Hello world!

Welcome to WordPress.com. After you read this, you should delete and write your own post, with a new title above. Or hit Add New on the left (of the admin dashboard) to start a fresh post.

Here are some suggestions for your first post.

  1. You can find new ideas for what to blog about by reading the Daily Post.
  2. Add PressThis to your browser. It creates a new blog post for you about any interesting  page you read on the web.
  3. Make some changes to this page, and then hit preview on the right. You can alway preview any post or edit you before you share it to the world.
Posted in Uncategorized | 1 Comment

>What a Dream Come True! DreamLinux that is!

> I mentioned in a recent post that I recently aquired an older Pentium III laptop with only 384MB of RAM. It really isn’t fast enough to run Windows XP without trimming the fat.I originally was going to put Xubuntu on it, because Xubuntu is designed to be more light weight than regular Ubuntu, because it uses the more minimal XFCE interface. It turns out though that XFCE is still a little too beefy for even this computer. Sure it installed, and ran fine, just a little slower than I would like. I did try XP with the fat trimmed like I mentioned above, but that was still God awfully slow.

Not wanting to give up, or revert to an older version of Windows, I decided to keep poking around in the Linux world for a solution. There are a lot of them out there that will run just find on such a machine, but the trick it so get one that my wife won’t mind using when going to the Java Mama’s coffee shop with my little girl.

II found the perfect distro for my wife in Dream Linux! This is one of the many lightweight live CD distros out there that also have the ability to install to hard drive. The cool thing about Dream Linux that I like, and my wife likes especially since the popularity of MAC’s now days (Damn they have good marketing don’t they?) is that this is pretty much a MAC clone complete with the animated launcher bar at the bottom, and yes, that bar works well on the Pentium III without slowing it down!

If you have a relatively newer computer, it also supports Berly and AIGLX, which means sweet 3D desktop goodness!

Of course, I wouldn’t even try using Berly on a Pentium III, but it does make a strong case to test it out! Another cool thing about it is the graphical front end to ndiswrapper, which lets you use Windows drivers for hardware that isn’t supported under Linux! Just open the GUI, point it to your driver inf file, and away you go! I did have to add the following line to my /etc/rc.local script to make some hardware work after boot up, but that is a minor tweak and hardly a deal breaker:

modprobe ndiswrapper

The best thing though is that it is Debian based, so apt-get is in full effect, which means that if something you use normally is missing, you can get it and install it easily! For me, network manager is essential for easy WPA configuration. It didn’t come pre-installed on Dream Linux, but a quick apt-get later and I was good to go!I’m not quite ready to name Dream Linux as a replacement distro of choice yet, for me my favorite is still Ubuntu, but it really is pretty great, and works well on older computers!

Have you tried it out? Do you have a favorite Distro for similar Situations?

Originally Posted on http://www.bauer-power.net

Posted in Linux, Ubuntu | Leave a comment

>Quickscribe Offers Elite RSS Service for BC Legislation

>BC Legislation service Quickscribe is on a roll these days. They’ve just launched their new website — which looks great — and are now offering one of the best RSS for legislation tools on the market.

Even if you aren’t a subscriber to their online service, the free version of this RSS tool is a welcome addition to watching legislative changes here in the BC. In particular, I see two features that really stand out: 1) the ability to personalize which Acts and Regs you want in the feed, and 2) the section-by-section changes that are detailed to the subscriber.

Other than law librarians who may be tracking changes for multiple stakeholders, most users aren’t going to need updates for every BC Act & Regulation. As I’ve said before, RSS technology is at its best when used as a filtering tool. The Quickscribe offering fits that vision by allowing users the choice of all BC legislation, topic categories, or the ability to hand pick your own custom list of Acts & Regs. And according to Quickscribe’s Mike Pasta, in the future we can expect to see both keyword search feeds, and RSS tracking for current bills.

The second aspect worth noting is the detail within the feed items. Each entry identifies the specific section that was added/substituted/replaced, the date of the change, and how it was brought into force. Here’s a sample entry:

For Quickscribe’s paid subscribers, the icing on the cake is the ability to link into their online tool, and see each paragraph in full text, before and after the amendment. I tried to do a screen capture on this, but wasn’t able to do it justice. You can check out this video tutorial for a better picture.

