Dorsia/Agamenon back up

So the server is now back online, after i fixed some port forwarding rules on the modem. SSH traffic is now directed to the correct destination.

Modem maintenance

So, i have been having some trouble with my Nebula line. About a month ago, something odd happened, and my line dropped, only to reconnect at about half the speed that it used to be. I called them, they fix something and the speed improves marginally, but i have had no explanation as to why this happened. If i change nothing, how can the speed drop?

According to their technicians, the line should handshake at 18/2.5 mbit/s, but i’m getting about 10/2 mbit/s. So anyway, i said, okay, the upstream improved to about what they said it should be, and the downstream isn’t that important to me anyway. That ticket was closed.. only to be re-opened a few weeks later, when i started having unexpected packet loss. It’s a copper connection so there’s really no reason to have packet loss, especially in this day and age. Not unheard of though, with bad lines etc, so i called Nebula again.

They’ve made a number of suggestions, such as “faulty wiring” (changed), “faulty modem” (also changed, more on this later), to “a bad copper pair to my apartment from the building phone board”.

So far i’ve ruled out cables. Nothing has changed there, but none the less, i swithced all cables that i could. No change. I changed the modem now, from a 2 year-old Linksys WAG200G, to a Telewell TW-EA501 (provided by B, thanks). So the Telehell connects at about 9/2mbit so the speed is worse still. I’ve now had it in for about a day, and i’m gonna keep testing it, to see if the problem returns.

If it does, then it’s something with the damn line, and they are going to have to do something about it. The speed.. well, i know the modem affects the speed a bit, but how can i get such varying results? All modems have had their firmware updated, and i have no long extension cords for the phone line, nothing like that. If the copper pair is crap, then i guess i’m fucked (and have to wait for the “mandatory” fiber connection no later than 2015).

This has caused unnecessary downtime for my server, Agamemnon. The gods don’t look favorably on this.

The Shit People Pull

So the wife was in a car accident yesterday. No, nothing serious. Some ass in a rental drove in to her while she was giving way to a bus (as is the law). The guy, incidentally a Swedish speaking Finn (more on this later), started screaming bloody murder immediately. He first told my wife, who was in the car with her sister, and her boyfriend, that he would be calling his father, who’s friend, apparently, is a police officer. My wife asked whether the police officer would be coming as well, to which he replied, no. My wife then called the police.

While waiting, the boy’s parrents showed up, and started screaming bloody murder, and even flat out threatening my wife. The mother told my wife that she, and her boy would be getting a criminal record for this, if she didn’t admit to her guilt. My wife told her that she isn’t admitting to anything she didn’t do, and especially for someone elses benefit. She kept screaming and trying to force her to admit that it was her fault.

Among the accusations presented were:

– She was reversing (down-hill?)
– She was letting the car slide downhill instead of breaking (also not true, three witnesses can attest to this)

The funny part is, my wife’s sister and her boyfriend saw the boy talking on the phone while the accident happened. He has probably wiped his logs by now, and claimed that he was simply “holding” the phone, not using it.

The other funny part is, for some generalized reason, the group of people i loathe to be a part of, swedish speaking finns, are just typically like this. Accident happens, call your mom and dad, who of course are convinced of their golden boy’s innocence.

So the police came, took some pictures, and statements, and told everyone to wait for an investigation. Our car is unscathed, where as the rental got a nice big hole in the front from our tail-hook, which went right through the plastic. I don’t think we can lose this case, because we have more witnesses, and the boy and his family were acting very rudely, making threats and all.

They’re going down.

Here’s a picture that describes how the case will go, if it goes to court:


court

Inadvertent leakage of data

Abstract

Most people are either not aware, or blissfully ignorant that the data they carry, be it analog or digital, is significant or important to anyone in sense. If it’s not a contract, or other clearly classified document or file, people just don’t care. But for a social engineer, this speck of data could be all he needs to penetrate your corporate structure and network.

Data overload

How many gigabytes do you have on you right now? Well, i can list the following:

  • 30GB iPod Video
  • Laptop with a 40GB disk
  • 8 GB memory stick
  • 8 GB microSD card in my phone
  • Caselogic full of CD’s and DVD’s, plus a 250 GB mobile hard drive

That’s what i have on my person right now. Now, it should be noted, that the actual amount of data on these media is only a fraction of that, but as an example.

How about analog stuff? Most of us carry business-cards in their wallet (along with other cards, receipts, etc.). Some oldschool yahoos still have a bunch of papers in folders, binders and other assorted archiving methods, that they lug around town every day.

If you look at what you have, you could very quickly conclude that there isn’t anything crucial that you have on you. No contracts, no lists of people’s salaries or who’s getting fired next. No passwords on small post-it notes (and some of you do that too…). So what could be compromised if you lost one of these items, huh? Not a lot? Think again.

One man’s garbage is another man’s…

…fucking treasure-trove. What could an adept social engineer do with a business-card? Well, he could assume your personality for purposes of calling someone, or even staging a meeting. The information contained on a simple business card, is usually: name, title, address, telephone numbers(s), e-mail address. Let’s go through these and make up plausible scenarios for their usage.

