About 20 years ago, I ran Ethernet cables through the house so that all of the systems could connect. We're packing things up so that we can peddle the place and get the hell out of Portland/Multnomah County, and today I discovered - SURPRISE! - that I had a boatload of Ethernet cables in here. So far, I've recovered about 50 feet of cable and connectors. Wow. I forgot that I'd done all that; I went with wireless with heavy security and just disconnected the Ethernet cables. Now, I have a lot of Ethernet cables.
For a couple of hundred bucks, I have a much smaller footprint with much more usable space than I had with the old particle-board computer hutch that took up about half of the room. The adjustable sit-stand unit gives me a lot more space, and as I prefer to stand, it works really well for me. And it takes about a quarter of the room that the old furniture did.
Surprisingly, it took only about three hours to take apart the computer systems and network, move the old furniture out , replace it, and get everything back up and running again. I'd planned for an entire day, but hey - I do geek well. We now have a lot more room in here, and all systems are running. For the most part, the girls never even noticed the down-time.
The work systems are running as if nothing ever happened, and the daughter never noticed a glitch on her art-based systems.
Actually, I didn't expect it to come so soon. It's an interesting thing. We have a table that my father-in-law crafted, and we haven't really put it to good use. Until now. I spent around three hours taking apart the old three-part area that used to house the computer server and network. It took up a lot of space. Now I'm using the table with a sit-stand adjustable desktop, and it works amazingly well. It actually gives me a lot more real-estate in a much smaller footprint. And I like to stand, so it works really well for me.
UPDATE: Very nice thus far. Holds a lot of stuff in a small space.
The House yesterday approved a bill that, according to the New York Times, “not only gives cable companies and wireless providers free rein to do what they like with your browsing history, shopping habits, your location and other information gleaned from your online activity, but it would also prevent the Federal Communications Commission from ever again establishing similar consumer privacy protections.”
Naturally, the hysterics are out in force - and just as naturally, they're wrong; the ISP you use can sell aggregate data, but not personally identifiable data. Nonetheless, there's a nutball out there who's trying to collect $1 million in donations that he intends to use to buy:
The Internet histories of all legislators, congressmen, executives, and their families and make them easily searchable at searchinternethistory.com.
Everything from their medical, pornographic, to their financial and infidelity.
Anything they have looked at, searched for, or visited on the Internet will now be available for everyone to comb through.
There's just one little problem: you can't do it. There's a rather large difference between aggregate data (think Google) and personal, individual online activity. Selling the former is legal; selling the latter is not.
The Telecommunications Act explicitly prohibits the sharing of “individually identifiable” customer information except under very specific circumstances.
As in: should law enforcement suspect that you're into kiddie porn or terrorism. Even in such cases and armed with a warrant, they simply scoop up all of your electronics and forensically examine them; they don't go to the ISP and demand browsing records. Just last week we discussed here the case of a guy who's been in jail for 18 months because although authorities have evidence of his involvement in kiddie porn, he downloaded files to two portable hard drives, which are encrypted, and he refuses to give up the passcode to unlock them. He's being held indefintely, and his lawyer's efforts to win his release have thus far proven fruitless.
Under the heading of "very specific circumstances" come things such as the recent string of threats to Jewish Community Centers. They were found to have originated in Israel, and to have been made by an Israeli-American. In these kinds of cases, individually identifiable information is gathered.
But paranoia is powerful, and there's a lot of it floating around because "Trump administration!" "Republicans!" Auugh! It's unclear as to whether Trump Derangement Syndrome is covered under Obamacare. Also unclear is what the aforementioned nutter is going to do with the donations he's managed to scam from other nutters.
One thing is clear: he's not going to buy the "Internet histories" of anybody. But as long as he's only scamming like-minded nutters, it's all good.
Congress just gave you another reason to use The Onion Router (TOR) or a virtual private network (VPN), as they yesterday passed legislation that allows your ISP to engage in "snoopertizing" - tracking your every move on the internet and selling the data to advertisers. Of course, some companies like Google and Amazon have been doing that for ages by tracking your search requests, purchase history, and "wish-list" data. But you go into those by consent. Yesterday's action tells your ISP it doesn't need your consent. The Republicans claim that just "levels the playing field". That's idiotic.
It's also a good reason to deploy https everywhere if you haven't already done so; it's probably the easiest way to achieve a measure of safety from a prying ISP. It's an extension for Firefox, Chrome, or Opera browsers that encrypts your communications with many (though not all) websites.
You can check here to see how your Representatives voted; "Yea" votes favored the ISP goal. This may well come back to bite a number of congress-critters in the next election.
Well, mebbe if there's a teenager around to make sure she doesn't do anything really stupid. ...hard to believe she's now on the board at Expedia (which just lost, along with its affiliates, my business).
“No, this is the exact hat Lincoln was wearing when he signed the Emancipation Proclamation. People forget that.”
Well, darn. Maybe the Cisco Kids shouldn't still be allowing 1970s-era Telnet protocol to be used to access their over 300 switching devices. That's really brain-dead. But then, it's free. Money. no cost, what's not to like?
The flaw, found in at least 318 switches, allows remote attackers to execute code that runs with elevated privileges, Cisco warned in an advisory published Friday. The bug resides in the Cisco Cluster Management Protocol (CMP), which uses the telnet protocol to deliver signals and commands on internal networks. It stems from a failure to restrict telnet options to local communications and the incorrect processing of malformed CMP-only telnet options.
Apart from the idiocy, that is. I still know telnet. Doesn't everyone?
Security researchers have discovered a new attack called DoubleAgent that uses a Windows bug-fixing tool to turn antivirus into malware.
The DoubleAgent attack is detailed by Israel-based security firm Cybellum, which claims to have confirmed it can compromise products by Avast, AVG, Avira, Bitdefender, Trend Micro, Comodo, ESET, F-Secure, Kaspersky, Malwarebytes, McAfee, Panda, Quick Heal, and Norton. The company says other antivirus products are also likely to be vulnerable.
The attack relies on Microsoft Application Verifier, a runtime verification tool used to discover bugs and improve the security of third-party Windows applications. The tool ships with Windows XP through to Windows 10.
The antivirus software generally runs with "trusted" privileges. The only software at present that is unaffected is Windows Defender, which uses protected processes that prevent user-mode applications from running.
Most all antivirus applications auto-update, and this feature allows DoubleAgent to insert its malware into all parent and child processes involved in the applications. I posted yesterday about using the SysInternals Suite in place of process manager. This might be a good time to install it.
Oh, and by the way, password manager software isn't exactly something to rely upon, either. My password manager's in my head for good reason.
You may have had occasion to use Task Manager. This is actually a better set of free tools.
This release of Sysmon, a background monitor that records activity to the event log for use in security incident detection and forensics, introduces an option that displays event schema, adds an event for Sysmon configuration changes, interprets and displays registry paths in their common format, and adds named pipe create and connection events (thanks to Giulia Biagini for the contribution). Check out the related presentation from Mark’s RSA Conference, “ How to Go From Responding to Hunting with Sysinternals Sysmon.”
There's a "live" web-based version, but I go for the downloadable, which is a .zip file that can be extracted using freeware like 7Zip. Do not pay for WinZip.