Certification Labyrinths By Sun and Cisco

A few days ago I was looking into certifications. I got sent from one end of the world to the other. But let's tell the story from the start... despite many years of professional experience I don't have shiny diplomas, certificates and other papers. So I was on the web, searching for papers I could get with a small effort.

On my list were Sun with some kind of certificate for system administration and Cisco for network stuff. So, onwards to sun.com I went, found some info for exams, certification paths and prices. But these were meant for "US" only. For international certifications I was told to look on my countries website. The link to the "Greeks" brought me a page with some greek content and a lot of english content that was marked with "sun.com". By clicking on "certification" the site shoved me straight back to the Americans. Which in turn pointed me back to the Greeks. Wash, rinse, repeat.

Cisco was just a bit better, but that bit mattered. I had a lot of trouble to locate a country specific testing site on the Cisco pages. Until I noticed that Cisco handed off all that stuff to two independent companies, and indeed on those companies websites I found addresses of testing sites in Greece. What I did not find out were the prices for Cisco certification.

Also it was very funny how Ciscos training pages are full of acronyms (CCIE, CCNA, CCXY, CCwhatever) and they avoid to explain them, as if they had something to hide. I spotted the meaning of CCIE only inside a logo image (Cisco Certified Internetworking Expert, if you care).

One question I do not expect to find answered on those websites: Will I be able to get through the certification exams by studying on my own, without paying for expensive training classes? We will see.

More open proxy fun

Looks like the open proxy was used by some people professionally, one of them (clickingagent.com) has a funky website, at least if you're into the SPAM humour mindset. "...is a HUGE help for fooling the sponsors", wow! The "cheating on sponsors" program is only $100. And they have a software to search for open proxies for only $35. Plus the cost of ending for an infinity or two in hell after you die, because you are cheating others.

The OTE Notwork

Just as I was browsing onto the site of an Open Source Digital Assets Management solution (I'm looking for a good one), the network connection went down. The first moment when the second page not loaded, I thought: "Not really the kind of responsiveness I expect from someone building a server." But then I noticed that the ADSL line at the place was down. I went on a short hunt, but could not find any fault on our side. So someone called OTEnet (the internet subcompany of the Greek telecom monopoly OTE). We did not have much hope, as their usual response is: "One of our technicians will look into it in the next 5 days."

Surprise, surprise: A prerecorded message informed us that ADSL service all over Athens is down. Since all ISPs (except one) who offer ADSL service run over the OTE lines, this means that really all ADSL all over Athens was down. In unrelated news, in a house well known to me (but no names mentioned to protect the innocent) OTE shut down telephone service because of unpaid bills. (The reason for the unpaid bills being more lazyness and shoddyness than lack of money.) I wonder if some technician made a mistake and shut down the greater Athens ADSL network instead of that phone number. The result is all the same: I'm moblogging over GPRS.

sed file list loop reminder

Just so I won't have to diggle this out agai and again, here is a reminder to myself :-) Making a small edit with sed on a list of files in a directory can be done like this:

#!/bin/sh
for filename in detail-??.html detail-???.html
do 
    echo $filename
    sed -e "s/^.*view full-size image.*/\ /" \
        $filename  > test.html
    mv test.html $filename
done
exit 0

No security net given (but I did not expect one from myself).

Internet for Visitors in Greece

When you come to Greece for a visit and you want to connect to the Internet, there might be a few usefull informations I could share. This is not yet a country of cheap and readily available Internet connections, not to mention broadcast. Getting some hints may get you ahead though...

Updated: As of 2008/2009, a lot of information in this article is outdated. Please read the Update: Mobile Internet for Visitors in Greece 2009 too!

Come here with your own laptop computer? Your options are basically to connect with a modem over the landline phone system, use GPRS over your mobile phone, or leech a wifi connection somewhere. Don't count on an easy quest.

Getting a cable to the world

For the landline you will need access to some telephone jack. These are standard RJ-11 connectors most of the times, but there are older jacks with two contacts. Adapters are available at electricians outlets, most of the times you can get by with yanking the cable out of a standard phone device. So much for the hardware connection.

