Free Wi-Fi: Safety and Security be Darned!

June 12, 2011 Leave a comment

You probably already know that Starbucks offers Wi-Fi free of charge at their locations. Some exceptions include ‘franchise’ stores like those at airports (which are typically belong to the food service provider that owns the relationship with the port).

There is a ton of free Wi-Fi out there; intentionally, or not. Access is available legitimately, or by “Wi-Fi Roguing” (stealing wireless Internet from unprotected networks) to private networks.

When looking (in advance, of course) use your search of choice; start with “WiFi zip code” in a search box; both Bing and Google will provide you a list.

So now you’ve found some Wi-Fi .. but you should be concerned that non-commercial / non-sponsored Wi-Fi may not be secure.

Free Wi-Fi at Starbucks, Panera Bread or some other gathering place, falls into the ‘sponsored’ category, as does your local coffee shop, community center, etc. I would expect sponsored Wi-Fi to be legitimate; safe from folks who might collect credentials. Since you really don’t know the operator, this is a risk, and your corporate IT may suggest / insist on the use of a Smart Card or secure proxy.

When roguing, you’re totally at risk when you connect to an unknown network; whether owned by random private individual whose condo is in range, or some punk with a laptop putting up a familiar (think: ‘linksys’, ‘netgear’ or “Free Public Wi-Fi”) SSID.

Hell, even commercial SSIDs run the risk of being spoofed. See “Wi-Fi Access Point or Account Credential Honeypot?” for a detailed walk-through of my observations in range of a (most likely legitimate) AT&T public Wi-Fi hotspot.

If in doubt, don’t connect.

Original Post: October 15, 2007

Filed under Reference Posts

Wi-Fi Access Point or Account Credential Honeypot?

June 12, 2011 1 Comment

I shouldn’t have to say this as we all know better, but here it is: We need to exercise caution when connecting to ‘foreign’ Wi-Fi signals.

I’m no stranger to ‘roguing’, but I’ve recently become aware of significant security risks associated with connecting to unknown networks. Here is some food for thought:

WAPHoneyFreePublic20060818You’ve seen this image before, I’m sure. It’s a peer-to-peer (computer-to-computer, versus access point-to-computer) networking icon. You should NEVER (except under the circumstances when a known and trusted user is sharing their connection with you), connect to a wireless signal that has the peer-to-peer icon.

You may see these icons when looking for Wi-Fi signals in busy public places. They are broadcast because of an unusual feature of older Windows versions wireless network stack that causes a computer to broadcast the last-connected SSID when not connected to a wireless network.

I STRONGLY suggest you edit the advanced properties of your wireless network card to connect ‘to ‘Access point (infrastructure) networks only to filter them out.

WAPHoneyWiFiList20060818My flight was delayed at SeaTac the other day, so I did my usual “is there a wireless network in the building in the building that I trust" search. I have a T-Mobile account, and sometimes I get lucky. In this case, there wasn’t.

However, there was a seemingly-helpful AT&T access point in the building. Nothing against AT&T, it’s probably a legitimate hotspot. But their login page was interesting, offering a list of ‘other providers’ (presuming a reciprocal relationship with AT&T), on the left.

It’s a healthy list, but none of which I have an account. Ah, being helpful, there’s an ‘Other Provider’ link at the very bottom.

Once you find an Access Point, you should NEVER connect to a wireless network using your credentials from another wireless network (i.e., T-Mobile via xyzzy Wireless) unless you enter your credentials into your native wireless account logon page (I have seen services that do this, redirecting to a T-Mobile login page that ‘advises’ the local wireless the account credentials are valid).

You have no idea how your credentials are being used. If you post your credentials to a foreign wireless site, you have just given your login and provider information to an unknown party who might use it for illegitimate or illegal purposes, leaving you to hold the bag or pay the bills.

To finish this story, I filled out the login page like this (I didn’t log in, of course):

WAPHoneyATT20060818

Let me point out that it would take a mediocre hacker about ten minutes to set up a page and host it on a laptop with a web server in an airport. In a busy public area, I’m confident a hacker could collect a pile of logins in just a few hours. Make the login experience compelling enough, including enough providers and data-hungry travelers will happily post their credentials rushing between planes. A polite "we cannot confirm your credentials at this time" message, and the traveler is none the wiser.

Be wireless-safe, people.

Original Post: August 18, 2006

Filed under Reference Posts

The ULTIMATE Fashion Statement while Wi-Fi Roguing

June 12, 2011 Leave a comment

Or, at the least, the apparel to demonstrate you’re able to connect.

wifi_shirt_anim20071009You remember wi-fi ‘roguging’?

It’s the fine art of connecting to wi-fi networks that aren’t yours.

Granted, not all connections to wireless networks are, shall we say, inappropriate, but here’s a cool way to detect a network without whipping out your laptop.

This shirt lights up when you’re within wi-fi range.

It doesn’t discern between secured and open networks .. you’ll have to sort that on your own.

