Re: wok-key: dealing with keyloggers on net-cafe computers
On Tue, Aug 25, 2009 at 6:43 PM, Tom Buskeyt...@buskey.name wrote: Boot from a CD or USB key? typical cafe has no accessible CD slot or boot button., and booting will break their time keeping (billing ) system, so you should expect to be evicted -- or arrested for 'hacking' -- Bill n1...@arrl.net bill.n1...@gmail.com ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: wok-key: dealing with keyloggers on net-cafe computers
On Tue, 2009-08-25 at 22:43 -0400, Bill McGonigle wrote: On 08/25/2009 06:43 PM, Tom Buskey wrote: Boot from a CD or USB key? Does anybody really do this? I would have guessed drivers would be hit-or-miss, and BIOS fiddling would often be required (I'd keep BIOS setup locked if I ran such a cafe). I carry a USB stick with Puppy-OS. However, I've never actually tried it at an Internet cafe. It's recognized the necessary (network adapter, video, USB) hardware the few times I've used it. -Bill -- Lloyd Kvam Venix Corp DLSLUG/GNHLUG library http://dlslug.org/library.html http://www.librarything.com/catalog/dlslug http://www.librarything.com/rsshtml/recent/dlslug http://www.librarything.com/rss/recent/dlslug ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: wok-key: dealing with keyloggers on net-cafe computers
You could do like that character in Cryptonomicon (a good read, BTW) who was imprisoned in what he assumed was a TEMPEST-instrumented jail with his laptop, so he rigged it surreptitiously to do I/O via Morse code... ;- ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: URL syntax
Ben Scott wrote: On Tue, Aug 25, 2009 at 7:48 PM, Dan Jenkinsd...@rastech.com wrote: Does the URL show properly in Thunderbird but then get messed up when Firefox gets it? Yes. If I recollect, it looked right in Thunderbird, but opening it caused a failure in Firefox. Curiouser and curiouser. If I copy-and-paste the URL to a text editor, confirm the ampersand, then CP back to Firefox, it works properly. If I manually type an ampersand as a Wikipedia URL, I get the appropriate redirect. So Firefox does the right thing for me. Maybe it's the interaction between FF and TB? I've deleted the email, so I cannot do any further testing. If you want to do more testing, the URL was: http://en.wikipedia.org/wiki/Fast_Search__Transfer If you don't want to do more testing, that's okay, too. =-) This URL worked fine for me. No idea why it came through broke the first time. If I recollect it was not the encoding which was broke, but that there was a break in the URL. When I searched for the partial URL on Wikipedia, I found the right URL, which, when I posted it in my email, encoded the as %26. This is purely from memory, during a very busy day, whilst concentrating on something else, so my memory may have no resemblance to reality. :-D -- Dan Jenkins, Rastech Inc., 1-603-206-9951 ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: comcast dhcp leases
On 08/25/2009 07:28 PM, Chris wrote: I just checked mine, and according to my router, the lease time is 4 days. maybe it's only certain areas. I checked mine last night (Comcast in Billerica MA) and it had a remaining lease time of 2 days, 22 hours. -Mark ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
[semi-OT] CentOS named appropriately?
I wonder if the CentOS (Community ENTerprise Operating System)
founders knew about this or if it's just, like, ya know - kosmic:
e521:~/codeGen 601--- dict cento
1 definition found
From The Collaborative International Dictionary of English v.0.48 [gcide]:
Cento \Cento\, n.; pl. {Centos}. [L. cento a garment of several
pieces sewed together, patchwork, a poem made up of various
verses of another poem.]
A literary or a musical composition formed by selections from
different authors disposed in a new order.
