Monday, January 28, 2008

Open Season for Open Source

Nokia has acquired Trolltech. This hot on the heals of Sun's acquisition of MySQL. It truly is an exciting time and really gratifying for those of us that have been saying for years that Open Source Software is viable and that it makes sense to businesses.

I've always had a soft spot for KDE and Trolltech and it really seems like a great opportunity for them to truly become serious players. Webkit has already demonstrated over and over that KDE is build on top of solid technology. An interesting intersection of KDE -> Trolltech -> Nokia and Apple...

Wednesday, January 16, 2008

Want to share your Wi-Fi like Bruce Scheier? Here's how (and no, its not by leaving it open).

I have been giving Bruce Schneier's article about leaving his wireless network open a lot of thought lately. Although I agree that its great to help out your neighbours there are just too many risks to leaving your Wi-Fi open. Paul from Pauldotcom raises very good points to which I wholeheartedly agree. Why risk leaving it open? It is analogous to leaving your sugar on the curb in-case a neighbour might run out. Obviously you could end up without any sugar at all and perhaps even in the worst case end up with something other than sugar in your food. The world can be a strange place.

In South Africa we routinely have people asking for help at our homes, they come in all shapes and sizes and I normally eyeball them and unless they really seem like bad apples I normally help out with a little food or money. I use my gut to judge the character of the individual.

Now, if I wanted to I could just always leave some money and food on the curb or in a publicly accessible place, but I'm afraid that that system might get very easily abused and leave the souls who really need my help with no help at all.

Ok, so what about Wi-Fi? I think that open wireless network are just silly, due to abuse, threat and possible liability. However, I do agree with Bruce that its nice and neighbourly to share. "Sharing is caring".

My proposal?

Set your SSID of your Wireless router to something that indicates your willingness to share, for example: "22 1st street for access" or "Text 5551000 for access" or even "Contact B. Schneier for access". Be creative as there is a limitation to how many characters your SSID can be.

In the case of a neighbourhood one can assume that your friends will be able to track you down and phone you for a password, you might prefer "authenticating" or making a "gut call" on all people you let in, but you can still broadcast your willingness to do so - while keeping your Wireless router encrypted with WPA encryption and a good password that you can change after a reasonable amount of time or when you feel that your goodwill is being abused.

This seems to me to be a "best of both worlds" solution. What do you think?

Friday, January 11, 2008

Steal This Wi-Fi

A very interesting, thought provoking, article by Bruce Schneier.

Security is all about tradeoffs, you can choose never to participate in dangerous activities like flying or driving a motorcar but most of us choose to assume the risk.

Thursday, January 10, 2008

Mac OSS roundup

Thanks for KMF for some of these.

Looking for OSS software for Mac OS X?

Here is a list of very useful Open Source Software/Free Software directories for the Mac. I have used a couple of these with great success. There inevitably is some duplication, so be warned.
Here they are:

The if you are looking for non-mac-specific OSS that will run on OS X there is:
Expect to need some Unix and X11 know-how to use the software provided through the last three links.

Apple Address Book and Microsoft Exchange (LDAP)

I had a short discussion this afternoon with a fellow Mac fanatic (KMF) discussing the problem we both share and that is: Accessing Microsoft Exchange from Mac OS X.

There are three elements that you would mostly be interested in: email, calendar and contacts. This quick howto deals with getting Address Book to work with LDAP (Microsoft Active Directory in our case).

Step 1: Determine the default naming context (base dn) for the search

- Fire up Terminal and issue an ldapsearch to determine the default naming context:

$ldapsearch -h -x -b '' -s base '(objectclass=*)' 'namingContexts'

- Search for the lines beginning with "namingContexts":

namingContexts: DC=mycompany,DC=com
namingContexts: CN=Configuration,DC=mycompany,DC=com

namingContexts: CN=Schema,CN=Configuration,DC=mycompany,DC=com

The result you are looking for is the "base/root" and that is the shortest one in the case of Exchange (btw - this will work on other LDAP servers too), ie. DC=mycompany,DC=com.

Step 2: Configure Address Book to query the server

- Fire up Address Book and go to the Preferences (Command + ,). Select the LDAP tab.

- Hit the "+" to add a new server.

- In the "Server" field complete the hostname of your Exchange server or Active Directory domain controller in the case of larger companies.
- In the "Search Base" use the information that you retrieved from "ldapsearch" earlier. It will be in the format DC=company,DC=com.
- Choose "Simple" authentication.
- "User Name" should be your normal Windows logon.
- "Password" again, your Windows password.

Step 3: Searching your Global Address list.

- Address Book will automatically query the server whenever you search for a name.

This will also happen whenever you type new addresses into when composing emails.

Hope this helps!

Thursday, January 03, 2008


I am very pleased to report that some feedback I sent was featured on the Security Now! podcast.
There are some podcasts that I make a genuine effort to keep up with and a lot of those come from Leo Laporte's brilliant TWiT network.

Just search the shownotes of show 124 for "Stephan Buys" to read my suggestion regarding private browsing by manually managing cookies in Firefox, alternatively listen to the audio also provided through the link or subscribe to the show using iTunes.