Monday, January 28, 2008

Ubuntu Missing Traceroute??

Oddly, traceroute isn't part of the Ubuntu Gutsy distribution. See the discussion at I've installed it, but it seems that standard command line tools should be installed by default.

Saturday, January 26, 2008

Data Recovery

I recently had to recover deleted photos from a digital camera's SD card. It turns out the MS-DOS undelete command is gone from XP, but I figured the card was most likely FAT32 format, and so asked google to find me a FAT32 recovery program. I tried three: (1) PC Inspector File Recovery from crashed repeatedly, each time encountering an illegal instruction. (2) Active Uneraser Demo was pretty, but pretty useless. It found the files, but couldn't restore anything bigger than 64KB. All the photos were bigger than that. (3) Fast File Undelete v2.1 from worked perfectly, and recovered the photos. Interesting enough, I didn't see anything obviously useful among the Ubuntu packages, but was able to get it done in XP.

Tuesday, January 22, 2008

Good News on Electronic Voting

Recently Maryland announced plans to ditch the Diebold voting machines which, in the interests of open and trustworthy elections, is a tremendously good move. If the people cannot trust the election process--apart from whether elections really matter that much given all the money corrupting the system--how can the people have any confidence in government "by the people"? Now US Rep. Rush Holt has introduced the Emergency Assistance for Secure Elections Act of 2008, which would provide $500M to help states replace touch-screen voting machines. I think this helps get over a significant stumbling block for a number of states--it's hard to discard expensive stuff when that makes it necessary to buy more expensive stuff. Additionally, "Holt is also the author of the pending Voter Confidence and Increased Accessibility Act which would require a voter-verified paper ballot for every vote cast in the U.S. along with routine random audits. The bill was reported out of committee in May and awaits action on the House floor. It also requires the states to meet federal standards for ballot verification and auditing." ( see ) This also would be a step towards increased confidence in the election process.

Wednesday, January 9, 2008

"Free" Online Security Check! Free!

One thing I don't get is companies that should know better, like F-Secure and Microsoft, encouraging users to follow poor security practices. Microsoft with it's update pages, and F-Secure with its free online security check, are encouraging users to allow ActiveX and the like. Bad. Bad. Blackboard does the same thing by requiring faculty to trust signed applets in order to use certain fairly basic features, e.g., sending e-mail to the class One thing that someone might point out is that they may be using signed applets or the scripts may be delivered over an SSL/TLS connection, so the user can be fairly confident of its source. I don't buy that. If one of these applets does bad things to my system or my data, I may not notice for weeks, if at all. When I do realize something happened, can I trace it back to a particular signed applet? At that point, would I care?

Saturday, January 5, 2008

Gnome and Caps Lock

Gnome still (as of Gutsy Gibbon) doesn't have an option under "Keyboard Preferences | Layout Options | CapsLock key behavior" to simply disable the caps lock altogether. This is a common enough need that a number of people have provided solutions for a variety of environments. Some are collected here. KDE provides this feature, as opposed to the esoteric options provided by Gnome.

A related issue is that of disabling the insert key in emacs. Emacs is sufficiently powerful that the insert key is unnecessary--this isn't Microsoft Word--and so there should be an easy way to disable that.

Friday, January 4, 2008

TSA Ineffectiveness and Security Theatre has another good article about how unpopular the TSA's security theater has become, how ineffective they are, and how their antagonistic attitude towards the flying public hurts security. It's interesting that TSA screeners in DFW refused to allow a woman to watch her daughter while going through screening. Exactly whose security is the TSA protecting? One nice thing about the article is seeing that the phrase "security theater," as applied to the TSA and other DHS operations, is catching on. Schneier's done quite a bit to popularize it (for all I know he coined it). Another is the point that the TSA is doing little to protect us. What is protecting us is the fact that, for the most part the terrorists aren't trying, and when they do they're often inept. I'm sure TSA has had its successes, but I'm even more sure people are able to smuggle whatever they want on board planes if they're willing to put forth a little effort and risk. TSA among most unpopular federal agencies

Thursday, January 3, 2008

CustomizeGoogle Glitch

Some time back I mentioned the potentially useful CustomizeGoogle Firefox add on. I like it, but today it's been causing me grief in trying to upload images to this blog. I've disabled it and gone back to, and the AskEraser, as my primary search engine.

St. Mary's Co, MD, to Test Voting Machines

The Washington Post reports that the St. Mary's County Board of Elections will test their voting machines the morning of January 18th. If the goal is to demonstrate to the board that there are no glaring logic flaws, then the test has some value. If the test is intended to allay public concerns about the accuracy and security of voting machines, it's of no value--actually negative value since that would be a misuse. Observing the behavior of the machines now does little to ensure the behavior of the machines in November.
  • They could be compromised between now and then.
  • Some fraction of the machines could be compromised now by a root kit or some such.
  • There's still no way to do a recount in the presence of allegations of irregularities.
  • Allegations of irregularities, even if false, have face validity because the process is closed.