This is what passes as humor

Since I don’t have time to write a real blog post, here’s a recent exchange on Twitter between my friend @orangeshirtguy and myself.  If you get the jokes, I feel sorry for you.

Me: I like using sed commands in IM and then berating people when they have no idea what I’m talking about.

OSG: @FunnelFiasco to them, it’s just a case of he sed, she sed.

Me: Quick. Someone give me a witty rejoinder using the word ‘awk’ RT @orangeshirtguy: to them, it’s just a case of he sed, she sed.

Me: Better late than never? @orangeshirtguy don’t you think that joke was a bit `awk`ward. Perhaps you should `tr`y harder next time?

OSG: A nano second too late. I don’t need to vi for attention, I’m leet to th emacs.

Me: @orangeshirtguy > /dev/null

OSG: @FunnelFiasco: Not just “@osg >/dev/null”. That’s *nix fail. Try “cat @osg > /dev/null”. Have to have the cat, ‘cos OSG’s a cool cat.

Me: @orangeshirtguy not fail. I gave you the ol chmod a+x because I want you to be executed.

OSG: @FunnelFiasco : I gnu you would get mvious.. You must get a grep on yourself…

Me: @orangeshirtguy You don’t need to be such a cranky Gnome. I think it’s time to put this thread on IceWM. Surely you can CDE that point?

OSG: This is more like it. Vim and vi.gore.

OSG: @funnelfiasco Listen to me, mac, OS I’ll have to bash you to illustrator my point, and you’ll be a shell of your former self.

Me: @orangeshirtguy quit trying to stall, man. You’re de Raadt and you know it. Maybe you should go grab your blanket like Linus.

OSG: @funnelfiasco niiiiiice -20! should we kill -9 this thread and GBTW? It could get troff if I spend the rest of the day doing this.

Me: @orangeshirtguy [509 bcotton devo ~ ]$ niiiiiice -20! -bash: niiiiiice: command not found

And then @johnjanitor had to cap it off with: @orangeshirtguy @funnelfiasco please don’t shutdown now, it is not the 2nd tuesday yet. continue or cancel?

Beonard’s Losers — 2009, Week 4

This week’s show.

This time of the year can be a bit annoying.  Indiana fans seem to forget they have a lousy football team.  Granted, Purdue stinks on ice this year, but let’s look at IU. A game barely won against a 1-AA opponent, a game barely won by virtue of a lucky fumble recovery, and a game won against a team with a suspended starting quarterback.  As I told my mother-in-law earlier this week “let me know when you play a real team.”  IU fans, enjoy this now, and we’ll talk again in November.

Of course, the obnoxiousness of IU fans is magnified by the dismal performance of Purdue on Saturday.  That’s not intended to take anything away from Northern Illinois, they played a great game, but Purdue couldn’t be bothered to show up.  I mean, wow, what a really terrible game to watch.  It hurts all the more because it is the only game I missed in Week 3.  Perfect weeks are a bit hard to come by, and never seem to happen in conference play.

It is some consolation that I’m not the only one who didn’t have a perfect week.  Michigan State lost in South Bend for the first time in 16 years, Minnesota let California’s 4-game road slide come to an end, and USC had their annual inexplicable loss to an unranked team.

Leading an IT staff

Earlier this month, ComputerWorld printed an opinion piece by my colleague Jeff Ello entitled “The unspoken truth about managing geeks.”  Now, I’ve been in the business a mere three years, but I can generally tell if a person has a technical or non-technical manager.  Non-technical managers generally mean well, but they often fail to understand the mindset of the technical worker.  It is nearly impossible to provide effective leadership of any group when you cannot see the world as they do.

For better or for worse, my boss generally leaves me to my own devices.  However, I do have four students to manage.  I’m not that long removed from my student days, so that helps.  Leading students presents its own challenges.  You have to strike a balance between their courses and their work. Projects, exams, and interviews for real jobs can make scheduling a nightmare.  The talented and experienced students will often get bored with routine work, but it’s not always possible to give them increased responsibility.

The secret to leading technical staff, whether student or full-time, is to listen.  You have to understand what the employees want and need.  Most importantly, you have to understand how to keep your most talented and keep them happy.