[1913 Webster]
___
gnhlug-discuss mailing list
gnhlug-discuss@mail.gnhlug.org
http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: wok-key: dealing with keyloggers on net-cafe computers
If you ran such a cafe, you'd also have the user accounts locked down so malware couldn't run in the first place. yeah, but it's still Windows and hardware keyloggers are cheap There ya go. Start by emailing a password to your server from your phone. (I'd suggest a different password for this mechanism.) When the server gets the right password, it sends an OTP to your phone via SMS (every carrier I know of has an SMTP-to-SMS gateway). Login with the OTP; don't use your regular password. That way you're also got a sort-of two-factor authentication; unless someone can receive your SMS messages *and* knows your trigger password, they can't get a OTP. So, naturally any good idea has a Wikipedia article about it: http://en.wikipedia.org/wiki/One-time_password#OTP_over_SMS A concern there is raised about trusting the third party (SMS gateway/phone network) to deliver the message, and also that it's unencrypted. It suggests banks may have been hit this way. So, to reduce the attack surface: 1) start the session from the browser. Enter your username and click the OTP button. JavaScript gets a key from the server here (assuming TLS on all of this). 2) server stores source IP, date, key, and OTP. Sends out encrypted OTP via SMS. 3) user receives SMS, enters into form, OTP is decrypted and sent, date and IP are checked, OTP is deleted. A failure of date, key, OTP, or IP reveals an attacker. Windows UI controls (widgets), which are easily queried with unprivileged API calls. oh, good lord. ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
strange system clock issues
Hi folks, I just noticed that my system clock doesn't seem to be working correctly all of a sudden. I wasn't running ntpd, but now I am. And when I run it, it keeps things up to date for a bit, but watching the seconds tick by seems very slow, I can actually count 5 mississippis between seconds on the clock. After the clock gets about an hour (maybe it's 2) out of sync, ntpd fails to sync and gives up. Is this a system clock battery problem ? The system in question is about 10 years old... -- Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: strange system clock issues
gnhlug-discuss-boun...@mail.gnhlug.org wrote on 08/26/2009 04:08:38 PM: Hi folks, I just noticed that my system clock doesn't seem to be working correctly all of a sudden. I wasn't running ntpd, but now I am. And when I run it, it keeps things up to date for a bit, but watching the seconds tick by seems very slow, I can actually count 5 mississippis between seconds on the clock. After the clock gets about an hour (maybe it's 2) out of sync, ntpd fails to sync and gives up. Is this a system clock battery problem ? The system in question is about 10 years old... -- Paul ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ ntp will give up if the time difference is greater than an hour. Sounds like a battery problem. Umm, now would be a very good time to back up your CMOS... Lithium cells last hmm ~ 10 years. -Bruce ** Neither the footer nor anything else in this E-mail is intended to or constitutes an brelectronic signature and/or legally binding agreement in the absence of an brexpress statement or Autoliv policy and/or procedure to the contrary.brThis E-mail and any attachments hereto are Autoliv property and may contain legally brprivileged, confidential and/or proprietary information.brThe recipient of this E-mail is prohibited from distributing, copying, forwarding or in any way brdisseminating any material contained within this E-mail without prior written brpermission from the author. If you receive this E-mail in error, please brimmediately notify the author and delete this E-mail. Autoliv disclaims all brresponsibility and liability for the consequences of any person who fails to brabide by the terms herein. br ** ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: strange system clock issues
On Wed, Aug 26, 2009 at 4:08 PM, Paul Lussierp.luss...@comcast.net wrote: After the clock gets about an hour (maybe it's 2) out of sync, ntpd fails to sync and gives up. Is this a system clock battery problem ? It shouldn't be the battery. In a standard IBM pee cee, the battery clock is only used to set the system clock during POST. After that, the battery clock is not used, unless the OS specifically asks for it. The tool to do that under Linux is hwclock. You may want to compare the output of date and hwclock, especially over time. Historically, a system clock that was loosing time was often a sign of high interrupt load. The system clock on a PC is advanced by the timer interrupt (IRQ0), which ticks 18 times a second. If the system is spending a lot of time in interrupt service routines with other interrupts masked, the system clock will miss enough ticks to make a difference. You used to see this a lot with NetWare 3.x systems, circa 1990. I don't know if that problem can still happen with modern systems or with Linux. /proc/interrupts will give you counters, but I don't know what a lot would be. Given the age of the system, there is a real chance that the hardware which drives the system clock is starting to fail. You may be able to compensate by having a cron job fire once per minute and run hwclock --hctosys. That's a kludge at best, but it may be okay for some situations. -- Ben ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Wifi @ Nashua Library?
