...but this is the biggest problem in business computing: managers and administrators whose certainties about running systems drawn from one environment get applied to another to create what the authors rightly call "IT pain."
I teach Mac OS X systems administration classes, and this is one of the big hurdles for folks who have a lot of Windows experience but are new to Mac OS X. They try to apply Windows paradigms to the Mac and run into problems. In some ways it's easier to teach a complete novice than a Windows sysadmin who is very set in his or her ways.
I see the same problem when dealing with students who come from a Solaris or Linux background -- usually they get tripped up in IP address configuration, which is very different on Mac OS X than it is on a standard Unix system. The Mac OS X way is much more dynamic and self-configuring, but this means that essentially ifconfig(8) is only useful in a read-only mode and cannot be used to write changes.
Hmm.. $13,000 plus the cost of whatever server you hook it up to. Hardly a good value. Maybe they'll make up for obviously overpriced hardware with important yet intangible benefits.:)
Uhhh...where are you getting this from? You don't need an additional server. An XServe RAID can hook directly to a G5 tower, and with fibre channel you can locate it far enough away (such as in a closet) that noise isn't a problem. Check your facts, dude.
This is a system for a professional photographer, storing the digital photos that are the lifeblood of the business. (Note: most professional photographers charge a nominal fee for a session, but then make the real money by selling prints. No negatives or no files = no $.) This is most emphatically NOT the place to try to do things on the cheap. It's an absolutely necessary and tax deductible business expense.
I work for Apple, and while I'd prefer that this place purchases an Apple-based solution, I am not wedded to a particular OS or brand of hardware. However, you get what you pay for -- either through hiring a skilled professional building an open-source based storage system or by paying for a commercial solution (such as Apple's XServe RAID unit). Be sure to include the necessary system maintenance in the budget for such a complex setup, including off-site backups, on-call support, and making sure that it stays up and running during successive system updates and upgrades.
Given that the photographer is already using an Apple G5, I suspect an XServe RAID solution will suit the situation quite well. One unit can provide 7TB of storage, which at 2GB/session works out to about 3500 sessions at current resolutions (also allowing plenty of headroom for growth as resolutions increase). Apple offers professional services, on-call support, and training for server administrators. In addition, if you're looking for an Apple consultant with the necessary skills in your area, check the Apple Consultants Network.
Sorry for the late reply, but it's been busy here.
Open Directory has provisions via the Workgroup Manager settings from Mac OS X Server to completely manage clients. In conjunction with Apple Remote Desktop and NetBoot it gives you the ability to manage almost anything on a client machine.
There are also third-party packages that can help with this process, such as NetRestore and Radmind.
Open directory is (as I understand it) basically openLDAP with a config file and a nice GUI.
Open Directory covers a lot more than LDAP. Yes, it's based on OpenLDAP -- in part. Yes, there is a nice GUI, which you can use to administer users and groups remotely, from another Mac OS X machine.
But there's also MIT Kerberos, integrated with the LDAP. When you create a user in Open Directory, the necessary Kerberos principals are created for that user. User identification (linking usernames with Kerberos principals and home directories) happens automatically.
But wait, there's more -- there's also the Apple Password Server, which is based on the SASL layer from CMU. This provides centralized, non-Kerberos password support, for things like CRAM-MD5 authentication, or NTLMv2 auth for Samba. The Password Server passwords are automaticaly synchronized with the Kerberos passwords. When you change a user password in the KDC the corresponding password is also changed in the Password Server or vice versa.
Still not happy? How about built-in replication support for load-balancing and high availablility. It covers not only the LDAP database via slurpd but also the Kerberos and Password Server databases?
Oh, and one more thing -- encrypted archiving built in to the GUI. Archive your entire set of LDAP user information and your password database to an encrypted disk image. Secure and convenient.
(Yes, I work for Apple -- but the parent post misses most of the good parts.)
Interesting -- one of the locations is Apple Computer, 17.254.6.20, the subject is New Music Tuesdays which is what Apple sends to iTunes Music Store customers. AFAIK this is legitimate mail sent to known customers. I wonder what the algorithm is they use to determine what is and is not spam?
was hoping for some CSS improvements. When I first installed it, I immediately went to a few of the more difficult CSS sites, to see if they'd render correctly. Nope - no such luck. See http://meyerweb.com/eric/css/edge/ for example.
