Café Society Can Just Get The Hell Out Of My Way

 General  0 Comments
Feb 032013
 

For years people have been talking about how a European-like café society would be a good thing to change the English drinking culture.

Perhaps. But have you noticed just how many bars, coffee shops, and restaurants are already sticking tables and chairs outside ? Which is all very well, except when they don’t use their own property but start blocking the public thorough-fair.

Now I don’t object to tables and chairs outside – I’m very partial to sitting down in a shady spot outside with a good book and watching the world walk past; if that shady spot happens to have waitress service with endless refills of coffee, so much the better. But there’s a right way and a wrong way to do this.

And the wrong way is to put the tables and chairs right outside the shop door and so force pedestrians walking past to make a detour. This is annoying enough on it’s own, but gets a whole lot more annoying when you are forced into the street and dodge the traffic, or forced into the centre of a pedestrian precinct out of the shelter of the shops – and so get drenched.

Do it properly, or not at all!

There’s Nothing Like The Daily Mail …

 Media  0 Comments
Feb 012013
 

For writing rancid rhino shit :-

http://www.dailymail.co.uk/health/article-1250532/Being-vegetarian-does-harm-environment-eating-meat.html#axzz2JfmFq6AN

There’s two false assumptions in that article casting aspersions on the green credentials of switching to a veggy diet :-

  1. That meat eaters only ever eat British raised meat products.
  2. That vegetarians can’t eat a meal without resorting to a “meat substitute” … by which they mean vegetarian sausages, burgers, etc.

Of course vegetarians eat meat substitutes on occasions – I’ve eaten them at least ten times in the last year.

And given that meat eaters cannot be sure they’re not eating something with horses in it, I somehow doubt they can be sure they’ve only eaten British raised livestock.

 

Being Vegetarian

 General, Politics  0 Comments
Feb 012013
 

Every so often I get asked why I am a vegetarian, and I usually come up with some sort of humorous answer; partially because the real reasons are a little mixed up and confused. Probably the biggest reason I am a vegetarian today, is that I was a vegetarian yesterday. I have been a vegetarian long enough that the thought of eating dead animals just doesn’t occur to me.

Although I’ll be honest in this little rant, I am not a proselytising vegetarian. I am not even an especially good vegetarian given that I have on occasions worn leather (belts, and shoes mostly). But I’m also not a “vegetarian” who eats fish, which is not vegetarian at all. I don’t object to eggs (with the exception of stuff like balut) or dairy products. I also try to avoid products made with animal rennet and gelatin without making a fetish of it.

I became one of those nutty vegetarians way back in 1987 or 1988 whilst I was at University for a variety of reasons :-

  1. I was never that keen on eating meat for taste reasons. Most of the “real” meat dishes were unpalatable – steak, lamb, mutton, etc.
  2. I was becoming increasingly concerned with killing animals for food; animal welfare in meat production during the 1980s was practically non-existent.
  3. Someone asked me. Whilst this is no reason to give up in itself, it pushed me over the edge.

Since then, I have discovered other reasons. Some of which you may agree with; some may seem like complete rubbish. But that is not the point as these are the reasons why I am a vegetarian.

But We’ve Evolved To Eat Meat!

No we have not evolved to eat meat; we have evolved to eat everything (omnivores).

Although we have evolved to eat everything, we have decided not to eat certain kinds of food:- carrion, insects, horses, dogs, and of course our fellow humans. But all of those things are a matter of taste or morality. So we have evolved to eat everything yet we can choose not to eat certain foods because of concerns bigger than filling our bellies.

One mistake that people make when they portray people as omnivores is to assume that we are evolved to eat meat on a daily basis. Perhaps, but the information on the diets of hunter gatherers is understandably somewhat vague. What is known is that many of the hunter-gatherer groups still around today will eat meat as and when it is available; and it is not available on a daily basis in the large quantities that meat eaters in the West consume it.

Or to put it another way, we may be evolved to eat everything, but not meat every day. And the kind of meat that we eat is definitely not the same as that eaten by a hunter-gatherer who would be eating very lean meat indeed.