On Wednesday 26 August 2009 15:49, Marc Nozell (m...@nozell.com) wrote: The Nashua Public Library has free wifi, but I've not been able to connect, but other Windows users nearby have. It is an unsecured network so it isn't a key or passphrase problem. I see in the logs that dhclient isn't getting a lease: I'm using Ubuntu/Jaunty. Anyone successful? I log on there successfully - most of the time. Their server gets overloaded easily. I am running OpenSuSE 10.3. My firewall setting was keeping me out, apparently. I could log in with the firewall down. When the firewall was changed to allow all of its listed services (DHCP, DNS, HTTP, IMAP, IMAPS, LDAP, IPP, NFS, NIS, SSH), I got on. Not being very patient, I never went back to see which of them had to be on. (They cut you off without warning if your download reaches 1 GB.) Jim Kuzdrall ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: strange system clock issues
On Wednesday 26 August 2009 16:08, Paul Lussier wrote: Hi folks, I just noticed that my system clock doesn't seem to be working correctly all of a sudden. I wasn't running ntpd, but now I am. And when I run it, it keeps things up to date for a bit, but watching the seconds tick by seems very slow, I can actually count 5 mississippis between seconds on the clock. After the clock gets about an hour (maybe it's 2) out of sync, ntpd fails to sync and gives up. Is this a system clock battery problem ? The system in question is about 10 years old... I would guess battery. The current drawn by the 32KHz clock chip is so low that it always runs on battery. The clock draws less current than the self-discharge of the battery. But... the battery shelf life is about 10 years, highly dependent on storage temperature. If you can get at it, it would not hurt to replace the battery. Jim Kuzdrall ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: strange system clock issues
On 08/26/2009 08:43 PM, Ben Scott wrote: The RTC certainly doesn't advance the system clock. That's done by IRQ0, which fires 18 times per second... $ grep -e rtc -e timer /proc/interrupts 0: 2321478409 local-APIC-edge timer 8: 3IO-APIC-edge rtc $ uptime 20:43:02 up 26 days, 20:46, 1 user, load average: 0.00, 0.00, 0.00 $ According to that, the RTC interrupt (IRQ8) has fired 3 times since boot, while the system timer (IRQ0) has fired roughly 2.3 billion times. Which do you think is advancing the system clock? :) ((26 * 24 + 20) * 60 + 46) * 60 = 2321160 seconds 2321478409/2321160 ~= 1000 I'd suspect the IRQ0 is firing closer to once per millisecond. -- Ted Roche Ted Roche Associates, LLC http://www.tedroche.com ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
Re: Wifi @ Nashua Library?
I was at the library tonight and had no problem connecting. Even rebooted just to make sure it wasn't a fluke. The only thing different was last time my hp2133 was restored from hibernating and tonight it was from a cold boot. Not that it has problems restoring from hibernation and connecting to our home wifi networks.Strange. FYI the Nashua library has free access to a number of 'for-pay' databases, like Ancestry.com (genealogy, including scanned/indexed census records) and newsbank.com (historical scanned/indexed US newspapers). Sadly access is tied to their locked down WinPCs -- just being on the library network is not enough.Other databases can be used from home if you log in with your library ID. -marc On Wed, Aug 26, 2009 at 4:55 PM, Jim Kuzdrallgnh...@intrel.com wrote: On Wednesday 26 August 2009 15:49, Marc Nozell (m...@nozell.com) wrote: The Nashua Public Library has free wifi, but I've not been able to connect, but other Windows users nearby have. It is an unsecured network so it isn't a key or passphrase problem. I see in the logs that dhclient isn't getting a lease: I'm using Ubuntu/Jaunty. Anyone successful? I log on there successfully - most of the time. Their server gets overloaded easily. I am running OpenSuSE 10.3. My firewall setting was keeping me out, apparently. I could log in with the firewall down. When the firewall was changed to allow all of its listed services (DHCP, DNS, HTTP, IMAP, IMAPS, LDAP, IPP, NFS, NIS, SSH), I got on. Not being very patient, I never went back to see which of them had to be on. (They cut you off without warning if your download reaches 1 GB.) Jim Kuzdrall ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/ -- Marc Nozell (m...@nozell.com) http://www.nozell.com/blog ___ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
