Archive for January, 2008

« Older Entries

Product Key Game

Thursday, January 31st, 2008

Here is a fun little game we play around here. This is ideal for IT shops or generally places where you have bunch of geeks installing crappy software on windows boxen. It’s called the PK Master. The goal of the game is to type in the product key/CD key perfectly the first time around. A perfect game is worth certain number of point’s. We use 3 because of the old saying “3rd time’s a charm”. You can use 1 if you are all or nothing type of a person, or 5 if you want nice round numbers. Each time you mess up, you lose a point. This means that with our setup you are allowed 2 typos to score the minimal amount of points.

Product Keys

You can optionally subtract points for style. For example hitting tab in a system that automatically moves the cursor into the next box (in other words effectively skipping a box) can be penalized. Backspacing is another optional penalty. And of course if you are nasty you can take away points for squinting or picking up and re-reading the key.

At the end of the week/month you tally up the score and the person with the highest scoring average wins. It’s only fair to use averages because people do not always get equal number of attempts even if you all take turns. This someone only got to go once this week can still win, if he scored 3 points.

What does the winner get? It’s up to you - for example, the lowest scoring player may have to buy a lunch for the highest scoring one. This makes reinstalling windows on a box that is not imaged a little bit less of a chore because at least you get an opportunity to score 6-9 points and significantly improve your average.

Before you say this is easy, please think back to the last time you had to do enter a product key. If I give you a MS Office CD right now do you think you can score 3 points? Personally I can’t even remember the last time I got a perfect score. I always mess up and type 8 instead of B, G instead of 6 or O instead of 0. And if the product key is lower case I always fuck up 1 and l.

Office Product Key (Not Mine)

Then there is that tricky “are the dashes/spaces part of this key?” problem. Sometimes they are, sometimes they are not. Do they tell you this on the sticker? Of course not. Does the system complain when you type a dash when you don’t need it? Silly idea - that would just be to easy. This uncertainty adds element of chance to this game. When you are installing a new or unfamiliar piece of software it’s always a gamble. Do you risk plunging your average into oblivion, or do you let your co-worker type it? It’s a tough choice!

I really love how the software makers keep finding innovative ways to keep this game challenging. In most cases they print the keys in very small, non-distinct sans-serif font on some crazy colorful background. Most normal people would put a long alphanumeric key like that on contrasting background in a large font with big serifs and other features that clearly distinguish letters and numbers (such as crossed zeros). But not these guys - they literally go out of their way to make it fun for us!

Sometimes I wonder how normal people deal with this whole product key thing. I only see it in the game terms these days. I pick up a CD and go “oh boy, this one has too many B’s and 8’s… I better drop it on someone’s desk and hope they fall for it”. I actually find it hilarious to find a sequence like 8B8B6G6B within a key. It’s funny even if it causes you to score poorly because you can then show people the damn key and talk about Microsoft conspiring against you and your free lunch. But normal people… Hell, they must be mighty annoyed with these damn things. I would be if I didn’t see these stickers as free lunch opportunities.

Then again, if you think about it, the CD key is the least annoying and obtrusive form of copy protection. Much more convenient and harder to lose than a hardware dongle, and way better than some crazy DRM rootkit that makes your optical drive explode after detecting a blank CD.

Naturally they don’t work - even if you combine them with an online activation. All the copies circulating on torrent and warez sites are cracked and have the key/activation parts removed. Then again no DRM really works anyway. Digital copy protection is just a pipe dream of the software industry. But until the proprietary software moguls figure this out we might as well stick with the lesser evil.

Seriously, try this game people! Let me know if it catches up! I would love to see it spread into the wild. ;)

tags: , , , ,

Posted in humor, random, technology | 5 Comments »

Your First Steps with Linux

Wednesday, January 30th, 2008

Over the years I think I helped to influence few people here and there to actually start experimenting with linux. I count that as a personal success. I’m sure I was not the primary influence in most cases, but I’m glad I could help people to start tinker with the new OS. Note that I didn’t say switch. I do have an issue with this whole switch mentality. People say “I have switched to Linux” or “I have switched to Mac” and I can’t help but roll my eyes.