If you’re just out trolling for a random target, a business card with these data could be all you need. Based on this, you can do additional network searches, and find out more about you, the company or what you do. Maybe you have a blog, or maybe your calendar is openly viewable on Google Calendar. You’re most certainly on facebook, and since you have a business card, you probably have an extensive “net-history” to begin with. All this is fuel for the flame of a social engineer. Using this data, they can get to friends, family, co-workers, ex-partners with a grudge, old school-buddies or teachers, etc.  All ways of getting to the good stuff, of whatever data it is that the social engineer is looking for.

A telephone number will give you a lot of things. First, in certain cases, it can be used to deduce your mobile carrier. And through that, find out who your company deals with for telecommunications perhaps. Using that data, an attacker could assume your personality even better, because he knows something detailed about you. A good speaker could call up a secretary and with the proper words, get what they want, just because they know a little bit of “insider information”. A landline number (for those of us who still use those things), could give you an extension number, or a system of extension numbers. That way, you could exploit the company switchboard, operator or even voicemail. It’s unbelieavable, but in some cases, you can get to someone’s internal voicemail just by knowing their extension, name, and the “internal” phone number to call. Some systems are open to the outside world, because people may need to get to their voicemail from their hotel, mobile phone, home, etc.

The e-mail address will give you the method of naming. Is it first.last@company.com, or something else. This again is information you can exploit, while calling someone within the company, or perhaps the service desk, pretending to be a lost user without a password.

Realizing value

This is the core problem. People don’t view these things as risks. And neither do heads of corporations, or in the worst case, the security department (if you have one). How many buildings you work in actually have a method of making sure nobody unauthorized gets in to the office? How is physical security in general? How easy is tailgating?

I’ll give you a hypothetical example. A door has a codepad, which requires a magnetic keyfob, and a four digit pin-code to get in. Now, even without these, getting in is childsplay. Just tailgate. At any one time, betwen two and five people walk in with the same opening. There’s no reception desk at this door, but there is a camera. How often have you been confronted by someone asking you to show their ID? Not a single time. Most people don’t even carry their ID’s anywhere visible (which is a good thing on it’s own). Get to the elevator. Someone else uses their keyfob to activate the keypad. They hit their floornumber, and you hit your number right after, and you won’t need your own swipe to get to the floor you want. Get in to the actual offices without a key, again, tailgating. Pretend you’re from another office or something, based on the information you have gotten from a business card you found, or the company website. In most cases, you won’t be challenged. In most cases, people will open the door for you, and get you coffee if you’re nice and personable.

There have been cases where a hacker, impersonating a service representative, or helpdesk person, has actually carried out hardware from the front-door, and even had help with doors.

One of the greatest fallacies of all time is that “people won’t go through all that trouble to do that!”. You’d be amazed at what people are willing to do.

Treat every bit of data you carry on yourself as important. If you don’t, eventually someone smart enough is going to come along and exploit that. For fun, profit or something inbetween. Maybe just because he can.

And this is not even to mention what should be plainly obvious: Losing any bit of digital data might be really really bad. A hard disk might contain not only your files, but log-files that contain ip-adresses or in the worst case, passwords to internal or external systems.  The next time you lose something, take it seriously. The next time someone asks you for something, be curious as to the reason of his inquiry. We already stream out copious amounts of data that used to be personal, using social networks such as Facebook, Friendster, Twitter, etc. Don’t make it too easy for the badguys, huh?

ATI Fglrx and Ubuntu 9.10 Beta

So, i got the recently (1.10.09) released Beta of Ubuntu 9.10, and i’m happy to report that the propietary drivers for ATI work fine now, so you can get 3D acceleration. Screenshot below.


If i read this correctly, it works.
If i read this correctly, it works.

Firefox and Scrolling in Ubuntu

So okay, you have a problem with there being no utility for configuring how many lines you scroll at once in ubuntu? Shit, i mean, how can this still be missing? There’s no gui for configuring it, and doing it by hand in xorg.conf is a pain too.

So in Firefox, the default becomes one line per scroll. This isn’t satisfactory when you want to surf porn effectively, or scroll 4chan without having your eyes burned out. So to fix this you’ll do the following:

  1. Type about:config in the address bar in Firefox
  2. Accept the yabber about being careful (if you haven’t used this before)
  3. In the search-field (at the top), type mousewheel.withnokey.sysnumlines and set that to False (double click the value field)
  4. Again in the search-field, type mousewheel.withnokey.numlines, and set the value (default is 1, for one line at a time), to whatever you want. Personally, i use 5.
  5. Close the tab with about:config. Changes take place immediately.

A story about car dealerships

So it’s time for another story time with uncle grelbar. This time, i’m going to deal with.. well, car dealerships. This is a story on how they’ll try to fuck you over, but how you can, at least in my case, walk out as a winner.