Beonard’s Losers, Week 3

This weeks show (with unshakable cold goodness)

A few big wins last week have shaken up the college football scene.  Who would have seen Houston upending top-5 Oklahoma State?  For the Big Ten conference, this week had several opportunities to regain some of the respect it used to have.  It didn’t go as well perhaps as commissioner Jim Delaney would have liked, but there were some good games.  Purdue nearly upset Oregon in Eugene, Michigan defeated Notre Dame, Indiana managed to not lose to Western Michigan, Iowa dismantled Iowa State (I thought that game would be much closer).  On the other hand, Ohio State lost to USC (but in a quality game that bodes well for the rest of the season), Wisconsin took two overtimes to beat Fresno State, and Michigan State lost to an underrated Central Michigan squad.

So while the Big Ten at least managed to avoid any big embarrassments, there’s still plenty of football to be played, including this week’s games.

Technical notes: recorded with a headset this weekend, the audio quality is way better.  But the show doesn’t sound that great, due to my cold. Which is also why it is being posted less than an hour before the first games kickoff.  Sorries.

Transferring data the old-fashioned way.

Last week, the Internet let out a collective LOL about a news story from South Africa.  It seems a pigeon with a 4GB USB stick got better bandwidth than the local DSL service.  While humorous, this is not exactly a new idea.  A rafting tour company in the Rocky Mountains sends photos back to the base via pigeon.  Using a PigeonNet is so common, there’s actually been an RFC developed for it, although the date diminishes its credibility somewhat.

To be serious, though, transferring data over the network isn’t always the best option.  You should never underestimate the bandwidth of a box truck.  The transfer of large files over a network connection can take hours, days, or even weeks.  A delivery service can often have a disk with the same data delivered overnight.  We experienced this in my department a few years ago.  One of our faculty was working with a colleague in China who had several terabytes of climate model data to share.  If they had tried sending it over the network, we’d still be waiting for all of it to arrive.  Instead, a box full of disks arrived after less than a week.

The common term for this kind of manual transfer of data is SneakerNet.  SneakerNet can be very fast and reliable in certain situations, but it’s important to consider all of the factors.  The time it takes to transfer data via SneakerNet is not just the time it takes to ship a disk from one place to another.  There’s also a non-trivial amount of time to copy the data onto and off of the disk.  Over a USB connection, it may take half a day or more to transfer a terabyte of data to or from a disk.

Sometimes SneakerNet is not done as a bandwidth consideration, but because of architecture.  If you have a separate internal network (like is often used for classified government data), you may have no other choice than to transfer data “by hand.”  Or it may be that the cost of setting up a more automated system is not worth the effort.  In my department, we rarely have to install software on Macs, so it’s to our benefit to walk down the hall with a CD instead of going through the effort of standing up a software installation service.

There are plenty of reasons and methods for transferring data the old-fashioned way.  I’ll leave it to my ones of readers to come up with their own justifications.

A few thoughts on phishing

It’s no secret that I write blog posts a few days in advance.  When I’m on a roll, I am sometimes a week or more ahead.  Well right now it is getting kinda late-ish on Wednesday night, and I don’t anticipate having much time to write on Thursday.  Since I have no other posts ready to go, I have to write Friday’s now.  Difficulty: I’m not feeling very well.  Oh yes, and I’m not really sure what to write about.

I guess I’ll write about phishing. Not the kind you do with your grandpa on a lazy summer day, but that kind that cleans out your bank account and runs over your cat.  It’s been many years since I first started seeing warnings on AOL chat windows letting me know that AOL employees will never ask for my password. Yet here we are, over a decade later and it is still a real problem.  As recently as a year ago, a professor in my department fell victim to one of the “reply to this message with your username and password” e-mails that occasionally get sent to people at large universities.

Of course, most phishing attempts are a bit more subtle.  Perhaps the university (or bank, or whatever) logo, complete with a link to an authentic-looking website.  Just enter your login information and voilà, your credentials are in the hands of the bad guys.  So how do you combat this?

As an admin, there’s not much you can directly do, it all comes down to user education.  Unfortunately, while user education is very effective, it is notoriously difficult to achieve.  People don’t want to bother thinking about whether the message they got from me has a valid S/MIME signature attached.  They’ll probably do whatever I tell them to do, whether or not I’m actually the one telling them.

