From paul.suh at ps-enable.com Wed Nov 1 14:47:46 2006 From: paul.suh at ps-enable.com (Paul Suh) Date: Wed Nov 1 14:47:53 2006 Subject: [Newsletter] How to convert your admin account to a standard account Message-ID: <5A131566-E704-487D-81A1-AB4B8F256BA5@ps-enable.com> Folks, Many of you will probably have heard me talk about this before, but the single most important thing that you can do for your own security is to run as a standard user for day-to-day activities, not as an admin user. OK, but most of the time you just use the first user account that you set up on Mac OS X when you first booted up the machine -- but that is an admin account. How do you get from an admin account to a standard account without losing all of your preferences, your home directory access, etc.? These are the step by step instructions. 0) BACK UP YOUR COMPUTER. Everyone on this list has a current back no more than 24 hours old, so this step shouldn't even be necessary, right? ;-) 1) Create a new admin account. Go into the Accounts preference pane, unlock it, and click on the plus sign at the bottom. Create a new account with the long name "Local Administrator", short name "localadmin", and a good password. Make sure that the "Allow user to administer this computer" option is checked. 2) Log out of your personal account and log in to the newly created Local Administrator account. Go into the Accounts preference pane, unlock it, and select your personal account. Uncheck the "Allow user to administer this computer" option. Congratulations! Your personal account is no longer an admin user account. But that's not enough. (Cue ominous Halloween music...) Why is this not enough? There are probably many files and folders in the /Applications and /Library folders that you copied in using the Finder when you were an administrator. You still own those files and folders -- which means that even as a non-admin user you can still make changes that will affect the entire system. You need to find any files and folders in those two trees that belong to your personal user account and change them so that they are owned by root. To make it more complicated, there are files and folders in the /Library folder that you *should* own, inside the /Library/Caches and /Library/ Logs/Console folders. There's an additional complication; when you drag-install an application and authenticate in the Finder, the application *retains its ownership*. If you mount a disk image with an application, *you* are the owner of the original application. If you drag install it, you are *still the owner* when it is sitting in /Applications. This is bad. I personally feel that it is a bug -- the copy should change ownership to root regardless of where you are copying the file or folder into, not leave the ownership as it was before. Your intent was to copy a file into a restricted location -- not provide unrestricted access to that file forever after. The easiest way to do this is to use the command line. 3) Open up a terminal window and execute the following four commands: sudo find /Applications -not -user root -exec chown root:admin '{}' ';' sudo find /Library -not -user root -and -not '(' -path '*Caches*' -or -path '*Console*' ')' -exec chown root:admin '{}' ';' sudo chown -R root:wheel /Library/StartupItems sudo chown -R appserver:appserverusr /Library/WebObjects The first command ensures that everything in /Applications is owned by root and is group admin. The second ensures that everything in / Library is owned by root and is group admin, *except* for files and folders inside /Library/Caches and /Library/Logs/Console. The third and fourth fix up specific paths within /Library. 4) Log out of the Local Admin account and log back in as yourself. Congratulations! --Paul Paul Suh http://www.ps-enable.com/ paul.suh@ps-enable.com (240) 672-4212 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2508 bytes Desc: not available Url : http://mail.goodeast.com/pipermail/newsletter/attachments/20061101/0e6d0631/smime.bin From paul.suh at ps-enable.com Wed Nov 8 11:31:13 2006 From: paul.suh at ps-enable.com (Paul Suh) Date: Wed Nov 8 11:30:54 2006 Subject: [Newsletter] Electronic voting systems are too complex (#12) Message-ID: <040C4972-F16B-4DD2-8275-99A40E4ED0D8@ps-enable.com> Folks, Problems Reported -------------------------- I spent most of yesterday at the TrueVoteMD offices helping to monitor the election, speak at a press conference, and take a few hotline calls. Although it wasn't as bad as the primary election, when the Montgomery County Board of Elections forgot to include the voter access cards in the kits for the polling places, it wasn't good. The mainstream media are all reporting that there were "minor glitches" in many places, making it seem like no big deal. However, we need to look underneath what is going on. The whole electronic voting system is horribly complex, with many more bits and pieces of gear that need to be set up, maintained, and work perfectly under field conditions. I think all of the people on this list can tell firsthand stories of how equipment and software that works fine in the office will be completely misused or fail with malicious glee when placed at a remote location. I think that we are seeing the results of the system complexity, in repeated, small breakdowns that actually are having the cumulative effect of the death of a thousand cuts. The major bug this time around seems to be vote switching due to mis- calibrated touch screens -- a voter presses on the rectangle for candidate A but the selection box for candidate B lights up instead. Another problem that is showing up in reports is absentee ballots that arrived too late to be used, despite being requested well in advance. The State Board of Elections' less-than-helpful response is to say, "well, you can just go down to your county Board of Elections offices and turn in your ballot in person." That doesn't help the gentleman who is