Open Source Society

Maybe you’ve never given much thought to your online security, or maybe you only think about it when you’re pulling out your credit card to buy something on eBay. It’s enough just to shop at reputable sites and not email your credit card or social security numbers to people, right? Wrong. Let me show you something you have probably never seen before:

Response: +OK POP3 server ready <32ac45f8-deb7-4cde-a94b-96910799aa9e>17

Request: USER josh@fakeserver.com

Response: +OK User:'josh@fakeserver.com' ok

Request: PASS my_password

Response: +OK Password ok

Request: LIST

Response: +OK 2 messages (24390 octets)

Continuation

Request: UIDL

Response: +OK 2 messages (24390 octets)

Continuation

Request: QUIT

Response: +OK POP3 server signing off

Can you see what this is? This is the actual exchange that happens between my mail client and my mail server every 10 minutes, sniffed off the network using a program called Wireshark. Anyone on my network could use a program like this to see my email username and password, as well as the text of any of my emails, without breaking a sweat. The same goes for IM conversations, website form data (including search engines!), basically all the traffic between my computer and the rest of the internet is wide open and in plain text for anyone with eyes to see. Still feeling safe?

Well my goal is not to scare you. I have an incredible amount of control over who has access to my network, and lucky for me the packet dump above is staged using a fake email server. Most people know who is using their network, but there is always a risk that someone may compromise your security and gain access, especially if you have wireless access. Given that the worst has happened, however, there are still a few steps you can take to ensure that your data is still secure from prying eyes.

• Use an email service that allows encrypted communication. Gmail is one example, however Google has been accused of several privacy violations.
• Encrypt your email yourself. The GnuPG project has a plugin for almost every mail client that will sign and encrypt your email. See the complete list here.
• Use IM clients and protocols that support encryption. Pidgin supports PGP encryption of conversations through a plugin over any protocol that will carry it, but only when talking to other Pidgin users. There are add-ons for the standard AIM client that will also encrypt your conversations.
• Always check the URL before you enter sensitive data. Some phishing sites have gotten smarter now and are using fake security certificates to provide a link that looks secure when it is not.

Only shop on sites you trust, and if possible use a service like PayPal which provides some fraud protection. Avoid entering your social security number online if at all possible. No amount of encryption or security certificates can protect you from yourself. Use common sense and if in doubt, put that card away and go somewhere else.

I saw this on Foogazi and had to share this here. Original article is here.

Here are 15 signs that you are addicted to Linux…

1. You bring a live CD with you whenever you’ll be using a computer away from your house.
2. You subscribe to a Linux magazine such as Linux Journal, Linux Mag, or Linux Format
3. Every time a friend or relative complains about their computer being slow due to spyware, adware and viruses, you tell them to install Linux.
4. You want a Penguin for a pet.
5. You understand what the command “mv windows /dev/null” means.
6. Your home page is http://www.google.com/linux
7. You subscribe to my RSS feed.
8. You own a RTFM coffee mug.
9. You participate in System Administrator Appreciation Day.
10. You hang out on Freenode.
11. You are a member of a local Linux User Group.
12. You have installed Linux on your mom and dads computers.
13. You know the African definition of the word Ubuntu.
14. You know who Linus Torvalds is.
15. You know who Hans Reiser is, and what he is accused of.

Picture this:

You come home from a hard day’s work and all you want to do is relax and watch a movie or listen to your favorite music. Now where did you put that DVD? It’s not in its case, and the huge box of movies in the corner looks daunting. Do you really want to sift through all those? Forget it, you’ll just watch your favorite TV show. So you put on the tube, only to find your show has been pre-empted by the football game in overtime. Just can’t catch a break, can ya?

Everyone has heard of TiVo, and the DVR services that cable and satellite companies have been pushing. Who wants to shell out hundreds of dollars for these things though? The DVR services even have the gall to charge you a monthly fee for what amounts to a computerized VCR! Your other option is to purchase a ready-made home theater computer with Microsoft’s Media Center loaded on, but this is an extremely expensive proposition.

