Monster PC build-time ;D

Okay, so my cousin's boyfriend bought some killer-components in the United States. He then asked me if I was interested in helping him order the remaining components to build a performance-powerhouse extraordinaire :p of course my inner g33k couldn't refuse.

He had purchased the following components so far:

• Intel i7 2600K cpu
• 4 x 4GB Corsair Vengeance DDR3 DIMMs
• MSi P67A BD80 G3 Military Grade II Mainboard

I'm going to post further development of this monstrosity :p and I'm definitely going to record the first boot-up when the time comes, and post that here as well :) you can follow this post-thread with the label "monster-dualboot"

Edit 20110725: I have corrected the component-names after euph84 asked me to, I also fixed the correct manufacturer product-sheet links to correspond to the right product IDs.

Computer illiterates are dangerous!

Seriously? FFS!!!

http://www.eff.org/deeplinks/2009/04/boston-college-prompt-commands-are-suspicious

On Friday, EFF and the law firm of Fish and Richardson filed an emergency motion to quash and for the return of seized property on behalf of a Boston College computer science student whose computers, cell phone, and other property were seized as part of an investigation into who sent an e-mail to a school mailing list identifying another student as gay. The problem? Not only is there no indication that any crime was committed, the investigating officer argued that the computer expertise of the student itself supported a finding of probable cause to seize the student's property.

The whole problem started because the computer science student was using a command-line interface, of which the arresting officer did not understand. Quotes from the arresting officer's report say:

"Mr.Carlixte uses two different operating systems to hide his illegal activities. One is the regular B.C. operating system and the other is a black screen with white font which he uses prompts on"

I mean.., c'mon! Seriously!? Are all computer hobbyists to be considered "crackers" until proven otherwise? FFS!!!

OS X utsatt for botnet-orm

http://www.itavisen.no/811025/forste-botnet-for-os-x

Nå er det i hvert fall ikke trygt å bruke Mac lenger...

Mac / Apple har siden 70-tallet vært trendsetter på data-markedet, så det var ikke et spørsmål om "hvordan" eller "hvis", men "når". Visste det bare var et tidsspørsmål. Og det har jeg sagt lenge, så lenge det finnes en merkbar markedsandel med folk som bruker visse typer systemer, vil disse da bli mål for cyber-kriminelle (crackere).

Botnets har lenge vært et problem med Windows-maskiner. Mac-folket har lenge ment at noe tilsvarende ikke kan skje med deres maskiner. Dels fordi de er en minoritet få virusmakere gidder å bry seg med, og dels på grunn av at Apples operativsystem OS X er bygget på Unix - en plattform som av mange regnes som sikrere enn Microsofts.

En nedlastbar fiks fra Apple, kalt "iWorksServices Trojan Removal Tool", kan hentes ned herfra.

For å videre beskytte Mac- / Apple-maskiner fra slike trusler, bør en installere anti-virus og evt. anti-spionvare programmer (og her gjelder KISS-prinsippet, mer enn ETT anti-virus eller anti-spionvare program på samme maskin byr på mer problemer enn nytte).

Nysatsingen på åpen kildekode

Da ser det ut som det blir Bergensområdet som først får benyttet alle de vidunderlige åpne kildekode-prosjektene som finnes rundt om i verden, i et offentlig samarbeid "for åpne standarder i offentlig sektor" (som ble nevnt tidligere i en-eller-annen artikkel/offentlig dokumentasjon).

Nytt kraftsenter på åpen kildekode - digi.no : Bedriftsteknologi

Bergen kommune, it-ekspertene Avenir, Høgskolen i Bergen (HiB), Universitetet i Bergen (UiB) og lokale it-miljøer går sammen for å gjøre Bergen til et kraftsenter for utnyttelse av åpen kildekode i utviklingen av fremtidens it-løsninger.

Initiativet understøtter både Regjeringens satsing på økt bruk av fri programvare og ønsket om styrket samhandling mellom offentlig og privat sektor.

Gartner spår at innen 2012 vil 80 prosent av alle it-løsninger inneholde elementer av åpen kildekode. De fastslår at virksomheter som velger å ignorere denne utviklingen, automatisk vil stille seg to skritt bak konkurrerende virksomheter.

Bergen Kommune, Avenir, HiB, UiB, og store lokale it-miljøer som DnB Nor, NextGenTel og EDB Business Partner ønsker å ligge i forkant i utnyttelsen av åpen kildekode.

