It seems like a reasonably common thing – putting a SIM into a GSM mobile and making a call. The phone is unlocked and all, it’ll just work, right…?

I had clearly forgotten the enjoyment of the “developing world” factor. It of course does not “just work”. I suspect in the next few years of this adventure very little will “just work”.

So – I give my phone to the dealer our company uses and he says he’ll get it sorted and back to me. All this done through an intermediary, as everyone only speaks Russian and I’m still working toward “chut chut Ruski”. (A little bit of Russian).

It comes back working a treat (yes, it is mine), but there is the funny new app installed and it’s running an IOS older than the hills. Err, that won’t do at all, me being a “must update” nutcase. A quick Google and I find the app is used to Jailbreak the phones so the vendors can modify them.

iTunes presumably freaks, and offers to nuke it. I gladly accept, and after a few attempts hold again a blank phone that won’t accept a local SIM or activate.

Hmm

So, I’m in a country where the only way to make a phone call using modern technology is on a hacked phone, whilst the company security policy I signed only two days ago had a nice section about not breaking any copyrights.

Yep – this is going to be an interesting journey.

Hey, Mozilla- Quotes Are Not Legal in a URL

So why oh why do we still have share permissions in W2K3 and Longhorn? All they do is confuse Administrators and allow for weird security configurations and the problems that come with them. I frequently see mismatched configurations, confusion over remote and local access or confusion over other sharing methods such as HTTP.

There is a small supportive argument or them that goes along the lines of “but what if the NTFS permissions are wrong”. Well, lets look at the failure mechanisms.

1. Attacker has User Account and Password – Share permissions do nothing that NTFS wouldn’t – “All your base are belong to us”

2. NTFS vulnerability found – After this many years, I trust the NTFS ACL’s far more than I trust the Share Permission controls.

3. Mis-configuration of NTFS Permissions - This is generally due to an inadequate design for management of the user groups and permissions. If your change control is inadequate, Share Permissions are not going to save you. I’m working on a paper at the moment to smooth this problem out.

Microsoft, please get rid of them, they are a legacy solution that confuses many administrators.

In the meantime – Share Permission – EVERYONE FULL CONTROL

Link to Its Time For Airport Security To Ketchup With Reality (from The Herald )

So why oh why then does this MS product NOT support any of the normal UI’s for authentication.

MS Project 2003 Professional connecting to a MS Project Server 2003.

It gives the option of connecting with your domain account, or using a “Project Server Account”. Here comes the crunch. NEITHER of these options works on a PC that is not a domain member. There is no popup UI to ask for a password.

Now, many many projects I know of are managed by external consultants, working for other companies, with laptops managed by IT teams that are DEFINATELY NOT on our domain.

Glad to see the thinking caps went on for this one boys.

It is now possible for anyone to board a plane in Australia without showing ID. Known terrorists sign up here, if you are finding it difficult to travel elsewhere, we’ll happily let you on board.

You see the new Qantas electronic check in terminals allow you to type in your name and destination, presto, instant boarding pass. No ID at the desk required. No ID at Security required. No ID at the gate required. No ID on the plane required. Now I can book a ticket as anyone over the phone through a travel agency, and pay via direct deposit, so still no proof me is me.

Now I won’t wade into the pro’s / con’s of the ID debate here, Bruce is covering that just fine. What I do want to say is this.

It’s interesting that the airlines have spotted a chance to save money and jumped on it, despite all the other guff going on. I guess the difference is the other security stuff comes out of the customers pocket in airport fees, as opposed to airline profits.

I remember it used to be common to buy airline tickets from others based on gender, as it was a little obvious if Paul traveled on Paulette’s ticket. The airlines tried to stop this for years by saying a ticket was not for a seat, but “a contracted agreement between two parties”. They finally came up with the “for security reasons” excuse and forced everyone to produce ID and shut down this exercise. Now I guess the money saved on check in staff exceeds the money lost on people re-selling tickets.

Money still rules hey boys……. 

http://www.theregister.co.uk/2006/08/17/flying_toi…

Reminds me of Schneier’s pizza’s at the NSA

http://blogs.technet.com/steriley/archive/2006/04/20/425824.aspx?CommentPosted=true#commentmessage

MS even let me present on this exact topic and make the same statements.