Morpsetek

I’ve been skimming the Australian Inquiry into Cyber Crime found here: http://www.aph.gov.au/house/committee/coms/cybercrime/report.htm

Most of the report is geared to scare lawmakers. The damn thing reads like every computer on the internet is out to get you and anyone not running the latest McAffee or Norton is some kind of rube and their computers are in botnets (that may be roughly true, but the insults to the intelligence of their citizens in a government report are interesting).  Most of what I read focuses on just how bad botnets are. Most of the other information I’ve seen on this report focuses on how it recommended that all computers must have anti-virus and firewalls in place before they are allowed onto the internet. Many of them also catch that you could be disconnected from the internet if your machine gets a virus. While these are interesting debate points and for any modern operating system adding a AV is trivial, most already have firewalls, that’s not the really important parts of the report.

Fun Key Phrases:

“By necessity this has to be a joint public-private effort because the
architecture of the Internet and the IT technology is in private hands.

…

-public-private information sharing on a wider range of cyber crime
types.”

Gee, I wonder what they have in mind here. The first line acknowledges that the majority of IT infrastructure is privately owned and operated. The second line says that they want wider sharing of information on cyber crime. Given that it’s a government on the lacking side of the data, just how do you think they are going to go about getting it? I doubt very much that they will ask nicely.

“That the Australian Communications and Media Authority further
increase its access to network data for the purpose of detecting malware
compromised computers. This should include active consideration of
how to increase access to network data held by global IT security
companies and, in consultation with relevant departments, whether legal
protections to address commercial, regulatory and privacy concerns are
desirable. “

Sure the stated purpose is detecting malware, but look at what they are asking for here. “We want to see all the data associated with any networked computers.” This isn’t just your home computer through your ISP. This is any networked system in the country, meaning business with appreciable IT infrastructure will fall under this. Schools, companies, and ISPs will have some way of the government tapping into their networks to monitor them. Now, I’m no legal expert and I’m even less familiar with Australian law but this reads to me like they want to wire tap the whole damn country.

“That the Treasurer consult with State and Territory counterparts with a
view to amending the Australian Consumer Law to provide a cause of

action for compensation against a manufacturer who releases an IT
product onto the Australian market with known vulnerabilities that
causes losses that could not have reasonably been avoided.”

This is the biggie. The anti-virus argument can be fun to have, the network monitoring is probably going on anyway, but this one takes the cake. That little paragraph right there means that anytime a bug or problem or backdoor is found in any kind of IT product (be that software, hardware, embedded devices, ect.) the company that sold it could be sued for every product sold after the bug is found. Who ever wrote that line has absolutely no understanding of the current state of software today. As an example, new bugs and vulnerabilities are found in Windows, IE, Firefox, or Adobe Flash almost daily; if any one of those products (that are all generally on any new computer sold today) are found to have some kind of vulnerability the manufacturer (i.e Dell, HP, Gateway) would immediately have to pull their computers from the market until the bug is patched. Essentially, all IT hardware would not be sold directly in Australia anymore. It would all have to be imported directly by citizens (adding to the cost) with the understanding that the Australian law doesn’t apply because they bought it from outside the country. Obviously I’m reading that at a bit of an extreme here, but even with that nice key word ‘reasonable” in there the threat of lawsuits against companies for security flaws would at best slow down new innovations and devices so they could be tested, or at worst keep the product from entering the Australian market at all.

Security and convenience are always at odds, and while this report isn’t making up the threats (the internet is not a nice place) the reaction to them seems WAY overblown. The report reads like an excuse for the government to move in and monitor all data traffic through the country, and let them shake down IT companies that sell equipment there.

I have played with a lot of operating systems on my Dell Mini 9: Windows XP, 7, briefly Server 2008 (long story), OSX, and most of the Linuxs that are out there. This setup is the result of a LOT of playing around and testing, and I find it works well for me.

As a base, I’ve gone with Linux Mint 9, it’s basically Ubuntu, but I like the default package set better and I don’t have to fix the window buttons. As a side note, the only reason the buttons being moved bugs me is because I have so much muscle memory that it screws with me when they are in the wrong place (that may also be the reason I don’t care for Macs). Anyway, Mint is a good base and has enough things working out of the box that I don’t have to spend a ton of time tweaking before I can use my system. I used to use Arch almost exclusively, but I just don’t have the time it takes to build an arch desktop these days. I still lean toward Arch for servers, but for desktops I find the Ubuntu based stuff saves enough time up front that I can deal with a slightly less optimized setup. Easy to use Linuxs are still Linux, so take from that what you will.

The first thing after I install Mint is to get it up to date. So pop open a terminal and issue my favorite command: “sudo su”. This gets you into the root account without setting a root password. On Ubuntu based systems the root account initially doesn’t have a password set and the first account you create during the install will  be able to use the sudo command for administrative tasks. I like not having the root password set at all because that means it can’t be authenticated directly, you have to get into my account first meaning an attacker probably doesn’t know the correct user name to go after (and the 50742 attempts at the root account on my SSH honeypot tell me that this is a good thing).

