100th post & various short stories

Incredible, isn’t it? This is the 100th post! Also a curious thing: in both October an November I had 39 posts (I didn’t plan it and didn’t observe it until I moved over to the beta Blogger and started tinkering with the customization of my blog). What follows are some small bits of information:

A great Windows Commander / Total Commander / Norton Commander replacement for Gnone: Gnone Commander (yes I know about MC, but for the moment I prefer something with a graphical UI)

If your menu panel locks up under Gnome, switch to a text console (with Ctrl+Alt+F1 for example), log in and do a ps x|grep gnome-panel. You should see two processes: the gnome panel and the grep which is searching for it. Use the PID from the first one and do a kill -9 with it (kill -9 4528 for example). Now go back to the user interface with Ctrl+Alt+F7 and the panel restarts.

To find out why a GUI program isn’t starting, try opening up a console and running it from there. Normally the error output of the GUI programs will go nowhere (unless they chose to display a dialog with it), but if you start them from a console window, they might print out error messages there. For example I found out that I need Java 1.5 to run jEdit. To find out which command to run for a particular application, go into System -> Preferences -> Menu Layout, right click on the item you are interested in and select Properties. The command you need to type in is in the Command field.

To find out which Java installation you have, open up a console and type java --version. If Java replies Unrecognized option: --version, use java -version. If you try to update to Java 1.5 (also known as Java 5.0) and after doing sudo apt-get install sun-java5-jre the system still says it’s running Java 1.4.2, you might try uninstalling the java-common package (and also all the dependencies) and then reinstalling the sun-java5-jre package. The nice thing is that the packages are in your apt cache (supposing that you didn’t do an apt-get clean in the meantime).

Over at Ajaxian you have a great post: . My message to those who say this is nonsense: look inside you. You overcomplicate everything and for every problem you think oh, we need javascript. Almost every problem can and should be solved traditional methods which are guaranteed to work on 99.9% of the web browser. And if you think you should do graceful degradation and find it hard, it is hard because you are coming from the wrong end. Start simple and use progressive enhancement.

Finally about our good friend Steve Gibson. The latest podcast (number #69) was good and fairly accurate (because he stayed away from technical details and talked only in general terms), however I found out what the semi-secret new program of his will be (by reading the mails on his news server – it seems he is an old fashioned man). Quote:

GRC’s forthcoming little “SecurAble” freebie will be a simple
tool that anyone can run to tell them which of these security
enhancing features are already present within the processors of
the machines they now own. It would also come in handy for any
security-aware shopper to instantly verify that any machine
they’re looking at and considering purchasing supports these
desirable and potentially important security enhancing
capabilities. Why would anyone purchase a machine today that
didn’t have these features?

My examination of Intel’s chip numbering for “which chips have
EM64T” quickly revealed that it’s a maze of numbers, and that
it’s difficult to know WHAT you have without some real study.

SecurAble (which I think is a pretty perfect name, but I’m
certainly open to anything better) will simply display five
attributes of any system it’s run on:

The manufacturer of the Chip.
The model name of the Chip.
Whether it support 64 bit extensions.
Whether it supports hardware enforced DEP.
Whether it supports hardware virtualization.

My opinion: why reinvent the wheel? There are perfectly good system information tools out there (for example WCPUID) which supply the same information (in case of WCPUID look under the Extended Features Flag, and check out the ones name Virtual Mode Extension, 64-bit extension and No Execute page protection to get the same information). My prediction is that this will be a glorified CPUID instruction with a bunch of nonsense written around it. The fact is: no hardware or software can make you magically secure, even though some people might want to make you think that it does. Only by learning secure and cautious behavior can you be safe (in both the real and the virtual world).

, , , ,

2 responses to “100th post & various short stories”

  1. Securable is designed to be simple. CPUz and other utilities are great for us geeks, but (as your post reflected) securable is for the average PC shopper to use. Not trying to be a Gibson apologist, but you pretty much ignored the whole point of Securable.

  2. Security is a complex thing and should not be “dumbed down”. And (IMHO) a user is smart enough to understand (at least at some level) why having PatchGuard, DEP and so on helps, s/he is certainly smart enough to use CPUZ or even to figure out on her/his own if a given computer has these features.

    Time that would have taken to write a tutorial about using CPUZ to identify these features: 1 Hour, time that took to develop Securable (until now): at least 4 weeks. Don’t reinvent the wheel!

Leave a Reply

Your email address will not be published. Required fields are marked *