"GhostNet" linked to the "Waledac" botnet

Conficker.C-infected computers have shown activity recently, according to security analysts and software/network engineers, so it seems the threat is not over...yet.

It's main activities (identified activities, that is), are:

• downloading (malware from other botnets, mainly the spammer-botnet "Waledac", better known as the re-animated Storm DeadNet "Valentines e-mail spammer botnet")
• linking (assumably to other malicious botnets)
  
• communicating (assumably with it's creators).

It is also reported to flash rogue anti-viral software ads directed at users of these infected machines.

Darknet.co.uk had this article to explain (excerpt from article below):

“Fear is used, universally, as a means to control people,” said Sendio CTO Tal Golan. “Governments use it. Large businesses use it. So it should come as no surprise to anyone that ‘cyber-bad guys’ use it.”

At the moment, the rogue anti-virus software comes from sites located in the Ukraine (131-3.elaninet.com.78.26.179.107) although the worm is downloading it from other sites, according to Kaspersky Lab.

Hmm. No, not surprising at all if you ask me.

IBM kjøper teknologien som berget Apple

IBM kjøper teknologien som berget Apple - digi.no : Bedriftsteknologi

Det var Transitive-teknologi – kalt «QuickTransit» – som berget Apple da all Mac-programvare skulle overføres fra PowerPC-prosessoren til Intel-prosessorer.

Hmm, voldsomt så IBM kjøper opp for tiden? Vel, at IBM henvender seg til Apple av alle firmaer er jo noe ekstraordinært i seg selv (eller?).

Uansett, at IBM nå tar til seg kryssplattform-verktøy for å konvertere Linux/x86 kode, til Linux/PowerPC betyr i alle fall at de nå har muligheten til å oppskalere brukte plattformer/arkitekturer (bruke større dataanlegg, flere hard-prosesserende maskiner og/eller forskjellige/større systemer/anlegg, alt etter applikasjonshensiktene/brukerlasten i gjeldende firma) siden de nå kan kjøre samme kode overalt.

The "Conficker.C"-hype

I've read like tenfolds of articles both international and national about the suspected D-day, April 1st 2009. It is rumored that over 10 million computers will release a tidal-wave of DDoS-attacks on a global scale...

However, if you secured your home-setup earlier/today (like I have), you SHOULD be safe, for the time being...

Time will show.

But... to give you an idea about HOW malicious this worm is, Microsoft has promised a $250.000 reward for anyone able to provide information about it's creator(s). So, it's a serious issue.
Or...is it? ;P (April 1st 2009?? C'mon...)

---

For mine norske lesere, her er en ganske detaljert artikkel om "problemet": http://www.dagbladet.no/2009/03/31/kultur/tekno/internett/virus/5549841/

For å utfylle litt mer ut ifra det engelske innlegget ovenfor:
Er du sikret mot Botnets, som f.eks. ved å bruke OpenDNS istedenfor en lokal navnetjener (router, gateway, e.l. som cacher navnespørringer lokalt, utgjør en sikkerhetsrisiko på IP addressering mot Internett), så er du rimelig sikret i tilfelle noe av dette finner sted. Lite trolig, siden det dreier seg om 1. april...

Like I said...

Like in my previous post, a lot of IT professionals are also realizing the global network threat that is upon us.

Crackers (like everybody else) are now able to hookup to a decent Internet-connection with "broadband"-sufficient bandwidth, which also means; crackers are now globally able to take down multi-national corporation networks without too much hassle (provided they're not secured too much, not that it can't be bypassed, it just takes a lot longer to do it).

While researching how to protect my domain and network @ home, I discovered this article @ computerworld.com, entitled "100% Cure for Conficker": http://blogs.computerworld.com/100_cure_for_conficker

Steven J. Vaughan-Nichols (Cyber Critic) advises people to jump over from traditional DNS systems, to OpenDNS. After switching my static DNS adresses in my router(s), I found some interesting features in OpenDNS, like the ability to stop phishing-attack attempts, or advanced adress-filtering. They've gone through the works and secured the OpenDNS system to be as secure as can be, without crippling day-to-day performance.

For example, you have to be a registered OpenDNS user with a/multiple registered and confirmed IP-adress(es) to use name resolving through OpenDNS.

E-warfare

The time has come...

Fellow IT crowd: electronic espionage and malicious takeovers are upon us.

