Lewis' Blog Tales from the trenches of information technology

16Feb/140

Conditional menus for WordPress with the Suffusion theme and mega menus

The Rosenthal & Rosenthal site is undergoing a major revamp, moving from a static, all-Flash (yech) accumulation of static pages and compiled Flash objects to WordPress 3.8.1.

In addition to rebuilding on a stable platform, the redesign plan involves a number of new features, some of which I'll document here on my personal blog to try to contribute to the community 1.

  1. I truly dislike the phrase "give back," as I've not taken anything; I do, however, contribute, as I can.
9Nov/130

Gravatar Privacy Issues

Most of my regular readers know how paranoid I am about my own privacy. I use throw away email addresses for many things, because I know that nothing comes for free (TANSTAAFL), and whenever anyone offers me something for "free" if I only provide my email address, I have a pretty good idea what's to become of it.

21Jul/130

Scammers target travelers using hotel Wi-Fi | Fox News Video

I'm not embedding the video stream here, only because I have not requested permission from Fox. Clicking through the link below will take you to the 2-minute piece, however:

Scammers target travelers using hotel Wi-Fi | Fox News Video

I have a couple issues with the segment, which caught my eye a few minutes ago:

6Jun/130

Why should CPAs care about the cloud? Let’s count the ways

Why should CPAs care about the cloud? Let's count the ways.

Egad... Drinking the Kool-Aid? Who are these people in this blog post, anyway, and what on Earth do they know of data security?

25Mar/130

Knowing when to say farewell to a client

I recently had the distasteful experience of having to tell a long-time client to find someone else to handle his IT consulting. We had (I thought) become friends over the years, though recently, tensions surrounding some server trouble over here (I hosted his email) led to difficulties in our relationship.

11Nov/120

BetterPrivacy Mod for SeaMonkey

BetterPrivacyNettiCat has graciously granted me permission to modify (slightly) his BetterPrivacy extension to allow for installation and use under SeaMonkey. The current version (1.68.m, as of the date of this post) should install under SeaMonkey 2.0a1 and above.

For those not familiar with this extension, it goes beyond the built-in sanitizing functionality of Firefox and SeaMonkey to include clearing the Flash cookies, which may be stored for an otherwise indefinite period of time. For more on the actual feature set of BetterPrivacy, I would suggest reading the information available on the official home.

11Sep/121

Fallout from GoDaddy’s recent DDoS experience

First, my heartfelt condolences to everyone who was impacted personally or financially by yesterday's DDoS attack against GoDaddy. That includes customers and employees, and as an admin, I know firsthand what it's like when the systems grind to a halt under one of these things, when all that's left is simply to put something else on the front line to check for traffic and wait it out (or request new address blocks all the way around). This, of course, does not take place in a vacuum: when these things hit, we are always surrounded by The Suits who have no clue as to why we can't do anything more (or faster), constantly complaining of our inadequacies (we should have known better; we should have predicted; we should have been better prepared; etc.).

15Apr/120

Why I still use OS/2 (eComStation)

As a consultant, I look at computers and operating systems from a "best tool for the job" perspective. Some systems are better suited to some things than others. I wouldn't expect to play modern computer games, written for Win32 or Win64 on Linux or OS/2, no matter how far advanced Wine or Odin was/were. Likewise, I wouldn't consider running a web server on the Win32 or Win64 platform vs Linux or OS/2.

Along with other suitability considerations, I factor in my own (or the client's own) comfortability factor with a particular environment. The Mac object oriented desktop is quite nice, though it's not my environment of choice. On Linux, I prefer KDE to Gnome, but neither of those nor the Mac desktop nor Windows Explorer approaches the level of comfort, familiarity, or ease-of-use which I experience using the Workplace Shell, which is - for me, at least - the main reason I stick with eCS.

Stability concerns? These affect all platforms at one time or another. Unless the problems are inherent to the overall system design (Windows' weak security model and the dangers of the single registry paradigm), such things need to be considered in the course of business. that is to say, they happen. Cars break down, too, but I'm not quite ready to go back to a horse and cart (and carts break - ever change a wagon wheel?).

16Dec/115

Broken Windows updates for .NET

Ah, into the land of (broken) Windows we go...

I despise Windows. Have I said that before? Here, in case I haven't, I'll say it again. I despise Windows. That feels better. It's good to get such things off one's chest. What a hopelessly broken operating paradigm. Oh, well. It's gotten better, I guess. that is to say, it used to be even worse.

I've been spending much time of late working between zypper and yum on various flavors of Linux and now, eComStation, which has its own port of yum. Of the two, I prefer zypper, though either is head and shoulders beyond the inane Windows patching system. However, when in Rome...

11Nov/112

Three good ways to thwart tracking attempts on the net

There is a lot of malicious junk floating about the net.I know; that's not a real surprise. Under normal circumstances, a good (standalone) firewall will keep one reasonably safe from the worst of it. However for those of us who travel, it's a constant challenge to keep up with personal firewall tweaking and such, and still, unless one is really running the kinds of stuff typically found in a UTM (Unified Threat Management) solution, just tweaking some firewall rules just isn't going to cut it.

[Shameless plug: Rosenthal & Rosenthal is an Astaro consultancy. If you know of anyone with a need for a truly solid firewall, email filter/scanner, VPN concentrator, etc., referrals are welcome.]

So, what can one do while traveling? Trust the hotel firewall? I think not. Here are three quick tips to help keep your system clean from would-be spoofers and such:

HOSTS file

A quick edit of your hosts file to loop back known bad sites to localhost (127.0.0.1) is a good start. To get started, have a look at the list compiled here. This will make some web pages look rather ugly, as the browser brings up the dreaded "cannot access..." in various iFrames and such, but it will speed browsing and keep that excess junk from cluttering the screen.

Squid proxy settings

Squid is great. You can do a lot of things with Squid, such as block entire IP ranges from getting in (or going out to them), which improves performance considerably. I'll post more on Squid configuration in a later article. For now, suffice it to say that Squid can be used as a pseudo-firewall (you just have to not defeat it by turning it off, but this is true of software firewalls, as well).

Privoxy

Another type of proxy is a privacy screen. Enter Privoxy to the scene. One of the annoying characteristics of most web surfing from modern browsers (and ancient ones) is that we tend to leave behind more than we take with us. To truly surf anonymously requires some type of anonymizer, and Privoxy is a good choice (this way, your travels don't follow you home, when you finally do get behind your warm and cozy hardware firewall). A couple interesting guides for chaining Squid to Privoxy (or vice-versa) may be found here and here. Again, I'll post more on this in a subsequent piece, but for now, suffice it to say that this is an excellent addition to your arsenal.

These are but three fairly quick and simple (well, they can be less complicated than others, at least) ways to browse more safely, and are of particular usefulness when away from home (or the office), where the bastion server is unknown and likely not to be trusted. In time, I'll flesh in more details and tips for configuring each of these solutioins.

Happy browsing.