So you could say that going vegetarian or partly vegetarian is good for health reasons, although that is not why I’m veggy.

Meat Is Murder!

Perhaps that is putting it a little extremely, but some kinds of meat are murder – cannibalism.

The suspicions are that the annoying fellow in the next valley has been on the menu for most of human history, and cannibalism is rather quickly resorted to in times of extreme necessity. We all accept that going out and shooting your neighbour to fill the larder would qualify as murder. So does killing a gorilla or a chimpanzee qualify as murder?

Without specifying physical or biological attributes, it is actually quite hard to distinguish between chimpanzees and humans. Communications? We both do it. Tool use? We both do it. Mourning the dead? We both do it.

It is true that most humans can communicate and reason better than chimpanzees, but they are not that far behind. And if you accept that they are perhaps a bit more than “mere” animals, are they not worthy of some level of respect? At the very least not killing them. Indeed the average ape is probably more worthy of respect than some humans (think of Harold Shipman).

And if you accept that chimps are worthy of enough respect not to kill and eat them, where do you draw the line? Some people eat horses; some don’t. Some people eat dogs; some don’t. And it goes on.

And some people choose not to eat animals at all. It doesn’t necessarily have anything to do with liking animals. There’s very few animals I like, but as far as I’m concerned just because you don’t like somebody is no excuse to chop ’em up and put them in your freezer.

It’s Green

In the old days, vegetarians used to argue that producing livestock was an inefficient way of feeding the world, which it is. After all the feed that livestock eat has to be grown itself. It turns out that we have more than enough food to feed everyone on the planet; starvation is caused by poor storage and poor transportation.

However it has also been discovered that livestock is one of the largest contributors to total greenhouse gas emissions caused by human activities.  The figures are disputed but transport is supposed to contribute 13% of greenhouse gas emissions and livestock production up to 18% of emissions.

See :-

  1. http://www.time.com/time/health/article/0,8599,1839995,00.html
  2. http://www.telegraph.co.uk/earth/environment/climatechange/7509978/UN-admits-flaw-in-report-on-meat-and-climate-change.html
  3. http://www.un.org/wcm/content/site/climatechange/pages/gateway/the-science/causes-of-climate-change

The criticisms of the 2006 UN report boils down to the fact that the UN took all of the emissions due to meat production into account and overestimated the effect of methane, whereas they only took into account the direct emissions caused by transport. This is a valid criticism, but on the other hand transport accounts for practically no rain forest deforestation whereas livestock production is right up there. And those who criticise the UN for their report come up with daft statements like less meat production would result in “…more hunger in poor countries”; of course in the global sense, people in poorer countries cannot afford meat!

If you don’t consume vast amounts of electricity and gas, and don’t drive a chelsea tractor down to the corner shop it may very well be that the biggest single change you can make to reduce greenhouse gas emissions is to cut down or eliminate meat consumption.

Don’t You Miss It?

No.

It is true that for the first few years of being a vegetarian, you get occasional cravings for certain meat products – in my case it was BLT sandwiches. But as time goes on, the cravings disappear.

Adventures in Cisco IOS Land: A Route For “Unknown” Internal Networks

 Cisco, Computing, Working Notes  0 Comments
Jan 262013
 

First defining the problem. Let us say that I have a network with plenty of space for subnets (perhaps 10/8) and I am only using a very small number of the possible subnets – for this example, perhaps 10.0/16, 10.1/16, 10.2/16. What happens when I ping something like 10.52.1.3? Or perform a network scan of 10/8 ?

Well logically if a packet is destined for an unknown network, it will get routed to the default gateway (or “gateway of last resort” in Cisco’s rather gloomy terminology). Given that in most cases, the default gateway is going to be pointed in your ISP’s direction, this is probably not a sensible choice. In most circumstances it probably doesn’t matter, but there are a number of scenarios where it could be an issue :-

  • If the default gateway thinks that the route to 10/8 is back down to the router, then you’ll have packets bouncing back and forth for a while. This may not be a major issue … or it could be if someone tries to flood all your unknown networks as quick as possible.
  • Your default gateway could be a firewall of some kind which helpfully blocks such packets itself. However it may also helpfully log all these in your log files as problems which unhelpfully conceals other issues. You do inspect your log files, don’t you?