We're a K-12 school district... Can we leverage our existing client populous [sic] to achieve our goal, without interrupting or changing the quality of service at the desktop, substantially?"
You're gonna hate the answer, but this will give you a better test than anything else. Plug in your test system and get a bunch of the kids to help you out on a weekend. Have them do logins, logouts, play games, surf, write and save papers, etc. on throwaway accounts that go to the test server.
Write out a test plan -- how many clients, how many local, how many remote, how many do you start with, what is the step size (e.g., start with 5 clients, then 10, then 15, then 20, then 30, etc.). Profile your existing systems so that you know what's really creating the load on them. Is it really the roaming profiles or is it web site caching or is it something else? Good luck with it.
It's kinda interesting to read about this -- one of the big points in selling XServes has been that they run cooler than Xeon-based 1U servers. You can actually pack a rack full of 42 XServes safely, which you can't do with many other 1U servers. In many cases with other 1U servers you have to leave every other or every third space open so that the servers don't fry themselves. This makes the XServe a lot cheaper as you need 33% or 50% less rack space.
Put together a plan that focusses on costs and profits beyond your own department. Everything an IT department does costs money -- but everything it does should in the long run end up increasing profits overall. The key here is profits. If you get management to fund a project that costs $50,000 but it saves the company $100,000 elsewhere, that is $50,000 more profit. If you get management to fund a project that costs $300,000 but it brings in $750,000 revenue the first year, that's $450,000 in profits. If you can make a convincing case you can actually have your budget increase.
For instance, look at what the costs are for the sales department when each salesperson has to maintain a separate list of customers and contacts, instead of having the IT department maintain a customer relations management (CRM) solution? What are the costs in time and money? More importantly, what are the costs in *missed opportunities* because individual salespeople didn't know about what other salespeople were doing?
Or, what about getting a site license or corporate license for software? What is the cost for individual departments to purchase copies of MS Office for each computer vs. buying a site license?
However, don't overreach -- under-promise, over-deliver for your first few projects to build credibility. Start small, build up to big. Also, get user buy-in; don't create projects that ram changes down users' throats, even if they should save money in the long run. Those kinds of projects tend to fail, since users tend to passively avoid using the new features of an otherwise good package.
I don't know about 15 years, but the U.S. Army has been running their front-facing webservers on the Mac since 1999, about six years at this point. If the Army's website isn't a high-profile target, I don't know what is. This has been an unqualified success story for the Mac -- they haven't been cracked during that time, whereas before that the NT4-based servers were cracked numerous times.
localhost:~ username$ curl -i www.army.mil HTTP/1.1 200 OK Date: Fri, 04 Feb 2005 22:48:59 GMT Server: 4D_WebSTAR_S/5.3.3 (MacOS X) Connection: Close Accept-Ranges: bytes Last-Modified: Fri, 04 Feb 2005 22:00:34 GMT Content-Length: 35822 Content-Type: text/html
I actually live and work in the Washington, DC metro area, and I have been involved in many government computer projects, both with my current company and with other companies. A serious source of problems is the military's personnel system that assigns an officer for two years in a particular position, and then he or she moves on.
This is just long enough to figure out that what's there is not working, figuring out what needs to be done, writing up the necessary paperwork, slashing through the procurement red tape, fiddling with the service politics involved, getting a prototype up initially, converting part of the operation over to the new system, and packing up to leave.:-( Then the next officer comes in and goes through the same process, only she's an Oracle girl instead of a Sybase girl, so she re-specifies the system the way she wants it to work, etc., etc. Lather, rinse, repeat.
This is in no way a slur on the individual officers, by and large. Most of them (indeed, almost all of them that I have known personally) are dedicated, smart, hardworking individuals who are responding rationally to the incentives thrown at them by a screwed up system.
Sounds like an interesting situation, but a little more information would be useful:
You imply that he has some ability to press buttons for changing channels, etc. Can he handle a mouth- or tongue-joystick device? If so, you have many more options since he has the equivalent of a computer mouse.
How tech savvy is your dad? If you give him access to a full-blown computer, can he deal with it?
What kind of local tech support can you hire/barter for/guilt into helping when you're not there -- buddies, cousins, etc.? And what kind of skill set do they have?
You stated that he has his own "personal telephone/cable lines". Does he have a cable modem as well? If not, does he have a second line to use for dial-up access?
