Ralph Bonnell's July-October (kinda sorta) Monthly Newsletter: Hello and welcome to Cybie's third newsletter! Yes, I am Ralph Bonnell, aka Cybie, and you are reading the best, most high tech, most l33t, killer technical newsletter ever written! Prepare yourself. Ready? Not sure if I am, but here I go!
New Update: I have all of my newsletters up on my public blog, http://ralphbonnell.blogspot.com/ . Yes, there is a REAL blog there now, not just a picture :) If you want to comment on this, or any of my newsletters, go to my blog and let your opinion be known!!
-=- 0001. Where has Cybie been?!? -=-
Ok, I have been busy lately, so this newsletter is waaaaaaay late. That is ok. Busy is good! :)
DEFCON: Defcon was awesome. I did not see many people there I knew (Havoc, it was great to see ya! :), but i DID enjoy the show. Picked up a nice lock pick kit in the vendor area. Lock picking is tricky at first, but suprisingly easy once you get the hang of it.
If you have not heard, a teenager showed how to pick the world's 'most secure locks' ever, on stage, in seconds. These are the same locks that protect the pentagon and the white house. One of those 'oh shit' moments for some, and it was awesome. No need to worry too much, as the entrances to those facilities also come with guard with machine guns.
The important point here is that physical security is key. That was the general topic of Defcon this year. Social engineering and physical security. Thats why the dateline reporter's bust was sooooooo hilarious. She was going to try to secretly film a federal agent get spotted at a spot the fed. A BIG NO-NO to film that. The story is a textbook example of how NOT to perform an undercover operation. 1. She went to a conference which was all about what she was trying to expose. 2. She told way too many people what she was doing. 3. The Defcon staff begged her to get a press pass, as they all know what she was planning. 4. She told a goon (staff member) EXACTLY what she was doing as she was planting her mic. Wow, she totally asked for it. The rest is history.
I am actually glad she did this, as if dateline actually ran this story as planned, it would have shown Defcon in a negative light, which is completely against what the conference it all about in the first place. Defcon is all about the open exchange of security knowledge. I love the concept of full disclosure. Thats the only way to make lazy vendors... well... fix their warez in a timely manner. Enough said. :)
UBUNTU LIVE: So I did make it to Ubuntu Live in Portland, OR the other month. It was a GREAT experience. I got Mark Shuttleworth's autograph on my Ubuntu 7.10 DVD case. He was approachable and it was a pleasure chatting with him. Make me appriciate what Canonical (Ubuntu's parent company) was trying to do. It is always hard to balance the open source community with the commercial community. They are trying as hard as they can to make it work.
Canonical demo'ed their enterprise management application, which was quite impressive. I know they had to do something like this as Red Hat has the Red Carpet app and Novell has the ZenWorks suite. One of the most impressive presentaions for me was the Mythbuntu one (the MythTV authors gave this one, and they have a Ubuntu version of MythTV that was amazing).
Another one that was amazing was a presentation on the LTSP project, which I am a huge fan of. I get to work with the linux terminal service type of technology at work using the Crossbeam appliances (which ROCK!!!). This presentation has pretty much all of the lead programmers of the LTSP project there. And they answered questions personally. Awesome.
The other impressive presentation was all about the new, upcoming, Mobile version of Ubuntu. I have written about how the new MID 'Mobile Internet Device' market is going to be HUUUUUGE. Well, Ubuntu and Intel are teaming up to fill that niche. Thank goodness for companies like Intel, as they are helping Linux move into the mainstream like no other company has before. (IBM is doing a good job too)
-=- 0010. Palm, what are you DOING? -=-
It seems Palm has scrapped the Folio, just before they were about to start selling it. This was quite sad. They could have been first to market with the first mainstream MID device. I actually got to play with one! Last month I went to the Palm store at the Westfield Mall in downtown San Francisco, quite close to my apartment actually, and I loved it. The employees loved it too. I went to the Palm store today actually and talked to the same guy about it. Looks like the Engadget article hit home for them, and they decided to wait. It is coming back, but I think they are going to wait until the Palm OS goes to a Linux core before re-releasing the Folio. I guess I can understand the logic..
Palm released a new phone today it seems, the Centro. ( http://www.palm.com/us/ ) Looks neat, its a smaller form factor Treo, and it is only going to be $99. Go Palm!
