Inconsistent security

A colleague of mine flew from our main office to the east coast to run a test. As part of the test, he needed a large battery to power some equipment. He had no problems taking the battery on the plane to his destination, but on the way back, the battery not only couldn't be carried on, it was pulled off the plane when it was checked as the TSA wouldn't let it fly. There are 2 issues here; one is that we can't find any regulations prohibiting the battery from flying and second, why was it allowed one way, but not the other?

This kind of inconsistency between airports must drive people crazy. When I travel, I travel with the same set of "gear" and haven't had a problem going through any airport (knock on wood). Now if I had to bring more and varied equipment on different types of trips, this would frustrate me to no end. Years ago when I worked for QUALCOMM, I travelled to a conference and had to take a box of cables with me. This was way before tightened security, but I wasn't taking any chances. I got there early, had QUALCOMM stickers put on the non-descript box and had no problems getting through security. Now, if I did that today, would I get searched and extra scrutinized? I guess it would depend on the airport.

I'm so glad that all the money we've spent on protecting our airports by standardizing procedures has helped.

So much for unified security?

I'm on my way back from a trip to Kansas City and as I approached security, I saw that the guy checking IDs was private security and not TSA like I'd seen at every airport I've been to in awhile. As I walk past the ID checker, I see that every security person was from a private company. Well, it looks like in the government's efforts to standardize security at airports, they left gaping holes. The The Aviation and Transportation Security Act of 2001 (ATSA) left the option open for airports, like Kansas City to use First Line Security. This seems like such a waste as the government spent a lot of money to get away from private, inconsistent security at airports.

While I can't say that I feel more or less secure going through Kansas City, I think that the inconsistency sends a very wrong message to the flying public.

Misguided financial values?

On the news the other night, we saw a story about how the stimulus package is providing jobs for some teenagers. The teenagers get paid $10 to work in different office capacities. In order to qualify, the teenagers must come from families that live below the poverty line. I'm not going to argue the merits of this program. They interviewed a few of the kids in the program and one kid said that he'd use some of the money to help out his mother, but then said that he was going to spend some money on himself to get a new cell phone. First off, is a cell phone necessary for everyone? I don't know and don't have to deal with that, yet. (My 2 year old son plays with our cell phones, but he doesn't have his own plan and doesn't actually make calls.) Second, the kid pulls out his brand new iPhone. Let's do a little math. With Apple's new pricing, the lowest priced iPhone is $99. AT&T puts every iPhone on a minimum $30/month data plan in addition to at least the lowest priced voice plan which is $39.99. Let's also assume that the kid doesn't do any text messaging. For a 2 year contract, that is $70/month * 24 = $1680 + $99 for the initial cost of the phone. I've excluded taxes for this example. So at $10/hour, this kid has to work 180 hours or effectively one month full time to pay for this gadget.

It would seem to me that somewhere kids need to be taught fiscal responsibility and save money for college, a rainy day, or something else. If the parents can't help, maybe it should be a mandatory class in high school. During the summer when I was in college, I worked full time and pretty much saved every penny I earned in order to pay for my half of college (my parents made a deal with me that they'd pay for half of my college and I had to figure out how to pay for the other half). I worked with my father to come up with a budget, put in a few things I wanted to buy including a road bike, and figure out how to pay for everything by working and taking out loans.

I know that I'm quite lucky that my father made me fiscally responsible at a young age (I started saving for retirement when I was 12). Actually, maybe I'm a bit too responsible as I'm always concerned about money when sometimes I don't need to; however, I believe that I'll be able to meet all my financial goals.

Leopard Server Password Reminder

Leopard Server's LDAP implementation allows an administrator to set requirements about user passwords, such as length of password, what characters it must include, how often it must be changed, etc. One major oversight on Apple's part is a facility to inform users that their passwords will expire. Maybe if users login via AFP or using Network Home Directories they'd see a message, but we're using LDAP for authentication from a bunch of other servers. As I didn't want to have to remember to remind people to change their passwords, I came up with a script to handle it for me. I've seen other scripts out their, but they made some assumptions that didn't work for us. Our mail server is on a different machine and usernames don't match email addresses, so my solution had to be robust. The only requirement for my script is that the email address has to be filled in for the LDAP entry. Also you must have some facility for users to change his/her own password. We're using a WebObjects program we found to let users do this.

You'll need to change the LDAP server name and the number of days to send out the reminder; we require password changes every 90 days, so I send the reminder seven days before. This is run via a crontab at midnight (or so) each evening.

I'm not an awk master, but this seems to be working fine

#!/bin/sh
datelogfile=/backups/datechange.log
tmpfile=/tmp/passwordchange.tmp
grep -h "changed" /Library/Logs/PasswordService/ApplePasswordServer.Server.log* | awk '{ test=$1 " " $2 " " $3 " " $4; cmd="date -j -f \"%b %d %Y %H:%M:%S\" \047"test"\047 +%s"; cmd | getline day; close(cmd); {printf day " " $13"\n"}; }' | sed s/}/' '/g >> $datelogfile
sort -r $datelogfile | sort -r -k 2 -k 1 - | uniq -f 1 | sort -r - > $tmpfile
cat $tmpfile > $datelogfile