Sunday, August 16, 2009

You've Got to Love TCP

You've got to love the robustness of the TCP protocol. I have a 'client' for whom I set up a Linux box with a specialised Perl/MySQL application which pretty much runs their business. This was back on 2000, and the box is still going, although at the back of my mind, I realise that the inevitable disaster can't be far off. Anyway, when we set it up, we also installed a modem on one of their phone lines and every Sunday I run a script which dials into their system, does a backup of their database and scp's it down to my main office server, from where it will be backed up as part of our regular cycle.

Now that the database has grown, the backup gzip file is around 3.5 MB in size, and takes a while to download. I don't care; it generally runs in the background while I'm doing other stuff and the phone line is only used for inbound faxes, which are mostly spam these days, anyway. But today, the line dropped and pppd died, about 20% of the way into the download. So I had it redial, the other end picked up the line, pppd did its thing, and we were connected again - and a few seconds later, the scp file transfer started ticking over again.

This happened twice more - must be some line problems somewhere. But each time, I just kicked off another pppd, and scp picked up where it left off. The pauses were sometimes a couple of minutes long, but that still wasn't a problem. In this particular case, the IP addresses remained the same, being pre-allocated at both ends, but I suspect that even if one of them had changed, it wouldn't have made much difference - a lot of TCP implementations rely on the sequence numbers, rather than IP addresses and port numbers, to distinguish sessions and so it would probably have still kept going.

You've got to love technology that is resilient enough to keep going in the face of line dropouts.

And yes, an ADSL modem would be faster, plus they could probably eliminate a monthly line rental so that it would pay for itself pretty quickly (assuming a really cheap ADSL plan). But I'd have to update their ancient Linux installation, and that would probably mean a major memory or even machine upgrade, so that can wait until the inevitable disaster I mentioned above.

Monday, August 3, 2009

Infosec Darwin Award Nomination

There ought to be a special category in the Darwin Awards for people who do stupid things with computers - in fact, this category alone could probably swamp all the others, were it not for the Darwin Awards' somewhat onerous requirement for the nominee to have removed themselves from the gene pool.

However, today's news brings word of someone - probably more than one, in fact - who looks likely to remove themselves from society at large in a spectacularly dumb way. This genius planted a fake ATM in a hotel lobby, in order to skim data from the cards of unsuspecting users. Only, they didn't choose just any old hotel. Oh, no.

They chose the Riviera, in Las Vegas.

Just before it was to host the DEFCON hacker convention, this last weekend.

Not many unsuspecting users at DEFCON, I'd say. In fact, the place was probably full of professional paranoids. Not surprisingly, one of the organisers spotted the bogus machine and it was hauled away by local law enforcement.

If the perps weren't awesomely dumb, but actually knew what they were doing, then you have to admire their chutzpah. Naw, on second thoughts, they had to have been dumb as a post.

More details at