ThinkGeek gives us the “WI-FI Detector Shirt

Original Post: October 9, 2007

Filed under Fun and Games, Reference Posts

Forbidden Lego Projects

June 12, 2011 Leave a comment

Some look downright dangerous, actually. This is a video of a brick shooting gun on YouTube:

I’m hiding this post from Hunter, though: his last Lego project was an airplane that never quite got off the ground.

But .. what if it had fuel? 😉

Forbidden projects are said to be those projects the master builders work on ‘in the back room’.

Unlike the safe-and-sound master builder projects (did you see the cool Harry Potter model a few years ago?), these can run in the realm of, well, dangerous.

The MBs combine bricks, modified building techniques and in a pinch, household materials.

Previous projects include a catapult, ping-pong ball launcher and gun.

Don’t try this at home, folks. Well, unless you buy the book, of course.

Original Post: August 28, 2007

Filed under Fun and Games, Reference Posts

Integration Architecture and the Baggage (mis-) Handlers

June 12, 2011 Leave a comment

This is a bit of a stream of consciousness post. No agenda; it’s just something I observed and extrapolated into (near-) relevancy.

There’s the plane.

Then, there’s the conveyor belt with a guy at each end; one who loads the incoming bags on the belt, and the other who grabs them from the belt and swings them onto the waiting trailer.

When the trailer fills (or the plane empties), the truck comes over and hauls it off to Baggage Claim.

It’s a dance. Can be amusing to watch, though. Beneath the grins, it’s a system rife with opportunity for error. Consider:

  • There’s only one door, so the physical world requires the guy on the plane to move further away from the door to fetch more bags.
  • If the belt gets ahead of the guy on the ground, the bags get to the ground, too. Sure, he can stop the belt, but if he does, the guy in the plane gets held up.
  • If the trailer is full, the belt must stop.
  • If the truck is busy, the trailer sits.

Once unloaded, it all happens in reverse.

The airline needs to turn (unload, reload and go) a plane quickly. You may assume outgoing bags are loaded onto a trailer at the terminal and delivered to the plane, even while incoming bags are still being handled. Consider:

  • What if you’re short handlers? Bags don’t move on / off planes, onto belts or into / out of trailers.
  • What if you’re short belts, or a belt is out of service? Bags don’t move on / off planes or in / out of trailers.
  • What if you’re short trailers? Bags get handled twice, and are left on the ground, either coming or going.
  • What if you’re short trucks? Bags sit on loaded trailers. Empty trailers sit where they don’t need to be.

Then, there’s the endpoints:

  • The plane is early: resources (handlers, trailers and trucks) are redirected, putting other arrivals / departures at risk.
  • The plane is late: resources (handlers, trailers and trucks) wait, or are redirected. Outgoing bags wait somewhere, along with the handlers, trailers and trucks.
  • The guys in Baggage Claim are behind; the loaded trailer sits, which holds up loading bags that need to be on an outgoing flight.

Each connection represents a potential choke point: a place where the process runs the risk of coming to a halt. Failure at any point will impact other parts of the system, causing delays.

I’m just so glad I pack light enough to carry on.

I didn’t write this to complain about baggage handlers. Rather, how about we imagine modeling this a data workflow? What would you do to protect against delays in the system?

Note there are components in place in this system to mitigate some of the risks of delaying the process:

  • Belts reduce the distance a handler must travel, increasing capacity and saving time. Time = money.
  • Using trailers rather than trucks (trailers can be left at endpoints) creates a buffer in which bags can be stored, for short term intervals.
  • Using trailers also reduces the number of trucks and drivers while increasing truck utilization. The accountants will enjoy maximum utilization of a capital expense.
  • Proper staffing of handlers at both the ends of belts and in Baggage Claim keeps things moving.

Some rough equivalents for a workflow architecture:

  • Bags: data, packaged in a mostly standardized form (the real world just sucks sometimes).
  • The plane baggage compartment: data / application silo in which users can create, manipulate and store data. The plane baggage compartment has a finite capacity.
  • Belts: FIFO queue (first-in-first-out queue) with finite capacity and known duration to offload data packets from the data / application silo.
  • Trailers: LIFO stack with finite capacity. A stack is essentially a LIFO queue, accepting data packets from the belt queue, but rather inefficiently: the last bag in is the first bag out by default. However, there can be exceptions: see Handlers, next.
  • Handlers: processes with finite capacity and the power to evaluate data packages (i.e., reading certain baggage tags for expedited handling). Premium tags are placed in a place in the trailer so they can be retrieved first by the handlers in Baggage Claim, rather than the standard LIFO treatment.
  • Baggage Claim: data / application silo that serves processed data back to users (or to other systems).

Use of components like queues and stacks can enable your workflow architecture to scale to Internet capacity. You should establish service-level agreements (SLAs) at each touchpoint to ensure you’re sending / receiving data in an acceptable timeframe and in the proper formats.

In past lives, I worked extensively as an Integration Architect. This was in the days before Windows Workflow Foundation and BizTalk. BizTalk 2004 was a godsend: in fact, I still have a current BizTalk 2006 implementation on a VPC with which I tinker when I feel the need to code. It’s not as sexy as a hot web application built in Silverlight or WPF, but it keeps me thinking of ways to add business value by integrating data trapped within cranky silos with other applications and end users.

