Skip to content

Category: Tech

Configure Putty Settings For Improved Performance

Not sure about you, but I use Putty perhaps more than any other application on my Windows PC’s.  Putty is a powerful, fast, free application which can be used to connect you quickly and securely to your Linux/Unix environment.

A person named “dag” from the Field Commander Wieers blog has provided an excellent article on configuring Putty for optimal usability and performance called “Improving Putty Settings on Windows“.  After walking through the steps listed in the article, I fired up Putty and was amazed by the improved text rendering, colors, and more.

A brief summary of settings gleaned from the article:

Category: Session
Connection type: SSH

Category: Window
Lines of scrollback: 20000

Category: Window > Appearance
Font: Lucida Console, 9-point
Font quality: ClearType
Gap between text and window edge: 3

Category: Window > Translation
Character set: UTF-8
Handling of line drawing characters: Unicode

Category: Window > Selection
Action of mouse buttons: xterm (Right extends, Middle pastes)
Paste to clipboard in RTF as well as plain text: enabled

Category: Window > Colours
ANSI Blue: Red:74 Green:74 Blue:255
ANSI Blue Bold: Red:140: Green:140 Blue:255

Category: Connection
Seconds between keepalives (0 to turn off): 25

Category: Connection > SSH > X11
Enable X11 forwarding: enabled

Read the whole article here.

Apple Doesn’t Understand This “Secure” Thing

For years, people have loved Apples and Macs because of their relative security when compared to the likes of Microsoft, who are the target of tens of thousands of viruses, worms, trojans, and other types of malicious programming.

A large part of this has been because of the prevalence of Microsoft Windows, and the fact that Macs make up a tiny little percentage of the home or office computer realm.  However, ever since Apple released the iPhone, it would seem as if they have taken a step out into the world of the unknown, venturing into new territories where no one has gone before.

The problem is, many people have already been in these territories for many years, and Apple obviously has not been paying attention.  It’s like they never considered the thought that once they started venturing outside of the obscure marketshare into the eye of the general public, they too would become targeted by script kiddies, spammers, and all-around evildoers.

The fact of the matter is, Apple, Macs, iThings, and everything else they are doing IS being targeted more now than ever before, and unfortunately, Apple is sitting around wondering why instead of doing anything about it.

Take, for example, this new TechCrunch article explaining a simple way for spammers to harvest all the email addresses of MobileMe users.

From the article:

Apple knows about the problem but insists it isn’t an issue because no one has complained publicly. An Apple representative said to one of our readers: “We’ve never had a complaint from a customer about people spamming them because of their iDisk public folder name. There is no way to remove your account name from the iDisk folders. I’m very sorry.”

Um…ok.  So if I use MobileMe, I can expect a lot of spam.  Maybe they think I’ll get used to it.

TechCrunch goes as far as suggesting that Apple is falling apart at the seams.  They suggest failures with customer service and security exploits as warning signs.  The sad part is, Apple seems to either not care about fixing things, or just not get it, both of which are starting to come off as being arrogant.

Look at the recent ‘patching’ Apple did with the widely-publicized DNS spoofing vulnerability last month.  While every other vendor quickly tackled the problem, Apple released a patch that fixed only their server products, leaving their entire desktop user base still vulnerable.  It took them two more weeks, but on August 15 they finally patched it for everyone.

The nature of being secure, in my opinion, relies upon being open, recognizing vulnerabilities, and taking them head-on.  That’s why there is such a large, active community of security-aware researchers, vendors, and system administrators out there.  Apple seems to be shying away from all of this, perhaps out of naivity, perhaps out of conceit.

Whatever the case, I sincerely hope they come to their senses before it is too late.

Resurrection: Geekamongus.com

I decided to resurrect my old Geekamongus.com site. Instead of filling this personal site with loads of technical blog posts no one cares about, I thought I’d dedicate a site to computers, the Internet, security, and anything else geeky. It made sense to use Geekamongus.com to do this.

So, look forward to more posts about personal things and whatever I’m thinking about here, and head to Geekamongus.com for the geeky stuff.

I intend to keep the new site on a ‘lay person’ level, providing articles to help people with computers and the Internet. I figure there are a lot of people who could use free advice, and it makes it fulfilling to think I might be helping someone.

So go tell your friends!