Without this information (and possibly more) it's kinda hard to say what would be best for you and your father. One thing you might want to look into is the new Mac mini since you can easily add S-video output to his TV and Mac OS X requires a lot less upkeep than Windows.
kagi.com is an online payment service used by many shareware authors. They don't handle the tax and other corporate aspects of the business, but they do online payments, send out license keys, etc.
You didn't say if 200 minutes is per machine or for the whole shooting match; If it's for the whole school then 3.5 hours of work once per semester is no big deal, give it a rest. You'll waste more time tweaking it than you save doing it. If it's per machine then you're doing something seriously wrong.
I manage a lab of 30 machines, and we use NetRestore to wipe them on a weekly basis from a G4 XServe. The switch is only 100 Base-T, so we're bandwidth limited to about 5 or 6 machines at a time. Even so, imaging one machine takes about 10 minutes, and the whole lab is done in under an hour. If the switch had a GigE uplink for the XServe then the whole process would take twenty minutes.
Check out the numerous links that others have posted to macosxlabs.org and asr, and good luck with it.
Nice cut at things, but why on earth should we trust you?
This is not meant as an insult -- it cuts to the heart of the matter. A user is thus relying on you for secure storage of all of his or her personal information, and also relying on you that none of the information will ever leak. This is both leaks to the outside world in general via website spoofs, phishing, and the like, as well as internal leaks where an individual's information is inadvertently revealed beyond what he or she intended (e.g. I only meant to give out my address, not my credit card number).
You would do well to read up on the design documents and white papers from the Liberty Alliance. This is a hard problem to solve and simply using a centralized data store does not address any of the real privacy and security issues inherent in the field of identity verification and personal information management.
Are you aware that the Keychain spec supports freeform encrypted notes? Open Keychain Access, go up to the toolbar, and click on the "Note" icon.
Keychain also supports other types of data like X.509 private keys and certificates. If you are using S/MIME email via Mail.app, all of the certificates and private keys are stored in your keychain.
You can have multiple keychains. There is the default login keychain that exists for every user, and is unlocked on login. However, you can have as many other keychains as you want, each with its own password. Each can be locked or unlocked individually, and if an app calls the Keychain API any items that are on a currently locked keychain will raise a dialog asking the user to unlock the keychain as needed. I store banking info, server keys, etc. in encrypted notes on a second keychain.
Lastly, there are a couple of security settings that really ought to be on by default, but aren't: Lock when sleeping and lock after 5 (or 10 or 15) minutes of inactivity.
Every Mac that has a firewire port can boot into Target Disk Mode. Hit the power button and hold down the "T" key. In a couple of seconds you'll see the screen show a yellow firewire symbol. Plug the compromised Mac into another Mac using a firewire cable, and the compromised Mac's hard drive will be mounted on the other Mac's desktop as an external firewire hard drive.
At this point, you should recover all of your user data to an outside volume, either on the known good Mac or on a CD-R or network volume. If you want to do forensics on the compromised Mac, create a disk image from the compromised Mac's hard drive (warning - this may take up a lot of space). This will preserve everything from that machine in a way that can easily be mounted and studied. Put the compromised Mac away as evidence and do your examination from the disk image.
Log files are your friends. However, a good rootkit will include ways of deleting telltale info from log files. Another problem is that the prebinding process will alter binaries in different ways depending on the machine and the amount of RAM. The right way to do a comparison between the compromised machine and a known good machine is to use an identical machine (same model, same amount of RAM) and bring the system up to the same set of updates. Then you can use
to create CRC32 checksums of the/usr directories. Compare the two checksum files to see what might have been changed/added/deleted. Repeat for other important directories like/etc,/var,/Library,/System,/System\ Folder. If everything is different, you know that you haven't gotten the prebinding conditions right and you need to start over.
To get the compromised Mac up and running again, you can't count on fixing everything in place. It's too easy to miss something that's been trojaned. You need to do an erase and install on the compromised Mac, re-install all of your applications, re-create the user accounts, then copy back the data that you backed up earlier. Be careful if some users have installed apps inside their home dirs that you re-install those fresh, as they may have been attacked as well. Also be sure to run a virus scanner on user files before restoring them to catch things like Word macro viruses.
Be careful of the users' login keychains, as the data in those may not be recoverable if the passwords were changed by someone who logged in as the users themselves. If the passwords were changed via an outside reset mechanism, such as an admin user or an install CD, then the old keychain passwords should still work.
