How do you Describe Security?

by on May.29, 2012, under Uncategorized

Every now and then, working in an IT position, you get asked questions that are… interesting.  Sometimes, these are questions that, while obviously simple to the experienced techie, really are things that take learning.  Tonight, however, I encountered the other kind: the kind you just don’t know how to answer.

“Are these computers secure? I’m going to be putting in my credit card information, so I want to make sure these computers are secure.”

How do I even begin to answer this question?  After the customer left, my coworker and I had a small laugh at this question, because the answer I eventually gave this person was a simple “yes”.

My coworker pointed out that I could have given this person any answer — as long as it had a few buzzwords, it would be believable.  ”Oh yeah, the memory addresses of the internet piplines sync well with Adobe Connect, so its definitely secure.”

My original answer was one about the security of a wired connection versus that of a wireless, pointing out that these computers have wired connection, so yes, they are secure.  This only gained a quizzical look from the uninitiated.

My next answer was going to be a note about SSL.  Perhaps a small explanation about how security is up to the place you are entering your credit card information, with a note that you should always check for “HTTPS” when entering credit card information.  However, if the wired vs. wireless explanation was confusing, this would have done nothing to clear up the situation.

So, instead of attempting to explain security, or gain further insight into what this customer was actually asking, I simply gave the answer “yes”.  It might seem like a cop-out, but it was the only answer I could give within her frame of knowledge.

I leave you with this video of Richard Feynman attempting to explain how magnets work, and instead explaining why he can’t answer “Why” questions:

Leave a Comment more...

Opening the Floodgates (Google+)

by on Jun.30, 2011, under Uncategorized

Alright… I’m a nerd. Here’s my obligatory Google+ post:
I just got an invite! Still playing around with it, so I’ll try to post more thoughts later.

For now, if you want an invite, post your e-mail address and I’ll see what I can do 😉

6 Comments :, , , , more...

The Potential of .anything

by on Jun.19, 2011, under thoughts, Uncategorized

Today, ICANN announced that they will allow companies to create their own top-level domains (TLDs), for a price, of course.  It’s a hefty fee (~$185,000), but every reporter has brought up a couple excellent examples.  .bank, for example.  I assume that whoever creates these TLDs would also be able to control who gets domains.  That would make it possible to ensure that only legitimate banks can have a .bank address.  The two other examples I’ve seen repeatedly are .vegas and .canon.

This brings up an interesting opportunity for some new domain uses we’ve never seen before.  Imagine, for example, that Canon bought .canon.  Sure, they would probably setup and, but what if we thought outside the box a bit more?  What could we do with an unlimited supply of .canon domains?

Here’s what I imagine: (serial number).canon.  What if instead of stumbling though a support site to find support for your product, you could just type in the serial number, followed by .(brand), and be given support information?  This is something we’ve never been able to do with traditional TLDs, buy company-oriented TLDs would make this simple.

What about tracking numbers?  Google makes it simple to get tracking information from almost any shipping company (just search Google for the tracking number and you’re given a link), but custom TLDs could make this even easier.  (tracking number).ups should take me right to the page to figure out where that book I ordered is.

How about finding out what’s around you?  It’d be neat to see some company snatch .gps, then allow some standard coordinate format to give a map and perhaps some useful information about what’s nearby.  Perhaps .gps could also allow city names.

Maybe you want to know the weather.  (City name).weather should be able to take you right to useful information.

Opening up the allowed TLDs allows a world of possibilities.  I’ve just listed a couple simple examples here, but I’m sure folks that are much more creative than I could come up with even wilder examples.  What would you like to see done with this new world of domain names?

Leave a Comment :, , , more...

Decoding Comcast’s Caller ID!

by on Oct.14, 2010, under Uncategorized

It’s been a while since I’ve written about this, but there’s been a flurry of activity recently, and it’s time for me to post about this!

Comcast’s caller ID encryption has been broken!  It’s actually a very simple AES256-CTS encryption.  The tricky part is getting the key and the caller ID information.  Getting the encrypted information is actually very simple: just connect to the right XMPP server.  Getting the key, however, requires decrypting a flash file.

Anyway, with the help of a guy who calls himself Henry (if you want any more credit/a link to your site/whatever, let me know!), I’ve gotten a small python script working which will connect to the correct server and listen for the encrypted info.  When it’s found, the information will be decrypted, and displayed in the terminal.  Basically, we can get the unencrypted information!  From here, it should be trivial to do whatever we want with it!  I plan on attempting to write a Network Caller ID server with the current code as the base, but I’m not sure how much time I’ll really have to work on that/how far I’ll get. (continue reading…)

12 Comments more...

Kindle Pricing Makes No Sense

by on Jun.08, 2010, under Uncategorized

I was just browsing the web, when I found out that “Shit My Dad Says” has a book.  I don’t follow him on twitter, but I’ve heard of it before, and read it whenever I’m linked to it.  Wondering how much this book cost, I went to Amazon, and here’s what I found:

Kindle is more expensiveWait… WHAT?  The hardcover is actually CHEAPER than the Kindle version?  I’m going to ignore shipping for argument’s sake.  This means that it costs less to cut down a tree, turn that tree into paper, print words on the paper, and glue the pieces of paper together than it does to send you a bunch of ones and zeroes.

