Wednesday, August 19, 2009

Fait Accompli

On Monday I successfully defended my PhD dissertation. It's been 5 months since I passed my comprehensive exam so I missed this development cycle entirely, but I'm looking forward to getting back to hacking and mapping.

Since I've completed my stint in Clemson, I will soon be moving to my house in Virginia. I'm a little wary of starting my new job on the 31st, but it will be an interesting change from being a graduate student. I'm looking forward to my parents, my brother, and his fiancee visiting next week to celebrate our birthday. Since my parents will be moving to Europe soon, I'll hopefully be able to meet some of my Gnomies from across the pond.

Friday, June 19, 2009

Lockpicking and Security

No doubt in the past day or so people have seen on boing boing a Wired article about Marc Tobias picking Medeco's "high security" locks. From the article, the claim high security means something specific in the industry, being able to withstand compromise for 10 or more strictly 15 minutes. These locks have been specifically hardened to resist attacks and you have no doubt been wondering about the security of the lock on the front door of your home.

Before you run out and buy a more "secure" lock for your home, let's discuss some security concerns that affect your purchasing decision.

Do you have windows made from bullet proof glass on your home? If so, the lock on your front door may be your weak point. If not, consider that a non-savy criminal can defeat your multi-hundred dollar/pound/euro lock with a cheap brick or a rock from your landscaping (maybe you want to reconsider leaving break in tools around your front yard). This goes double if you have another exterior door that's glass or that a similar high security lock can't be affixed to. Remember that unless you have a facade constructed entirely of thick, well mortared masonry, a persistent attacker could easily cut through your wall with tools available at any home improvement store. Any system is only as secure as its weakest point.

Let's also consider the rate of home break ins. The US Department of Justice provides statistics on historical trends of household burglery defined as "Unlawful or forcible entry or attempted entry of a residence." The following chart shows the national rate of burglery per 1000 homes from 1973 - 2005 (clicking through will take you to the numerical data).

Since this is a national average, you can reduce the rate of incidence by your choice of neighborhoods/areas to live in.

If we assume that your chances of actually being broken into are small, 29.5 per 1000 homes in 2005, and your locks and windows are actually insecure and only useful for keeping the honest honest, is your money better spent upgrading insecure locks, windows and walls or limiting the consequences of such an unlikely event? By all means, lock your doors and windows, but also make sure you carry an appropriate home or renters insurance policy and have documented what you own and their approximate value. This evidence should be stored, like your backups, in a secured off-site location such as a safe deposit box. You could also opt to store this material in a heavy, fire and flood proof safe in your home. Keep in mind that safes can also be cracked, but the walls of the safe are more hardened than the walls, windows and locks of your home and you're trying to raise the cost of acquiring the contents beyond the value of the contents (much like the premise behind using digital encryption). If you opt for a "fire proof" safe keep in mind that many of them work by removing oxygen from the enclosure with a foam or such and not by limiting the heat delivered, which can erase magnetic media.

In closing, "Don't Panic." Be prudent, but keep in mind the actual rate of such attacks on your home's security and take appropriate steps that will aid you in the event of any catastrophic event in your home.

Thursday, June 11, 2009

GPG Key Transition

A signed version of the below message is available at http://www.gnome.org/~sadam/sadam-KeyTransitionStatement-2009-06-11.asc




Thu Jun 11 11:43:50 EDT 2009

For a number of reasons, i've recently set up a new OpenPGP key, and
will be transitioning away from my old one.

The old key will continue to be valid for some time, but i prefer all
future correspondence to come to the new one. I would also like this
new key to be re-integrated into the web of trust. This message is
signed by both keys to certify the transition.

the old key was:

pub 1024D/7108E308 2002-01-14
Key fingerprint = D86C 9E6D AA49 FBD2 33C6 7EF9 8D4D 6868 7108 E308

And the new key is:

pub 2048R/18F94934 2009-06-11
Key fingerprint = F4AE 5B6B 29A4 355A 0EC1 0B4C AC5D 54B8 18F9 4934

To fetch my new key from a public key server, you can simply do:

gpg --keyserver pgp.mit.edu --recv-key 18F94934

If you already know my old key, you can now verify that the new key is
signed by the old one:

gpg --check-sigs 18F94934

If you don't already know my old key, or you just want to be double
extra paranoid, you can check the fingerprint against the one above:

gpg --fingerprint 18F94934

If you are satisfied that you've got the right key, and the UIDs match
what you expect, I'd appreciate it if you would sign my key:

gpg --sign-key 18F94934

Lastly, if you could upload these signatures, i would appreciate it.
You can either send me an e-mail with the new signatures (if you have
a functional MTA on your system):

gpg --armor --export 18F94934 | mail -s 'OpenPGP Signatures' adam.schreiber@gmail.com

Or you can just upload the signatures to a public keyserver directly:

gpg --keyserver pgp.mit.edu --send-key 18F94934

Please let me know if there is any trouble, and sorry for the
inconvenience.

Cheers,

--sadam

Monday, April 20, 2009

Summer of Code Accepted Students Announced



Congratulations to the accepted students. We received over 140 proposals this year and it was indeed a competitive process. The admins would like to thank all of the GNOME mentors that made our (the Admins) lives easier by participating in the commenting, scoring, and selecting process.

This year we were unable to get the students (accepted and rejected) email addresses from the system so our acceptance and better luck next year emails have been sent to the gnome-soc-list. If you were accepted and haven't yet subscribed to that list, please do so ASAP as emails concerning accounts and such will be coming out soon. Also, contact your mentors. They're waiting to hear from you and get you started on your way to being integrated into our fantastic community.

Thank you to all the students that applied and watch this space and the lists for continuing SoC updates.

Saturday, April 18, 2009

Short Timer

Yesterday, I officially became a short timer at Clemson with the successful defense of my PhD research proposal. The next several months will be filled with the remaining work to complete my research and write my dissertation.

Monday, March 30, 2009

Ph.D. Proposal

I'm excited because my Ph.D. Proposal is off of my desk and has been sent to my committee. Presentation preparation is to ensue.

Thursday, March 19, 2009

Salsa on the installment plan

I was at the home improvement store yesterday and decided to try my hand at some container gardening. Here's a picture after I got everything planted.


GNOME Accepted For GSoC 2009



We've been accepted as an organization for Google's Summer of Code 2009! If you want to help judge applications and/or be a mentor, go to http://socghop.appspot.com/ and sign up.

NB: Right now the interface to accept people as mentors only shows your "link id" or "username" filled out in your profile to the admins and not your "Display Name". Please enter something recognizable, either your nick from GNOME/IRC or firstnamelastname.