Joel Rennich has a good account of studying a compromised Mac OS X machine a while back on his website, afp548.com. It's based on a little bit older version of the OS, but still good advice.
--Paul
Campaign for Verified Voting in Maryland
on
Evoting in the News
·
· Score: 3, Interesting
If you're in Maryland and want to help out, come join us at www.truevotemd.org. We have a lawsuit going to force the state to decertify the Diebold machines, and we're also planning a number of other public actions to raise awareness and put pressure on our elected and appointed officials. Linda Schade, one of the co-directors, was a speaker at the press conference that MoveOn held outside the EAC hearing.
One of the reasons that aircraft designers have moved away from swinging variable-geometry wings is the inherent weight and complexity penalty.
A swing-wing VG aircraft is inevitably heavier than a non-swing-wing aircraft. Gains from the more efficient aerodynamic shape are eaten up by having to support a greater weight of wing structure, which has bad effects on things like power-to-weight ratio and wing loading. On top of that, the greater mechanical complexity leads to a higher maintenance load, usually expressed in Maintenance Man-Hours per Flight Hour (MMHFH).
This project looks like much of the same. Modern aircraft wings are monocoque, and have very little internal structure (although the space may be filled by other things like fuel tankage). These wings would require a lot of heavy internal structure to accomplish the effect, thus losing the benefits of the more efficient airfoil. Plus, the MMHFH ratio must be pretty awful with hundreds of little actuators.
On top of that, what are the failure modes? What happens if one of those actuators fails in the middle of a shift? Does the wing rip itself apart?
Implementing an all-electronic voting system is a *very* hard problem, all of the ill-informed pontificating to the contrary. There are three conflicting requirements:
The voter must be able to verify that his or her vote was correctly recorded.
The vote must be anonymous to anyone except the voter.
Election officials must be able to conduct an independent recount.
Any two of these are easy to implement; all three together are hard. The theoretical underpinnings are not well understood and few formal mathematical protocols have been defined, unlike areas such as e-commerce and PKI. We cannot easily build on the work from those fields, as a major goal behind the theory and protocols from e-commerce and PKI is non-repudiation, which is the exact opposite of (2) above. Anonymity is a very strong requirement, in fact. It is not sufficient to say that the voter just gets a receipt that shows how he or she voted, and as long as they don't show it to anyone it's OK. If a voter can prove that he or she voted a certain way, we run into the realm of vote coercion (a la the Soviet Union) or vote buying (a la Chicago). It must be impossible for anyone, including the voter, to prove that he or she voted a certain way.
The only two formal e-voting protocols defined so far are Rebecca Mercuri's and David Chaum's. Of the two, Mercuri's is much better studied and understood, but Chaum's is the more interesting and elegant. Both are practical protocols, directed at solving our current problems. They are not attempts at a deep theoretical analysis of the underlying problem domain, which we sorely need before we go further down the e-voting path.
Slashdot Mirror
I see the same problem when dealing with students who come from a Solaris or Linux background -- usually they get tripped up in IP address configuration, which is very different on Mac OS X than it is on a standard Unix system. The Mac OS X way is much more dynamic and self-configuring, but this means that essentially ifconfig(8) is only useful in a read-only mode and cannot be used to write changes.
My respect for Paul Murphy is only increasing.
--Paul
Hmm.. $13,000 plus the cost of whatever server you hook it up to. Hardly a good value. Maybe they'll make up for obviously overpriced hardware with important yet intangible benefits. :)
Uhhh...where are you getting this from? You don't need an additional server. An XServe RAID can hook directly to a G5 tower, and with fibre channel you can locate it far enough away (such as in a closet) that noise isn't a problem. Check your facts, dude.
--Paul
This is a system for a professional photographer, storing the digital photos that are the lifeblood of the business. (Note: most professional photographers charge a nominal fee for a session, but then make the real money by selling prints. No negatives or no files = no $.) This is most emphatically NOT the place to try to do things on the cheap. It's an absolutely necessary and tax deductible business expense.
I work for Apple, and while I'd prefer that this place purchases an Apple-based solution, I am not wedded to a particular OS or brand of hardware. However, you get what you pay for -- either through hiring a skilled professional building an open-source based storage system or by paying for a commercial solution (such as Apple's XServe RAID unit). Be sure to include the necessary system maintenance in the budget for such a complex setup, including off-site backups, on-call support, and making sure that it stays up and running during successive system updates and upgrades.
