Bored Engineer

So there’s this saying, “There’s nothing more dangerous than a bored engineer”; I tend to think that it’s true. I’ve had very little to do at work lately, which has been in equal parts frustrating and annoying. I like having stuff to do. I like having plans for the future, but at the moment, there’s very little. Anyway. I popped into Westfield the other day, and caught a Free BBC Prom....

June 3, 2011

Cloud Backup Strategy

It has recently been brought to my attention that a number of users of cloud-based hosting services tend to use an “integrated” backup solution provided by the cloud host. This is probably some form of snapshot-based backup of a server’s state. I quite like the idea of doing this, especially if there’s no impact to the server being backed up whilst the snapshot is taken. However, I can immediately see one big problem with it....

May 30, 2011

Desktops As Servers

Personally, I hate the idea of using a desktop as a server in a production environment. I’m going to define the term “production environment” first. If you’ve got an environment, any environment where the service provided is relied on by anybody, for any reason, then that’s a production environment. If it’s just for you, and you don’t mind when it all goes wrong and the shit hits the fan, then that’s fine....

May 1, 2011

mod_rewrite is killing social media

This is a little ranty, but it’s really pissed me off lately. That’s right. It’s you. The ones with image hotlink protection, and the ones who rewrite URLs to do strange and special SEO things, but who don’t actually think about what happens when you send someone a link to something. (For the uninformed, hotlink protection is that thing where you get sent a link to an image, but the site owner is being draconian, and redirects you to google, because your referer wasn’t their own site, so the image must have been stolen, and put on another webpage (!...

April 24, 2011

Seriously, What?!

Sometimes you read something on the internet and think “Huh? Really?”. When I read this, I swear, you could almost hear my brain go boggle. When I first started using Java, I remember reading something in the EULA (yes, I read it), about not using it for mission-critical or life-critical circumstances. Something about avionics and nuclear power stations. Specifically “You acknowledge that Licensed Software is not designed or intended for use in the design, construction, operation or maintenance of any nuclear facility....

April 23, 2011

The Name Game

(If you’ve just read this for the first time today, you should read all of it.) The first meme we’ll discuss is the “Royal Wedding Name”. BOHICA. Again, It seems that some of you aren’t understanding how these things work. The Royal Wedding Name asks for Your grandparent’s name (first name, male or female) Your first pet’s name The name of the street you grew up on. Right, you lot. Stop this now....

April 23, 2011

Where are your eggs stored?

When I was growing up, one of the things that particularly interested me about the English language were idioms and proverbs. I think today, whilst many are still suffering the effects of the week, we should look a little more closely at one particular proverb, and perhaps its effective meaning today. “Don’t put all your eggs in one basket” :- This phrase is commonly (and some might say, incorrectly) attributed to Miguel Cervantes (in Don Quixote), but some sources have reported its usage as early as 1600....

April 22, 2011

ISC DHCP and PowerDNS

Lately, I’ve been playing around with a pair of domain controllers in the office, trying to figure out a good way to implement a domain. See, the problem is, this kind of thing is a “nice-to-have” rather than a core requirement. At least as far as the business directors are concerned. Their argument is something like “It worked fine with just a bunch of PCs connected to a switch”. I do like things manageable, and planned, and certainly now as we’re approaching 50 desktops in the office, plus mobile devices, plus laptops, and FSM knows what else, that there’s a real need for a bit more structure and management....

April 20, 2011

Proposal: Increasing Facebook Security

As I proved in my last blogpost, it’s actually trivial to compromise a facebook account given a very small amount of personal information. After talking to a number of other geeks on Friday night, two things became quite apparent. Facebook security is poor, at best, and the ability to change the user’s contact email address is shocking. Security questions and secret answers are easily exposed by social engineering, thus, these questions only work effectively if you have a completely different identity which you only use for secret questions and answers....

March 6, 2011

Identity Theft

To prove a point about the latest “Pornstar Name” Meme that’s currently going around Twitter. Basically, the meme asks for you to tweet your Pornstar name which is comprised of the name of your first pet, and your mother’s maiden name. I’m furious about this. Those two names are the two most common answers to security questions found on a number of websites. So. A theory: “Given just a user’s facebook name, and their Pornstar name, it should be possible to compromise their facebook account”....

March 4, 2011