This Old Weblog

Euclid
I have setup my webcam to be able to prove that Euclid sits in the window all day watching the ocean and the birds.

It is hard not to notice bloggers are taking over the web. They are easy and fun, but I do not think I could put it in perspective any better than This Old Weblog. Speaking of links, SecurityFocus has a radio interview with Jennifer Granick regarding digital forensics and the law. She explains why investigating computer crime is different from regular forensics and gives some basic legal advice for companies. Digital evidence is more “fragile” she says. This is definitely not rocket science.

Salon ran a story called “The price of milk (and sex) in Cuba” and I had to write a somewhat prosaic letter to the editor in response. This letter, as well as the constant urging of friends and family, has led me to create a writing section where I will put my own travel stories.

Windows Firewall

Attended an interesting talk with an engineer from the self-proclaimed leader in Denial of Service protection. I will not mention the company name, but for $50,000 they claim they can solve DoS problems, except single-packet attacks. Not exactly a bargain, even at $10,000, if you still have to worry about the next redbutton.

Appelez-moi fou, but I could not resist the urge to post a translation link. Want to read this this page in French?

TS/SCI information work this morning led me to a handy guide to the US government document classification system. I also started testing the ISCA Certified Tiny Personal Firewall from Tiny Software. It is free and is extremely easy to setup and manage. This sort of tool should be bundled in the next OS release from Microsoft.

Insecure Meeting

While researching news on the Comoros, (the elections are almost here) I read an interesting site that describes Offshore Anjouan as an excellent tax haven for banks and casinos. The same site also advocates buying a second passport and nationality to escape taxes. Ugh.

Afan mentioned the Open H323 Project, which clearly aims to free the H.323 teleconferencing (VoIP) protocol stack and has some excellent backgrounder information on related standards. I also came across this handy PocketGuide to VoIP.

Working with NetMeeting, an H.323 application that runs over IP, I noticed TCP port 1720 is the trigger but it needs all incoming UDP ports 1024 to 65534. Obviously not a well thought out network application. In any case, here is an incomplete reference to ports for popular applications.

There are many serious and well documented security concerns for a NetMeeting call, although you can read Microsoft’s firewall configuration guide and judge for yourself…and I quote: “There are few available products that an organization can implement to securely transport inbound and outbound NetMeeting calls.”

Organic disposal digital cameras

Several people from the Comoros have written me via email. I expect even the most remote areas will have some sort of Internet access within five years. This will have to be driven by knowledge-based workers receiving or transmitting data for their research, such as doctors, aid-workers, or even local entrepreneurs. On the other hand, it is impossible to overlook the fact that the forces of nature are not easily overcome by gadgets that are based on a fault-tolerant network and supplies. The best tools for the job are ones that are easily and cheaply repaired or, even better, replaced. Unfortunately digital cameras do not grow well in the jungle, so when my Olympus 3040Z started to die, I was forced to make hasty field repairs and dream of organic and disposable digital cameras.

I will put a few shots from the trip together today and put them online, although one photo just had to go into the scrapbook; there are over a thousand photos that take up about 5.5 GB of space. I need to consider paper for exhibits and friends in the Comoros. Right now I am pricing the Epson Perfection 2450 photo scanner and Canon S900 printer. Suggestions welcome.

the poetry of information security