Given that the photographer is already using an Apple G5, I suspect an XServe RAID solution will suit the situation quite well. One unit can provide 7TB of storage, which at 2GB/session works out to about 3500 sessions at current resolutions (also allowing plenty of headroom for growth as resolutions increase). Apple offers professional services, on-call support, and training for server administrators. In addition, if you're looking for an Apple consultant with the necessary skills in your area, check the Apple Consultants Network.
--Paul
Sorry for the late reply, but it's been busy here.
r oupmanagement.html
Open Directory has provisions via the Workgroup Manager settings from Mac OS X Server to completely manage clients. In conjunction with Apple Remote Desktop and NetBoot it gives you the ability to manage almost anything on a client machine.
There are also third-party packages that can help with this process, such as NetRestore and Radmind.
Some URLs:
http://www.apple.com/server/macosx/features/workg
http://www.bombich.com/
http://eq.rsug.itd.umich.edu/software/radmind/
--Paul
There's a company called Cryptocard that produces a product similar to what you're looking for:
a me=UB-1%20USB%20Token
a me=CRYPTO-Server
http://www.cryptocard.com/index.cfm?PID=464&PageN
They support Windows, Mac OS X, and Linux.
http://www.cryptocard.com/index.cfm?PID=376&PageN
--Paul
Open directory is (as I understand it) basically openLDAP with a config file and a nice GUI.
Open Directory covers a lot more than LDAP. Yes, it's based on OpenLDAP -- in part. Yes, there is a nice GUI, which you can use to administer users and groups remotely, from another Mac OS X machine.
But there's also MIT Kerberos, integrated with the LDAP. When you create a user in Open Directory, the necessary Kerberos principals are created for that user. User identification (linking usernames with Kerberos principals and home directories) happens automatically.
But wait, there's more -- there's also the Apple Password Server, which is based on the SASL layer from CMU. This provides centralized, non-Kerberos password support, for things like CRAM-MD5 authentication, or NTLMv2 auth for Samba. The Password Server passwords are automaticaly synchronized with the Kerberos passwords. When you change a user password in the KDC the corresponding password is also changed in the Password Server or vice versa.
Still not happy? How about built-in replication support for load-balancing and high availablility. It covers not only the LDAP database via slurpd but also the Kerberos and Password Server databases?
Oh, and one more thing -- encrypted archiving built in to the GUI. Archive your entire set of LDAP user information and your password database to an encrypted disk image. Secure and convenient.
(Yes, I work for Apple -- but the parent post misses most of the good parts.)
--Paul
Interesting -- one of the locations is Apple Computer, 17.254.6.20, the subject is New Music Tuesdays which is what Apple sends to iTunes Music Store customers. AFAIK this is legitimate mail sent to known customers. I wonder what the algorithm is they use to determine what is and is not spam?
--Paul
was hoping for some CSS improvements. When I first installed it, I immediately went to a few of the more difficult CSS sites, to see if they'd render correctly. Nope - no such luck. See http://meyerweb.com/eric/css/edge/ for example.
Out of curiosity, does it pass the Acid2 test?
--Paul
We're a K-12 school district ... Can we leverage our existing client populous [sic] to achieve our goal, without interrupting or changing the quality of service at the desktop, substantially?"
You're gonna hate the answer, but this will give you a better test than anything else. Plug in your test system and get a bunch of the kids to help you out on a weekend. Have them do logins, logouts, play games, surf, write and save papers, etc. on throwaway accounts that go to the test server.
Write out a test plan -- how many clients, how many local, how many remote, how many do you start with, what is the step size (e.g., start with 5 clients, then 10, then 15, then 20, then 30, etc.). Profile your existing systems so that you know what's really creating the load on them. Is it really the roaming profiles or is it web site caching or is it something else? Good luck with it.
--Paul
No, no, no -- you have it backwards. You need to prove that you are not a user of Adenosine Triphosphate in your uppermost extremity.
--Paul
It's kinda interesting to read about this -- one of the big points in selling XServes has been that they run cooler than Xeon-based 1U servers. You can actually pack a rack full of 42 XServes safely, which you can't do with many other 1U servers. In many cases with other 1U servers you have to leave every other or every third space open so that the servers don't fry themselves. This makes the XServe a lot cheaper as you need 33% or 50% less rack space.