Practical Security : Using Email on Public Wifi

In my revised capacity at my current job, I’ve been handling a lot of
security issues: hardening of systems, software, and processes. I’ve
also been studying for the Security+ certification, so needless to say,
security has been at the top of my mind the last 5 months, and I wish it
would be at least a little closer to the tops of the general public’s
mind.

I’m going to start a new series of blog posts here called Practical
Security in which I will pass on some of the more relevant best
practices relating to the typical internet user, in hopes of helping to
raise awareness amongst anyone who happens to read this blog. (Yes, all
4 of you).

Using Email on Public Wifi (and the high level of risks
therein)

Question:
How often do you stop at a coffee shop to check your email with your
laptop, or leech that open ‘linksys’ network while sitting at a traffic
light with your PDA to shoot off a quick note to your boss? OK, maybe
I’m the only one who does that at traffic lights, but you get my point.

If you have a portable device that can access the Internet, my guess is
that your answer is “quite often”.

Question:
How many of you have configured your email to use some sort of
encryption? (Cue the crickets chirping).

As this excellent StopDesign
article explains:

What you may not realize is how easy these low security settings
allow someone else on the same network to spy on the data passing around
on that network. Just because you’re the only person who can see your
laptop screen, doesn’t necessarily mean you’re the only one who can see
the email message you just got from a friend. Just as easily as someone
could sit near you in a quiet cafe or library and overhear your entire
verbal conversation with another person, so could they “listen in” on
all the usernames, passwords, and messages passing to and from your
computer. (And everyone else’s computer for that matter.)

Kinda scary, huh? If you think about it, once they have your email
account password, it’s not too hard to go to your bank and generate a
“lost password” request, which will get sent to your email address,
which they now have control of. Or they might simply decide to send a
breakup letter to your boyfriend on your behalf if they are not feeling
so malicious. Or maybe they thought it would be funny to email your
boss and tell him how good he looks when he gets out of the shower.

By default, email is not secure!

Yes, this includes you, Mac user. Yes, this includes you,
Gmail/Yahoo/Hotmail/AOL user.

Make sure your email is on a secure connection!

The Lowdown
If you use a webmail service such as Hotmail, Yahoo Mail, Gmail, or the
like, make sure your web browser (Internet Explorer, Safari, Firefox,
etc) is in “secure” mode by looking for the lock icon. Alternately (or
additionally), look at the address bar of your web browser to make sure
the address showing starts with https and not just http.

If you use Outlook, Outlook Express, Thunderbird, Mac Mail, or any other
‘program’ on your computer to manage your email, there are ways to set
up these applications to run only on secure connections using SSL, TLS,
SSH, and other methods. You may need to consult your local IT guru or
read the rest of the StopDesign
article, or this well-written article entitled “5 Steps to Make Your Email Secure“.

Whatever you do, stop checking your email at Starbucks unless you know
it is secure!

OMFG it’s WordPress for iPhone/Touch

Out of all the awesome, free applications (and the crappy ones too) I’ve been trying out in the new Apps Store with my iPod Touch, the best by far is the Worspress app. I’m using it now to write this post.

It supports tags, categories, editing previous posts, post status, images, AND multiple blogs. I was floored when I read all that, and am more floored now that I’m using it.

Wow is all I can say!

The Music Biz

Remember the late 90’s, when the Recording Industry Association of America (RIAA), backed by meatheads such as Lars Ulrich of Metallica, decided to go on a suing frenzy to stop outfits such as Napster and Kazaa from enabling people to share files with each other? (Ok, the obvious answer should be “Yes, Will, I sure do!”)

Well, this is funny:
RIAA Pockets Filesharing Settlement Money, Doesn’t Pay Artists Whose Copyrights Were Infringed

In case you haven’t heard, the RIAA soon turned to strong-arming consumers once they had extorted all they could from the file sharing software companies.

The fact of the matter is that they are resisting technology. People want music in a new way. They don’t want it bogged down by Digital Rights Management. They want it cheaply and easily, and the technology to give it to them that way — AND to pay the artists fairly — exists.

Just look at what Radiohead did last year by letting people decide what they wanted to pay for the album, making them an estimated $6 to $10 million. Or see how “Nine Inch Nails make $1.6m on free album” just this month.

Both bands turned their noses up at the record companies and did it their own way. And it seemed to resonate well with the fans.