I got my first pair of glasses when I was six. I vividly remember walking back into my second-grade classroom after going to the eye doctor to pick them up. TheChild, being much more advanced than her old man, has picked up her first set at the ripe old age of not-quite-four.
(I really need to work on my “digital darkroom” workflow. Any pointers for color-ignorant n00bs, O’ Great LazyWeb?)
We’ve mostly missed the effects of the monsoon that’s been wrecking havoc around these parts lately — trying to drive anywhere has been an exercise in patience-building, a tree in the neighborhood exploded due to a lightening strike, and there are currently two Greens trying to get our front yard classified as a protected wetland area, but other that that it’s been life as usual, only slightly damper.
Unfortunately, that run of good luck ended this morning, thanks to a near-bursting earth dam a few miles upstream of TheChild’s day care — the neighborhood it is in has been evacuated, and TheChild and I are going enjoy a day at home instead of a day at work.
It’s bright and sunny outside at the moment, however, so maybe things will get a chance to drain off and dry out and return to what passes for normal in these parts…
(Added later: Meant to mention that I caught that WTOP link from Medley’s furlstream.)
I picked up Perl Hacks at the book store the other day. I’m not going to do an in-depth review, mainly for lack of time — all I will say is that if you’re a reasonably serious Perl programmer (i.e., if at some point somebody has given you money because you knew some Perl) and you’re interested in learning more about it, this is a good use of your thirty bucks. You will get at least that much value back out of it.
For me, the book had paid for itself by the end of the first chapter, by introducing me to Pod::Webserver. This handy little dingus provides a local high-port web server for all the Perl documentation that’s stored on your computer. So, doing some coding on your laptop in a wireless-free zone and want an HTML view into perldoc? Fire this baby up and it’s all clickity-click action. Completely worth thirty smackers, that tip, at least IMO.
Stuff that I think is cool but can’t be bothered to give a whole post for:
*I don’t really wish she was older, of course. She seems to be growing up at just about the right breakneck pace all by herself.
… Mark Pilgrim’s great, snark-filled Essentials 2006, listing his critical pieces of software after switching from Mac OS X to Linux. My faves:
- digiKam + Kipi plugins. It’s just like iPhoto except it calls albums “tags”, exports to Flickr for free, exports to HTML that validates, stores my important metadata in a SQLite database, can be operated entirely with a keyboard, and doesn’t suck
- amaroK. It’s just like iTunes except it automatically fetches lyrics from Argentina, automatically looks up bands on Wikipedia, automatically identifies songs with MusicBrainz, and its developers are actively working on features that don’t involve pushing DRM-infected crap down my throat.
The M-x yow command (aka Zippy the Pinhead mode) is being removed from Emacs.
(Via a comment on and a small aubergine…, on a post outlining a way to use M-x yow to provide more interesting template boilerplate than the traditional Lorem Ipsum.)
TaskAnyone looks like it could be potentially useful, but $5/month seems steep for something that puts a pretty face on cron and a pile of Template Toolkit.
I’m probably pretty outside the target demo, though.
…to my good buddy Mike, whose job just got significantly more challenging (and interesting!), it sounds like.
As I mentioned earlier, we’re getting our basement finished. One of the end results of that is that my office space will be moving from the second floor to the basement — which should be much nicer for the servers, which currently get a bit warm in the summer months. Of course, this means I need to think about what to put in the new office — my current office furniture is pretty sad, and I’m going to have quite a bit more space in the new office than I do currently.
I saw Tom point to Puzzle Floor — which is really cool, but far, far too expensive.
I also found a link to Can-Am media storage cabinets somewhere — those are also in the “cool, but daaaamn pricey” category, unfortunately.
Does the Lazyweb have any suggestions as far as office decoration ideas or pointers to cool and functional office furniture?
First, if you’re in any way responsible for security or data integrity for any sort of sizable operation, you should really review your policies and procedures for locking down accounts and accesses when IT staff resign or get fired. Nightmare on Wall Street details some of the things that can happen if you don’t handle things the right way:
Federal prosecutors charge that Duronio, a former systems administrator at UBS PaineWebber, planted malicious code — what they’re calling a logic bomb — on the company’s network.
…
The government contends Duronio built and planted the malicious code months ahead of time and then bought stock options — using money that he got cashing out his and his wife’s $20,000 IRA — that would only pay out if the company’s stock took a dive within 11 days. By laying out a short expiration date — 11 days instead of maybe a year or two — the gain from any payout would be much greater.
O’Malley said Duronio planned on making sure that that’s exactly what would happen, by crippling the company’s network.
“He knew something everyone else didn’t know,” O’Malley told the jury. “As he was escorted out the door [on the day he quit], there was working in the UBS system a time bomb. Within an hour or so, he was in a broker’s office making bets that UBS would take a dive.”
Second, if you’re looking to penetrate a network or installation, it turns out that the best way might not involve brute force or clever detection of holes to crawl in though — the best way probably involves exploiting people’s natural greed and curiosity:
After about three days, we figured we had collected enough data. When I started to review our findings, I was amazed at the results. Of the 20 USB drives we planted, 15 were found by employees, and all had been plugged into company computers. The data we obtained helped us to compromise additional systems, and the best part of the whole scheme was its convenience. We never broke a sweat. Everything that needed to happen did, and in a way it was completely transparent to the users, the network, and credit union management.
Of all the social engineering efforts we have performed over the years, I always had to worry about being caught, getting detained by the police, or not getting anything of value. The USB route is really the way to go. With the exception of possibly getting caught when seeding the facility, my chances of having a problem are reduced significantly.
You’ve probably seen the experiments where users can be conned into giving up their passwords for a chocolate bar or a $1 bill. But this little giveaway took those a step further, working off humans’ innate curiosity. Emailed virus writers exploit this same vulnerability, as do phishers and their clever faux Websites. Our credit union client wasn’t unique or special. All the technology and filtering and scanning in the world won’t address human nature. But it remains the single biggest open door to any company’s secrets.
Finally, speaking of USB drives, David Pogue reviewed some new software that lets you carry a WinXP “ecosystem” around on a flash drive. My initial thought: this is pretty cool. My second thought: this totally makes hash of policies about what software can be installed on the “enterprise” desktop. You might have your users locked down to the point where they can’t install anything, but if there’s a free USB port, they can now easily route around you.
