Sunday, January 20, 2008

The lemming has moved

Welcome to the new home of the most anonymous lemming in town. I've had a good long look at what options are out there, and wordpress looks like it's the best suited to my needs. So from now on, you'll find me over at

I hope you'll follow me over there real soon!

Thursday, January 17, 2008

Toolin' around

Looks like I'm late with this week's edition, but Max is still not well, and we've been running him back and forth to vet. My kitty is not happy, so I'm not happy!

Anyway, without further ado, lets have a look at what has been running around my head this past week.

As a species, we seem to have an instinctive need to place blame. This, combined with a desire to avoid conflict seems to make for a really messed up society, because if we can't blame people, what can we blame? In too many cases it seems that we just turn around and blame inanimate objects.

You've all heard the slogan "Guns don't kill people, I do", right? Well, it's the same for cars, knives, rocks, nmap and netstat (with or without the -rn switch). And yet we still want to restrict these tools instead of dealing with the people who use them to do bad things.

If guns kill people, how come Switzerland isn't awash with blood? Why doesn't Norway look like the scene of a John Woo movie on a weekly basis? Maybe the real problem is the culture that the guns are used in, and not the tools themselves? Ya think? Nah, can't be.

Now before you miss the entire point of this article (you know, the 70 odd percent below this bit and latch onto the gun comment) if anyone has a right to hate guns, after the last time I saw my mom, that would be me. But I don't - I still see them as a useful tool for the most part.

I will grant that some tools can only be used for bad; take nucular missiles for example. But try to stay focussed on the bigger picture here, m'kay?

The UK knife laws are bad enough as it is. Does anyone know what the actual conditions under which you can legally carry a blade in London are? I've got a rough idea, but I've never been able to get someone to give me a definitive yes / no answer.

Can I carry my R30,000 Leatherman? Common sense and interpretation of the law before Gordon Brown's instruction to the police to charge anyone caught with a blade would say, yes, I can. But do we really want to rely on common sense in a country where the government and the police have shown a consistent lack thereof? Is it worth the risk of getting a 5 year jail sentence because a plod decides he wants to put me away for a while? Remember, we're talking about the same country where you can get arrested under the terrorism act for walking on a cycle path! But try and get some guidance out of the Metropolitan Police on this issue - go on, I dare you!

Ok, so I shouldn't carry my Leatherman, despite how useful it's been to me in loads of situations over the years. The Kershaw, gorgeous though it is is right out. But now they want to take my software away!

Yep, you heard me right... Nanny would like me to put down my packet sniffer and step AWAY from the keyboard.

The dangerous section of the bill states the following:

(1) A person is guilty of an offence if he makes, adapts, supplies or offers
to supply any article—

(a) knowing that it is designed or adapted for use in the course of
or in connection with an offence under section 1 or 3; or

The problem here is in the statement "... knowing that is is designed or adapted..." (emphasis mine). You see, many of the tools that I use to improve security, troubleshoot network problems or investigate connectivity issues could very well be adapted for nefarious purposes. But so can a length of rubber hose; I could use it to retrieve your encryption keys by beating you about the body with it for hours on end. And rubber hose isn't illegal! Nor are rocks, despite the hundreds of deaths that cavemen likely inflicted on each other using those WMDs. Won't somebody think of the cavemen!?

I make a good living in the IT world because I have something that many other people I've worked with over the years don't - I have an insatiable need to understand how things work. This makes me very good at my job because I understand things at a level that others often don't. I know how they fit together and what problems cause other problems. I know to check that the cable is plugged in, rather than calling the vendor, writing a suite of software diagnostic tools and sacrificing a chicken. Well, ok, maybe the chicken thing is a useful step, but I digress.

I have none of your fancy university larnin'... I've learnt everything I know by prodding, by pulling things apart, by trying to do stuff and seeing what happens. And now my government want to hamstring me, they want to reduce the technical abilities of an entire generation, and the only thing their actions will achieve is to make Britain less secure and less able to deal with attacks on our systems.

You could argue that it will probably still be OK to own a copy of nmap and that if you're a Linux distro, you can still safely ship tcpdump and *gasp* telnet. But you could also argue that it's alright to walk on the cycle path. At the end of the day, you'd probably never be punished for having these tools unless they were looking for a reason to put you away. Then, all the little things you're guilty of (and honestly, who isn't guilty of something these days?) can be used to make you go away. Remember, we now live in a world when you can get a $60,000 fine for running
$     host -l

What happened to punishing people who did bad things, you know those we refer to as 'guilty', rather than punishing the rest of us? When did it become the role of government to cripple our economy and hand the competitive edge to other countries?

Monday, January 07, 2008

All your moniez are belong to charity!

There's been a lot of data leakage in the UK lately. The same lot who want us to trust them with a central database linking all of our data and include some irrevocable biometric markers don't seem to understand the Data Protection Act or have the ability to install Gnu Privacy Guard.

As a result, they managed to lose 25 million records containing data that they had been expressly asked not to send in the first place, and furthermore were breaking the law by sending. Whoops! But hey, no worries - no-one is going to lose their job over this, because it's the gubmint, right?

There was a lot of publicity at the time of the initial loss, and many people tried to down-play the severity or possible impact. Possibly one of the funniest quotes would be "Honestly, I've never known such a palaver about nothing" made by Jeremy Clarkson.

Now, I'm not a car genius, so I try not to comment on new cars and their design or manufacturing technique beyond the bits I absolutely know about. In the same vein, I'm pretty sure he's not a security expert or very clueful about identity theft.

Fortunately, someone kindly educated him for us, and now hopefully he'll return the favour by educating some Sun readers (because lord knows, a lot of them need it!)

If you've not clicked the link for whatever reason, I'll explain; after he posted his bank details online, just to prove that he's "...never known such a palaver about nothing", someone setup a direct debit donating £500 to the charity Diabetes UK from his account.

Ok, granted, it would have been a shedload funnier if they'd sent it to Greenpeace, or some charity that campaigns for an end to cars, or better still, anything supported by Ken Livingstone, but as it stands, I'm impressed. I lol'd... honest!

There's a lesson to this story chillen - identity theft is a very real threat and can absolutely ruin your life. Be careful with your old credit and debit receipts, get a block put on your credit report if you can that means you have to provide ID for all loans, etc. and check your bank statements regularly. And don't be a boastful prat in a public newspaper.

At least he was man enough to admit his mistake - I just hope he lets the charity keep the money... call it an educational cost!