Thursday, May 24, 2012

Google gets transparent on copyright

It's great to see Google making information available on what copyright removal notices it gets.

The data is astounding. Here is the URL, with some of the information re-printed below:

http://www.google.com/transparencyreport/removals/copyright/

Copyright removal requests received for Search in the past month



Wednesday, May 23, 2012

No Diablo 3 For me

I really wanted to buy this game, but I'm not going to reward a company with my business who puts obnoxious DRM into their software. The idea of a single player mode really interests me because sometimes I'm off the grid and I want to still use a laptop or netbook. Requiring me to be connected to the Internet for single player mode is something I'm not going to accept. I've been waiting for many years to play this game, but I'm not desperate - there's lots of fish in the sea.

Now ... someday when they take the DRM out ... maybe I'll change my mind.

Tuesday, May 22, 2012

Learning about Google Sites

Having a great time with Google Sites so far. The tools are very crude and frustrating to learn, but the payoff should be worth it. A free site that can take as many page hits as Google itself. Of course, there's a couple down sides I've found. So far no deal breakers to building my consulting site, though. I will never have controversial content on my consulting site, so there's no chafing against all those rules.

Google's Page Editor - Good Grief !


I am slowly learning to be very annoyed by the built-in page editor. It's very crude and restrictive. I was trying to layout my home page and as I worked with it, it seemed to get worse and worse.

So, I took the raw HTML and pasted it into MS Visual Studio 10.0. I was shocked at what HTML the page editor had created for me. So what I did was create that page from scratch in Visual Studio and then when I was satisfied with it, I copied and pasted it back into Google's page editor. The reverse also works. I can create a widget using Google's page editor and then easily manipulate that HTML using Visual Studio. But so far the idea is to keep the master copies of pages locally and let Google hold the copies.

So ... That did the trick, and my grief mostly went away!

Here's the site I am developing:

The Coder For Hire


Monday, May 21, 2012

Bye Bye Aero Glass

Microsoft reported on Friday in an MSDN blog post that it is going to ditch Aero Glass for a more consistent feel across all platforms that Windows 8 is going to run under. So far just from looking at their screen shot, I miss Aero already. Some of the other Vista-era stuff could go away and I would be fine with it. But please mister, don't take away my Aero.

Here's the blog post - you decide.

Creating the Windows 8 user experience

Saturday, May 5, 2012

Encrypt Your Business Data!

Introduction


In my job as a consultant, I am usually in possession of my client's data, some of it sensitive. I do lots of work for insurance companies who generally keep large amounts of personal information about their customers (insureds). Some of these companies are even public companies, so there's all sorts of extra laws they have to abide by. And of course, because I work out of my home office, I sometimes need to work with some of that data in my office, and my office is connected to the Internet.

I've always said that the only problem with privacy on the Internet is that there is none. 

Just about every single thing you do on the 'net decreases your privacy. If I were to draw a diagram, it would show your personal information flowing away from you towards the Internet. It wouldn't be a pretty picture.

Obviously there are lots of procedural things you can do to increase your privacy, but today I'm going to talk about the main tool that people can use to increase their privacy on the Internet. Encryption.

Disclaimer


Information is power. And any power can be abused. The same technology you can use to keep your sensitive, legitimate data safe and secret, can also be used to keep knowledge of bad things safe and secret. I'm a technologist, not a philosopher or attorney. The moral aspects of this technology are beyond my pay grade. Encryption is a powerful tool, so please use it responsibly.

Public Key Cryptography


The arts of concealing information date back to the dawn of man. As long as there have been secrets to keep, there have been ways of concealing them. There have been lots of methods throughout the years, but it is "public key encryption" that dominates the Internet landscape today. I know basically how it works, but I'm not a mathematician, so read this link for more information.

Wikipedia - Public-key cryptography


Securing Your Data


I'm rather fond of how I secure my data. My "work computers" are virtual machines (VMs). This gives me quite a few benefits, but one I'm interested in here is the separation between my home life and work life. When I "power off" my VMs at the end of the day, there's no client data on my computer - that data is all inside the VMs.

TrueCrypt


TrueCrypt Web Site

Now, the VMs all reside on drives encrypted with TrueCrypt, which is an open source application for creating encrypted drives. I put the entire volume under TrueCrypt. When your computer powers up, you have to type in passwords for all your encrypted drives. It's a big hassle, but that's the price of safety.

Once you type in the password, that drive is available to anyone who has access to your computer. The encryption keys reside in memory for as long as the computer is powered on. Once the machine is powered off then you need the passwords to reconnect the drives when the machine is booted.

As you can see, if the computer is stolen from you, they'd pretty much have to power it off to get it out of your office. Once they do that, the hard drives inside are literally bricks without the password. Your data is safe.

Obviously there are other ways for people to take your valuable data, but those are beyond the scope of this post. Encrypting your drives is the "low hanging fruit".

VPN


Your data is vulnerable not only at the point of storage (your hard drives) but also at the point where it enters/leaves your office, i.e. your Internet connection. Short for "Virtual Private Network", having a VPN gives you a secure (encrypted) connection between two networks. So, it allows you connect two networks without worrying about your data being intercepted between both endpoints. Though you do have risks at the endpoints themselves.

Support for VPNs is built into Windows and most routers. There's also lots of third party and even open source applications. Most people setup their VPN from router-to-router so that it's transparent. Some people like me use the "dialup" method where I press a button to connect to a secure network.


Wikipedia - Virtual Private Network

Encryption Backdoors?