-=- 0011. Where has Cybie been? Where is he now? Where is he going? Wow, Cybie is hot! -=-
A couple of weekends ago I wandered over to the Treasure Island Music Festival, just outside of San Francisco. They had a retro arcade setup in the grass so I spent a lot of time playing old sk00l Star Wars, Street Fighter 2, and Pac-Mac. ahhh that was fun! :) The headliner was Thievery Corporation, who rocked! (ogg's of their music is available on my ftp server for those who have access and want to check em out) From wikipedia: Their music style is dub, acid jazz, Indian classical and Brazilian (such as bossa nova) fused together with a lounge aesthetic. ( http://treasureislandfestival.com )
This weekend is the San Francisco Lovefest parade, an electronic music festival. I am hoping to see Paul van Dyk, Paul Oakenfold, DJ Icey, Sasha, Chemical Brothers, Crystal Method, Sasha, Keoki, Baby Anne, and a hundred more djs performing this weekend. Of course I am just excited to check out Ruby Skye and/or a few other gigantic clubs in the city... ( http://www.sflovefest.org )
Next weekend is the big, free Bluegrass festival at Golden Gate park. The amount of musical talent that will be there is truly amazing! Check out the site for a complete list. ( http://www.strictlybluegrass.com/ )
In the next couple of months I will be in St. Paul, MN, Herndon, VA, and Seattle, WA.
I have a week off in December and I am seriously considering traveling to Thailand. I will let you know more next month, but wherever I do go, I want to relax on a beach and drink strong coconut flavored drinks while getting back massages :)
I am also going to the Consumer Electronics Show in Las Vegas the week of January 7th (i will be there through the following weekend as well...). If you are going as well, let me know! ( ralph@ralph.cx )
-=- 0100. What should I put here? -=-
Send me an email and tell me :)
-=- 0101. New toys! -=-
I bought a new silver PS2 last week along with Gran Turismo 4 and a Logitech force feedback steering wheel attachment. WOW, this is one intense experience. Too bad I kinda suck at the game. My roommate is much better at it :)
I also grabbed the new slim silver PSP. This is one neat device. I still like my Nintendo DS more, well, because the games are easier to pirate - to be honest, but the PSP is a very impressive piece of hardware. I am looking forward to checking out the homebrew scene on it. The Nintendo DS homebrew scene is quite active and the freeware games are getting better every day.
-=- 0110. The importance of OpenOffice and the danger of the Microsoft's OOXML format. -=-
If you are not aware, Microsoft is trying to make their own Office XML format an official world wide standard. This is a huge deal and they need to be stopped. There are plenty of documents on the web that describe why this is a problem. Any standard that is dictated by a single company is not a real standard. The OpenOffice is a stable, complete, and cross lingual standard. The only reason Microsoft if not embracing this standard is because they do not control it.
Even Google has backed the OpenOffice standard. I fully support this standard and I hope more countries around the world standardize on it.
Recently Microsoft attempted, yet again, to try to impose the Office Open XML format (OOXML) on the world. It did not pass. There are several debates about the status of this format online, but the gist of it is that Microsoft is trying to get their 'open' standard an international standard. I believe it is VERY important to keep this from happening. Standardized document formats should be chosen through a process of peer review and completely open in order to guarantee application compatibility, stability, and a choice of vendors. The United States may be mostly Microsoft Office based now, but that is not going to last forever, and in other countries, another format could spread quickly. Support open formats!! Ubuntu should overtake Microsoft any day now :)
-=- 0111. Game ROM Recommendations -=-
I am going to start recommending Nintendo ROMS as I am a fan! You can see public reviews of releases at: ( http://ds-scene.net ) I am currently playing Picross, which is a very challenging puzzle game. Sort of like pixel art sudoku. Hard to describe, but quite addicting! Other cool ones: 42 All-Time Classics, Brain Age and Brain Age 2, all 3 Castlevania games, Impossible Mission (and its JUST LIKE the Commodore 64 version), MegaMan ZX, Monkeyball DS, Sonic Rush, New Super Mario Bros (this is a gotta have if you have a DS), Tetris, Yoshi's Island, and I have to admit, Super Princess Peach is really fun. You have a DS and want to play? Go to ( http://divineo.com ) and click on the Nintendo DS development area and buy a M3 DS Simply (it is only $45) and you are good to go! I do not get a kick back from this site (i probably should ask for one based on my amount of referrals), but I buy from them often...