Some people have taken to encouraging people not to click any links in e-mails (which is a good idea, but let’s face it, we all click links because its too damn inconvenient to not) and putting spaces between each character in the “http://” portion of the URL to prevent mail clients from automatically creating links.  I get the idea, but I think it’s generally silly.  For one, it looks funny and takes up extra space on the line.  For two, it doesn’t really address the problem.  Sure, the idea is that people will copy and paste the URL into their browser, but a sufficiently tricky phisher can create a URL that looks close enough to legitimate such that a distracted victim wouldn’t notice.  It also relies on the fact that people have been taught not to click on links in e-mail, which is pretty much a universal behavior, even among those who should know better.

There’s also some debate on whether or not it is appropriate to tell users about the latest round of phishing attempts.  My take, and several of my colleagues agree with me, is that telling users is a bad idea.  It might seem counter-intuitive, but consider this: if you always tell users, you’ll train them to think that their friendly admin will always let them know when the bad guys are at it again.  So then that one time you miss sending out a message, some users will assume it is legitimate and fall-victim.

So what’s the solution?  If I knew that, my blog would be as famous in the information security business as it currently isn’t. Realistically, it comes down to doing a better job of user education, but that’s hard.  And it doesn’t really address the ‘”how” aspect. Somehow, we have to train people to not click unverified links, and that starts with changing our own behavior.  Greater use of digitally signed e-mail is a good idea too.  There was an interesting discussion on Reddit about this earlier.

Where do we go from here? And how will we try to keep up with/ahead of the bad guys?

Beonard’s Losers — Week 2

This week’s games:

For as out of practice as I am, I’d say I did fairly well in last week’s predictions.  I have something in common with Byron Hout, though.  I didn’t foresee LaGarrette Blount going nuts at the end of the Oregon/Boise State game.  He first punched Hout, who had been taunting him, and then he tried to go all Ron Artest on some BSU fans.  Wisely, Blount has been suspended for the rest of the season.  Hout’s conduct, too, deserves some punishment.  Perhaps a few trips up and down the stairs will teach him to win with a touch more class.  The whole incident is just abhorrent, and it’s a shame that’s what the big story is from this weekend.  That’s all I’ll say about it for now.  We’ll see if Chip Kelly really has any control of his team when my beloved Boilermakers pay a visit Saturday night.

The Big Ten, as a whole, performed acceptably.  The conference went 10-1, the only loss coming to a legitimate opponent.  This week, it’s Directional Michigan against the Big Ten, and the marquis matchup of USC at OSU.  Navy has really improved in the past few years, but tOSU fans should be concerned that they were able to keep it so close in Columbus.  And how about Iowa nearly falling victim to Northern Iowa?  Or Indiana winning at the last moment against a I-AA team?  The Big Ten is supposedly improved this year, but I’m not convinced.  We’ll see in the next few weeks.

Giving directions to a woman is hard

The title is maybe a bit misleading.  I am not a sexist, bastard, I promise.  The reason giving directions to a woman is hard is because I’m a man.  As it turns out, men and women think differently.  I’ll pause to let that sink in.  Men, apart from not asking for directions, tend to be more technical in their navigation.  Directions, distances, and street names are pretty much all I need to get from one place to another.  Women tend to think more about landmarks.

Research indicates that not only do men and women navigate differently, they also use GPS systems differently.  Women, for example, generally don’t make use of the traffic features.  If I had one, I would use this feature all the time — traffic is something my route planning generally tries to avoid.  I’d much rather take a longer route if it means I can just drive instead of sitting in traffic.

When I was a little kid, I used to look at the maps in the phone book all the time.  I knew my way around pretty well.  Maps are just something I do, I try to learn my way around a city, even if I’m only going there once.  On the other hand, my wife doesn’t know some of the roads in the town we’ve lived in for almost a decade.  She can find her way around, but she might not be able to tell you what road she’s actually on.

The reason this comes to mind is because classes started two weeks ago.  In the past two weeks, I’ve had to give directions to a lot of random people, many of whom have maps.  It seems most of the people in need of direction are women.  I’ve found it very hard to tell them how to get where they need to go, because there are no roads on campus, and I can’t use the other buildings as reference.  I just have to hope that I can stumble through directions well enough to get them to their destination successfully.  I also have to hope that I never run into anyone as bad with navigation as this humorous blogger.

Nugget Night update

It seems like it’s been forever since the last time I was at Nugget Night (my current streak is now 1), but after a day of watching football, there was nothing else that would satisfy.  The Nugget Night page has been updated, and it is becoming increasingly obvious that 44 is about my limit these days.  I probably could have gone for one more box, but I instead preferred to get a peach milkshake. Mmmmm.