Back when I posted my top-10 uses for RSS in law firms, I said that legislative feeds are going to be an important selling point for the future. BC firms are now in the position to re-publish these feeds on their Intranets (sorted by practice area, industry, etc.), and lawyers can create custom solutions for their personal information needs.

Now, if I can just get an RSS icon on the bottom of my CanLII search results, I’ll be one happy law librarian.

[Disclosure: Mike Pasta and I have been bantering RSS for a couple years now, and obviously before Stem was conceived. I’m thankful that within my first 2 weeks of operation Quickscribe became a client. When I get involved with non-law firms, it’s because of fit & personal choice (see my JD Supra post), and my contract terms leave the decision to endorse (or not) any client project in my control. ]

Posted in BC Legislation, Quickscribe | Leave a comment

>Breach Security Party at AppSec 2007

>Remember Breach’s party at Black Hat? They throw some great events! 🙂 This party is not to be missed if your in town and/or attending OWASP & WASC AppSec 2007. Make sure to RSVP so you are not left waiting at the door.

Posted in Uncategorized | Leave a comment

>An idea whose time has come

>Software as a Service (SaaS) for Website Vulnerability Assessment (VA) � all the cool kids are doing it. WhiteHat Security has been the pioneer of the model for the last several years, but only very recently did industry activity demonstrate validation of the market. Huge companies are jumping in, making their moves with acquisitions, and retrofitting technology towards SaaS. Customer demand is growing extremely fast as they grow to understand webappsec�s importance. I�m hoping everyone is noticing the same great uptick in webappsec VA that we are. Anyway, all of this makes a sense because many information segments followed similar evolutionary paths:

1) Technology starts off as someone�s pet project
2) Several variations work their way into first generation tools
3) They mature into enterprise product offerings
4) SaaS manifests as manageability, scalability, and economics become issues

This evolution occurred with the IDS, firewall, A/V, and network vulnerability assessment (VA) industries. Think of the parallels in network VA with SATAN, Nessus, eEye, ISS, Qualys, and everything in between. Today we�re witnessing it happening with website VA. The late 90�s and early 00�s saw the rise of scanners, proxies, and various tools like Whisker, Nikto, Elza, Achilles, and many others. Then Watchfire, SPI Dynamics, Cenzic, Acunetix, and NTOBJECTives raised the bar with commercial products. Of course it was only a matter of time before enterprises demanded better manageability, scalability, and economic options as the tools weren�t getting the job done. Enter SaaS.

WhiteHat Security recognized this need and decided early on to go the SaaS-only route. There are millions of websites out there that need continuous VA and simply not enough web security experts to go around. This required us to build a technology platform capable of scanning the world�s largest websites (1MM+ links), lots of them all at the same time (thousands, tens of thousands, etc.), plus develop an efficient process to suppress false-positives, and most importantly leverage the technology to create a streamlined expert-driven methodology to complete comprehensive assessments. Clearly this is no small task and one that takes serious development time and expertise to achieve. So let�s get to the bottom of who�s got what and what they�re doing.

Network VA SaaS pioneer, Qualys, plans to offer web application scanning in Q1 of 08� and hired a couple of bright people to build the technology. This places Qualys in a similar position to ScanAlert (HackerSafe) which also does SaaS network VA and at least some web application scanning. Then also IBM and HP completed acquisitions of Watchfire and SPI Dynamics respectively. Attacking from both sides, published reports and insiders say that both behemoths are setting their sights on website VA SaaS, while at the same time AppScan/WebInspect R&D will push the products towards developers and QA testers. Finally, Core Impact and eEye are adding web application penetration testing to their product as well.

All this points to market momentum and healthy competition, great for the consumer and practitioner. It�s all about capabilities though.

For those who don�t already know, scanning a network for vulnerabilities has very little to do technologically with websites or web application VA. This is a big reason why no one has successfully combined multiple VA solutions. Qualys has a nice infrastructure capable of scanning really big networks. However, they must start from scratch to build the technology capable of scanning websites for vulnerabilities. Plus, they enter an arena where others are entrenched with a several year technology head start. They�ll have some proving themselves to do. The same reasoning applies to Scan Alert and both companies are big players in the PCI ASV market.