I just want to put out there this novel idea: you are not marrying you OS. Regardless of what Microsoft may want you to think, there is no rule anywhere that says you can use only one OS. Personally I think a well rounded human being should be able to use several operating systems. Hell, you can have several OS’s installed on the same computer, and simply boot into the one that you need when necessary.

When people ask me how to go about switching to Linux I tell them not to. I tell them, to try using it along side Windows (cause it’s usually Windows folks who ask it) for a while, play and explore. Whenever it gets scary or overwhelming you just go back to comfy windows zone. Whenever you need that crucial windows application that has no Linux equivalent it will be right there for you. Don’t switch - just start playing. Have fun with it and learn. Then if you one day realize that you haven’t touched the Windows box in months, you can say you have switched. However, most of us never reach the point where they can honestly say they use linux exclusively. I don’t see it as a honor badge or anything. Most of us are perfectly content having a windows box (for gaming) sitting in the corner, a MacBook laptop, and a linux workstation all working together.

But the question does have merit. Starting with linux is usually a little bit different than starting with windows, or Apple. Why? Because this is the only OS that most people have to install by themselves. When people start messing around with Linux and BSD they usually tend to install it on a system that originally came preloaded with Windows. And this is where many issues crop up. Here are the few tips I usually pass down to the newbies. I figured that I might as well record them here and just point people to this post from now on.

Consider buying a system that comes Linux installed

Best advice I can give to total newbs is to consider purchasing a system that already comes preloaded with Linux. This is naturally the most expensive option you can pick but it does solve two main problems a lot of people run into:

First, you side-step the whole installation process. Your machine will be equipped with hardware that works well with linux, and will ship with all the right drivers. Your drive will be partitioned for you and the OS will be right there. All you need to do is go through few easy initial steps such as creating a new user and you will be ready to go. The biggest linux adoption hurdle for many people is the issue with hardware that doesn’t play well with linux. If you buy a linux machine you circumvent this whole problem.

Second, you are getting a brand new computer. This means that if you for some weird reason hose the linux installation you still have your old Windows machine to fall back on. People are often scared to try linux because they don’t want to get stuck with a botched installation and a PC that can neither boot windows or linux. You will be working on a dedicated Linux machine so even if you hose it you are still fine. You can still go online and research your issues, and try to get help.

Where do you get a machine with linux on it though? You don’t have to go to some shady online company that promises to ship you linux powered PC. You can get one from Dell. Yup, dell sells machines preloaded with everyone’s favorite distro (Ubuntu). You can say what you want about dell, but at least they are trustworthy, and usually make good on their warranties.

If you feel more adventurous, or you hate dell/large corporate behemoths you can try something like System 76 which sells laptops, desktops and mini boxen all running Ubuntu out of the box.

Consider Using A Spare Computer

If you can’t afford a brand new PC at the moment. If you are like me, you probably don’t like to throw out old computers. I usually stash them in the attic planning to one day turn them into some low powered server or something like that. I also inherit hardware from relatives and sometime even co-workers who bring me their old PC to dispose of (”here, maybe you can do something with it or scrap it for parts… If not just throw it out”). Old machines are perfect candidates for Linux test boxen for all the reasons I listed in the previous section. If you mess around with your primary PC you will be nervous, and you will worry about hosing your windows partition. If you are working with a spare junker that you really don’t care about you will be in the care-free tinkerer mode.

If you mess up, just start over. Wipe the drive and start again. That is the mindset you want to get yourself into. You are messing around and experimenting on some random machine while your data and most importantly your internet connection is safe and secure on your windows box.

Of course when you are using old hardware you may run into problems. Some of it might not be compatible, some might actually be really broken, and naturally it will be really slow. Then again, older hardware may actually be a blessing - having been around for years, the correct drivers may have made their way directly into the currently used kernel.

