FBI Weighs Looser Pot Rules for New Hires – Funny

From todays WSJ – quote from FBI Director James Comey
Congress has authorized the FBI to add 2,000 personnel to its rolls this year, and many of those new recruits will be assigned to tackle cybercrimes, a growing priority for the agency. That is a problem, said Mr. Comey, as a lot of the nation's top computer programmers and hacking gurus are also fond of marijuana.
"I have to hire a great work force to compete with those cybercriminals, and some of those kids want to smoke weed on the way to the interview," Mr. Comey said. He added that the agency was now "grappling" with how to amend its marijuana policies.  Full Article

logo of OSX Disk Utility

Fixing the “ACL found but not expected on …” error during OSX Volume Repair

Symptom – Running the OSX Disk Utility program and selecting Verify Disk permissions results is multiple error of ACL found but not expected on [filename]”  While these errors can be safely ignored (ACLs are Access Control Lists) it does make reading the results of the disk verify difficult.    Fix – Fletcher Tomalty has written a python script that can be run from the command line to remove these unexpected ACLs.  The script uses the OSX Disk Utility to find the files and then does a sudo chmod -h -N on each of them. I have used it successfully on Mountain Lion 10.9.9.

Expect Delays Sign Photo

FCC’s New Rules Could Threaten Net Neutrality

Federal Communications Commission Chairman Tom Wheeler is circulating a proposal for new FCC rules on the issue of network neutrality, the idea that Internet service providers (ISPs) should treat all data that travels over their networks equally. Unfortunately, early reports suggest those rules may do more harm than good.  READ MORE


Why You Shouldn’t Put Your Money Where Your Mouth Is


Wall Street Journal
April 18, 2014

Talk about dirty money: Scientists are discovering a surprising number of microbes living on cash.
In the first comprehensive study of the DNA on dollar bills, researchers at New York University’s Dirty Money Project found that currency is a medium of exchange for hundreds of different kinds of bacteria as bank notes pass from hand to hand.
By analyzing genetic material on $1 bills, the NYU researchers identified 3,000 types of bacteria in all—many times more than in previous studies that examined samples under a microscope. Even so, they could identify only about 20% of the non-human DNA they found because so many microorganisms haven’t yet been cataloged in genetic data banks.   READ MORE at WSJ

Viewing a winmail.dat Attachment

Problem – you receive an email that has an attachment named winmail.dat that your Mac Mail program can't view.

Reason – The Winmail.dat file is used in Outlook when sending a Rich Text-formatted message however OS/X Mail as the receiving client does not use or recognize the winmail.dat file format.


Ask the sender of the email to change their default email settings.  Microsoft suggests 4 methods here.  Then have the sender re-send the attachment.  This is often impractical as it places the burden on the sender who may be someone you don't want to burden.  It also only the solves your problem with this one sender and not the hundreds of millions other of Outlook users. 

There are well established technical standards for email and so it may seem unfair that you are stuck with this problem because Microsoft  chose to use a proprietary format.  Life isn't fair.

   It is faster and more practical to install an add-on to view winmail.dat files on a Mac. I use TNEF's Enough written by Josh Jacob.

  Download the latest version, open the dmg file and drag the program into your applications folder.  If you receive the occasional winmail.dat attachment, save it to your desktop, open TNEFF's Enough and select FILE ->   OPEN, double click on the attachment listed in the TNEFF's Enough program window and select a save location.  If you receive winmail.dat files often, drag the TNEFF app into your dock then drag the winmail.dat file from your email and drop it onto the TNEFF icon in your dock.


The Heartbleed Bug – What to Do Now

Websites that exchange sensitive information with users have, for many years now, secured the connection between a users browser and the web site by encrypting the information.  The system is called SSL for Secure Sockets Layer and TLS for Transport Layer Security and up until the begriming of 2012 the software that implemented these techniques, OpenSSL protected the information as it flowed over the  Internet by making it unreadable to anyone other than the intended recipient.  A programming mistake (A missing bounds check)  introduced into the software introduced a flaw in  a function of the TLS protocol called heartbeat.  


That flaw allowed a non-standard heartbeat command to return 64 KB or about 32 pages of text of unencrypted data.  In effect, the programming error allowed an attacker to access the very information that SSL/TLS was intended to protect.    Named for the heartbeat function that allows the data to be viewed by attackers, the bug has become known as Heartbleed.

The bug was first reported to OpenSSL by Neel Mehta from Google Security  Matti Kamunen, Antti Karjalainen and Riku Hietamäki from Codenomicon Oy and was reported publicly by the group that wrote OpenSSL on April 7, 2014.  The notice itself may well be one of the most understated alerts in the history of computer security with no mention of the catastrophic impact on the Internet and Online commerce. A conservatively estimated is that two-thirds of the Internet's Web servers use OpenSSL to cryptographically prove their legitimacy and to protect passwords and other sensitive data from eavesdropping. Many more e-mail servers and end-user computers rely on OpenSSL to encrypt passwords, e-mail, instant messages, and other sensitive data. 

