Sunday, 04 December 2005

Air Combat USA planesIt takes a really gullible type to fall for one of my secret plans. Either that or someone who trusts me implicitly, misguided as that may be.

Along those lines, I didn't tell my friend David where we were going or what we were doing this weekend, just that I'd pick him up on Friday, that he should bring enough clothes for a couple days, and I'd have him back to his ship (he's in the U.S. Navy) in time for duty early Monday morning.

We try to do something crazy and insane once a year or so, and we were a bit overdue for this trip. I've actually been planning it for more than a year, at least in part. Without going into all the details, what matters the most if that Dave knew nothing of what we were doing on our trip (not even that we were flying to California) until we got to the location for each planned activity.

The plan included roller coasters, jousting dinner, visiting David's family in the area, and other fun stuff. But the real big event of the trip was on Sunday at the end of our stay in Orange County.

Dave and Greg at Air Combat USA (before Dave puked)On Sunday afternoon, to end the Secret Plan trip, we went to Air Combat USA in Fullerton, California. There we suited up, were briefed by former military pilots, and climbed into two high-performance military training aircraft, which we flew with the instructors for about an hour in some training maneuvers and six real-live dogfights. Gunsights, smoke and all. It was - to say the least - a blast. I can now say I know what it feels like to fly 5.5-G turns and that I did just that. Wow.

It's not cheap, for sure, but if it's something you've ever wanted to do, check our Air Combat USA on the web - http://www.aircombatusa.com - and give it a try.

Just be sure to keep the yak-bag handy. Dave's new call-sign is "Ralph," if that tells ya anything.

Above is a pic of Dave and I in front of one of the planes before we took off. Good thing we took the pic before we left - no stains on Dave's flight suit. Heh.



Add/Read: Comments [4]
Sunday, 04 December 2005 17:34:22 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Wednesday, 30 November 2005

Thomas Hawk wrote about a severe problem he had ordering a camera from an abusive online retailer that's really nothing but a major, unethical sales scam operation. The fact that he wrote about it and pointed to a number of other people's experience is great, and it brought to mind a number of other things that people need to know, especially this time of the year.

First of all, there ARE unethical, bad people out there trying to sell YOU their stuff. And there are some that will threaten, extort and otherwise manipulate their "customers." It doesn't just happen to other people - it can and will happen to you, too. Protect yourself and do your homework. While the vast majority of online retailers are good, solid companies, there are the few bad apples, just like in any community, that make it bad for everyone they can take advantage of. 

  • If the price is too good to be true, it's probably not true. Seriously. Don't fool yourself.
  • Do your homework if it's a company you have never head of or dealt with. You're trying to save money, so spend some time. That means getting information about the company. A good way to do this is to look for bad information online, by using Google or another search engine to search for "The Company Name"+scam (like this and this show some serious info). Look for the NEGATIVE information. Keep in mind that there are times when the bad guys will try to make themselves look good by posting positive information. It happens.
  • Don't rely solely on the Better Business Bureau to tell you what you need to know, but do be sure to check information there. The company Thomas wrote about has a record with the New York BBB that's pretty terrible. Also be sure to use epinions.com's "Online Stores and Services" search and read through the whole lot. Again, there are bad guys that will post fake positive comments about themselves - so be a pessimist.
  • Always use a reputable credit card, never use a check or debit card. If you ever need to reverse charges, a credit card with purchase and fraud protection is invaluable; You can't reverse cancel payment on a check that's already posted, and you fighting the debit card battle is painful if the money has already been pulled from your account. Credit cards provide lots of real protection, so use them for these purchases. That's why I have credit cards, really, is to protect myself if ever needed for major purchases. That and true emergencies. Other than that I think they are evil, heh.
  • Did I mention "If the price is too good to be true, it's probably not true?" Okay, well it's worth repeating.

Finally, based on other people's experiences with the company Thomas had his problem with, I'd suggest you never, ever do business with Price Rite Photo, which also uses a number of other business names. Check the BBB for retailer names and aliases, and alway always always be careful and suspicious of the too-good-to-be-true deals.



Add/Read: Comments [1]
IT Security | Safe Computing | Things that Suck
Wednesday, 30 November 2005 05:20:00 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Tuesday, 29 November 2005

It's a question many of us in the security field have been asking for some time. How is a user supposed to know they are on the correct web site when they enter their credentials or make an online purchase? How are they supposed to know when it's not the trusted site they're on?

I was having a side conversation about more ways to solve this problem with some coworkers today (common topic in our line of work), and this evening I ran across some details on the IEBlog discussing how Microsoft is dealing with it in IE7 (found via Mark Harrison). And other browser vendors are playing nicely, too. Ahh, solving problems is such a good thing to see... Nice!

IEBlog: Better Website Identification and Extended Validation Certificates in IE7 and Other Browsers

Here are some visuals that show what the user expeience looks and feels like in the dev versions. Visit the link above to get the complete details.

Fig 1, IE7 address bar for a known phishing website detected by the Phishing Filter 

Known Phishing Website 

Fig 2, IE7 address bar for a suspected phishing website detected by the Phishing Filter

Suspected Phishing Website

Fig 3.1, IE7 address bar for a site with a high-assurance SSL certificate
(showing the identity of the site from the SSL certificate)

Identity of Site from SSL Certificate 

Fig 3.2, IE7 address bar for a site with a high-assurance SSL certificate
(alternating in the name of the Certification Authority who identified the site)

Showing Name from Certification Authority



Add/Read: Comments [0]
IT Security | Safe Computing | Tech
Tuesday, 29 November 2005 21:35:05 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Monday, 28 November 2005

Because some things are truly worth repeating each year, and because sometimes people do things that are just so damn wrong... Everyone should have their own copy of this Christmas music classic:



Add/Read: Comments [0]
Humor | Random Stuff
Monday, 28 November 2005 19:40:19 (Pacific Standard Time, UTC-08:00)
#  Trackback

Leave it to the Oregon Lottery to come up with the holiday marketing stunts to top all stupid holiday season marketing stunts. Thank God for the lottery people... And here we were starting to worry people might actually take Oregon seriously for a second...

So, here you have it: Scratch-and sniff lottery tickets in a beautiful fruitcake flavor. Yeah, seriously. Scratch the card, and it smells like f-r-u-i-t-c-a-k-e. Uhhh... Yuck.

People actually want to buy this crap? Wow.

To top it all off, be sure to check out the (actually somewhat amusing) MP3 files being used to promote the seasonal cash-collecting game.

It's all at http://spiritoffruitcake.com.

Sheez...



Add/Read: Comments [2]
Random Stuff | Things that Suck
Monday, 28 November 2005 19:30:54 (Pacific Standard Time, UTC-08:00)
#  Trackback
 Sunday, 27 November 2005

Over at VoIPSpeak, there's an article describing how to set up Asterisk@Home, a distribution of the Asterisk open source PBX software for Linux, in a virtual machine on a Windows box. It uses the recently-released (and free) VMWare Player for virtualization.

Note that Asterisk@Home is actually a bit of a misnomer - it's more like "Asterisk-Plus" - a package of the Asterisk PBX with many of the more common and popular add-ons and enhancements packaged up. Installation is simplified and the heavy lifting is mostly done for you. Running in a no-cost VM environment, it's really easy to mess with and learn from. Set up a couple soft-phones and you'll be able to try it out all you like.

(via Digg)



Add/Read: Comments [0]
Sunday, 27 November 2005 14:38:53 (Pacific Standard Time, UTC-08:00)
#  Trackback