Can anyone explain this to me?  I mean, really.  I’m pretty sure writers type on computers in today’s world, and I’m sure Amazon has some software to automatically take whatever and turn it into a Kindle book.  Of course you’re in part paying for the development of such software, but there’s a LOT more to a hardcover book than there is to a digital copy of the same thing.

Don’t get me wrong, I think the Kindle is an awesome platform, and I hope we see more and more e-readers.  But, until the pricing scheme gets fixed… they’re not going to take off.

4 Comments :, , , , , more...

Re: Gym in High School

by on May.04, 2009, under Uncategorized

Due to a comment I recieved on my “Gym in High School” post, my reply, and some events of today, I feel that this subject needs revisiting.

It isn’t about whether you should or shouldn’t excersise.  It’s about how excersise is used as a punishment throughout middle school and high school.  Today, my class went out to play tennis.  As a warmup, we had to run down to the end of the tennis court and back twice (I use run lightly here, we could have jogged and been fine).  Eager to play tennis, I was the first jogging, and quickly got the two rounds complete.  A friend of mine, and another kid in my gym class were on pace with me, and we all three were done.

However, some of the other kids in my class are lazy.  I see this all the time: they either just walk, turn around half way, or find another way to pretend that they ran what was required.  As I was coming back the second time, I heard my gym teacher yelling something to the effect that they weren’t running, so had to redo the run.  Fine, whatever.  I had done what was required, so I shouldn’t have to worry.

Here’s where the problem comes in.  As I get back to my teacher, she tells me (and the other two kids running with me) that we’ll have to do one more time there and back.  I ask her why, noting that we had already ran there and back twice, and she tells me something along the lines of this:

Yeah, I know, but some of your classmates feel they didn’t need to do the whole thing, so now everyone has to run more.

And, here’s where I find the problem.  I ran what was required of me.  I know this, I’m sure the class knows this, and the teacher knows this.  Yet, because one or two people in my class are lazy (the teacher even named who the person was), I have to run more.  So, I propose a hypothesis to everyone reading this: group punishment does not work.

Teachers seem to love it.  Why single out kids, and deal with them individually when you can just make everyone do more work?  On top of that, peer pressure should cause the others to do what’s required of them in the future, right?

Wrong.  I have zero influence on the kids in my class who are lazy.  This is due to multiple factors: they are in a different social group than I am, I try to avoid associating myself with them, and (not trying to sound conceited here… you have to trust me that this is true) they are on a lower intellectual level than me.

In most classes, I don’t have this problem.  I take honors or AP classes, so I generally am in a class of smart people who are willing to do work required so they don’t have to face the punishment.  However, I have two classes that go outside this norm: gym physical education (my commentary on this correction is saved for another post), and my lit class (again, my commentary on this will be saved for another post).  Somehow, it seems that, when scheduling classes, they ignored intellectual level, and just stuck whoever in whatever gym class.

However, here’s where it stops making sense to me: there is another gym class the same hour that I have my gym class which has at least three people that are on the same intellectual level as me.  In my gym class, I can think of one person, maybe two people, that fit this description.  It seems that they took this group of people who they knew would goof off, and stuck me in with them.

So, while group punishment hinges on the assumption that peer  pressure is the greatest form of influence, this is not always true.  So, how can punishment be implemented to be successful?  Single the person out.  My school does this often for postive accomplishments, why not do it for negative influences?  Make the person do thirty pushups while everyone else just watches.  This will cause embarassment, distress, etc., hopefully fixing the behavior.

Of course, this keeps the idea of using excersise as a punishment.  But, perhaps that’s OK for people who are going to goof off anyway.  We can let them think of excersise as a punishment, and let them grow fat and stupid as the rest of us thrive.  As my Physics teacher so often says:

We call that natural selection.

1 Comment :, , more...

Lightning Distance Calculator 1.0.0-3

by on Apr.02, 2009, under Uncategorized

Just a silly little utility to determine how far away lightning is based on lightning, thunder, and the speed of sound.  Also will calculate the speed of sound based on temperature.

Available in extras.

Lightning Distance Calculator

Lightning Distance Calculator

Leave a Comment more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...