The following article-link takes up the subject about cyber espionage on a global scale: http://www.scribd.com/doc/13731776/Tracking-GhostNet-Investigating-a-Cyber-Espionage-Network

A 10-month investigation uncovered what seems to be a Chinese cyber-spy network crossing the globe. Further investigation through fieldwork, technical scouting and laboratory testing uncovered that the "GhostNet" can consist of as many as 1.295 individual computers residing in 103 countries. At least 30% of these can be considered high-value political, diplomatic, economic and military targets.

Some malicious crackers are surely having fun harvesting quite the bot-farm I must say...

And if the technical advisors are right, the Chinese can do ALOT more damage than just steal sensitive information.

We are now living the nightmare a lot of sci-fi literature predicted years ago...

Ph34r!

I'm not saying this affects everyday people at the moment.., but it's a wake-up call to remind us that we're not totally 100% secure online, what-so-ever...

Asus 900 PC w/10hrs battery ;P

Hehe, my Asus Eee 900 PC with the 7,4V 10,4Ah battery case

(mildly oversized if you ask me, as shown in the 2nd picture below ↵)





A personal note about modifying this machine:

I cannot believe how easy it was to replace the RAM-module in this netbook! In contrast to the Acer Aspire One (AAO), this netbook was kids-play to open, remove the original RAM-module, and successfully replace with an upgrade.

Two screws opens an access hatch on the underside, which in turn gives access to both the single RAM-module and the miniPCI-express wireless card contained within ;) Both of which are not particularly wear resistant. So it was a blessing to be able to do this task in right under 5mins without having to dismantle the whole machine (as with the Acer Aspire One) to further risk electrostatic damage and so fourth...

I didn't really like Asus all that much before...but now, I LOVE Asus ;]

Among other nice features, it took my Huawei 220 3G USB modem out-of-the-box! No driver compilation, no additional kernel module...nothing. Just 'Plug-And-Play' ;P sweet!

Flash memory

After getting my new Asus Eee 900 PC, I was curious to research flash memory, to see the current state of events surrounding this technology.

Among a few of my notations, I learned that non-volatile memory, is memory that can retain it's information even when power is cut. [ Thus SSDs (Solid State Drives) are non-volatile, because they are supposed to replace the now obsolete magnetic-disk storage format. ]

Another interesting fact about solid state memory, memory chips and programmable memory chips, is the little known fact about how they originated.., or, why they were developed in the first place.

What I found didn't really shock me at all. Like with everything else technology-related, the U.S. Air Force had it's cold, damp hands in the mix.

PROMs (Programmable Read Only Memory chips) were developed at American Bosch Arma Corporation in Garden City, New York as a request from the United States Air Force to serve as a flexible and more reliable way of storing targeting constants (ballistic targeting vectors / calculations) in ICBMs (or, InterContinental Ballistic Missiles).

PROMs are defined as "non-volatile permanent storage devices", as they are programmed after creation, by shorting fuses in the chip to state binary digit programming [1(on) or 0(off)]. Or, to be blunt: PROMs usually contain machine-level instruction-sets to execute pre-defined tasks.

But as with a lot of technology, permanent storage is not a preferred every day method for the average Joe. So, later years were dedicated to develop dynamic flash memory.

In modern flash memory, the chips should be/are able to re-write/delete data up to several times without any significant drops in performance.

Slackware-Current

Allright.
First off, this is my server/multimedia-top/desktop machine. I've been running Slackware Linux on it since revision bump 10.0. Lately I was running a heavily modified v12.1, with a custom HIDS and firewall automation solution. But with all my modifications/addons to the GUI, it was slowing down... massively. I was also experiencing kernel oops concerning OpenGL on quite a few applications as well.

Then again, the machine sports the following specs:
AMD Athlon 1.8GHz, 1.1GB RAM, nVidia GeForce 6600 GT 128MB AGP8x

To put it bluntly; I was getting tired, So I decided to upgrade it all to the ever-feared slackware-current branch. Which, in my opinion wasn't that hard a task at all. I just rsynced the current-directory on a close mirror, read the 'UPGRADE.TXT', and went along with the upgrade procedure.

I am now sitting and writing this post on my newly fresh installed Slackware-Current environment ( codenamed '12.2 RC1', it even has the '12.2' insignia in some configuration files in the /etc directory already ). Anyway, the screenshot is of my low-contrast themed KDE-4.1 desktop running Plasma desktop effects, and the background is called 'vanilla standard slackware-logo', an svg-file I made a while ago.

Application checker

AppCheck is a testing-application for programs made for linux to check for cross-system portability. AppCheck tests the ELFs, scripts, libraries and more. As a testing framework, it doesn't seem to differentiate itself much from the forerunner of all checking programs: lint. The first program to flag suspicious and non-portable contructs, first appeared in System V Unix version 7 (outside of Bell Labs) in 1979.