My story begins with a standard annual service for my 2003 Nissan Primera station wagon. I bought it from Autokeskus Konala (Finnish Nissan/Dodge/BMW/Mini dealer) a few years ago, and i’ve been servicing it there as well, to maintain a good service record. So far, i’ve gotten excellent service, from the very start of our relationship. But this time was different.

I paid for my service on the 14th of September, got my keys, and went out to get my car from the lot. I was rather surprised that the key (which had been working flawlessly for two years), now suddenly would not open the doors. I went a bit closer, and the same thing: the doors wouldn’t unlock. So, i open the door with the actual physical key (shit, i can’t remember when i’ve last done that with a car!), and got in. Put the key in to the ignition. No start. Not even a peep out of the engine or ignition. No blinking red light in the dash (to indicate car is not running, etc.). Notice the lights are on, and that the battery is dead due to this.

At this point i’m starting to realize that i’ve been fucked over. I’ve just paid several hundred for my service, and my car is dead in the dealership parking lot. Not nice. I walk back in to the place, and ask what the hell is up. The guy, one guy, looks a bit tired, it’s probably the end of his shift. He asks for my license place and checks for what was done with my car. He instantly says “Nope, nothing in here explains a broken key. We don’t really have anyone working here who can help you at this hour (a bit before closing). Maybe the battery is dead?”. So, i mutter some obscure Norwegian curses, and head for the spare-parts section.

I buy a new battery, of the typ 2025, for 1,80€. Pay for the battery. Go out. At this point it starts to rain. Car still does not open with the remote control. I’m getting increasingly pissed off. I call my dad, who comes and helps me with starter-cables (since nobody at the fucking dealership offered their help), and the car starts right up. Key is still dead. I walk back in to notify the service guy that i’d be contacting them about this fuckup later).

Drive home. Try our spare key, which works fine. Call the dealership the following day, telling them that i had some problems with my previous service, and that i needed to talk to someone. Nobody was apparently available, so i left a message, with a request to call me. Three days pass, nobody calls me.

I send email to the head of the service department. Wait 10 days for a reply. Guy says that the coding of my key might have gotten scrambled when the battery was drained by some incompetent fuck who left the lights on. Seemed like a good explanation, except, why would my spare key work? The dead battery in the car somehow remotely broke the other key? Okay. He told me to bring it in on the first of October, to have it looked at.

Bring the car over in the morning of the 1st. Get a call in a few hours by some asshat who tells me “The key is broken”. No fucking shit. Also he tells me, that my spare key, which works fine, “also is working a bit badly”. Horse shit. Okay, next he throws the bomb. “A new key is 111 euro. Would you like to order it?”. I told him that this isn’t the way it goes, and that i’d contact his superiors.

I e-mail the same head of the service department who tells me that “The re-encoding which we promised, did not work, so the key is otherwise broken, and we are not liable.”. I complain, and he graciously offers to take the price down to 75 euro for a new key. I tell him that i won’t pay them a dime, since the key broke in their custody.

At this point, i also e-mail the head of customer relations at Autokeskus Konala, and the head of customer relations for the entire company, with the head of service as CC. A day passes. I get a new e-mail stating that the key would be replaced for no cost.

Lessons learned

So, when things fail, complain, and keep complaining up the ladder until you get what you want. But be sure you are right, and that they are wrong.

A car dealership can’t be like the coat-check, where they take no responsibility for anything left with them. When i bring in a car for service, i expect that it comes back in the same, err.. improved condition from the original. What i do not expect, is that my car is dead in the lot, and that my key has been broken by some asshat. Or that management gives me the fucking dick when i ask to fix what they broke.

Autokeskus Konala was on the Kuningaskuluttaja (“King Consumer”, a program about consumer rights) program, about ripping off some other consumer. I guess the fault in this one lay with Nissan, but in any case, this isn’t something we should just swallow and complement the taste. Consumers are being fucked over everywhere, by unscrupulous businessmen who know that if they push a consumer far enough, they’ll give up, because litigation, in many countries, is too expensive, or not an option.

But what we can do, is talk about it. Write a few blog posts, maybe e-mail your correspondence to a few news outlets. Talk to your friends. Sure, a blogpost, in the big scheme of things, is meaningless, unless you run a huge site. But at least you can raise some awareness. If two people learn something out of this, it’s been a good day.

Just don’t give in to unreasonable demands, and keep your eyes open when people are slapping you around with a wet cock. Too many people can just be intimidated, by an authoritative voice, to doing whatever they want you to.

Arrrrrr Trend Micro Office Scan

Okay, so this piece of shit program is pissing me off. It blocks sites like www.2600.com, which has *no* harmful content on it. When inquired on the reasons, they have not yet replied (I sent mail from my company account a few months ago). I guess it’s kind of like the government blocklist for “child porn” sites, which can’t be viewed, can’t be challenged, and can only be changed for the worse.

So how to defeat this stupid piece of shit software: Ping the address you want to visit, and type in the ip address instead of the DNS name. Presto. It’ll still complain if the site links to images or other stuff using the DNS name, but you’ll be able to view the content. Office Scan 0, Me 1.