > google-public-dns-a.google.com.domain: 6977+ A? clients3.google.com. (37)
19:19:11.300764 IP 10.0.3.247.48751 > google-public-dns-b.google.com.domain: 6825+ A? clients3.google.com. (37)


Chromecast is hard coded to use Google's Public DNS service and does not use the DNS servers provided by DHCP. Problem solved, but I had to punch a hole in my firewall specifically for Google DNS which is a little annoying.

view entry ( 193 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 741 )
US Government Digitally Signs .gov TLD 
Thursday, January 22, 2009, 2:41 AM - Public Policy, Software, Security
Posted by Administrator
Using my own DNS Check tool I noticed that the .gov is now signed using DNSSEC. This means that the government has actually met its schedule on this one. But there are a few issues:

1. Who actually signs it? NIST? DHS? Some other agency? This is important for answering #2.

2. How do we validate this key? How do we know this isn't a hacker's key? The agency that maintains the key should distribute a hash of the public key so that we know its the real deal.

I'm hoping in the near future all of this information will come out, but until it does, .gov isn't really any better off than it was before.

UPDATE [2-18-2009]: Apparently GSA is responsible for .gov and DNSSEC. It is still considered in experimental stages and keys may change, therefore no final key information is available for validation yet.

UPDATE [3-1-2009]: GSA has posted the .gov public key on their website.
view entry ( 164 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 1590 )
Free Software - Why it is not going away 
Wednesday, July 16, 2003, 3:00 AM - Open Source, Software
I was first introduced to the world of Free Software (source code freely available to anyone) in the spring of 1999. No coincidence, this was the same time in which I discovered ZDTV (formerly TechTV, now G4TV), a part time channel on our cable television service. I quickly learned that we did not actually live a Microsoft Windows/DOS/Mac OS world. The internet actually ran mostly using a thing called UNIX from the 1960s. I had a difficult time fathoming running a PC, IBM compatible computer on anything but a Microsoft platform. My high school had only Windows 95/NT computers, even for the internet connection. They also explained that there was another operating system gaining ground, something called Linux that was available for free! Anyone could get it and give it away to friends, without breaking any copyright law. It could also be changed, customized, and modified in any way that you wanted, because you also get the source code for it. After learning ALL of the ins and outs of Windows 95/98, it sounded like the perfect thing for me.

Today, GNU/Linux (the politically correct term, promoted by the Free Software Foundation) is becoming a serious competitor in both the desktop and server markets. What began as a group of people that wanted a system completely composed of free software evolved into an industry consisting of thousands of applications and millions of programmers. Because of this vast effort, Free Software is now a serious competitor with commercial products. IBM now offers its WebSphere software for GNU/Linux. SuSe (a European GNU/Linux distributer) recently beat out Microsoft for a contract with the city of Munich, Germany. AOL donated 2 million (USD) to found the Mozilla Foundation. And this is all only in the past week.

The future of Free Software is now very clear to me.

The traditional benefits of no cost, security, and fixing bugs on your own apply, but these alone will not bring success. These have already been around for years and are nothing new. Modern benefits are very different, and very compelling.

1. Cross Platform (particularly MS Windows) - Applications such as Mozilla and OpenOffice show users exactly what Free Software is capable of. This also makes the transition between operating systems less painful.

2. Fast Pace - With so many developers, Free Software can advance at an incredible pace. Everyone has the potential to be a developer. There is no waiting for a patch from the software vendor, which might never be released.

3. Market Saturation - Virtually every commercial application has a Free Software equivalent (or one in progress). This is ironically a similar strategy that Microsoft has used to gain such a prodominant market share.

Ultimately, when Free Software becomes the prodominant share of the market, there will be no more signifcant bugs and no licenses to worry about. This will drastically reduce the costs for corporations as well as be cheaper for individual users.

* UNIX is a trademark of someone. It changes too much for me to keep track. At the time of writing it is probably SCO.
* Microsoft Windows is a trademark of who else? Yup, Microsoft Corporation.
view entry ( 119 views )   |  permalink   |  $star_image$star_image$star_image$star_image$star_image ( 2.9 / 189 )
Napster 
Saturday, February 17, 2001, 3:00 AM - Computing Technology, Software, Law


I believe that the copyright holder should have control of their music. That is the definition of a copyright. However, I still think that Napster deserves to live. Whether the users of this service decide to share copyrighted material is up to them. Many unsigned bands that do not have copyrighted music and even ones that do have copyrights like the idea of music-sharing programs like Napster. Don't groups like these also have a right to have programs like Napster available as a form freedom of speech? Napster is merely a tool that can be used within the law. Are gun makers held responsible when a homicide is committed with their product? Do crowbar makers have to pay for damages and theft caused by people misusing their device? Of course not.

All of these actions are the sole result of how the customer decides to use it, not the product itself. In my opinion the RIAA is targeting the wrong party. Instead of putting Napster in the crosshairs, they should be charging the individual users that choose to illegally share their music. These are the people that are infringing on copyrights. The RIAA has two reasons for not doing just that. First of all, it seems like an impossible task to prosecute every one of the thousands of users that share copyrighted music on Napster and similar programs, which is tough luck for them. The second is that the RIAA does not want to directly upset the very group that generates their profit, the music lovers. I realize that the RIAA is just trying to protect its copyrights the most effective way it can, even if they must prosecute the wrong party to do it.

See it as it appeared in the March 1, 2001 edition of The Exponent.
view entry ( 117 views )   |  permalink   |  related link   |  $star_image$star_image$star_image$star_image$star_image ( 3 / 341 )

| 1 |