I have also been spending time playing new games on my new PSP. Games I have that I recommend are: Lumines II, Street Fighter 3 (ahh brings back memories), Wipeout Pure, Final Fantasy I, and Grand Theft Auto: Vice City Stories (i LOVE this game, however it is so fun to just steal cars and run people over, it takes me forever to finish the missions).
-=- 1000. New stuff at FishyNet -=-
I have been teaching a lot since I joined FishNet Security's education services (almost) full time last year. I still do professional services for insane amounts of money, heh heh (worth every penny). Most of you know I teach the following classes:
Check Point Management I (for over 10 years now!)
Check Point Management II
Check Point Management III
Check Point Provider-1
Check Point VSX
Juniper SMF (Netscreen Security Manager)
Juniper CJFV (Juniper SSG firewalls)
Advanced firewall classes: HA, advanced VPN, advanced routing
Juniper IDP
Juniper CNSA (Juniper Secure Access, SSL VPN)
Juniper ANSA
Linux Security
Web Application Security Awareness
Nokia Security
Crossbeam X-Series (one of the lucky few to be certified to teach this awesome product)
Well, I am in the process of becoming a certified Sidewinder instructor! Soon I will be teaching Secure Computing Sidewinder 7.0 Basic and Advanced at a training center near YOU! (I hope your in Hawaii, as I want to go someday soon, and it is always more fun when you pay for it ;)
-=- 1001. New Book!! :) -=-
Syngress Publishing has hooked me up big time! I am now the Primary Author of Syngress's new book: Configuring Check Point NGX R65 Firewalls (tentative title). Finally, my name in big print on a book that will be in bookstores everywhere. Ahhhh, so exciting! If I ever finish it...
-=- 1010. Links that will fry your brain -=-
Lego just started shipping their largest set, ever. A $500, 3 foot long Millennium Falcon ( http://www.hlj.com/product/FNMSW-06 ) Wow, I dont think I will ever spend that much on a Lego set, but it looks AWESOME.
If you have never heard of it, I read the Onion frequently. ( http://theonion.com ) Totally fake news, but often hilarious!
I had my 15 minutes of fame once on Slashdot. My geek cam in Florida watching Hurricane Floyd, thanks to Greg for submitting it :) ( http://slashdot.org/article.pl?sid=99/09/14/0819225 )
Someday soon I am going to buy an OpenMoko, which is the hacker's dream smart phone. Linux, open source, hackable, touch screen, GSM and WiFi. ( http://wiki.openmoko.org/ )
-=- 1011. Thats all folks! -=-
I guess thats all I have for now. I will try to get the next one written in a month, otherwise I may have to rename my 'monthly' newsletter. In St. Paul this week I actually got to watch the season opening of Heroes, when everyone else saw it. Makes me want cable :) (i have not had cable in several years...) Please feel free to comment on my blog as I would love to hear your opinions too!
-Ralph Bonnell - network security certification collector extrodinaire. email. ralph@ralph.cx call. 206-370-2551
Subscribe to:
Post Comments (Atom)
2 comments:
Hey Cybie! It has been so long, I almost forgot I signed up for this newsletter. You almost inspired me to buy a NintendoDS, until I remembered that I am a cheap bastard. That's awesome that you are writing a book! PS - When I try to connect to aubbs.cx, it just redirects me to your site! Where is AU?!?!!?!
"I love the concept of full disclosure." Ralph..
That's great. The disclosure project . org is a wonderful idea. Is it true that we ( as mankind ) learned about fiber optics from a crashed alien (extraterrestrial) space craft , along with night vision , zero point energy , particle accelerators , anti-gravity , and (most importantly , btw ) , HOW NOT TO DEPEND ON OUR USE OF OIL AS A PROPELLANT ? Peak oil is here.. 2012 will be here b4 we know it... Every body freak out while we still can..lol..At least until that right is taken from us..(it will soon be against the law to "freak out") Anyway , great news , Cybie , still looking for some open source for my Commador 64 and, oh , I found one misprint in your news letter this "month". Talk to you l8r!
Post a Comment