Author: Dave Farquhar

Cutting through the fluff around the Target PIN breach

Dave Farquhar security , , , , , , ,

OK, so Target is back in the news, and it’s nowhere nearly as bad this time but there’s some posturing and some fluff in the news, so I’ll take it upon myself to demystify some of it. Some of it’s PR fluff, and some of it’s highly technical, so I’ll cut through it.

I’m just glad–I guess–to be talking about this stuff outside of a job interview. Like I said, this time the news isn’t nearly as bad as it could be. Read more

Those marketers targetted the wrong guy

Dave Farquhar Uncategorized ,

So, I’ve been seeing one particular ad incessantly lately. It’s a fairly generic-looking ad, with the words “Jesus Christ is Lord” in bold letters across the top. Scroll down a little further, and there’s a very heavily tanned woman, under a thick layer of makeup wearing a skimpy halter top. She’s probably in her early 20s. It’s an ad for a certain Christian-themed dating web site I won’t mention by name.

It seems to be targeted advertising. Fine, my religion is no great secret. Most public databases that I’ve queried about myself identify me as a Protestant, and some even peg me as Lutheran too. But there’s this one other little detail that’s even easier to find out than what religion I practice.

I happen to be married. Read more

Losing the luster of Christmas–and something of a cure

Dave Farquhar Careers , , , ,

The Kansas City Star published a forlorn editorial this week about the struggles of many people this Christmas.

I can relate. I’m much better off than many people, but this is the third Christmas in a row where my job has a hard end date attached to it. And this year, for the first time in my career, I made less money than I did the year before. For me, Christmas has been the worst day of the year for a very long time, because I know I can’t live up to everyone’s expectations of me.

But I’m better off than a lot of people. Right now I have a job. Some of my former coworkers took bigger pay cuts than I did this year, or they’re still looking. And, as bad as this year has been, I think everyone needs to go without work for a month or so sometime in their life. I think I have something that can help, but I’m gonna make you read something first. Or at least scroll a lot. Read more

What I’m doing to protect myself after the Target data breach

Dave Farquhar Saving money, security , , , , , , ,

As you’ve probably heard, Target had a bad month. Between the days of 27 November and 15 December, about 40 million credit card numbers were stolen, making it one of the biggest breaches of its kind in history. As far as we know, the card number and security code were stolen, but debit-card PINs and addresses were not.

Target says they have contained the breach and are cooperating with credit card companies and authorities. Cringely has some analysis, but it has more for people like me to think about how we do things at work than it does for consumers.

And, well, as luck would have it, I shopped a lot at Target between the days in question. And I used both my credit and debit card during that time. Here’s what I’m doing, some of which may be counter-intuitive.

Read more

The New York Times’ dialect map can’t figure me out

Dave Farquhar St. Louis , , , ,

My first semester of college, one of the copy editors for the student newspaper either minored in linguistics or just enjoyed the subject. He could peg where all of us were from–except me.

The New York Timesinteractive dialect map struggled with me too. I’ve taken the test five times, and it managed to give me a map just once. Read more

What on Earth is a Mainframe?: A review

Dave Farquhar Uncategorized , , ,

I’ve been reading David Stephens’ self-published What on Earth is a Mainframe, (also available on Amazon) which is as close to z/OS For Dummies as we’ll ever see.

I deal with mainframes at work from time to time. I interacted with an old IBM mainframe of some sort when I was in college, using it to get on the Internet, do e-mail for classes, and write programs in Pascal. That mainframe has been gone almost 20 years now, but it’s more mainframe experience than most of the people in my department have.

That’s the thing. Mainframes have been on their way out for 20 years–which was why Mizzou retired Mizzou1–but they aren’t any closer to the door now than they were when I was in college. I wouldn’t call it a growth industry, but there are some tasks that haven’t managed to migrate down to smaller iron yet, and if they haven’t by now, maybe they never will. But the universities aren’t producing new mainframe administrators–ahem, IBM calls them system programmers–so while it’s not a growth area from a numbers perspective, it’s a marketable skill that isn’t going away.

That’s where this book helps.

Read more

The NSA’s disaster aversion by keeping BIOSes safe for the free world

Dave Farquhar security , , , , , , , ,

This weekend, CBS ran a story about how the NSA foiled a sinister plot to brick millions of PCs and cause a financial meltdown. At least they didn’t say MELTDOWN.

My opinion is that this is a puff piece. A source managed to scare a journalist with a threat that sounded credible enough, and make something routine sound big and threatening.

Read more

A quick security improvement: Change your IP range

Dave Farquhar security, Servers and Networking ,

As you may know, lots of D-Link routers have serious vulnerabilities. Some are patched, some aren’t, and many are being exploited by Javascript on web pages. (See, routers don’t make you invincible.)

The right thing to do is patch. But most exploits will assume that your router lives in the 192.168.0.x or 192.168.1.x space, whatever the factory default is. So you can get a degree of protection even against future vulnerabilities by moving your IP space somewhere else. Read more

The ghost in the network

Dave Farquhar War Stories , , ,

My logging system died rather abruptly one week. It started with the Active Directory account some of our servers use locking. I got the account unlocked–someone else has those rights–and the system came back to life for a while, but then we had to repeat, and each time we repeated, “a while” grew shorter and shorter, bottoming out at about 2 minutes, 40 seconds.

The way you troubleshoot problems like this is by looking at logs. The problem is, you can’t collect very many logs in 2 minutes and 40 seconds.

Read more

A $99 tablet that doesn’t stank

Dave Farquhar Android , ,

‘Tis the season for cheapie tablets. They’re everywhere, and they cost $89, $79, even $59. About the only place I haven’t seen one is at a convenience store. But you don’t want them. They’re always underpowered and cheaply built, so they’ll be frustratingly slow to use and the hardware is likely to start failing after a year or so.

But this weekend I saw a budget tablet that hits all of the minimums, for $99, at an unlikely place: Aldi. Yes, the discount grocery store. It’s called the Medion Lifetab. Read more