Sometimes I forget how much we take our freedom for granted in this country. In light of our recent celebration of independence, I was in a local coffee shop this morning when I saw the two glaringly different front pages below. This really made me stop and realize just how lucky we are to live in this country. While I definitely don’t agree with some of the measures that have been put into place since 2001 and we have our fair share of challenges, we are still somehow able to maintain a mostly safe and peaceful manner of living. Thanks to those that make that possible. ...

Interesting ports on 192.168.x.y: PORT STATE SERVICE VERSION 41425/tcp filtered unknown 62078/tcp open unknown Hrm, what could this mystery port be?

w00t More later! :-)

I came across an article yesterday about blocking spam with Postfix using blackhole lists. This is something that I haven’t previously set up and I get a decent amount of spam, so I figured it couldn’t hurt. I followed the directions and in the past day and a half that’s in been in place, over 700 spam emails have gotten blocked…not too shabby! :) 173 still got through, so that’s a pretty darn good ratio in my opinion.

One of my cousins and her husband were passing through Seattle today, and I was lucky enough to have the chance to meet up with them for lunch at Pike Place Market. We chose to eat at the Athenian Inn, which is where Tom Hanks ate during one of the scenes from Sleepless in Seattle. It was a cool place and I sat at the same stool he did for a moment. I ordered an open-faced Dungeness Crab Sandwich with melted cheese on top. There were nice big chunks of crab in the sandwich and it was oh-so-delicious. ...

I just saw a post about some of the browser capabilities of the new iPhone, and there was one feature that caught my eye: - new telephone links allows you to integrate phone calls directly from your webpage. remember this is only on safari. The first thing I thought of was, “Wow, I hope that you can’t somehow execute those links automatically via JavaScript…”. Can you imagine if you browse to a page and your iPhone automatically dials the number of an attacker and listens in on a conversation you might be having? Combine an XSS vulnerability on a high-profile website and a couple of high-profile CEO’s that we know have an iPhone and you could get some pretty interesting dirt! ...

It’s been quite the crazy week that continued right into the weekend as well. I was in Dallas, TX this past week for work and had a great time down there. Unfortunately, I checked my luggage for the first time in a while since my co-worker was, and of course the airline lost it. Thankfully it did come in the next day, but not until after I had already left for the client. I would have to say the best part was the food, particularly a lovely BBQ joint called Bone Daddy’s that had a population of about 92% male patrons during lunch…it’s Texas, I’ll let you figure out the rest. ;-) ...

Awesome - just when I solve the issue of VMWare breaking nmap on OS X, Parallels comes along and does it again. The error is slightly different, however, so the root cause of the problem is likely somewhat different as well. Starting Nmap 4.20 ( http://insecure.org ) at 2007-06-14 15:07 CDT getinterfaces: Failed to obtain MAC address for ethernet interface (fw0) QUITTING! Thus far, I’ve tried disabling the fw0, en2 and en3 interfaces, with no luck. If I bring down fw0, though (sudo ifconfig fw0 down), I get a different error message similar to the VMWare one. ...

So I’ve seen some recent “news” about the ability to “crack” any Windows system using the Vista recovery cd. I ignored it a couple times, but then I saw a post about it on F-Secure’s blog. And I just have to sigh in exasperation. Surprise - if you have physical access to a machine, you can read the hard drive! I realize that Mr. Rousku is trying to point out that the Vista recovery CD makes this super easy…but honestly, there are other easy methods to do this. How about a Knoppix boot CD? Is that not easy? Is a GUI browser like Konquerer more difficult to use to navigate a hard drive than the DOS command prompt? How about physically removing the drive and putting it in an external USB enclosure. OK, sure, it requires the use of a screwdriver and an extra piece of hardward, but anybody that’s going to be able to navigate a disk using standard DOS commands will probably be able to manage the necessary mechanical skills necessary to remove a hard drive. I mean come on people, seriously. You’re making a big deal out of a “recovery tool”. Out of functionality that is required for recovery and can be achieved using any number of CD’s or previous Windows/MS-DOS boot disks that have been out there since I’ve been a toddler. Why is this such an issue?? Seriously, if Microsoft “fixed” this issue, I could simply download an MS-DOS boot disk and boot to a command prompt and have instant command line access as well. I’m repeating myself, so allow me to quickly rehash his assumptions: ...

I have two types of saline that I use, one of which contains 3% Hydrogen Peroxide. Just the other day, I was thinking to myself “Wow, it would suck if somebody ever got these mixed up”. You guessed it, I did! And boy did it hurt when I put that contact in my eye. I can only hope that is the culmination of what has proven to be a very long month. Between that, some laptop “technical difficulties”, and the all-consuming housing search, I haven’t had much time to live my life this past month. But I’m back now! And I’m hungry, so I’m going to cut this post short with the news that my landlords are not asking me to move out anymore!! I don’t have to move!! There is definitely some good housing karma going around. :-)