The FA have just announced that there will be no events at the new Wembley this year!
Unbelievable!
It’s a mockery of a sham!
The “piss up in a brewery” analogy springs to mind!
Grrrrrrrrr,
JonnyK.
As you can see, I’m not very good at colouring-in. Catull is the typeface, if you can find it 
[image:1777]
DRM is implemented using cryptography – so we have our three classic cryptography character.
In my DRM example, Alice is a film company and they want Bob to be able to watch the film without Eve being able to intercept it.
But, who are Bob and Eve?
Well, Bob is you – the paying customer – and Eve? That’s you too.
See why it will never work?
Gah.
I read an article today which was critical of sudo.
I work in an environment where I have to remember multiple passwords for many different systems and I think the author has missed a few critical points. The author mentions at the end that there are reasons for enabling/disabling root access, but doesn’t really cover what they are. So I thought I would…
However, before I start, there are a few prerequisites to my argument;
Right – back to the article;
Second, you get a log entry in /var/log/system.log every time sudo is used showing you who used it and what command was executed. These appear good enough reasons to endure the slight inconvenience of using sudo.
Here’s one of the major benefits of sudo – accountability. You can use sudo to work out who became root. In the case of a break in you can see which user account is compromised and if you want to audit commands, you can see who became root. Also, as the author mentions, you can restrict users to a specific group of commands, you get an improved audit trail compared to su. I’m unsure what the inconvenience of using sudo is (maybe because to open a root shell you have to use sudo -s instead of su).
Every other command after starting a root shell does NOT get logged at all. All you can tell from this is when someone started the root shell. Whatever happened after that is a mystery.
The same is true of users logging in directly onto a console or using su. Using your shells logging facility is no good for auditing because it can easily deleted or even forged. The correct way to do this is to use process accounting, regardless of whether you are using sudo or su.
The most obvious change is to require a different password than your user password to authenticate.
“A password chosen by other people is nearly impossible to remember”. When working as part of a team, you rarely get to choose root passwords and remembering other people’s secure root passwords is very hard. Remembering your own very secure password is much easier. If you need a layer of protection better than just your password, then you need to move to two or three factor authentication, not more passwords.
I think I’ll set up a company called Utilitarian Web Design.
Oh so easy to read.
Ashdown RPM-1 Pre-amp (S/N: 187310704)
Ashdown APM-1000 Power-amp (S/N: 192260804)
Line6 Bass PodXT Pro (S/N: (21)BPX3P5448000214)
Korg Toneworks DTR-2 (S/N: 037168)
and my little MP3 player.
Swines.
If you see any of this stuff around – and it’s fairly rare equipment – PLEASE let me know. Ring me on 07967192234 or e-mail me. I saved my 2p’s long and hard to get that lot.
Taken from Harry’s web site;
I hate the word ‘geek’
I’m sure that Harry is one of the geekiest people I know, but not in a computing sense, more of a making glasses out of a broken yo-yo and a making a snowman out of a rice (a rice man) way. Edie and I were discussing it this weekend – she agreed 
.
Woo – I’m on strike tomorrow.
FIGHT THE SYSTEM
Or something like that.
We had a bit of an incident on my latest whitewater kayaking trip. As always we’ve got a trip report on the canoe club website. Normally these are not so interesting, if you’re not into kayaking, but I wrote the trip report for last weekend’s trip to the river Dart, and this time you may be interested to read about a helicopter rescue! (twas very exciting)
Recent Comments