So I have some issues with this, first lets look at the practical side of this. I now have to carry a piece of paper with me when I drive. The letter sized paper doesn’t fit in my wallet. I could leave it in my car, but I don’t always drive the same car. Someone during this process must have thought, man that’s going to be a pain, lets give them something that will go in their wallet? Now here is the strange thing I know they can do it, when I did a change of address a couple years back I got a card that you could cut it down so it fit in your wallet, and carry with your drivers license.

Then I look at the reason they are going to the new secure printing center, they are doing it in the name of security, that might be all great, and the new card may be more secure, but as part of that they have now introduced a new proof of drivers license that is, 1) printed on normal paper, 2) has my signature, 3) has a rubber stamp on it saying paid, the date, and 6 character identification number on it, and thats it. It wouldn’t be very hard to make a fake version of it. So on one hand you have a nice secure card, on the other you have a piece of paper. So which do you think the forgers are going to copy? The only compensating control is that all the local cops have computers in their car so they can look up the license information, that might bring up my photo as well, but what happens when you are in a dead zone or in a different state, you are now back to proving a piece of paper is really a drivers license.

Finally, what is going to happen when I fly or go drinking. They are going to take one look at my expired license and tell me it is expired, I highly doubt they are going to going to accept a piece of paper as proof that it isn’t really expired, and I am just waiting on a new one.

I used to be able to run vmware-cmd to start and stop vmware server 1.0 vm’s from the command line it was a simple sort of.

bash# vmware-cmd /usr/local/vm/vm/vm.vmx start

Now is Vmware Server 2.0 I have to do

vmrun -p [password] -u [username] -T server -h https://localhost:8333/sdk start "[storage] vm/vm.vmx"

simple right? oh and you are forced to put your password in the command line which will be saved in bash history and to anyone who can run ps on the sever. I was really hoping that it would follow the mysql convention and prompt for a password, but I guess not

Thanks for the upgrade VMware, you just made the world less secure.


header LOCAL_MEDIACOMM_MUA X-Mailer =~ /Mediacomm Communicator/
score LOCAL_MEDIACOMM_MUA 0.1
describe LOCAL_MEDIACOMM_MUA Sent from Mediacomm Communicator MUA


header LOCAL_BAT_MUA X-Mailer =~ /The Bat!/
score LOCAL_BAT_MUA 0.1
describe LOCAL_BAT_MUA Sent from The Bat!


uri LOCAL_URI_SPACES_LIVE /spaces\.live\.com/
score LOCAL_URI_SPACES_LIVE 0.1
describe LOCAL_URI_SPACES_LIVE contains link to spaces.live.com


meta LOCAL_SPACES_MEDIACOMM (LOCAL_URI_SPACES_LIVE && LOCAL_MEDIACOMM_MUA)
score LOCAL_SPACES_MEDIACOMM 20
describe LOCAL_SPACES_MEDIACOMM contains link to spaces.live.com and Mediacomm MUA


meta LOCAL_SPACES_BAT (LOCAL_URI_SPACES_LIVE && LOCAL_BAT_MUA)
score LOCAL_SPACES_BAT 20
describe LOCAL_SPACES_BAT contains link to spaces.live.com and BAT


Hopefully that will catch the spam for the moment.

I doubt that this will add much to the safety on the metro other than to generally slow everyone down. Bruce will probably comment about on this as part blog postings on security theatre and the TSA and their security procedures. At least they are going to have a bomb sniffing dog so that they are one step above the useless checks at the Smithsonian Museums.

Host:~$ sudo hdparm -t /dev/sda

/dev/sda:
Timing buffered disk reads: 8 MB in 3.72 seconds = 2.15 MB/sec


so it looks like it has the same issue as my other machine

so I did
Host:~$ sudo lspci |grep -i ide
00:0f.1 IDE interface: VIA Technologies, Inc. VT82C586A/B/VT82C686/A/B/VT823x/A/C PIPC Bus Master IDE (rev 06)
Host:~$ lsmod |grep -i ^libata
libata 159344 4 pata_acpi,pata_via,ata_generic,sata_via

and added the following to /etc/modprobe.d/blacklist

blacklist ata_generic


and the following to /etc/initramfs-tools/modules

pata_via
blacklist ata_generic

then rebuild initramfs


sudo update-initramfs -u -v


After a reboot I now get

sudo hdparm -t /dev/sda

/dev/sda:
Timing buffered disk reads: 164 MB in 3.02 seconds = 54.38 MB/sec


Amazing what this little tweak will do for performance.

(click through for the embedded you tube video if your rss reader doesn’t show you the window)

ClamAV PE Scanning Vulnerability
added April 14, 2008 at 09:21 am

US-CERT is aware of a report of a buffer overflow vulnerability affecting ClamAV. This heap-based buffer overflow vulnerablity may allow an attacker to execute arbitrary code on an affected system.

US-CERT recommends that users do not scan PE files from untrusted sources.

Isn’t the hole point of running an av product to test for viruses in untrusted files?