in Indiana and just received his ballot on the 7th, or the lady in Switzerland(!) who never received hers at all. The biggest problem of all is the long wait caused by the various equipment malfunctions and the problems with the poll workers who have to deal with them. Election judges are working 20+ hour days to keep things going. This is insane. One of the big selling points of these electronic voting systems is that they were supposed to reduce the possibility for human error. In reality, they have *increased* the possibility for human error, by making the system so complex that it's impossible for it to work in the real world. The Original SAIC Report ----------------------------------- Another aspect you might be interested in is that the original SAIC report on the security of the elections process was leaked on the bradblog.com web site. This report was commissioned by the Maryland State Board of Elections in 2003. In fact, none of the actual board members had seen it until now -- Linda Lamone, the Administrator of the SBE, kept it secret from them as well as the public. The original report was nearly 200 pages long, but only a redacted, 38-page version was released to the public and the board members. There have been various claims made by Ms. Lamone and her staff that releasing the report would cause security breaches, to which I say, "bull." I've been reading through the full report, and I'm about 3/5ths of the way through. A couple of points stick out: 1) The report recommends a total of 326 management, operational, and technical controls to secure the system. This is ridiculous -- any system that needs that many changes to secure it should be thrown out. It's simply too complex to work properly -- patch on top of service pack on top of bug fix on top of workaround. 2) I have yet to see any reason why this report should not have been released earlier, aside from embarrassing the living daylights out of Diebold. None of the recommendations or redactions cover information that is proprietary in nature. If the recommendations we carried out and were sufficient to secure the voting system, then releasing the full report should have no security consequences. On the other hand, if the recommendations were not fully carried out or were not sufficient to secure the voting system, then we the public, the members of the board, the Maryland legislature, and the governor darn well have the right to know that we are working with a voting system that has significant security problems. If you want to read it for yourself, there are 5 PDFs at: The Original Problem ----------------------------- In all of this, let's not lose sight of the original problem. It is impossible to tell from these electronic voting machines whether or not your vote has been properly counted. There is ZERO ability to audit the system -- to ensure that something (an ordinary, garden variety bug or someone trying to tamper with the election) hasn't caused vote totals to be changed. --Paul Paul Suh http://www.ps-enable.com/ paul.suh@ps-enable.com (240) 672-4212 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2508 bytes Desc: not available Url : http://mail.goodeast.com/pipermail/newsletter/attachments/20061108/807298d1/smime.bin From paul.suh at ps-enable.com Tue Nov 21 23:06:20 2006 From: paul.suh at ps-enable.com (Paul Suh) Date: Tue Nov 21 23:06:24 2006 Subject: [Newsletter] How-To: Reset a User's Password Without an Install Disk Message-ID: Folks, You're stuck -- you're over at your aunt's house for Thanksgiving, and your uncle comes to you and says, "you work with computers, maybe you can you help me out with this computer problem I've been having." As you stifle a groan at doing work on a stomach full of turkey when you'd rather be watching the football game, he shows you his iMac. He has forgotten his password, misplaced his install disks, doesn't have a separate admin account, and can't log in to the computer. Of course, since it's a holiday you don't have your usual toolkit with you. How can you get out of this bind? The trick is to use the command line tool nicl in raw mode from single user boot. WARNING: AS ALWAYS, BE VERY, VERY CAREFUL WITH YOUR TYPING ON THE COMMAND LINE. MISSING A SPACE OR A PERIOD CAN HAVE SERIOUS CONSEQUENCES. Each step below has a single command that should be typed on one line without hitting return, even if the e-mail system breaks it up into multiple lines. 1) Boot into single user mode by holding down the command and S keys at startup time. 2) Check the disk drive by using the fsck command line tool once the command prompt has shown up. /sbin/fsck -fy 3) After the check finishes, mount the disk drive so that you can make changes to it by using the mount command line tool. /sbin/mount -uw / 4) Find the user's short name, if you don't already know it by using nicl. /usr/bin/nicl -raw /var/db/netinfo/local.nidb -list /users This will list all of the users on the system, showing their short names. 5) Use nicl to delete the authentication authority for the user. Substitute the user's short name for "username" in the command line below. /usr/bin/nicl -raw /var/db/netinfo/local.nidb -delete /users/ username authentication_authority This converts the user to a crypt hash user, which can have a conveniently empty password. 6) Give the user an empty password. Again, substitute the user's short name for "username" in the command line below. /usr/bin/nicl -raw /var/db/netinfo/local.nidb -create /users/ username passwd 7) Reboot the computer. /sbin/reboot The user now has an empty password crypt hash, and you can log in and reset the user's password using the Accounts preference pane. Have a happy Thanksgiving! --Paul Paul Suh http://www.ps-enable.com/ paul.suh@ps-enable.com (240) 672-4212 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 2508 bytes Desc: not available Url : http://mail.goodeast.com/pipermail/newsletter/attachments/20061121/bf38ded8/smime.bin