Until now. There have been leaps and bounds in the development of open-source media servers, and we finally have two that are very close to being polished end products. I’m talking of course about Freevo and MythTV. I’ve got a clear favorite among these too so far, but we’ll go over the pros and cons of both.

Read More »

Stop! Don’t buy that cheap router! So-called “plug ‘n play” routers are the cause of more home network problems and security holes than anything else. Why would you pay $50 or more for a migraine in a square box? I’ll show you how to build your own router from scratch that is far more powerful, far more secure, and far cheaper than that store bought hunk of junk you’re looking at in another browser tab right now. Yeah, that’s right, close that out right now, and relax. This isn’t going to be nearly as painful as you think.

The first thing we need to do is take a quick crash course in what a router does. Most people want to treat a router like a phone jack splitter, but if you do this you’re going to run into a lot of problems without having the faintest clue why. The truth is a router does far more than just split up your DSL or cable connection to several computers. It also has to assign unique addresses to each computer on your network, determine which computers are actually on and active on the network, and act as a postmaster delivering data to and from the right computers. If you have wireless it maintains and (hopefully) encrypts the connection, and in some instances your router also initiates the connection to your internet provider.

Any cheap router off the shelf will do all these things. Some will do these things better than others, and toss in a few neat features, but at a higher price. I’m going to show you how to build a firewall with features and functionality that would cost you several hundred dollars, for just the price of a very low performance computer, a cd-rom, and a couple network cards. I was fortunate enough to have an old Pentium 2 given to me, and to have a couple network cards laying around, so I was able to purchase a wireless card and have a working wireless router and firewall within an hour for $40.

Read More »

I’ve started a new online petition directed to the United States government. The subject of the request is the matter of people having to work on national holidays or the day thereafter, which I think is absolutely shameful. What sparked this was all the people I saw having to work the night of Thanksgiving, or the day of, or very early in the morning on the day after. This is really a tragedy that needs to be stopped. Let people spend holidays with their families instead of working or going shopping! Take a couple seconds out of your day and show your support. Who knows, next year you might be asked to work Thanksgiving, or Christmas, or New Years, or Easter. Maybe you already have! Put an end to it now.

http://www.petitiononline.com/rhwrp/petition.html

Just say the words quietly to yourself: open…source….society…. A society where the inner workings of the government, the economy, every aspect of everyday life, are placed under the spotlight for every citizen to see, examine, and have an impact on.

These are my goals: to present ways you can improve your own life and the lives of your friends and family through the benefits of the open source movement; to present ways you can give back to the movement through your own ideas, labor, or financial support; to present ways you can have a positive impact on other aspects of your life completely unrelated to technology through the use of an open source philosophy; to create a movement hellbent on remaking the world into a more cooperative, friendly, honest, and above all equitable place to live, work, and play.

I believe in meritocracy and that individuals or groups who contribute to the community should be rewarded based on the value of their contribution. I think the type and manner of contributions our society currently values and rewards the most are grossly out of line with the survival and prosperity of humanity and the structures we collectively call modern civilization. I believe we need to shift our fundamental priorities and values to reflect a cooperative spirit, not a spirit of perpetual conflict and antagonism. I also believe we need to reward individuals who do work vital to the existence of our society on a higher scale than individuals who perform little if any constructive labor and who may in fact be contributing to the deterioration of our community. To put it simply, your garbage man should make more money than your stock broker, the farmer more than the day trader, the truck driver more than the real estate broker, the civil engineer more than the football player.

I think the community as a body of individuals should take it upon themselves to ensure that this happens, instead of relying on the mysterious and demonstrably inept forces of free markets to determine their values for them at random. A community which only values that which brings in the most profit, has really declared its value to be wealth itself, otherwise known as greed. I do not accept the arguments of those who say greed can be steered towards good ends. Greed must be restrained and discouraged by the community, or the community will destroyed by it. There are countless examples of this throughout history.

This blog is not only a source of knowledge and entertainment, it is a call to everyone to look for ways to create a superstructure of cooperation on top of, around, and underneath the existing structures in your community, so that which ails us can rot away and leave only the good behind.