Use a Live CD First

This is less of a concern now since most of major distros ship with a Live CD installer these days. It wasn’t like that when I was starting. Still, probably a good first step for anyone is to download and burn yourself a Knoppix CD and stick it into the machine you plan to use for Linux. If Knoppix has major problems identifying your hardware and getting to work, then you may need to reconsider your choice. Chances are that any distro will have simillar issues, if not worse. If Knoppix just works, it doesn’t necessarily mean your distro of choice will but it is a sign that your hardware can and will work with Linux.

A lot of distros ship a Live CD installer (I know Ubuntu does) which lets you try out the system before you install it. I highly recommend burning yourself several such Live CD’s of different distributions and messing around with them. See how they interact with your hardware, how they handle driver installation and etc. Pick one that gets everything right out of the box, or has the best, most intuitive system for loading the needed drivers and applications.

Most of them will be very simillar but different people tend to be comfortable with different types of interfaces or ways of doing things. Some distros are more n00b friendly than others. Some will require you to drop down to CLI while some other ones will have nice GUI menus to do these things. You just need to find one that you feel comfortable with.

Avoid Dual Booting if Possible

Having your machine set up with both Linux and Windows is great. Dual booting is an awesome feature and you should definitely try it at one point, but it is a lousy way to start your Linux experience. It’s not that it’s hard - it’s just that it’s not trivial. In most cases it will require you to resize your windows partition (which may hose your system), then format that partition (if you choose the wrong one you may hose your system) and then make sure that the bootloader works correctly. This process has many points of failure and you don’t really want to be dealing with all this stress and uncertainty.

Most distros come with a nice “wipe the drive and let me set up the file system my way” option and that’s the one you should be using your first time around. You can fuck around with custom partition on your third or fourth installation. The first time around though your mission is to get linux onto your box with as few steps, and in it’s most default form. It’s much easier to troubleshoot a system that was installed with the default configuration rather than with a meticulously tweaked one.

Know what you want

Before you start messing around with linux you should do some research and get to know the vocabulary we all use. At he very least you should be able to differentiate between different package management systems. You want to know whether you want a Deb based system or an RPM based one. You should also look into desktop managers - look at screenshots and reviews of KDE and Gnome and see which one you like better. Try live CD’s which ship with both of them. Your first linux experience will be largely depend on whether you like or hate the desktop manager. So it’s a good idea to try both Gnome and KDE beforehand. If you hate one of them, it will narrow down the list of distros you have to choose from.

Pick the right distro

Finally, do some research into different linux distributions. You want to pick one that is newbie friendly - so probably probably not Gentoo in which you compile everything from scratch. You probably don’t want slackware either which hails itself as the most unix-like linux out there. You want something like Ubuntu, or Fedora or SuSE. You want something with a graphical installer, shipping with either Gnome or KDE out of the box and providing a nice package management front end (ideally a GUI one).

You should also pick a distro that has a large community. This helps immensely - a large community means lots of backports, frequent patches and active forums and discussion groups where you can finds answers and solutions to many of your problems. At some point a distro reaches a critical mass where nearly every problem you run into is already well documented and resolved by the community.

How do you know if a distro is popular? You will likely know it by reputation - people on technology blogs will mention it and talk about it. If you are at a loss, you can try Distrowatch which tracks the trends on Linux distribution market. Just be careful with their data - you want to pick something that is consistently popular over a long period of time, not the flavor of the month.

If you follow these few suggestions, your first steps with linux will be a positive, rewarding experience even if you mess up. You will learn a lot, you will gain new perspective on things and most importantly you will have fun.

tags: , , , ,

Posted in linux, technology, tips, ubuntu | 23 Comments »

Symmetric Encryption: The Password Problem

Tuesday, January 29th, 2008

Folks at Wachovia recently decided that all the confidential information they exchange with contractors and field examiners via email and the internet must be encrypted using at least 128 bit AES. Good for them! I applaud this move but then I realized that human stupidity can turn even best security practices to a mere farce.