There are quite possibly other problems I cannot think of on a lazy Saturday, but it’s also the case that preventing packets destined for unknown packets leaking is the right thing to do.

So how to do it ? With a static route of course :-

conf t
> ip route 10.0.0.0 255.0.0.0 Null0 254
> ipv6 route 2001:db8:beef::/48 Null0 254

The choice of the device Null0 is a bit problematic; it should really be a “device” that returns a ICMP destination unreachable immediately. However it’s better than nothing.

The choice of the “metric” 254 (or “administrative distance”) is specifically chosen to allow any other route learnt by any mechanism to overrule this route.

Having a route to Null0 that covers all your internal subnets may seem alarming, but it seems to work – at least for my network. It is also documented that routing will choose the most specific route in preference to the least specific route – or in other words a route to 10.0/16 is used in preference to the route to 10/8.

Of course if some Cisco routing guru comes along, I’d be more than willing to be corrected. I’ve also tried to check this against Cisco’s “routing for dummies” document.

Can Hackers Cause Your Local Sewage Plant To Run Backwards ?

 Computing, Security  0 Comments
Jan 132013
 

Perhaps.

But it is a lot more complex than the mainstream press would have you believe. That story above is effectively about researchers using a specialised search engine to find what is effectively the login banner of SCADA systems … that is those systems that control utilities such as sewage plants, power systems, etc. What is not so widely publicised is that the same researchers warned about these insecurities as far back as 2010, so the latest warning by the US government is a bit lackadaisical.

On the other hand the discovery of what is effectively login banners is just that – login banners. Whilst this is pretty poor practice, it does not necessarily mean that the bad guys can get into the relevant systems. Attaching critical systems directly to the Internet is something that really should not be done, but is often done because :-

  • It has probably long been the practice to attach such systems up in such a way that work can be carried out from home. In the past, it would have been via a dial up modem. Making such systems available on the Internet makes such insecurity more visible, although dial up modems themselves are not necessarily secure.
  • Attaching the systems directly to the Internet is the kind of laziness that comes from a desire for convenience. Only services that everyone on the Internet can legitimately make use of should be directly on the Internet. Attaching “work from home” services should be done via some sort of gateway service, such as a VPN system, but that requires more work.
  • On occasions, such systems are connected directly to the Internet in an emergency for convenience – such as getting a vendor to look at some problem. And of course once connected, it tends to stay connected. Amazingly enough, it often seems that the customer needs to jump through hoops for the convenience of a vendor rather than the other way around.

Of course gateway systems themselves can be vulnerable especially given the problems we have with weak passwords.

Earlier I mentioned that just because a SCADA system can be reached from the Internet does not mean a bad guy can break into it to cause damage. Well, that is true enough but most experts think that SCADA systems are riddled with security issues including default passwords left unchanged, etc. Pehaps as poor as the Internet was back in the early 1990s.

It is a strange thing, but it seems that vendors who sell us stuff do not seem to pay much attention to security until bad guys start attacking them and exposing their vulnerabilities.

So we have a situation where SCADA systems are directly connected to the Internet, and many of those SCADA systems are vulnerable in some way. Does this mean that bad guys are going to break in and destroy the utilities ?

Well, perhaps. But on previous occasions, the bad guys have broken in just to look around. As someone remarked to me recently, the bad guys are busy making money and unless they see a way to make money from insecure SCADA systems they will leave alone. Of course there is always the issue of cyber-terrorism where the bad guys are less interested in money and more in making a point of some kind or another.

But should you worry about the security of SCADA systems? Probably not. After all, why worry about something you have no power over? Should I worry about the security of SCADA systems – definitely (as you may have guessed my work involves security). Anyone in the information security business should be looking at their own SCADA systems and wondering whether they are protected properly.

 Older Entries  Newer Entries