Category Archives: Security

Trepidation of the Spheres

Helen Sharman, Britain’s first astronaut.
Source: The Guardian, Alamy Stock Photo
An information security post about poetry today, based on Valediction Forbidding Mourning by John Donne

AS virtuous men pass mildly away,
And whisper to their souls to go,
Whilst some of their sad friends do say,
“Now his breath goes,” and some say, “No.”

So let us melt, and make no noise, [5]
No tear-floods, nor sigh-tempests move;
‘Twere profanation of our joys
To tell the laity our love.

Moving of th’ earth brings harms and fears;
Men reckon what it did, and meant; [10]
But trepidation of the spheres,
Though greater far, is innocent.

The above metaphor gave me pause. The point seems to be that an inter-planetary event has far more significance yet is less stressful than an event on earth. Donne clearly wants it to be this way, to make a point about quiet goodbyes.

I suspect that if you tell someone that a “sphere” event is likely (e.g. meteor strike) they will find as much or more trepidation than events happening on earth. On the other hand, Donne perhaps knew this and was really implying that the greatest impacts are the least frequent and thus should not be feared with the same intensity (profanation) as frequent ones of less severity. He continues:

Dull sublunary lovers’ love
‘Whose soul is sense’cannot admit
Of absence, ’cause it doth remove [15]
The thing which elemented it.

But we by a love so much refined,
That ourselves know not what it is,
Inter-assur’d of the mind,
Care less, eyes, lips and hands to miss. [20]

Our two souls therefore, which are one,
Though I must go, endure not yet
A breach, but an expansion,
Like gold to aery thinness beat.

If they be two, they are two so [25]
As stiff twin compasses are two;
Thy soul, the fix’d foot, makes no show
To move, but doth, if th’ other do.

And though it in the centre sit,
Yet, when the other far doth roam, [30]
It leans, and hearkens after it,
And grows erect, as that comes home.

Such wilt thou be to me, who must,
Like th’ other foot, obliquely run;
Thy firmness makes my circle just, [35]
And makes me end where I begun.

Clever imagery within a poem of managing risk. The legs of the compass — one static as the other one roams and more erect when they are together — is a beautiful metaphor for continuity.

Host Monitoring: Osiris Build for Windows

Perhaps you want a host integrity monitoring solution for windows? Here is a simple recipe to compile the free Osiris agent on windows for windows (so “make test” will work).

Ingredients:

  1. NSIS
  2. Active State Perl
  3. MinGW
  4. MSYS
  5. OpenSSL

You can get these all from shmoo as a single convenient build kit, or download individually using the links above. The build kit is stable, but the individual items are likely to give you more recent releases.

Install all five in the order listed with the defaults, except for MSYS. Change the installation path of MSYS from the version number to just “c:\msys”. When MSYS asks for the MinGW installation path, enter “c:/mingw”

To compile/install OpenSSL, follow these steps:

  1. Unpack the tar file. It might be most convenient to put it below the c:\msys directory
  2. Open the “Configure” file (you can use vi in MSYS but Wordpad may also work) and comment out or delete the following line: “$IsMK1MF=1 if ($target eq “mingw” && $^O ne “cygwin” && !is_msys());”
  3. Type “perl Configure mingw” to run the Configure script
  4. If successful, you will see a “Configured for mingw” message and you should have openssl.exe in the apps directory and two lib files (libssl.a and libcrypto.a) at the toplevel
  5. Type “make test” to verify the build (this will take a while)

To compile/install Osiris, follow these steps:

  1. Download and unpack the Osiris 4.2.3 source. It might be most convenient to put it below the c:\msys directory
  2. Start MSYS (Use the shortcut or C:\msys\msys.bat -norxvt)
  3. Change into the c:\msys\osiris… directory
  4. Type ./configure with the following options:
    –with-ssl-dir=/c/msys/openssl… –with-root-dir=/c/msys/osiris… where “…” is the full pathname and –with-osiris-user=osiris or whatever user it will run as
  5. Once the configure is done type “make”
  6. To reduce the size of the installer use strip: “strip src/cli/osiris.exe”; “strip src/osirisd/osirisd.exe”; and “strip src/osirismd/osirismd.exe”
  7. Open explorer and right click on C:\msys\osiris-4.2.3\src\install\windows\osiris_install.nsi, and choose “compile installer”

Tada! Your Osiris agent should be ready to deploy on windows hosts. It will be in the osiris-4.2.3\src\install\windows directory.

SFO Carbon Offset

Air travel creates a huge amount of carbon dioxide, so San Francisco has installed an offset system for travelers in kiosks at SFO

Climate Passport contributions fund the Garcia River Forest, a reforestation project in Mendocino County where redwood and Douglas fir trees are being added to a forest that had been heavily logged. They also go to the SFCarbon Fund, which is steering the money to Dogpatch Biofuels, a bio-diesel fueling station in southeastern San Francisco.

I would much prefer to buy them through the ticketing process so the offsets could be distributed, although there are certainly advantages to supporting local offsets.