I think that Wachovia really evaluated this problem realistically and chose the the method that was easiest to implement without forcing their contractors to spend a lot of money on software and/or training. Both 128 bit and 256 bit AES implementation is built into WinZip. That of course means you need to buy WinZip at the $20 a pop, but surprisingly enough most businesses do. It always amazes me that the company forces us to install WinZip on new machines despite the fact XP has a built in zip file support. At least we now have a reason why to use it. :P

It’s a good policy, but there is a problem here:

Hey, here is the file you requested. I encrypted it with winzip like you asked. I set the password to be “password”. In case you can’t open this file, I’m also attaching the original word document.

This, ladies and gentlemen is why the suicide rate among IT professionals is so high. Also, this is why you should be terrified when someone asks you to give them your personal information. Think about it - that at some point your social security number, address and credit record will be handled by this guy above. There is no way around it. A person like that works at almost every company - even yours. Dangerous information handling practices are commonplace, and data leaks are imminent. It scares the living shit out of me, but there is not much I can do about this. Or rather I can only try to improve security practices at my company, and hope others will do the same (they wont).

There are two ways you can handle encryption. The easy way is via symmetric encryption like AES which requires little or no infrastructure or forethought. To send data between Bob and Alice they both simply need the encryption/decryption software and the key in a form of a pass phrase that can be exchanged over the phone for example. Of course exchanging pass phrases for each document is a pain in the ass, so Bob and Alice will likely use the same one for all their correspondence. Since Alice will need to share this data with her coworkers, they will probably all use the same password for all correspondence with just about everyone. So whether they are working with Bob, or Eve or someone else they will use the very same common password.

What is that password? You have 3 guesses!

The password naturally is Alice’s company name written as one word in lowercase. If Alice’s boss is especially security conscious it will be the company name followed by a single number. And no, I’m not making this up. I actually seen this happen. Given a choice, lusers will pick a password that is easiest to remember or figure out, and by that virtue the least secure. This is the huge problem with symmetric encryption. You can educate the users, you can beat them up, threaten them or reason with them. But when you are not looking they will invent new clever ways to circumvent company security policies - or at least make them ineffective. And it’s not like it is some kind of secretive “fool the sysadmin” club. That would actually be cool - that I would respect. But no, this is just like an impenetrable wall of stupidity that shields them from common sense and reason.

The alternative of course is asymmetric encryption which removes the password choice from the equation. But it has it’s own limitations - namely, it is a pain in the ass to implement, deploy and train your stuff. Optimistically speaking I think we can get somewhere within 50-60% of our staff trained to use the winzip AES properly within a few months if we get a go-ahead for rapid forceful insertion of knowledge into the cranial cavity using blunt tolls. It would be faster if I was training orangutans for example, because they are not inherently afraid of technology. Humans unfortunately are - they seem to consider it a mysterious mystical force that cannot be comprehended by anyone sans a super-intelligent and yet socially inept nerds. Learning technology is naturally out of the question. Not only is it not possible to understand this stuff without the born-in nerd gene, but forcing that knowledge upon you apparently can cause severe brain damage.

So you can clearly see why blunt tools are necessary. We need to convince them that the brain damage will take place either way. Learning simply hurts less.

But public key encryption is such a foreign and incomprehensible subject. It’s like a high level arcane magic. Hell, for that stuff you need to have like a PHD in Jedi Mastery to even begin to understand it. When you start talking about public and private keys, exchanging and signing them, key rings and key servers you can see your user’s expression change from “LOL, they be trying to teach me magic but it wunt work” to “OMG! My head is about to explode”. By the time you are finished you can see pure fear in their eyes. Most go into catatonic for hours afterwards. Some never recover.

And of course after you spend many many hours configuring everyone’s email, generating keys and training people to use them, without fail someone will send their private key company mailing list.

Generally speaking I believe that an asymmetric public key approach is intrinsically less prone to human error (like for example choosing a weak password) but it is also more costly to implement. Costly both in man hours, as well as licensing. If you choose to go with PGP you are looking at around $200 per license. You could go with GnuPG naturally but it does not have the brand name weight, and it is slightly rougher around the edges - which ends up being a huge deal when you hand it to users who are terrified of computers as it is.