--Paul
Put together a plan that focusses on costs and profits beyond your own department. Everything an IT department does costs money -- but everything it does should in the long run end up increasing profits overall. The key here is profits. If you get management to fund a project that costs $50,000 but it saves the company $100,000 elsewhere, that is $50,000 more profit. If you get management to fund a project that costs $300,000 but it brings in $750,000 revenue the first year, that's $450,000 in profits. If you can make a convincing case you can actually have your budget increase.
For instance, look at what the costs are for the sales department when each salesperson has to maintain a separate list of customers and contacts, instead of having the IT department maintain a customer relations management (CRM) solution? What are the costs in time and money? More importantly, what are the costs in *missed opportunities* because individual salespeople didn't know about what other salespeople were doing?
Or, what about getting a site license or corporate license for software? What is the cost for individual departments to purchase copies of MS Office for each computer vs. buying a site license?
However, don't overreach -- under-promise, over-deliver for your first few projects to build credibility. Start small, build up to big. Also, get user buy-in; don't create projects that ram changes down users' throats, even if they should save money in the long run. Those kinds of projects tend to fail, since users tend to passively avoid using the new features of an otherwise good package.
--Paul
I actually live and work in the Washington, DC metro area, and I have been involved in many government computer projects, both with my current company and with other companies. A serious source of problems is the military's personnel system that assigns an officer for two years in a particular position, and then he or she moves on.
:-( Then the next officer comes in and goes through the same process, only she's an Oracle girl instead of a Sybase girl, so she re-specifies the system the way she wants it to work, etc., etc. Lather, rinse, repeat.
This is just long enough to figure out that what's there is not working, figuring out what needs to be done, writing up the necessary paperwork, slashing through the procurement red tape, fiddling with the service politics involved, getting a prototype up initially, converting part of the operation over to the new system, and packing up to leave.
This is in no way a slur on the individual officers, by and large. Most of them (indeed, almost all of them that I have known personally) are dedicated, smart, hardworking individuals who are responding rationally to the incentives thrown at them by a screwed up system.
--Paul
Without this information (and possibly more) it's kinda hard to say what would be best for you and your father. One thing you might want to look into is the new Mac mini since you can easily add S-video output to his TV and Mac OS X requires a lot less upkeep than Windows.
--Paul
Internet Help Desk (studio version) :-D
--Paul
kagi.com is an online payment service used by many shareware authors. They don't handle the tax and other corporate aspects of the business, but they do online payments, send out license keys, etc.
--Paul
You didn't say if 200 minutes is per machine or for the whole shooting match; If it's for the whole school then 3.5 hours of work once per semester is no big deal, give it a rest. You'll waste more time tweaking it than you save doing it. If it's per machine then you're doing something seriously wrong.
I manage a lab of 30 machines, and we use NetRestore to wipe them on a weekly basis from a G4 XServe. The switch is only 100 Base-T, so we're bandwidth limited to about 5 or 6 machines at a time. Even so, imaging one machine takes about 10 minutes, and the whole lab is done in under an hour. If the switch had a GigE uplink for the XServe then the whole process would take twenty minutes.
Check out the numerous links that others have posted to macosxlabs.org and asr, and good luck with it.
--Paul
--Paul
A very hungry Korean
Nice cut at things, but why on earth should we trust you?
This is not meant as an insult -- it cuts to the heart of the matter. A user is thus relying on you for secure storage of all of his or her personal information, and also relying on you that none of the information will ever leak. This is both leaks to the outside world in general via website spoofs, phishing, and the like, as well as internal leaks where an individual's information is inadvertently revealed beyond what he or she intended (e.g. I only meant to give out my address, not my credit card number).
You would do well to read up on the design documents and white papers from the Liberty Alliance. This is a hard problem to solve and simply using a centralized data store does not address any of the real privacy and security issues inherent in the field of identity verification and personal information management.
--Paul
Are you aware that the Keychain spec supports freeform encrypted notes? Open Keychain Access, go up to the toolbar, and click on the "Note" icon.
Keychain also supports other types of data like X.509 private keys and certificates. If you are using S/MIME email via Mail.app, all of the certificates and private keys are stored in your keychain.
You can have multiple keychains. There is the default login keychain that exists for every user, and is unlocked on login. However, you can have as many other keychains as you want, each with its own password. Each can be locked or unlocked individually, and if an app calls the Keychain API any items that are on a currently locked keychain will raise a dialog asking the user to unlock the keychain as needed. I store banking info, server keys, etc. in encrypted notes on a second keychain.
