David L. Farquhar on technology old and new, computer security, and more
My employer is experimenting with a few desktop PCs with SSDs. And they are amazing. These machines have an Intel Core i5 CPU, 8 GB of RAM, and a 120 GB SSD. They log on and off in seconds. Word and Excel 2010, which are absolute slugs on HDDs, load in one second. The time is right for SSDs in business.
This is what modern computing is supposed to be.
As my regulars will be aware, for the past few weeks I’ve been getting lots of phone calls from “Peggy” from “Computer Maintenance Department.” What I’ve found during these phone calls is that debating with them does no good, and saying that your computer is crazy fast gets them to hang up on you, but they’ll call back again in a few days anyway.
Last week, I had lunch with a group of future coworkers–I’ll be joining them once my background check results come in–and I mentioned these phone calls. The guy sitting across the table from me said he wants their malware, so he can reverse-engineer it. So I said I would cooperate the next time I got a phone call. Read more
Application whitelisting is an effective security tool, but a pain to implement and administer. Here’s a very simple tool for it, that works on home versions of Windows as well as pro versions. It’s very simple and possible to defeat, but, arguably, it’s about 90% effective, putting it on par with antivirus and giving you coverage that antivirus will miss. It makes a good companion for antivirus and EMET.
Even grade D+ whitelisting is much better than no whitelisting.
I found this piece advocating teaching kids to be hackers. That’s hackers in a probing, discovering sense, rather than the trouble-causing, nefarious sense.
I found myself agreeing and disagreeing with this article at the same time. Not every hacker is a bad guy. And hacking is a mindset. But not everyone has the right mindset. Read more
I’ve been troubleshooting a program that’s written in a combination of Java and .NET (yes, now I’ve seen everything), and the program misbehaved. It misbehaved a lot, and the vendor was confused too. About four hours in, one of us had the idea to uninstall the .NET Framework 4.0 and install the newest .NET Framework 4.5.1. The 4.5.1 framework is designed to be backwards compatible with multiple predecessors.
It turned out to be the miracle cure that had eluded us.
The bank vice president apologized for calling the police on me.
That’s neither the beginning nor the end of the story, but it seems to me that police involvement of any kind is a sign that your real estate deal isn’t going as well as it could.
It all began with a Citibank loan officer named Aaron who promised me a smooth closing. In my view, being questioned by a uniformed police officer has no place in a smooth closing. And that wasn’t even the worst part of it, which troubles me. Read more
In my younger days, I administered WSUS on a small (300 servers or so) network. Every once in a while, I ran into an issue where a server just didn’t want to talk to WSUS. These days, some companies prefer to push patches with SCCM but it uses the same mechanism to push patches.
Apparently my old problem still happens from time to time. So I did some research to come up with a solution. This mechanism is still largely a black box, but it’s a lot better documented now than it was in my day. Here’s what I came up with for troubleshooting WSUS or SCCM. Read more
I was listening to an interview between Paul Asadorian (of Pauldotcom fame) and Cigital CTO and software security expert Gary McGraw. They discussed how the target of attacks moved from Microsoft to Adobe and now that Adobe is showing signs of getting its act together, it’s going somewhere else.
“If I were Nvidia,” McGraw said, “I’d be thinking a lot about software security. Fortunately they are.”
Nvidia does sound like a juicy target. Read more
I have a Gateway FPD1975W LCD monitor with an unusual 1440×900 resolution. Intel video cards have no issues with this resolution, but Nvidia cards don’t support it by default when running under Windows.
Hack the drivers a bit and you can get this monitor to work just fine with an Nvidia adapter, though. Believe it or not, the only hacking tool you need to accomplish the deed is notepad.exe. Read more
I’ve been getting to work later than usual lately. So much later that the self-proclaimed late guy, who seems to think I normally get to work at 4am, beat me to work two days in a row.
“I’m building computers again,” I told him as we both got coffee. He nodded knowingly.
“Building for yourself? As a side business?” he asked.
“My wife asked for a computer, and that means I can’t just buy her a computer. That means tearing apart every computer in the house, mixing parts up to get the best combination of stuff running everywhere, and then she’ll have a nice computer.”
He nodded knowingly. Read more