IBM and HP have the opposite problem. They have the vulnerability scanning capability from the product acquisitions, but must build out big web application scanning and assessment infrastructures to go with it. Converting desktop products into a SaaS platform, which must be a little to like turning MS Outlook/Exchange into Gmail, takes time. Neither Qualys, IBM, nor HP possess the ability to scale the people and process portion to complete an assessment. That�ll mean huge false-positives and limited coverage for customers, at least initially. For IBM and HP at least, they�ll be able to compensate using a consultant behind the curtain with a scanner and call it SaaS. This will have to work long enough for them to nail a process down, just like all the scanner product guys have been doing for the last year or two.

Like I said, WhiteHat Security started early and built the three-piece trifecta: web application vulnerability technology, large scanning infrastructure, and an efficient expert-driven assessment process. What�s new is the mega corps surrounding us on all sides competing for the same dollars, but I really look forward the challenge as its good for the market. And on the industry outskirts are still other big names like Symantec, McAfee, VeriSign, PWC, etc. who have teams of webappsec VA consultants, but lay dormant on SaaS side. One thing I�ve learned over the years is that superior solutions don�t always ensure market share victory – these competitors could win deals based on name recognition alone. The next 12 to 18 months are going to be a lot of fun and highly interesting.

Posted in Uncategorized | Leave a comment

>How to take a laptop apart.

>I will keep this as broad as possible to help a wide range of people. If you need more specific help please leave us a comment and it WILL be answered.

So you have decided that either something inside your shinny laptop is broken and needs to be fixed or you want to upgrade something (memory, hard drive, internal card, etc.). Then you have come to the right place. I have broken my fair share of laptops (Every thing from plastic casings to losing screws and back to just not remembering where parts go).

But all of that is a thing of the past my friend because I have disassembling a laptop down to a science. Now every machine is different. Even machines from the same manufacturer are different so before we begin go Google the hell out of your laptops model name and number. See if you can find a Service Manual or a step by step guide to taking apart your laptop. We found this resource for Toshibas here. Post it up if you know where to find other brands.

Now I am sure you are wondering why I would send you out looking for a different guide… Easy we will show you how NOT to mess up once you figure out how to unhook, de-latch, unsnap and pop off that casing.

Start by grabbing your digital camera and snapping pictures of the machine every step of the way.

Next get a piece of paper and draw a crude drawing of your laptop and draw circles where the screws came from and place the actual screws in the circles so you know where they came from. You should do the same thing for the inside of the laptop. Take pictures and Draw it – you will thank me when its time to put that pile of equipment back together!

Unscrew and document and then if you have found disassembly instructions follow them step by step. There are usually reasons to their madness, like one latch holds another screw or something like that.

Fix, upgrade or repair what you need to ( or resolder like me)Test it out before sealing it back up completely and make sure above all You Put The Machine Back Together SLOWLY!! And No, Extra parts are not allowed! Make sure you put back everything where it came from!


Posted in How To, windows | Leave a comment

>Pic: So I Am Not The Only One!


Wait I have two on one side and two on another…. Now If I only had a flip around book case!Muhahahahahaaha….


Posted in Geeky Goodness, Pics | Leave a comment

>Moviendo edificios de 900 toneladas


El traslado de grandes edificios no es una idea tan disparatada. A menudo, resulta mucho m�s rentable trasladar una mole gigantesca de ladrillos que levantar una nueva construcci�n, aunque la tarea pueda parecer imposible. Desde hace a�os, algunas empresas especializadas se dedican a este tipo de traslados masivos, y su trabajo ha dado lugar a escenas realmente espectaculares.