A data model, application architecture or process workflow works the best when it’s modeled as close to the real-life process it represents. Once modeled, you can look closely at ways to improve it in an iterative fashion.

Original Post: October 2007

Filed under Architecture, Reference Posts

Live Rube Goldberg Machines

June 11, 2011 Leave a comment

My Hunter is keen on all things Rube Goldberg.

These two involve:

  • A slinky
  • An umbrella
  • A vibrating cell phone
  • A chessboard
  • A dart board
  • A few bottles of wine

For what more could you ask?

Bayham & Tyers (a now-defunct company, but a still-living partnership) gives us two videos: “The Contraption” and "The Contraption II".

Now, at a far-higher production cost (I’m guessing) OK GO released a YouTube video of “This too shall pass”, another live-action Rube Golderg Machine.

Original Post: June 28, 2007; updated June 6, 2011

Filed under Fun and Games, Reference Posts

Do you fear change?

June 11, 2011 Leave a comment

I think we all do.

Change for the better, change for the worse.

Change is change. You are the one who makes your change a failure or a success.

How do I deal with change? Well, being a pragmatist, I:

  • am a rabid fan (and defender) of the truth: categorizing and assessing feelings and facts
  • talk about it (my uplines might say: a lot)
  • document (like a fiend) and present compelling arguments

Am I confronted with change? Why, yes; yes I am. How am I going to deal with it? Well:

  • I will state the truth
  • I will email (I’m not in the office all that much these daze)
  • I have documented and the presentations are ready.

Is my impending change good or bad? Well, it ‘is’. I’ll work with the hand I am dealt (note: pragmatism) and survive.

So, how do you deal with change?

Original Post: March 16, 2007

Filed under Reference Posts

Language is a lousy way to express emotion

June 9, 2011 Leave a comment

I’m serious. Language is a lousy way to express emotion.

So much of expressing emotion is nuance: the tilt of the head (or raising an eyebrow, if you’re that fancy), a knowing glance, a comfortable silence.

We are, in many cases forced to express emotion verbally; using clumsy language, consisting of words.

It’s insane of us humans to think that we can express such deep feelings in such a crude way. I am starting to think of it as trying to hone crystal with river rock.

Granted, we are not all similarly afflicted: poets have managed to instill emotion using only words. That said, do you think there are a number of first-draft poets out there? Of course, poets draw on the collective consciousness and baseline knowledge of how people feel when describing a situation.

Musicians? Maybe.

Screenwriters? Not applicable. They have images and music and story-leading-up-to-the-moment.

Playwrights? See ‘screenwriters’, above, sans the music.

You get my drift. Disagree, if you must: I’m feeling frisky lately (it’s Spring!) and I’m ready for a debate.

Original Post: September 28, 2006

Filed under Fun and Games, Reference Posts

Got a call from Robert Redford ..

June 9, 2011 1 Comment

Hi, this is Robert Redford ..

Mr. Redford! How nice of you to call. I have truly enjoyed your body of work, and I’m delighted to hear from you.

.. I’m seeking your support on proposition ..

Your call is very timely. I was just thinking about the movie, "The Candidate", in which you played ..

.. after all, it’s only fair to those involved, and more fair to you.

.. a candidate whose goal was to get elected to a Senate seat. He had the right look (yours), the right hair (yours), the right teeth (yours), the best suit and the hottest handlers in the business.

So, be sure to vote in the next few days and ..

He didn’t have a message per se, and decided to tweak the establishment. In the end, is anti-strategy worked, and he won the election.

.. it’s right for those involved and right for you.

The last line of the film was the most poignant: after winning, with the press clamoring to get into your hotel room to interview you, you turned to your campaign manager and asked "What now?".

Thank you for your support.

What now, Robert?

Original Post: November 2, 2006

Filed under Fun and Games, Reference Posts

Your chance to stay at Fawlty Towers

June 9, 2011 Leave a comment

"Fawlty Towers" was a brilliant situation comedy that had only a single season series on BBC back in 1975. It’s now been repeated most years by our local NPR television station during their fund raising campaigns.

Written by John Cleese and his then-wife Connie Booth, it was loosely based on the experience ‘enjoyed’ by the Monty Python troupe at the Gleneagles Hotel in the eastern English resort of Torquay.

‘Enjoyed’ is a bit of a overstatement; suffice to say, the cast found themselves at the hands of one Donald Sinclair, who made quite an impression on Mr Cleese:

Cleese called hotelier Donald Sinclair "the most wonderfully rude man I have ever met" after they were berated for their table manners and had a timetable thrown at them when they asked the time of the next bus to town.

If you’re a fan, that sounds very, very familiar. Like a particular Basil Fawlty, played by John Cleese.

I told you that story to tell you this one: the Gleneagles Hotel was to be plowed under to make way for luxury apartments on the site, but the Torquay Council refused the zoning permissions and have instead transformed the site into a 41-room hotel.

Visitors to the hotel pose for pictures before a poster in the lobby. Want yours taken there? I sure do.

Original Post: September 30, 2006

Filed under Fun and Games, Reference Posts

Older posts

Newer posts