VPN

Dangers of public wifi — and how to stay safe

Dave Farquhar security , , ,

When it comes to the dangers of public wifi, many people tend to take one of two extreme approaches. Some don’t give it a thought at all. Some refuse to use it at all. Neither approach is completely practical. So what are the dangers of public wifi, and how can you avoid them?

Here are the dangers and the precautions to take against them.

Read more

A weak VPN isn’t necessarily better than no VPN

Dave Farquhar security , ,

A Slashdot story last week discussed how 90% of all SSL VPNs use weak, obsolete encryption. And one comment said, “So? A weak VPN is better than no VPN.”

Not necessarily.

Read more

Predicting the future, circa 2003

Dave Farquhar security, Windows , , , , , , ,

In the heat of the moment, I searched my blog this weekend for quotes that could potentially be taken out of context and found something rather prophetic that I wrote in the heat of the moment 11 1/2 years ago:

Keeping up on Microsoft security patches is becoming a full-time job. I don’t know if we can afford a full-time employee who does nothing but read Microsoft security bulletins and regression-test patches to make sure they can be safely deployed. I also don’t know who would want that job.

Who ended up with that job? Me, about a year after I left that gig. It actually turned out I was pretty good at it, once I landed in a shop that realized it needed someone to do that job, and utilized that position as part of an overall IT governance model.

Read more

Windows Vista’s market share is growing. After seeing 8.1, I know why

Dave Farquhar Software, Windows , , , , , , , , , , ,

I installed Windows Vista last week. I need a legal copy of a supported version of Windows to use to VPN in to work and run the corporate Citrix client. Vista fit the bill. It’s better than 8.1, and it’s supported until April 2017. I always hated Vista, but 8 and 8.1 made me realize it could have been a lot worse, and on recent hardware Vista does OK. It still prompts you for admin rights too much and too slowly and makes you work too hard to click yes, but at least you can find stuff. Read more

Verizon sabotages Netflix

Dave Farquhar Uncategorized , , ,

I’m fed up with ISP duopolies. Why? Because Netflix paid Verizon the ransom it demanded, and yet Verizon hasn’t lived up to its side of the deal. To the contrary, evidence suggests Verizon is actively slowing down Netflix, because when Colin Nederkoorn encrypts his Netflix connection so Verizon can’t see what it is, it speeds up.

News flash: Encrypting data via VPN adds overhead, so it ought to slow the traffic down.

I’m starting to doubt whether net neutrality is enough to solve the problem. A better solution is to break these companies up, let them serve whoever they want, and let municipalities compete with them if they want.

Not that that is ever going to happen.

A quick security improvement: Change your IP range

Dave Farquhar security, Servers and Networking ,

As you may know, lots of D-Link routers have serious vulnerabilities. Some are patched, some aren’t, and many are being exploited by Javascript on web pages. (See, routers don’t make you invincible.)

The right thing to do is patch. But most exploits will assume that your router lives in the 192.168.0.x or 192.168.1.x space, whatever the factory default is. So you can get a degree of protection even against future vulnerabilities by moving your IP space somewhere else. Read more

In defense of telework

Dave Farquhar security , , , , ,

I work from home one day a week. Most of my coworkers do as well.

So I was interested when I read about Yahoo! doing! away! with! telecommuting! (with apologies to The Register. I couldn’t resist.)
Read more

Sure, it’s OK to leave a tech job at 5 pm, especially if you’re in management

Dave Farquhar Careers ,

Apparently, not everyone thinks it’s OK that Facebook COO Sheryl Sandberg leaves her job at 5:30. To me, this is very strange. Read more

Two commands to fix Internet connectivity

Dave Farquhar Windows , , , , , ,

I can think of two times someone has asked me to fix their computer when it has suddenly lost the ability to connect to the Internet. Assuming there’s nothing wrong with the modem or the network card, the problem usually comes down to something messing with either the TCP/IP stack or the Winsock. Security software frequently does this, as does malware. A few years ago, I briefly worked for an ISP that provided a security suite based on F-Secure, and that program was notorious for breaking the Winsock.

Here’s the simple fix.
Read more

Webserver Wednesday

Dave Farquhar Apache, security , , , , ,

Yesterday must have been Webserver Wednesdsay, because two things happened. A new version of Apache was released, and a new tool for testing the vulnerability of webservers to denial of service (DoS) was released.

Read more