But it's what AppCheck does after these checks that makes it stand out. It checks all the components of the program against the Linux Standard Base, AND different distributions listed in the LSB Database. It then displays all of this information on a webpage to make the report more intuitive and structured, and even gives you the opportunity to submit the program directly from the test-program for LSB certification!

After reading about this wonderful piece of software, I was inspired to do more C/C++ programming in my spare time, since AppCheck will spare me a lot of time when it comes to testing.

AppCheck is in no way a perfect checker, it's still in beta, and it cannot check libraries, binaries, and other components that aren't listed in the LSB. But it is a significant step forward for portability development.

** Note however that AppCheck is in no way a debugger **

http://www.linux.com/feature/144170

Moss on Firewalls

Spill

Ralph Baer >
Som med mye annet data-relatert, ble idéen om dataspill virkeliggjort gjennom leking med teknologi. Og under 2. verdenskrig, jobbet Baer som avhørsleder og ble senere tilsatt som teknologisk ansvarlig for datasystemene som utførte missilberegning for militæret. Når man innehar en slik alvorlig stilling, var det viktig å kunne rette fokus vekk fra ansvaret for å slappe av og lette tankene. Dette gjorde Baer ved å "leke" med teknologien han jobbet med. Trikse og mikse, finne andre bruksmuligheter. Og idéen om å kunne bruke TV som et såkalt "varmt" medium ble født. TV, som tidligere bare hadde vært et "kaldt" medium hvor negative nyheter ble servert uten mulighet for å kontrollere hva som ble servert, ble plutselig et kontrollerbart underholdningsmedium med innførelsen av maskinen Magnavox Oddyssey. Ralph Baer anses å være "bestefaren" til data-/TV-spill, som oppfinneren av den første TV-spill konsollen, forløperen til det første dataspillet med interaktivt brukergrensesnitt: "PONG" (laget av programmereren/elektronikk-ingeniøren Al Alcorn).

Aleksei Pazjitnov >
1985, Vitenskapsakademiet i Moskva. Matematikeren Aleksei Pazjitnov gjorde som mange hackere gjør i dag; lekte seg med datamaskiner for å utforske bruksmulighetene, akkurat som Baer gjorde med militær-teknologi for å skape noe som kunne brukes til noe sosialt og positivt, enn bare ødeleggelse. Resultatet ble det mest innovative dataspillet til dags alder: "Tetris".

[Helt fra begynnelsen av spillalderens fødsel (70-,80-tallet), har militær-industrien og spill-industrien vært sammenflettet. Og det er dette samarbeidet som sannsynligvis har påvirket spill-utvikling mot en destruktiv opplevelses-modell.]

Poenget mitt med dette innlegget er å fremvise at nyvinning i teknologi som regel har skjedd som en følge av at bruksområder for teknologi har blitt påvirket av skaperne fordi de ville bruke skapelsene til noe annet enn bare strategisk og negativ fremkallende bruk.

Teknologisk nyvinning har derfor alltid interessert meg fordi det til stadighet har resultert i uante muligheter. Og siden vi lever i teknologi-alderen, med informasjonstilgang folk ikke kunne ant var mulig for et par tiår siden, hvem vet hva som venter rundt hjørnet? ;D

Innlegget ble også svært inspirert av Discovery Channel-programmet:

"I, Videogame"

Cross-browser compatibility!

Yes! I have finally achieved my goal... ;^) The blog is now cross-browser compatible (it displays correctly no matter what architecture/webbrowser is used to view the page).

This whole ordeal, is basically caused by the fact that Microsoft's Internet Explorer does not conform to the open web standards of the W3C (World Wide Web Consortium), meaning; it does not display webpages developed on open standards correctly: http://en.wikipedia.org/wiki/Internet_Explorer#Standards_support. The features not fully supported at the time of writing, include: CSS rendering issues + partial PNG (Portable Network Graphics) alpha support (opacity / transparency).

So, we as web-developers (who rely heavily on open standards to deliver a consistent experience to users no matter what hardware or software they are using), are forced to implement so-called "CSS-hacks" (Style Sheet Hacking), to enforce a proper user-end rendering of the website.