What to Do Now

If you operate a website you have a great deal of work to do including updating the vulnerable Open SSL library, updating all the other system software and libraries that depend on that software, figuring out what software those changes broke and fixing them and revoking and reissuing new security certificates.  If you're like most people you just want to know if some cyber-criminal has stolen the password to your online banking.  The most conservative approach is to change all of your passwords once the websites you use have been protected from Heartbleed.  Joseph Bonneau, a security researcher makes a good argument in Heartbleed and passwords: don’t panic that Heartbleed is not as catastrophic as the media reports would suggest.  

If you want to be certain you should change all your passwords –

Step 1 – Test if the site has fixed the Heartbleed bug by going to, enter the site URL and verify the test  shows the site is not vulnerable to the Heartbleed bug.

Step 2 – Change your password.  As long as you are going to all the trouble of changing your password in every single site that you have a password, consider using good passwords and using them properly.  You can read my take on good password hygiene here.

Repeat steps 1 and 2 for every site you have used.  If you no longer use the site, login to it and delete your account.  

If in the past you used the same password on multiple sites then you definitely need to change them anyway.  Check back for my Password Pyramid approach.


Windows XP Support Ends – Why You Need to Know

April 8 2014 is the last day that Microsoft will support it’s Windows XP operating system.   This is important for anyone with a computer running XP  because that is the date Microsoft will stop issuing patches, or fixes, to the software leaving users vulnerable to attack when new exploits are found but not fixed.  Windows XP was first released in October of 2001 – over 12 years ago.  One might think that 12 years would be enough time to find and fix all the bugs in the software that allowed attackers to take over your computer but then one would be wrong.  There have been 9 “critical” or “important” patches released for XP during the first few months of 2014.  

Microsoft recommends that users of XP upgrade to the latest greatest version of Windows – version 8.1.  While Windows 8.1 has had 8 critical or important security patches so far in 2014, Microsoft will continue to issue security patches.  Most XP computers however do not have the hardware to run Windows 8.1 so XP users will in most cases need to purchase new PCs with Windows 8.1 already  installed.  
The upgrade cost may not be limited to the new computer as many older software titles that run just fine on XP will need to be upgraded to new versions that will work with Windows 8.1.  For Microsoft software such as Microsoft Office you can check compatibility at the Windows Compatibility Center website If you have Office 2007 or later you’re set, anything earlier – take out your wallet.  
QuickBooks is another commonly used program on older XP machines.  Only QB 2013 and 2014 will work on Windows 8 according to Intuit.

If you have an XP computer you need to do something.  Continuing to use the software exposes you and your data to the risk of loss and theft.  Before you rush out and buy a new Windows 8 PC I suggest you consider if an Apple Mac would work for you.  Let me make clear that I am not a Mac zealot.  Macs are great but they aren’t perfect and certainly don’t meet the requirements of every situation.  Like most things there are advantages and disadvantages in switching from Windows to OS/X – the name of the MacIntosh operating system software.

  • Learning Curve – OS/X is different than Windows and it takes some getting used to.  
  • Not all software runs on OS/X – if you absolutely must use a specific software title that is only available on Windows then stop reading now and go by a new PC.
  • Apple hardware, in general, costs more than PCs that run Windows.  
  • There are far fewer viruses for Macs than PCs.  While this may not always stay true, the vast majority (over 99%) of viruses target Windows PCs.  Mac users spend a lot less time on ant-virus software updates and cleaning out infections that get through.
  • Apple has always been something of a control freak when it comes to their products.  An upside of this is that most software that runs on Macs follows a consistent user interface.  In general, the way you do things is pretty consistent between programs and inter-program communication tends to be excellent.
  • Ease of Use – I know that this is subjective however having used both systems for years I come down solidly on the side of Macs.
  • Files created on one can not be used on the other – FALSE
  • It is hard to get technical support for Macs – FALSE on two levels, there are plenty of Mac gurus out there and Mac users need a lot less support.
  • I need to use Microsoft Office so I can’t use a Mac.  FALSE – Microsoft Office for Mac is, with very few exceptions is compatible with the PC versions.  There are some Macro language and VBA differences that should only be an issue in a large corporate environment with dozens of connected spreadsheets tied together.
The above list is certainly not exhaustive and I will try to add to it over time.  
Addressing some of the issues, I would allow a couple weeks to get up to speed on a Mac if you were a Windows user.  I have found that the learning curve from Windows XP or Windows 7 to Windows 8 is about the same as from XP or 7 to OS/X.
Inexpensive PCs don’t hold up well.  The very low cost ones don’t have enough computing power and mid-priced PCs with decent power tend to suffer from being heavy, have poor battery life for laptops, and have unreliable keyboards and touchpads.  If you really compare a well made and decently powered PC to a Mac, the price is not that much more for the Mac.