• Aug 1, 2009

    Inconsistent security

    A colleague of mine flew from our main office to the east coast to run a test. As part of the test, he needed a large battery to power some equipment. He had no problems taking the battery on the plane to his destination, but on the way back, the battery not only couldn't be carried on, it was pulled off the plane when it was checked as the TSA wouldn't let it fly. There are 2 issues here; one is that we can't find any regulations prohibiting the battery from flying and second, why was it allowed one way, but not the other?

  • Jul 30, 2009

    So much for unified security?

    I'm on my way back from a trip to Kansas City and as I approached security, I saw that the guy checking IDs was private security and not TSA like I'd seen at every airport I've been to in awhile. As I walk past the ID checker, I see that every security person was from a private company. Well, it looks like in the government's efforts to standardize security at airports, they left gaping holes. The The Aviation and Transportation Security Act of 2001 (ATSA) left the option open for airports, like Kansas City to use First Line Security. This seems like such a waste as the government spent a lot of money to get away from private, inconsistent security at airports.

  • Jul 29, 2009

    Leopard Server Password Reminder

    Leopard Server's LDAP implementation allows an administrator to set requirements about user passwords, such as length of password, what characters it must include, how often it must be changed, etc. One major oversight on Apple's part is a facility to inform users that their passwords will expire. Maybe if users login via AFP or using Network Home Directories they'd see a message, but we're using LDAP for authentication from a bunch of other servers. As I didn't want to have to remember to remind people to change their passwords, I came up with a script to handle it for me. I've seen other scripts out their, but they made some assumptions that didn't work for us. Our mail server is on a different machine and usernames don't match email addresses, so my solution had to be robust. The only requirement for my script is that the email address has to be filled in for the LDAP entry. Also you must have some facility for users to change his/her own password. We're using a WebObjects program we found to let users do this.

  • Jul 29, 2009

    Linux on a cell phone

    Like other geeks, I downloaded the Pre webOS SDK and installed it. While I don't have time (I'm not sure where all my time goes) to actually write code (I'd have to learn Javascript which shouldn't be too hard, but lack of time is the problem), I did want to at least kick the tires.