I’ve been neglecting the blog for a few days, and thought this an appropriate juncture to apologise (sorry) and to explain why…

Much of last week has been whipped up in a swirl of multimedia; David, Ray and I have undertaken a subversive project to improve the state of communications for security within Sun UK, and this has been largely funded by my purchase of an iMac, linked with Ray and my personal Mini-DV camcorders.

Ordered about three weeks ago, the beastie was shipped from Taiwan and eventually landed on my doorstep last Monday.

It’s proving to be a nice little Unix box – running MacOS X – less than seven days have gone since it’s arrival, and i already have it:

– accessing the internet via NAT through my linux server/firewall

– running several NFS mountpoints

– concurrently running Aqua and X-windows via XDarwin

– installed and using GCC

– compiled my favourite window manager (FVWM1)

– compiled and installed bash, and xv via fink

…and now have it running Crack 5.3 as a background process. 😎

From a security perspective, I was pleased to find that it ships in a minimized configuration; I just wish that it would be a little more transparent about the fact that “Enable Remote Access” means “Switch-on the SSH Daemon”.

I realise that Apple have to pitch to a userbase of “normal” people, but surely they could at least provide the occasional buzzword hint?

My only gripes to-date include the name service – I have no particular qualms about ignoring /etc/fstab and requiring people to poke the information into a bastard hybrid of NIS and LDAP, but i I do wish that maybe some sort of schema could be advertised – something that would tell you what allowable parameters and values need to be inserted in order for something to be done.

At the moment, it’s a bit tedious and mechanical and prone to error; I have written scripts to automate installation of NFS mountpoints, for instance.

Also, the Aqua “terminal” shell-window seems to have an odd notion of job control:

Consider two shell windows. Background a task in one shell window and exit the shell. The window (after confirmation) disappears. Now close the other shell window, and a requester pops-up, threatening to kill the process that you backgrounded in the other window.

Weird. Fortunately, XDarwin/Xfree86 xterm is more traditional regarding job control.

Then there’s the DNS problem; I think that I shall have to install a caching nameserver on my firewall, because the iMac does insist upon trying to resolve its own – and incorrect – FQDN, far too often, to a nameserver that is accessed by NAT over a modem link that is usually switched off.

I cannot yet work out how to stop it dns-looking-up “localhost.dircon.co.uk”, and come to that, I can’t seen to get it to change its own nodename however hard I try. Poking the hostname-setting routine in /etc/rc.boot seems to do nothing useful, and the machine renames itself to localhost once it goes multiuser.

Also, the user-friendliness seems to bite; tell it to add a printer called “printer” and it wastes hours

But these are piddling issues. Overall, it’s great, silent, bloody fast, and clocks libdes crypt()s at about 86,000 per second… and with 1Gb of RAM, I really can’t be arsed to create swap space. 😎

‘Scuse me while I go get a beer.

Right…

Dave, Ray and I spent last wednesday doing video footage of a various security topics, and I am gradually stripping it into a pretty decent training video. So far, there is about 10 minutes of Dave talking on various points, along with some interesting establishing footage, and titles.

Unfortunately, most footage of Ray has been toasted by a dicky microphone on my camera (not to mention the dubious pixelated quality of some footage from his camera) – so he’s not likely to be in the end product, but I am sure that there will be other occasions for him.

I will spend most of Monday shooting some gap and narration, splicing and editing and putting together a rough-cut which should be ready by tuesday. I then have 24hrs to finish off, and then Fedex the result to Dave for presentation at a TOI on the following week.

It will be an interesting four weeks coming up. Major datapoints include:

– I have surrendered my company car (yielding an enormous tax break) and my 1.9TDI Skoda Octavia will not arrive until the last week of July (god willing) so until that time I am a 100% biker.

– Pursuant to this, I spent this (sunday) morning buzzing around on a Honda CB500, and will be taking time out on tuesday to re-do my motorcycle practical test. Hopefully I will pass this time. Certainly I am more confident with 6500km under my belt, but I must endeavour to not let the test conditions (or overconfidence) get on top of me.

– Lack of car is also an incentive to work at home, and I am fortunate that this video project fits with that situation; it does mean time away from the IRC channel, so I shall ask anyone reading this to please relay by best wishes to the #security community, because I don’t know when I will next be around for any length of time.

– I have made a major reorganisation to my schedule, borne out of the realisation that my life is just too complicated at the moment, so I will not be going to the USENIX Security Symposium this year. I will be in town the week beforehand for the ES Technical Council, but I just cannot afford time away from the UK, and the logistics of real life.

There are some things I want to do, and much as I would like to do them as well as USENIX, this year I cannot feasibly, and for the first time since 1995 (1994?) I shall have to skip the USENIX Security Symposium.

Let’s see, what else…

Well – I have just run out of beer (the last of Dennis’s Heineken, which I have been drinking slowly; it must be deeply telling that I had to look at the can twice in order to be sure how to spell the word Heineken BWTF it’s cold and beer-like) so I will be back in a tick.

Ah…

A pint of Black Sheep Ale and a handful of dried dates as a snack, and the world is a nicer place. Suzi the cat has just dashed past, so I presume there’s something in the garden to attack.

Ummm… what else?

Well, life generally remains straightforward.

Objectively I spend too much time either working or thinking about work or hanging out with work friends, and not enough doing real stuff with my non-work friends. Seeing as most of my non-work friends are recently in the habit of using words like therapist and lifestyle and other terms that I associate with Sex in the City, I am undecided whether this is a bad thing.

Suzi has fleas, which is annoying. Buster has taken to sleeping out in a sandy, dusty flowerbed, on warm nights, which leads me to suspect that he has them too, but has the wit to do something other than just suffer them. A squirt of non-systemic fleakiller obtained form the vet seems to be having positive results.

It has gone 2215h and I need dinner; pasta with artichokes, parmesan shavings and salad seems enticing. Catch you all laater this week.