The Programmer's Bill of Rights

Having started my new job the first thing I did was sort out my work station arrangements. I had inherited a pretty decent P4 Dell PC, not bleeding edge but certainly fast enough. But it had only a single 19" TFT, so on my first day I cheekily requested a second screen and to their credit they said yes! This was a set up I adopted at my last employer and had found it such a boost to productivity (I am not sure they thought so, but that is another story!)

Browsing around the web today (it is raining, thundering etc outside) and I found this entry, posted a few years ago on the Coding Horror Blog, it is a non-serious bill or rights for programmers - multiple screens, fast computers, choice of keyboard and mice, comfy chair and quiet environment. Pity I didn't find it when I was in my last job! :-)

The Last Hope Talks

I have spent the last few days listening to some of the presentations and talks given at the Hacker On Planet Earth conference (HOPE) This year's event was probably going to be the last due to plans to demolish the venue in New York, hence the event tag "The Last HOPE" however it seems those plans may have changed.

The speakers are wide ranging, with interesting and thought provoking topics.

Some highlights are the talks by Kevin Mitnick, a 3 hour marathon talk by Steven Rambam about privacy and the lack of it and the ominous threats posed by new technologies such as Google, the iPhone and social networking sites, well worth a listen. Also Renderman's presentation "How Do I Pwn Thee? Let Me Count The Ways" highlights the security dangers of mobile technology.

Of special interest to me was Travis Goodspeed's "Introduction to MCU Firmware Analysis and Modification with MSP430static" the slides and information are available from Travis' website. In this talk Travis gives a wonderful account of the basic principals of reverse engineering.

All the talks are available here for free download in low and high quality versions.

SamKnows releases first broadband preformance report

I posted back in May about ISP watchers SamKnows.com who launched a bid to discover the truth about the state of UK broadband by recruiting volunteers to install a monitoring device on their network, to collect performance data (the geographical distribution is shown above).

They have now released their first report, a 40 page pdf which can be downloaded here.

On page 2 of the report is the main summary

In the majority of metrics there was little discernable difference between most
ISPs;

• Zen Internet offered the fewest failures across all metrics;
• Virgin Media’s cable services and Be/O2’s services provided a consistently low latency throughout, whilst Virgin.Net (Virgin’s ADSL service) performed poorly.
• BT provided the fastest throughput when measured as a percentage of implied line speed (an estimate of the potential maximum speed of the line)
• Be/O2 and Virgin Media produced the greatest raw throughput (in megabits per second), which can likely be attributed to the nature of their products.
• Virgin Media’s cable throughput remained consistent on their 2, 4 and 10Mbps products, but was quite variable on their 20Mbps product.
• Testing highlighted the use of traffic shaping in the networks of BT and PlusNet, which resulted in certain classes of traffic slowing significantly during peak hours.

Being on the Virginmedia XL (20 Mbps package) I can confirm their results are pretty much what I have experienced.

Hackers attack DNS exploit, ISPs failing to update servers

theregister.co.uk are reporting that many ISPs have still not acted up on the now infamous DNS security flaw and miscreants are actively exploiting the gaping hole in the internet's address lookup system that can cause millions of web surfers to receive counterfeit pages when they try to access online banking services and other types of websites.

many laggard internet service providers reported to be dragging their feet in applying patches that fix the devastating DNS flaw. Dan Kaminsky says more ISPs appear to be getting the message. Last week, about 51 per cent of unique name servers tested on his site (see the "check my DNS" button to the right) showed up as vulnerable. Now, he says it's closer to 35 percent.

Test your own ISP here.

If it still fails then you can always update your settings to use OpenDNS

dynamicDemand

Discovered this brilliant website which has a meter which attempts to monitor the power balance of the UK electricity grid. If the needle is too far to the left, it means more generation is needed to meet demand.

The meter actually shows the grid's "frequency", which is related to the speed of rotation of generators all over the country. When there is too little power available, the whole grid "slows down" and the needle moves to the left.

Now resisting the temptation of running around the house turning appliances on/off in an attempt to affect the meter!

Citizen Engineer

Citizen Engineer is a new online video series about open source hardware, electronics, art and hacking by Limor (Ladyada) Fried of Adafruit Industries & Phillip (pt) Torrone of MAKE magazine.

From hackszine.com

Quite an interesting video, some oddity with the sound mixing but an enjoyable 30 minutes

xkcd.com - Security Holes

Follow on from my last post the wonderful xkcd.com has a humorous take on the whole matter