Another reason to block fonts at the proxy

Last week Apple released a bunch of patches up and down its product line. One of the vulnerabilities it fixed in OS X was a vulnerability in its font parser.

In the past you could mitigate vulnerabilities like this by only installing fonts from trusted sources, but since it’s now possible for web pages to transmit fonts along with other content, there’s a limitless number of untrusted fonts out there in the world.

Since it may take a while for all of the major operating systems to shake out all of the problems in their font subsystems, that’s the reason I’ve recommended filtering fonts at the proxy.

Read more

What you can learn about corporate networks from the Jeep hack

I’ve talked before about the infamous Jeep hack, but there’s more to learn from it than just that cars are vulnerable. The way Charlie Miller and Chris Valasek hacked the Jeep has implications for any computer network.

Read more

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Read more

The forgotten computer that changed the world

A rather hastily written and sloppily edited piece showed up on Slashdot yesterday morning that caught my attention, because it was about the Amiga 2000. The Amiga 2000 is a dear machine to me; in 1991, our family upgraded to one from a Commodore 128. I still have both machines, and there isn’t much that I know today that I didn’t first experience on one of those two machines.

This is an Amiga 2000 that looks fairly pristine. Inside there was lots of room for hard drives, memory, CPU upgrades, and video devices.
This is an Amiga 2000 that looks fairly pristine. Inside there was lots of room for hard drives, memory, CPU upgrades, and video devices.

Although I think the piece was little more than a used computer store’s effort to unload some hard-to-move inventory, I do agree with the premise. For a machine that had a tremendous impact on the world as we know it today, the A2000 is criminally unknown. Read more

Linus Torvalds is right about “reasonable resolution”

Linus Torvalds is sick of the gimmicks, and he’s really sick of laptops sporting cheap 720p displays. He wants high-resolution (2560×1600, or even 2048×1536) displays to become standard.

Having seen an Ipad with a 2048×1536 display in person recently, I agree. Read more

The circulating privacy threat warnings miss the boat

This week I’ve had multiple people send me warnings they saw on Facebook about a new privacy threat, which, after I read about it, really appears just to be something that aggregates information already available about you.

Perhaps not coincidentally, PC Magazine has a piece telling you what you need to do if you’re really concerned about privacy and really want to disappear. http://www.pcmag.com/article2/0,2817,2376023,00.asp
Read more

Playing around with LyX

In what little free time I’ve had the past few days (we have a project that has us in the midst of a death march at work), I’ve been messing around with LyX, a typesetting program for Windows, Unix, and most other operating sytems. I remember messing with it about six years ago, when there wasn’t much else resembling a word processor available for Linux, but this time, I’m more impressed with what I see.LyX is a front-end for a typesetting system called TeX. TeX was developed by the legendary computer scientist Don Knuth when he was dissatisfied with the appearance of his galley proofs for the second edition of The Art of Computer Programming. Knuth had an eye for fine typography, and because hand-set type was increasingly being replaced by machines, he looked for a way to make a computer play by the same set of rules that experienced typesetters have used for the past 500 years.

I had my first exposure to TeX when I was working on a business analysis project with Charlie Sebold. There was a department Charlie and I both did a lot of work for, and supporting these 8 users had ballooned into a full-time job in itself. We had an expensive contractor billing an average of 45 hours a week to the department alone over the course of a year, and when I replaced him, I wasn’t able to knock that down much below 40. We believed there was something wrong with a department of 8 users spending $200,000 a year in computer support. Come to think of it, that may have something to do with why I don’t work there anymore, but I digress. Charlie and I embarked on a project to figure out what we could do to cut those costs. I don’t remember anymore how the writing duties got split up, but Charlie typeset the report in TeX. I remember him being surprised to hear that I didn’t know much about TeX, especially since I had written a book for O’Reilly at that point, and if you look at the early O’Reilly books, they look like they were produced by TeX on the default settings.

Well, intentionally or unintentionally, using TeX for the report was a stroke of brilliance, because the most influential people in the department were design snobs, and TeX produces better-looking output than anything PageMaker could ever do. The text is beautifully justified, with no rivers through it, and the kerning is always set just right, and it will even use ligatures when appropriate. Basically, it does all of the hallmarks of elegant design that they taught me in journalism school–stuff that takes hours to do by hand–and it does it in minutes.

So when Charlie handed that report out at the first meeting, he got us a whole bunch of instant credibility.

What I like about LyX is that it removes the markup stage from TeX. You apply an appropriate document style–book, letter, article, report, or whatever–and you mark lines as whatever they happen to be–standard paragraphs, headings, chapter titles, document titles, author, or whatever–and it handles all of the layout and everything else for you. It’ll even generate the table of contents for you. And if you want an index, just flag words as you write or edit, and it can generate an index.

It also handles the most frustrating aspect of writing that I faced when I was writing my book back in 1999. A good book shouldn’t spent a lot of time repeating itself, so there’ll be times when you’ll refer the reader to a specific chapter, or even a specific page. The problem is, these things change. I not only re-ordered the chapters about halfway through the writing process, I actually took a couple of chapters, combined the like topics, and turned them into two completely differently titled chapters. Finding my cross-references and keeping them straight was such a pain that I really didn’t do it all that much. With LyX, cross-references are easy. You just label a section, and insert a cross-reference to the label, and it inserts the page number and the name of the section for you. You can put a cross-reference on every page and not slow down a bit.

Now that I’ve spent a few hours with it, I heartily recommend LyX. In college I found I got better grades when I turned in papers using fonts other than Times and Arial, and the output from LyX adds a whole new degree of elegance to it. Succeeding in college is as much about playing the game as it is anything else, and LyX gives you that slight edge.

And, as you might suspect, I’ve been playing with LyX for a reason. I’m writing again. Over the course of the past year, I’ve prepared a 133-page manuscript (that’s single-spaced Times with no pretty pictures or formatting, so it’s more than it sounds). I’m in the process of editing and typesetting it now. It’s highly specialized, so I’ll be self-publishing it, rather than using a publisher. I’ll be happy if it sells 1,000 copies and thrilled if it sells 10,000, and no publisher is willing to touch a book anymore if they think a book will only sell 10,000 copies. If it sells 1,000 copies, it will have been worth my while to write. Modern print-on-demand technology makes that a much safer risk than it was in 1999, when I wrote and published my first book.

And while there are times when the help of a traditional publisher definitely makes a better book, I think this is a case where I can create a better product working on my own.

I’ll keep you posted.