At the root shell, the first command I throw is “apt-get update && apt-get upgrade”. This command tells the system to update it’s repositories and bring the system up to the latest package versions. This command usually takes a while, next I get some software that I like to have on a system:

“apt-get install ubuntu-restricted-extras prism wine vlc idle-python2.6″

I also prefer a taskbar similar to the windows superbar (albeit much smaller). To do that, I remove the mint menu from my gnome bar along the bottom of the screen (right click the menu and hit remove), then right click a blank spot on the bar, then Add to Panel, and then add the gnome menu. I also usually remove the show desktop button and the window list (this one can be hard to find, it’s the little bar next to where open windows show up in the task list). At my terminal I enter:

“add-apt-repository ppa:dockbar-main/ppa”

then “apt-get update && apt-get install dockbarx”

Then I go back and add the dock bar to my gnome panel. This is all personal preference and gnome can be configured in any number of diffrent ways with a bit of effort. I also usually move the panel over to the left side of the screen, as most laptops have wide screens, but web pages are big on vertical space; go figure.

The next big task is to get Firefox squared away. The netbook has limited screen space, so we need to maximize it’s use. As an alternative to all this, Google Chrome is a lot closer to the layout I end up with at the start, but chrome doesn’t have No-Script.

First up, The add-ons:

• HideCaptiontitlebar plus
• TabsOnTop
• TinyMenu
• No Script
• Ad Block plus

After installing all those restart Firefox, when it comes back up right click and remove the bookmark bar, right click any of the nav buttons and click customize. Then drag everything, one at a time, from the nav bar into the menu bar where the tiny menu text is. Once you have everything moved, right click and hide the nav bar. I also like to change some of the add-on settings, changing the tiny menu text to the tiny menu icon and turning off the no script warnings.

That’s how I setup my net books for long term use. I generally find the Linux terminal and Firefox alone are enough to let me get around 90% of what I do every day done on my net book. I usually setup Prism links for my e-mail accounts and skip using Thunderbird. I also have been having fun with Gwibber for my twitter account.

Edit: Thought I would add a screen shot:

Went geocaching again with Madman and Cozmanian. Found 2 out of 3. The first cache was a a camo-duct tape covered jar in a hollow tree, covered in crickets. There was a really cool geo-coin inside it too. I didn’t take the coin as I haven’t been doing this very long and to be frank about it would probably have wanted to keep it. Coz said much the same so we left it. I meant to grab my better camera but all I had with me was my phone, so the pics are from that. I also figured out a trick for getting co-ords into my garmin without a serial cable and laptop, turns out you can set a mark, then immediately edit it and set it to where you want to go. This is nice as I’m beginning to think that the gps in my iphone is fubared.

I had found some cards I made for this website a while back (with a really old, crappy logo on them), so I threw them into the bag so I could leave them in caches. If you’ve come to this website because you got the URL from one of my cards left in a geocache, let me know. I’ll make some better cards if people are actually finding them.

The 2nd cache we found was a micro, in a magnetic key holder under a lamp post in a parking lot. This town seems covered in micros, I’d love to see some bigger ones. I’d also like to see some caches where the person placing them knew what poison ivy looks like….

Unh, not a good time. No one’s fault but my own, but I’m not going to let that stop me from complaining. I decide to Geocaching this afternoon. I’m not sure what I was thinking, but thin shorts and a tee shirt are not the proper equipment to go rooting around parks and people’s backyards in. To further add to my frustration, I discovered that I can’t add new way points to my little GPS unit without the cable and a computer, or by standing on the spot and marking it. I’ve been playing with the iPhone geocaching app as my data source and using a little Garmin as my GPS, as the Garmin is a WAY better GPS than the iPhone, too bad I’ll have to lug a laptop around to program the thing if I deviate from my planned hunts. So, here’s the checklist for next time:

• Research the caches your going to check out before leaving the house
• Program those caches into your GPS and know it’s functions before leaving the house
• Dress appropriately and bring the correct equipment

Maybe I should just never leave the house, I’ve got enough electrotics projects laying around and more than a few videos that need editing.

This is a great little Mario game. Go download and play it. Don’t ask questions just do as your told…

http://www.mfgg.net/?sess=b04335d90327b0b19cfaf7952995244a&act=resdb&param=02&c=2&id=17546,

I’d been coding all morning and I knew I had a lengthy report to write in the afternoon, so I decided to go for a walk on my lunch and do some impromptu GeoCaching. I recently picked up the app for my iPhone to review on Nameless(7), so I thought I would test it out. Well, long story short I didn’t find any caches, but I did find a secret door to China! Considering that the code I was working on all morning was a log parser for a SSH honeypot, and one of the first results was that computers from China were the most common attackers; I was hoping I could use the door to head over there and nicely ask them to stop.

www.tuxradar.com has a series of video tutorials on using Python on Ubuntu. The first one is probably the most useful, but they all are rather good. Check em out:

http://www.tuxradar.com/content/python-pygtk-webkit-20-minutes

http://www.tuxradar.com/content/code-project-build-pygtk-rss-reader

http://www.tuxradar.com/content/code-project-build-pygtk-language-translator