Don’t you just love it how this is a fucking never ending struggle. We really need policies like that, but the policies are half the battle. The other half is the long and painful process of IT beating the users into submission to enforce them.

tags: , , , , , ,

Posted in rant, security, technology | 14 Comments »

Kubuntu 7.10 (Gutsy) on Dell Inspiron 600m

Monday, January 28th, 2008

Last week I said that I will try Gutsy on Dell Inspiron 600m that is sitting here in the office. When I booted it with Kubuntu Dapper I was really impressed that almost everything worked out of the box. I was wondering if running Gutsy will be an improvement or a downgrade with respect to hardware support. Naturally I was hoping for the former. ;)

I finally got few minutes to download and burn a Gutsy CD. Yes, I do not have any Gutsy CD’s! Me, the local Ubuntu guy doesn’t have the latest and greatest release on him at all times. The horror!

I will tell you a secret - I’m what they call a late adopter. You have your early adopters who can’t wait to get their hands on the new software, and they get perverse pleasure out of running beta or even alpha releases. I’m not one of them. While I enjoy solving linux related problems and learning how the guts of my OS work, I do not usually actively go looking for trouble. Why? Well, I have a life, a full time job, a part time teaching gig, bunch of games to play and a blog to write (ok, so the first item on this list is a lie, but I think you get my drift). Yes, from time to time I enjoy messing around with a new OS to see ways in which I can break it, but usually when I get a spare machine I tend to install ubuntu on it for a reason - it gets assigned a specific task, such as being my nethack server, or a network backup location or something else.

So this is officially the first time I’m actually using Gutsy. Again, Dapper and me are tight - we are like the best buddies. I do not have this relationship with Fiesty - we had our differences but we do respect each other. Gutsy is new to me.

I plopped it into the drive, booted up and noted that everything was working. In the previous thread Alphast mentioned that I may have issues with support for the internal sound card but I didn’t. KDE loaded with the bootup chime, and when I launched Amarok I was able to listen to the Welcome message without any problems. Lshw identified my audio device as:

82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC’97 Audio Controller

Alphast - is that what you had on your system? I also ran aptitude search for alsa packages and it told me that both alsa-base 1.0.14-1ubuntu2 and alsa-utils 1.0.14-1ubuntu4 are all installed. Perhaps they were added in since you checked it last time. Who knows… Either way, it all works fine and out of the box. I didn’t have to do anything to enable it.

I was especially happy that the jump from Dapper to Gutsy did not mess up the excellent out-of-the-box support for the Intel Pro/Wireless LAN 2100 Mini PCI Adapter I had in that system. Once again I had to manually bind my Wifi card to the access point by passing ssid and the WEP key as arguments to iwconfig, but once I did that I was connected. Very nice! I was about ready to snag it for myself, but the boss gave me a go-ahead to order a brand new one instead. So naturally I opted for the dual core Latitude clocking at twice the speed of 600m and allowing me to stick up to 4 GB of RAM in it. Downside is that I have to wait few days before I can start messing with it, and I do not know if everything will work out of the box this nicely. However I ordered it with the same Wifi card that Dell puts in their Ubuntu model (Inspiron 1420N) so it should work…. At least in theory. We’ll see how it goes. You will probably see a review for it here in couple of days.

Getting back on topic, everything worked out of the box. Including the damn winmodem. All I had to do to enable it was to go to K-menu, choose System Settings, then go to Advanced tab and click on restricted drivers tab. It was listed right there as a “software modem driver”. I simply had to enable it.

Apparently it fetched the driver, and configured it. Now I see the comforting green check-mark instead of a red x next to it. Did I test it? No, I didn’t. How am I gonna test it? Where am I supposed to dial up?

I didn’t install gutsy on the HD so it’s possible there are few little glitches here and there that I didn’t notice just using the live CD. But as far as I’m concerned the 600m and Gutsy are a perfect fit. If you have one of these, and considered trying Ubuntu definitely give 7.10 a whirl. You will be impressed how well it works with the hardware. I know I was.

tags: , , , , , , ,

Posted in linux, technology, ubuntu | 7 Comments »

« Older Entries