It's widely rumored to be true and in some cases even proven. My problem with encryption back doors isn't that it lets governments spy on your personal information. That's back to morality/philosophy, which I have no interest in debating. No, my problem with potential back doors is that it's another possible exploit - something that makes it less secure.

Either way, I have an obligation to keep my client's data safe to the best of my ability, so to that end, I try to use open source encryption like TrueCrypt whenever possible. I even prefer to use the open source algorithms like Blowfish where possible too.

Though, it's not something I worry about much. And honestly, you can only do so much. You are always going to be vulnerable to someone with more talent / resources than you. But I can look my clients in the eyeballs and tell them that I am using good practices. I make a pretty good attempt to keep the data I use secure.

Encryption Cracking?


It's also widely rumored that *cough* certain agencies in certain governments now have the computing resources (and possible mathematical breakthroughs) to be able to "crack" modern public key encryption.

Modern encryption relies on the fact that it is very difficult for a computer to factor products of very large prime numbers.  Since the very scruffy mathematical types figured out encryption, it's probably inevitable that those same people will someday figure out how to defeat it.

My strategy for dealing with this possibility is simply not to have a beef with a) large groups of mathematicians and/or b) people with lots of super-computers. Again, not something I worry about much.


Conclusion


My basic privacy strategy for securing my business data is to contain it in a virtual machine (VM), encrypt the container with TrueCrypt and encrypt the connection between my office(s), and my clients office(s) with a VPN. This is not the entirety of my strategy but the gist of it.




Friday, May 4, 2012

My Friend DD-WRT

After a day of running the new RT-N16 router flashed to DD-WRT, it's pretty clear that the last router was responsible for just about all of the issues I was having.

It's great having the open source firmware. DD-WRT provides a ton of information about what's going on with your network. If you have as many devices on your network as I do, this information is invaluable.




Thursday, May 3, 2012

Fun With Routers II

Here's part one:

Fun with routers part one

Out Of The Box


Today I received my shiny new Asus RT-N16 router from NewEgg. I was really excited finally get a replacement for the one I had, which was giving the whole family quite a bit of grief, in addition to the problems it was causing for work. So, I unboxed it and hooked it up.























First Impressions


It's a solid looking unit. It doesn't look or feel cheap at all. The packaging was good and everything was neatly laid out. I thought I read somewhere in one of the reviews that they hated the blue lights on it, but I think it looks fine. You only get one chance to make a first impression, and this router didn't disappoint.

The router connected right up to my computer and I looked around at the built in administration screens. It looked like they put a lot of work into the user interface but it looked a little flashy for me, and plus it was a little choppy. It seemed perfectly functional, but it was very "flickery". So, I decided to flash it with DD-WRT.

DD-WRT


Half the reason I bought this thing is because all the reviews were saying how nice it was with DD-WRT and TOMATO firmwares. It is wonderful that this router advertises the ability to use open source firmware, though it would've been even better if it came pre-installed.

Flashing the firmware of your router is not for the faint of heart. If you make a mistake then you could end up "bricking" the router, meaning that it is no longer a router, and its only value is as a big chunk of plastic. You want to do your homework and make sure you are flashing the right version for your model router.

Here's the DD-WRT Wiki for this router:

DD-WRT Wiki For Asus RT-N16 Router

I downloaded the "mega" install and tried step one in the Wiki, which was to use the browser to flash the firmware. This didn't work. I followed the instructions to put the router into "recovery mode" it kept telling me that the firmware update failed.

So, I downloaded the Asus utility for my router and tried that. It was still complaining that the device was not in "rescue mode." I'd unplug the router, hold the reset button down, and plug it back in. The router gives no indication that it's in recovery mode, so I was having a really hard time.

Two Buttons!


...until I read a forum post somewhere talking about getting the buttons confused. There are two buttons on the back! I never did put my reading glasses on and look how those buttons are labeled. Looking at my diagram above, I was pressing the red button while plugging in the router. It's the other button. Once I did that, the utility let me flash the firmware.

Success


Now everything seems to work fine. The last time I used DD-WRT was to bring an old Linksys router back to life. So, I took a 5 year old router and got 5 more years out of it until it was just too old and slow to run all the devices that are now on my network. Seems like everyone who comes over has a pocket full of devices.

Since I had to replace that router, I have  had about half a dozen routers and I've hated them all. It looks like I am good now, though. Hopefully I will retire this router only when it's just too old, and not because I despise it. Time will tell...

If all goes well, there will not be a "Fun With Routers III."

Wednesday, May 2, 2012

My Fancy Award

Most people that received this award with me probably have it hanging on their walls. Not me. I have no idea where it is. I only recently rediscovered the pictures.





Tuesday, May 1, 2012

Hard Drive Prices Falling!

Several months ago I was buying some large hard drives for our development team to store lots of virtual machines and backups. Virtual machines are great to use for software development. But the virtual hard drives of the virtual machines take up real world space on your real world hard drives.

It's great having a couple dozen virtual development machines at my disposal. I can run several of them at a time in whatever configuration I choose. They can even be connected together in an ad-hoc network. It's absolutely the best way for a power user to use lots of different computers without having the heat, noise and expense of real ones.

So, a few months ago when I was buying all these drives for the team, I wasn't sure if I would need one for myself. They are only getting cheaper, right? WRONG. Once day I went to order one for myself, and they had quadrupled in price overnight!

A couple years ago I was buying 2 TB drives for $59 and all of the sudden they jump to $400 because some company that makes drive parts fell into the ocean. There was no way I was going to pay that much, even with someone else's money.

Yesterday I finally gave in and ordered a 2 TB Western Digital Caviar Green for $119 on Newegg. It's about time!