But I can now confirm compatibility with the following browsers (on Windows XP SP2 / Vista and Linux 2.6.x):

• Internet Explorer 7.x (WinXPSP2/Vista)
  
• Mozilla Firefox 2.0.0.x (WinXPSP2/Vista/Linux 2.6.x)
  
• Opera 9.2x (WinXPSP2/Linux 2.6.x)
  
• Opera Mini 3.x (Sony Ericsson K810i)
  
• Sony Ericsson's K810i integrated phonebrowser (Sony Ericsson K810i)
  

Improved blog layout & design

I have now fixed a lot of my earlier bugs in the CSS script for the blog.
I also added some javascript code to import my del.icio.us links.

My blog now nearly conforms to valid CSS-3.0 and XHTML-1.0-STRICT, but not quite yet. Basically, it's because of some untraditional hacks in CSS for IE-bugs on float alignment, and also, the XHTML because of some bad syntax variables, but they are all contained in the widgets used in the sidebar, and I won't hastle to inform all the developers about it, simply because there are a few of them, and it doesn't bug me...

My revisions of the CSS and XHTML style template-files are valid, so, I'm happy ^_^

Demystifying Denial-of-Service attacks

Interesting article uncovering the various ways of performing Denial-of-Service attacks through advanced networking.

http://www.securityfocus.com/infocus/1853

MASQUERADE / NAT

I knew this was some kind of unfinished technology, it somehow felt...like it wasn't a fully standardized method of implementation. Every time I've had more and more experience using this, I've always found new ways of using it, and alternative methods to boot. I don't fully understand the concept of complex protocol transmission yet, but my job let's me see the usage of NAT in WAN deployment.

This is the current, most widely used method of setting up transmission backbones from a large customer-base from within an ISP with limited IP ranges.

Or from my own setup @ my mom's place: forcing a medium-sized LAN to share an Internet access with 2 dynamic, restrictive IP addresses (one of which is switched between two internal cabled LANs, and the other serves as the Internet access for the wireless LAN) and one static, fully public, NAT'ed point-to-point IP address to serve my private DMZ.

Caveats using NAT

In computer networking, network address translation (NAT, also known as network masquerading, native address translation or IP masquerading) is a technique of transceiving network traffic through a router that involves re-writing the source and/or destination IP addresses and usually also the TCP/UDP port numbers of IP packets as they pass through.

[...] there are quite a lot of minor caveats with using NAT. The main problem is certain protocols and applications which may not work at all. Hopefully, these applications are not too common in the networks that you administer, and in such case, it should cause no huge problems.

The second and smaller problem is applications and protocols which will only work partially. These protocols are more common than the ones that will not work at all, which is quite unfortunate, but there isn't very much we can do about it as it seems. If complex protocols continue to be built, this is a problem we will have to continue living with. Especially if the protocols aren't standardized.

The third, and largest problem, in my point of view, is the fact that the user who sits behind a NAT server to get out on the internet will not be able to run his own server. It could be done, of course, but it takes a lot more time and work to set this up. In companies, this is probably preferred over having tons of servers run by different employees that are reachable from the Internet, without any supervision. However, when it comes to home users, this should be avoided to the very last. You should never as an Internet service provider NAT your customers from a private IP range to a public IP. It will cause you more trouble than it is worth having to deal with, and there will always be one or another client which will want this or that protocol to work flawlessly. When it doesn't, you will be called down upon.

As one last note on the caveats of NAT, it should be mentioned that NAT is actually just a hack more or less. NAT was a solution that was worked out while the IANA and other organisations noted that the Internet grew exponentially, and that the IP addresses would soon be in shortage. NAT was and is a short term solution to the problem of the IPv4 (Yes, IP which we have talked about before is a short version of IPv4 which stands for Internet Protocol version 4). The long term solution to the IPv4 address shortage is the IPv6 protocol, which also solves a ton of other problems. IPv6 has 128 bits assigned to their addresses, while IPv4 only have 32 bits used for IP addresses. This is an incredible increase in address space. It may seem like ridiculous to have enough IP addresses to set one IP address for every atom in our planet, but on the other hand, noone expected the IPv4 address range to be too small either.
The only grieveance for me in this sense, is the loss of opportunity to serve. I cannot set up SSH, Apache or any other form of server-application to establish outgoing connections based on incoming requests through this NAT setup. So, that's why I had to acquire a point-to-point IP address and route it manually to my DMZ. The problem I have now, is the lack of cabled internals in our house. I had to devise a hybrid LAN on both cabled and wireless connections to achieve my goal.

Distribuert Wardriving ^_^

Online liste over usikrede og sikrede WiFi-LAN ;P Genialt!

http://www.dinside.no/php/art.php?id=512387

http://www.wigle.net/