Wednesday, March 23, 2005

The Art of Deception

During my flights to and from Denver I read The Art of Deception: Controlling the Human Element of Security (thanks Mike for letting me borrow it).

It is about corporate security, but the first 14 chapters are stories about ways in which social engineers can get information out of people. What's a social engineer? They are like a computer hacker, but instead of just hacking into a computer they use social methods, such as collecting enough information about a person so they can pretend to be that person over the phone and just ask a bank or coworker or whoever for sensitive information about the person. What makes this book particularly interesting is that the author, Kevin Mitnick, is famous for being a social engineer and since being arrested and serving his time has become a corporate security consultant. So he actually knows how social engineers work and the tricks of the trade.

The stories can be entertaining from the perspective of wow, I would have completely fallen for that and oh, that's how you steal someone's identity. While they are mostly about corporate security and information it is easy to see how the same techniques could be applied to getting your credit card or social security number. The corporate security sections at the end are kind of boring and I just read through those since I was on a plane and the movie was Finding Neverland.

Warning, reading this book can make you rather paranoid, although that's kind of the point.

Saturday, March 19, 2005

An Exciting Several Days

Wednesday and Thursday I spent a ton of time in lab helping students in the analog lab class I am TAing get a lab finished up. The first 5 labs in the class can be built fairly sloppily, but the 6th lab involves a gain of 4000 so if you are sloppy at all (and even if you are not and are just a bit unlucky) then instead of an amplifier you get a nice noise source or oscillator. So of course those were an interesting two days. Toward the end of Thursday, two of the students who had been checked off for the lab were working on an extra credit part of the lab which is a power source and when you try for too high of a voltage out of it you get a ton of ripple on the power source. This is expected but after talking to them about why it happens I told them that that means they are going to need to redesign it and then quickly told them I was just kidding. One of them went from a look of horror to laughing. The other one was in so much shock she did not catch on that I had said I was kidding or that I had signed her lab - it took me a little bit to clam her down and explain that I was just joking and that that problem should be there. I felt so bad because I was just trying to lighten the mood.

The next morning I had a 10:45 flight to Denver to go to EntConnect, an Entrepreneurship conference that my Uncle is taking me to as my graduation present (Thank you Uncle Len). After the long night at lab I ended up sleeping until 10:55. I was freaked out and figured there was no way I was going to get out there, Susanna helped me calm down (Thank you Susanna) and look around at some possibilities. Then there were a series of calls to us air, united, and Len and Lorraine which lead to me just heading to the airport to see if I hung out long enough if I could get on some flight on stand by (Thank you Lorraine for suggesting this).

Some lessons learned on the phone - US Air will allow you to fly stand by if you are flying on miles, but United will not. Even if you have a first class ticket (double thank you Len and Lorraine!) if you are flying on miles then on the phone you are still restricted to flights you can use miles on. Another interesting part of this event was neither untied or us air seemed to have any record of my ticket when I told them the flight number, my name and destination but when I then told them my ticket number they found it right away.

I got to the airport at 1:30 and went up to the first class line, luckily there was just one person ahead of me, I went up to the person working at the counter and explained the situation (well except for why I missed the flight). She typed away for a while and again could not find my reservation and asked if I had any documentation, luckily I had my laptop and pulled up the email with the information and held the laptop so she could read off the information. She then asked me if I had anything to check - I said no - she told me she's putting me on a 2:00 flight that will stop in Charlotte and that I should run, she also added that I was lucky I got her because anyone else would have made me fly stand by.

I ran over to security - told them I had a 2:00 flight and got to skip most of the line and got to the gate about 5 minutes before they started to board.

The flight was fine.

When we landed and I found a place to sit I called up Teradyne to accept their job offer in Agoura Hills. They seemed excited and I am very excited. We will be talking sometime in the next couple of weeks to figure out all of the details. I decided on Teradyne because I enjoyed working there during my internships, also because I like the fact that the group I will be working for does a large variety of projects, unlike a lot of the design companies I talked to where people tend to start working on a very specific type of circuit and stay with that forever, and of course location. Especially after the past two winters in Boston I am looking forward to hanging out on the beach.

Well as I was finishing up those calls I heard an announcement that they overbooked the flight I was on by 6 seats and they are looking for volunteers (WOW - I am glad the woman at the counter had booked tickets for me instead of having me fly standby...).

This flight was also uneventful.

When I got into Denver I took a shuttle over to dinner where I met up with Uncle Len and some of the people attending the conference, we had a very good and big Italian dinner.

