Archive for the 'security' Category

Switching from Windows to Ubuntu

Monday, January 11th, 2010

So, after a long time grumbling about how Windows gives me hassle, I’ve switched to Ubuntu on my work PC.

I had originally planned to dual boot both WinXP and Ubuntu whilst I figured out stuff like Active Directory domain membership, but in the end I got so fed up of Windows getting in my way, one day I just decided to switch. (Our IT team recognises that the developers in our group need administrator access to setup our tools and servers so, on the understanding that we don’t put our machines or the network at risk, we’re allowed fairly free reign.)

It took a while to get set up as I like it, but I think I’m there – so here’s a little overview…

NB: I’ve had only a little exposure to Windows Vista (where I found the continual “security” confirmation dialog boxes incredibly annoying), and to Windows 7 (where the window tiling function looks genuinely useful), so maybe MS have these newer versions of Windows would compare better than XP does.

What’s good?

  • I’ve installed (and use) software for web site browsing, word processing, vector drawing, image editing, version control, remote access sessions, programming, time tracking, and countless utilities – all with a few clicks from the built-in repositories (at zero purchase cost). The wealth of software available is amazing, for which the free software community is justifiably proud, and has my admiration and thanks 🙂
  • Easy access to remote files. I can browse Windows shares (without needing AD integration), and even better, I can browse our Linux servers via SSH (really not very pleasant on WinXP), all integrated with the Gnome desktop via Nautilus.
  • Virtual desktops – I’m amazed that Windows still doesn’t support this. I know there are hacks and 3rd party extensions, but the ones I’ve tried were rubbish in comparison to Gnome’s default configuration.
  • Using VirtualBox virtual machines I can use multiple versions of IE in virtual machines, and my old suite of Windows apps if I have to handle proprietary file types.
  • Software updates are smooth and rarely interrupt me.
  • Startup and shutdown are a lot quicker than Windows, never leaving me with x updates to install before the machine will shutdown (which is good as I like to switch off the machine at the socket).
  • No slowdowns due to a virus scanner.
  • All the little things which seem to happen because of Free Software. Simple useful integration that just works, like that Nautlius’ file property dialog shows size and codec information for media files.

What’s bad?

  • Evolution is supposed to be able to connect to MS Exchange for email and calendars, which it sort of does – unfortunately the MAPI connector doesn’t seem to work at all, and the Webmail connector is slow and tends to disconnect often. It’s ok for light use but, if I’ve got a lot of mail to deal with, I’ll often open Windows in a virtual machine and run Outlook.
  • doesn’t have seamless compatibility with MS Office files (arguably Microsoft’s fault).
  • Connections to Windows file shares have crashed on occasion.
  • The video is a little unstable, crashing very occasionally, but I’m chalking that one up to the Nvidia closed-source binaries. I’m glad that Nvidia provide a driver at all, but believe they’d end up with a better product if they were more open-friendly.
  • The task switcher (ALT+tab) is slow if desktop visual effects are on. This used to be fine, and I guess it’s the Nvidia driver disagreeing with the kernel about something.
  • A few cosmetic issues like notifications appearing at the wrong position.
  • There are other areas I’ve bumped against at home that are also worth a mention: The lack of decent video editing software, the ongoing transition to PulseAudio/JACK for regular/pro audio use. These aren’t a problem at work though.

Overall I’m happy – my day to day workflow is much smoother, and – at risk of becoming a FLOSS advert – I get warm fuzzies from following the progress being made in various parts of the Free Software environment – like a non-destructive editing version of GIMP, desktop activity awareness, local map applications, pro audio –  there’s too much to mention it all! 🙂

System upgrade

Friday, September 25th, 2009

I’ve just upgraded this blog to the latest WordPress. Everything seems ok, but please let me know if you spot anything wrong.

It’s about time we had something better than the old John Hancock…

Monday, September 14th, 2009

New ETSI standard for EU-compliant electronic signatures.

Too much dependance on javascript?

Thursday, May 21st, 2009

I’ve installed the NoScript Firefox extension to protect against XSS and other javascript-based attacks, but am finding that lots of sites are depending on javascript for basic functionality 🙁

To all web devs – please remember Checkpoint 6.3 of the WCAG: Ensure that pages are usable when scripts, applets, or other programmatic objects are turned off or not supported.

U.S. to hunt terrorists in WoW (maybe)

Thursday, March 13th, 2008

Via Schneier: The terrorism-obsessed U.S. is running project Reynarda study of massive multiplayer online games looking for “baseline normative behaviors” with the intent to “determine the feasibility of automatically detecting suspicious behavior and actions in the virtual world”.

Terrorism aside, the research is unclassified – so it might be possible to see their results eventually.

Even hard drive encryption can be defeated

Friday, February 22nd, 2008

If an attacker has physical access to a computer, then there is no way to secure its data against him: New Research Result: Cold Boot Attacks on Disk Encryption (via Schneier).

Point, Click … Eavesdrop

Monday, September 10th, 2007

Important information for privacy advocates and paranoiacs alike in an article over on Wired (based on the EFF‘s freedom of information requests), about the FBI’s Digital Collection System Network:

“the surveillance systems let FBI agents play back recordings even as they are being captured (like TiVo), create master wiretap files, send digital recordings to translators, track the rough location of targets in real time using cell-tower information, and even stream intercepts outward to mobile surveillance vans.”

If we can assume that the system is secure and the authorisation process (via the courts) is reliable, it looks like a really impressive law enforcement tool. However, software is usually buggy – so open to attack, and the courts don’t seem to matter – so the US government can spy on anyone they like.

Between this, free speech zones, detention without charge, and extraordinary rendition, it makes me worry about the state of the US (and the UK’s involvement). It even makes me nervous about the holiday in the New York I have booked.