Lastly, there are a couple of security settings that really ought to be on by default, but aren't: Lock when sleeping and lock after 5 (or 10 or 15) minutes of inactivity.
--Paul
At this point, you should recover all of your user data to an outside volume, either on the known good Mac or on a CD-R or network volume. If you want to do forensics on the compromised Mac, create a disk image from the compromised Mac's hard drive (warning - this may take up a lot of space). This will preserve everything from that machine in a way that can easily be mounted and studied. Put the compromised Mac away as evidence and do your examination from the disk image.
Log files are your friends. However, a good rootkit will include ways of deleting telltale info from log files. Another problem is that the prebinding process will alter binaries in different ways depending on the machine and the amount of RAM. The right way to do a comparison between the compromised machine and a known good machine is to use an identical machine (same model, same amount of RAM) and bring the system up to the same set of updates. Then you can useto create CRC32 checksums of the
To get the compromised Mac up and running again, you can't count on fixing everything in place. It's too easy to miss something that's been trojaned. You need to do an erase and install on the compromised Mac, re-install all of your applications, re-create the user accounts, then copy back the data that you backed up earlier. Be careful if some users have installed apps inside their home dirs that you re-install those fresh, as they may have been attacked as well. Also be sure to run a virus scanner on user files before restoring them to catch things like Word macro viruses.
Be careful of the users' login keychains, as the data in those may not be recoverable if the passwords were changed by someone who logged in as the users themselves. If the passwords were changed via an outside reset mechanism, such as an admin user or an install CD, then the old keychain passwords should still work.
Joel Rennich has a good account of studying a compromised Mac OS X machine a while back on his website, afp548.com. It's based on a little bit older version of the OS, but still good advice.
--Paul
If you're in Maryland and want to help out, come join us at www.truevotemd.org. We have a lawsuit going to force the state to decertify the Diebold machines, and we're also planning a number of other public actions to raise awareness and put pressure on our elected and appointed officials. Linda Schade, one of the co-directors, was a speaker at the press conference that MoveOn held outside the EAC hearing.
--Paul Suh
One of the reasons that aircraft designers have moved away from swinging variable-geometry wings is the inherent weight and complexity penalty.
A swing-wing VG aircraft is inevitably heavier than a non-swing-wing aircraft. Gains from the more efficient aerodynamic shape are eaten up by having to support a greater weight of wing structure, which has bad effects on things like power-to-weight ratio and wing loading. On top of that, the greater mechanical complexity leads to a higher maintenance load, usually expressed in Maintenance Man-Hours per Flight Hour (MMHFH).
This project looks like much of the same. Modern aircraft wings are monocoque, and have very little internal structure (although the space may be filled by other things like fuel tankage). These wings would require a lot of heavy internal structure to accomplish the effect, thus losing the benefits of the more efficient airfoil. Plus, the MMHFH ratio must be pretty awful with hundreds of little actuators.
On top of that, what are the failure modes? What happens if one of those actuators fails in the middle of a shift? Does the wing rip itself apart?
Move along folks, nothing to see here.
--Paul
- The voter must be able to verify that his or her vote was correctly recorded.
- The vote must be anonymous to anyone except the voter.
- Election officials must be able to conduct an independent recount.
Any two of these are easy to implement; all three together are hard. The theoretical underpinnings are not well understood and few formal mathematical protocols have been defined, unlike areas such as e-commerce and PKI. We cannot easily build on the work from those fields, as a major goal behind the theory and protocols from e-commerce and PKI is non-repudiation, which is the exact opposite of (2) above. Anonymity is a very strong requirement, in fact. It is not sufficient to say that the voter just gets a receipt that shows how he or she voted, and as long as they don't show it to anyone it's OK. If a voter can prove that he or she voted a certain way, we run into the realm of vote coercion (a la the Soviet Union) or vote buying (a la Chicago). It must be impossible for anyone, including the voter, to prove that he or she voted a certain way.The only two formal e-voting protocols defined so far are Rebecca Mercuri's and David Chaum's. Of the two, Mercuri's is much better studied and understood, but Chaum's is the more interesting and elegant. Both are practical protocols, directed at solving our current problems. They are not attempts at a deep theoretical analysis of the underlying problem domain, which we sorely need before we go further down the e-voting path.
--Paul