The next day we went to the conference which had some interesting talks. Particularly interesting was one talk about persistent search, rss , a9 and a couple other topics and combining them. Also someone who had worked for the Navy designing submarines during the 60's and 70's discussed some of the subs designed during that time and his own personal involvement. I also found it interesting to talk to some people who have been working in technology for a long time and who have ventured out on their own. From what I picked up from them matched what I have been noticing/been told which is I definitely feel that staring off with Teradyne and learning there is the right way to go but to keep my eyes open for opportunities. I also found it interesting that some of the people seemed like they were looking to go out on their own for big money, but almost all were out on their own so they can work on what they want and/or they can live where they want and have time for family.
And of course it was fun getting to hang out with Uncle Len.

Tomorrow there is a bit more conference in the morning and then in the afternoon I head back to Boston, this half of the flight it will be direct and I am in 1st class so that should be pretty comfy.

Well, time to get packed up and ready for bed so I can be awake for the talks tomorrow morning.

Monday, March 14, 2005

Before you install Windows

If you are installing/reinstalling windows it is important to remember that until you download all of the security updates your computer is very vulnerable (and yes it can take only minutes before something will try to attack your machine). So the way to get around this problem is to physically remove the ethernet cable from your computer before installing windows. Then once it is installed follow these instructions:
Step 1: Use an Internet Firewall

Once the firewall is on you can begin the exciting task of getting all of the security updates (at this point go ahead and plug the ethernet cable back in). Once you have all of the updates you might want to try leaving the firewall on, but you will probably find that lots of internet applications will not work, if that's the case go ahead and turn the firewall off.

If all of this sounds like a pain it might be time to look at this:
Mac mini

Sunday, March 13, 2005

Darik's Boot and Nuke

If you are ever looking to really erase your hard drive then the following link is rather helpful:
Darik's Boot and Nuke

If you just format your drive you just erase the table saying where the files are, but you do not actually remove the bits describing the files form your hard drive. You might think that you could just write all 0's to your hard drive and that would do it, but of course there are some clever people out there so to really do it you actually need to write over it in a random pattern a number of times. In addition, of course there are also further complications. Luckily this disk takes care of all of that for you.

WARNING - if you make a disk from this website and you put that disk in a computer and the computer restarts - everything on the hard drive will be gone with absolutely no way of recovering it. So before you make the disk label it and then only put it in a computer if you really mean it.

If you want to download it scroll down to Download and click on Floppy Version and then pick the mirror closest to you. Then click on the icon on the right of the screen corresponding with that mirror. After the files are downloaded run the install program. For further instructions see the links under download or ask me.

Thursday, March 10, 2005

Revenge of the Sith

Looks better than I and II. Hopefully they are hinting at some good fight scenes with Yoda.

AOL Movies: Star Wars Episode III Teaser Trailer

Sunday, March 06, 2005

Just for Fun - The Story of an Accidental Revolutionary

Two posts in a row - someone is doing some serious procrastinating.

I just finished reading Just for Fun - The Story of an Accidental Revolutionary. I got it for free by going to the Linux World Expo several weeks ago. It's a(n) (autobiography of Linus Torvalds. I figured I would just flip through it, but I ended up reading the whole thing over the course of about 24 hours. Either I found it rather entertaining or it was just the only thing I brought with me to work to read while running long simulations.

If you happen to have a copy I would say it's worth reading, although if you have been an avid slashdot reader for years there's probably nothing new. I thought it was interesting that it really was some kid (well, kid in his 6th year of college) just working away in his room. Although I did feel like he spent a bit too long describing what it is like to be a nerd, but perhaps that is for the popular audience who haven't killed a number of weekends coding away themselves.

While he is in no way qualified to philosophize and says so himself his theory that technology has three stages: survival, social communication, and then entertainment is fairly interesting.

Car

I am getting excited about moving out to California next year and in particular have started thinking about what kind of car to get.

Having rather limited experience in finding and buying cars I am interested in getting advice, so anyone who feels like throwing in their two cents - I would appreciate it.

Part of the challenge is that starting out I will have approximately zero dollars so I am almost certainly looking to get something used. At the same time, I have expensive taste and would definitely like to get a convertible so I can enjoy the sun, but another constraint is if I am going to drive at least 2 hours a day, a bit of fuel efficiency might be a good idea...

In addition to advice, if anyone has a consumer reports membership and could get me onto their website (or send me info from the site) that would be awesome!