Author: Dave Farquhar

How I once took down a network, including a radio station

Dave Farquhar Hardware, Retro Computing, War Stories , , , , , ,

I met up Monday night with some other security professionals for some emergency networking of the professional kind. One of the attendees, a penetration tester, had a little incident where he took down a production system when he conducted his penetration test. The system owners were a bit arrogant, and, well, they paid for it.

I’ve taken down a network too, but in my case it wasn’t something security-related. No, in my case, I was a 20-year-old desktop support technician working in a college computer lab, making an honest mistake.

Read more

Scratchbuilding, Marx-style

Dave Farquhar Toy trains , , , , , , , ,

I saw a modern-production Lionel box car in a hobby shop one weekend. I wanted it, but I really wanted it in Marx 3/16 style, so it would look right with my Marx #54 KCS diesels pulling it. But I face very long odds of ever getting that car in Marx 3/16 unless I build it myself.

So I started building. And you can too.

Read more

What I learned about air travel by globetrotting back and forth to Baltimore and D.C.

Dave Farquhar Uncategorized , ,

In 2011-2012, I flew to Baltimore or Washington D.C. a lot–probably eight times, if not more. Internet pal Rob O’Hara wrote about his recent flight to Seattle this weekend; predictably, they lost his bags.

Here’s what I learned by getting to know the Baltimore area by plane.

Read more

Shakespearean surprises

Dave Farquhar Uncategorized

This oft-cited story about Shakespeare’s wealth and how he got it in the Telegraph led me–as the Internet often does–to something else: Shakespeare as therapy.

Read more

My earliest memory of using a computer

Dave Farquhar Retro Computing , , , , ,
My earliest memory of using a computer

Gizmodo asked this weekend about earliest computer memories, and illustrated it with a computer that sported a 3.5″ floppy drive. Young whippersnappers.

My first memory was in 1981 or 1982. Dad went to see one of his coworkers in his home, and brought me along. He had a son a few years older than me, probably about 12 years old, and there in the living room was something I’d never seen before, connected to a television and sitting on a desk. “What’s that?” I asked.

“This is a computer,” he said. Then he inserted a Choplifter cartridge and taught me how to play. Read more

A quick fix for the Insignia NS20EM50A13 monitor’s biggest annoyance

Dave Farquhar Hardware ,

I’ve written about the Insignia NS20EM50A13 monitor before. It’s a reasonably good low-end monitor with the annoying tendency to change the video input back to VGA any time your system goes to sleep or changes from text to graphics mode. I accidentally discovered this week–after using the monitor for months–that if you push the OK button on the front of the monitor, it brings up the input menu, allowing you to quickly flip it back to DVI without fumbling through the menus.

I still wish the monitor would let me set the default to DVI and make it stay that way, but this is an acceptable workaround for the price, at least for me.

We need to fix CISPA, not kill it

Dave Farquhar security , , ,

Here’s a good plan for fixing CISPA. And CISPA needs to be *fixed*, not stopped. We have three alternatives right now:

Secure the Internet
Voluntarily pare back the Internet
Wait for the Internet to fall apart and/or become too dangerous to use anymore

Given the unpleasant side effects of options 2 and 3, option 1 is all that’s left. Otherwise, the Internet will become a weapon of mass destruction. Keeping a hacktivist group or rogue nation from shutting down all gas and electric power in New York City on the coldest day in January is CISPA’s goal. Read more

The ethics of writing nefarious security instructions

Dave Farquhar security , , , , , , ,

This week I posted a link to a video showing how to crack a WPS-enabled wifi network, and this week, Ars Technica wrote a firsthand account of cracking a password list. I’m sure this raises questions of ethics in some people’s minds. To be honest, spreading this kind of information makes me a little uncomfortable too, but I also think it’s necessary.

Read more

The Internet is at war. Please read this if you run a DNS server.

Dave Farquhar security

A Dutch ISP that acts as a spam haven is DDOSing Spamhaus, and they’re using DNS to do it. The attack is using spoofed DNS queries to create, basically, a smurf-like attack. And the sheer volume of traffic is likely to affect the Internet as a whole.

That might explain why my recruiters were complaining that it was taking forever to look up job postings today. (Yes, I can publicly admit that I’m talking to recruiters. That’s another story.)

But basically, if you run a DNS server, you need to check your configuration to keep lowlives from using your DNS as a weapon. Here is a useful page for those of you running BIND, the one of the most popular DNS servers.

This was the most common type of attack in 2012; it looks like some people are trying to up the ante in 2013. We can make it stop, but every sysadmin running a DNS server is going to have to pitch in to help.

Is this a good computer for the money in 2013?

Dave Farquhar Hardware , , ,

My realtor sent me some computer specs this past week and asked for my opinion on it, since I get paid to keep up with this stuff these days and he doesn’t.

I thought my critique of the system might help other people.

Read more