Las im�genes del siguiente v�deo, por ejemplo, pertenecen al traslado, este mismo verano, de un edificio de la Universidad de Brown (Rhode Island) conocido como el Peter Green House. La estructura fue trasladada a lo largo de una distancia de 150 metros con el fin de despejar una parte del campus y ampliar las zonas verdes. (Seguir leyendo) (English)

El sistema de trabajo de estas empresas de ‘relocalizaci�n’ de edificios se basa en un complejo mecanismo de gatos hidr�ulicos que se colocan meticulosamente en la base de la construcci�n y que la elevan paulatinamente. Una vez izado, el edificio se deposita sobre una plataforma provista de decenas de ruedas y se arrastra muy lentamente hasta el lugar deseado.

A principios de este a�o, el documental ‘Mega Movers‘, del Canal Historia, mostraba a los espectadores los detalles del traslado de un hospital de 900 toneladas de ladrillo en Massachussets hasta una nueva ubicaci�n. La dificultad de la empresa se aprecia perfectamente en las im�genes:

En la Universidad de Harvard, se movieron simult�neamente tres grandes edificios del siglo XIX que tuvieron que atravesar varias avenidas de la ciudad. Todo el proceso se puede contemplar en esta interesante galer�a y en el siguiente video:

Por �ltimo, os dejo el v�deo del traslado una iglesia de m�s de cien a�os a lo largo de las carreteras de Estados Unidos. Se trata de la Iglesia luterana de la Trinidad, en Iowa, y la escena pertenece al documental de National Geographic ‘Monster Moves‘. Al parecer, la parroquia se estaba quedando sin feligreses debido al despoblamiento rural, as� que decidieron moverla hacia un lugar donde hubiera m�s vecinos. Las im�genes de la iglesia movi�ndose por el horizonte son de una belleza arrebatadora:

Ver tambi�n: Titanes del mar

Si te apetece, men�alo

Dedicado a mi amigo J.M.U., al que le encantan estas cosas.

Posted in Uncategorized | Leave a comment

>How to move a 900-ton brick building


The structural moving industry is not a new or far-fetched idea. Moving structures is a long-standing technique for “recycling” the materials and labor invested in construction. It also saves landfill space. Used buildings can be salvaged, restored, and enjoyed in new settings. Moving a building often costs less than new construction, and preserves owner equity [1].

Peter Green House, at Brown University (US), was moved last summer in one piece and landed in its new home, approximately 450 feet further. The relocation was part of a plan to implement linked green spaces:

House movers experts use an unified hydraulic jacking system that can accommodate from one to thirty-eight 100 ton rams in unison. This system is essential when making large, irregular lifts.

Recently, ‘Mega Movers‘, a History Channel’s program, showed how the Matyiko brothers – a legendary Mega Mover family – moved a 900-tonne brick building in Massachusetts, to its new location:

In Harvard, three 19th century buildings were moved to a new location and were rolled down the road at the same time, heading north on hydraulic lifts at 2 miles per hour. You can check it out at this gallery and the next video:

Finally, I invite you to see the moving of a 100 year old church in Iowa, the Trinity Lutheran Church, from the National Geographic’s documentary ‘Monster Moves‘. Just wonderful:

See also: Sea Giants

Posted in Uncategorized | Leave a comment

>Jimmy Wales Gives Advice to Companies Who Feel Their Wikipedia Entry is Biased



Social Media Cafe (11)Andrea Weckerle, a good friend of mine who works with Mike Manuel and now Josh Hallett at Voce Communications in San Francisco, interviewed Wikipedia founder Jimmy Wales for the Voce Nation podcast.

On the day that Wikipedia surpassed 2 million articles, Wales gave some advice on setting the record straight on a company’s Wikipedia entry. 

Picture: L to R, Kristie Wells, Andrea Weckerle, Jimmy Wales and Chris Heuer

Some Highlights

  • We don’t take sides…and that can be an advantage [for companies due to the neutral point of view]
  • Come to the discussion page, tell us who you are and who you represent and here is a link to our response
  • We are also going to be interested in reporting your point of view
  • Have a clear, open strategy to tell your side of the story on your Web site
  • Be open, be transparent…assume good faith

He also outlines the risks of adding your own entry to Wikipedia, discusses censorship in China and his favorite 2.0 tools.

Favorite Quote

We have become very powerful by accident because the world loves us and Google loves us.”

It’s a short 13 minute podcast, listen to it here.

tags: , , , , ,

Posted in Uncategorized | Leave a comment