7/26/06

Samba Between Fedora Core and Mac OS X 10.4.5

Strange problem. I can smb-mount—via Finder— "shares" on MS Windows systems on my network as well as my older Linux system. But, when I try mount a share on on a newer server with Samba version 3, no joy. It hangs.

On the server, I see this: "api_pipe_bind_req: unable to unmarshall RPC_HDR_RB struct." Searches of the net have not turned up a solution, except for upgrading Samba on the server. My wife has no problem in samba-mounting shares on the Linux server to her Window XP system. Putting off upgrading the Linux server (yum does no report any "official" Redhat package updates), I am NFS-mounting folders when I need them (backing up my Powerbook to my Linux server, for example).

I found that the problem in in mounting from Finder. I can issue a command from the command line, such as:

mount_smbfs //fred@linuxserver/fred \
   fred-on-linuxserver/

7/8/06

In Information Security, Experts are Constantly Stating the Obvious

This will be one of "Top Ten Reasons Why I Hate Computer and Network Security," which I will blog next week. Today my RSS feed from FIRST pointed me to Removable media in the workplace can become a security timebomb. This is a well-written and accurate article. My problem with it is that anyone with even a bit of exposure to—not expertise in—the field of Internet security would, after reading all of these, say, "Well, yeah, that's about right."

In computer and network security, we keep stirring the same pot, ladeling some out every once in a while, and presenting it as a new dish. Newsflash: even if you add a dash of soy sauce, it is still Campbell's® Chicken Noodle Soup.

7/6/06

"Macs Safer," says Sophos

"It seems likely that Macs will continue to be the safer place for computer users for some time to come." —Graham Cluley, Sophos.

http://news.bbc.co.uk/2/hi/technology/5150508.stm

I'd switch over my kids, too, but there is no "Maple Story" game for Mac.

Do I need a docking station?

My cabling is a mess. I admit it. When at home, I use my PowerBook connected to a large monitor with the PowerBook screen as the secondary screen.



You can see the cabling, here.



The real problem for me is not plugging in seven (7) cables. The cables are, by the way
  • Power
  • Ethernet
  • Firewire for iSight
  • USB for keyboard and mouse
  • Other USB (camera, Palm computer, etc.)
  • miniDVI for CRT
  • audio/speaker output


Half the time when I fiddle with UCB cables, I bump the DVI which rests the video and I need to put it back in and "Detect Displays" again. The miniDVI really pulls out easily. The only solution I have found is this one by BookEndz. It would certainly be better if I did not have the PowerBook on that little shelf (given where the ports are and where the docking station would end up). I wonder if I would still have the miniDVI falling out of the back of BookEndz dock?

7/5/06

Cool PDF Writing Software

On my PowerBook, I don't need any special PDF writer. It's just a supported output format from the Printer routine. On Windows, I have—up until now—used Visage eXPert PDF. A few weeks ago, probably after a recent Windows upgrade on my wife's (formerly my) XP Pro desktop, when ever I used the Visage print driver, it would work, but opened a very small window, which did not show the controls for saving to a file. So, I could print to PDF format, I could view the conversion, but I could then do nothing with the PDF. So, aside from loving my wife, why should I care?

I do use Windows XP to use QuickBooks, which I use to run my household and business finances. My wife uses it sometimes, as do I, Lately, I use it under VirtualPC on my PowerBook. But, I still need a way to create PDFs under Windows (I e-mail invoices this way). Since the Visage product, which has behaved flawlessly until a few weeks ago, stopped working, I looked for a replacement.

I found CutePDF™ Writer, whose tagline suggests. "Create PDF documents on the fly—for Free!" Those last two words attracted me. I installed it on both my PowerBook (under VirtualPC) and on her XP system. It works great, and I highly recommend it. It requires a PS2PDF converter, and they helpfully provide a download to the GNU Ghostscript converter.

Another reason I am still glad I switched to Mac

"Customers have been crying out for a tool which could tell them if they have been duped," she [Michala Alexander, head of anti-piracy for Microsoft, in the UK] said.

The topic: Windows Genuine Advantage (WGA) as reported in BBC News' website.

My immediate reaction: "Yeah, sure." I am not in favor of software piracy. Not at all. But, I am against lying, as I suspect that no "customers have been crying out for [such] a tool..." Customers have more important, more pressing issues, with Windows. And those who use pirated software in countries where it is common—Ukraine comes to mind—really do know that there is something fishy about the Microsoft CDs they bought at the street market for the equivalent of $5.00 (USD).

7/4/06

The Missing Manual

David Pogue's Mac OS, The Missing Manual: Tiger Edition, is an interesting, enjoyable, and useful read. At 845 pages, it might not cover everything one needs to know about the latest Mac OS, but it filled in the gaps for this new Mac user. One might have done through this book with computer on lap. I did not. I read it a bit at a time, and dog-eared pages that I thought were of special interest. Then I went back, with computer on lap, trying the things he suggested.

I like Pogue's style and the book, more than a manual, held my interest. Buy it, enjoy it. You can get it from O'Reilly, but if you order from Amazon, below, I get a few cents.

Laptops and PII Losses (UPDATED)

This has been a bad summer, so far, for laptop loss. In January 2005, in blog entry Lost Laptops, I talked about this problem and some solutions.

In June alone we've read about the loss of laptop or notebook computers from Prevention is easy. Enterprises can encrypt or password lock hard drives. They must write policies and procedures backing those up. This is an old problem with solutions that keep on getting better.

Wake up out there!

I've turned on FileVault on my home directory on my PowerBook. It seems to create an encrypted virtual volume. So, this is practicing what I preach. But, I've noticed something strange (that I think is related): I can no longer create anything in the top-level of my home directory (/Users/fred).

$ pwd
/Users/fred
$ touch jnk
touch: jnk: Operation not permitted
$ cd Documents
$ touch jnk
$ ls -l jnk
-rw-r--r-- 1 fred fred 0 Jul 4 12:34 jnk
$ ls -ld . .. ../..
drwx------ 26 fred fred 884 Jul 4 12:34 .
drwx------ 38 fred fred 1394 Jun 6 15:15 ..
drwxrwxr-t 7 root admin 238 Jul 4 11:56 ../..
I do not know if this is related. I cannot backout of FileVault without deleting a bunch of files, although how much can I trust this. Look at what it says for the needed disk space. I have 60G disk. Hmmmm.

image

USB Attacks

This is an interesting, if obvious, attack. It harkens back to the historical—something we neglect more and more in network security. (And I have mentioned this too many times for me to repeat it here. Search for "history" in the search window of my blog site.) History will remind us that the viruses were originally spread on floppy disks. The obvious successor, with some twists, is the USB Flash Drive or "thumb drive". The twists include:
  • Many computers are configured to Autorun removable devices when inserted into the computer
  • USB thumb drives are still attractive enough that most people will pick them up, carry them off, and insert them into a computer the first chance they get.


Someone might do the second to see who owns the disk to return it, out of curiosity as to what is on it, or as a precursor to reformatting the drive.

Read more at: What would you do with a thumb drive you found on the street? What would your CEO do? And what does your security policy say about this? -----