Dial in

If your "ISP from home" does not offer some international dial-in partner ISP here in Greece, you will also need an ISP login. No need to get something with monthly payments: At normal phone shops (and at the post office) you can buy "cards" for 5, 10, or 20 hours of Internet access. Examples are the "Forthnet Netkey", "Smile & Web", "UrNet" carads. On top of that cost (would be around 5 to 10 Euro depending on "size") you will also be charged connection cost on the phone bill. These are quite low, even lower than a local phone call, but the dual system makes it difficult for guests to take all the cost on themselves. There are also some numbers for "no advance cost" internet access. You don't have to pay for a card or monthly connection there, but the connection cost on the phone bill is quite high (something like 1.20 Euro per hour). This may be an option if you really want to connect just once. Hellas On Line is an example of a provider offering such a dial in number.

GPRS: Mobile, expensive and available

The next option is using your mobile phone, your providers Roaming plan, and a lot of money. Find out how your provider sets you up for GPRS access, find out how you hook up your Laptop and your mobile phone, and off you go. Charges are often high. But it's a connection that will work without having to get help from anyone, without borrowing someones connection. This may be the right thing if you really, really need to check mails and you are in your far out cabin on a far out island (like I was on Limnos in the Summer of 2004). Proper setup to keep download size low suggested. BTW: My initial thought was to get a "card phone" prepaid number in Greece to do this. Forget it. None of the Greek mobile providers offeres GPRS on their prepaid numbers.

Wifi and broadband?

As for leeching a broadband connection: My initial journey was trying to find an internet cafe that would let me get access to an Ethernet connector. No luck so far. Those kids don't have a clue, so they are affraid that you are doing some harm. Next I tryed to find an "open" hotspot. Again, no luck. At least at the time of this writing technology is way behind in Greece, so since the kids don't have broadband and wireless routers to leave open. You may get a chance for broadband if you come here to study at some university, or if you come here to work at a company. At least in Athens you have another option: Starbucks has started to conquer Greece and (at least some) of their Coffeeshops offer wifi access, charging 3 Euro for 2 hours.

Internet Cafes

Which compares somehow with a typical Internet cafe. These ask around 2-3 Euro per hour, and you can't work in the comfort of your own machine. But it's the option you have when you come to Greece with or without a laptop. For bringing stuff over to my laptop I carry a USB stick and a CD-RW rewritable CD. Some Internet Cafes have really crappy Windoze 98 machines, no USB of course. Sometimes there are CD writers though. For logging in to my server I use putty and S/key one-time passwords. You might consider packing a short list of S/key passwords, even if you don't plan on using Internet cafe connections.

Internet Cafes in Athens are not everywhere. There are some hidden close to the central Syntagma square, but most are nearer to Akadimia, Omonia and Patision Street (where the Polytechnicum and some Universities are). Outside Athens the Internet Cafes are found reliably in Tourist locations. I spent many an hour in Myrina on Limnos in a regular Cafe that had 2 hours of free Internet Access with buying 2 beverages.

Operating systems and things that look like them

Now, once you have gotten your own laptop almost ready to connect somewhere, don't expect any help, especially when you run anything but Windoze. Greeks might have heard that Linux exists, they might have heard someone mention that there is a company called Apple (but both possibilities are unlikely outside their user bases). OpenBSD is unheard off for sure. This is a country of Windoze and stolen software. Since not even Windows administrators actually know their own OS, this means that you are pretty much out of luck if you need help. Have fun, this might be a chance to learn some new skill!

Update 2007-03-06: See also Greece on Wireless: Come In We're Open

Updated: As of 2008/2009, a lot of information in this article is outdated. Please read the Update: Mobile Internet for Visitors in Greece 2009 too!

Ξανά! Another Fight with Unicode

Αχ, ξανά τα Ελληνικά! Unbelievably, I'm again fighting with Unicode to get Greek text work in yet another place. This time it's with "NetNewsWire Lite", which I think should work, but it does not in this project. Problem should be on my site though.

Update: Another unbelievable, but not quite so unusual event. Right after I posted I discovered that text was entered in iso-8859-7 into the system. A common problem. Now http headers and xml tags are set to iso-8859-7 to match the content. Works.

Telephone Malady

This morning the hinge on my Treo 270c broke. The Treo is a mobile phone / palm combo device. It had a useable keyboard for me, no number pad phonedial typing. And also it offered an ssh client TopGun ssh and pilOTP (which is a "one time password" generator).

The reason for the broken hinge is the same as with all of those little machines: That hinge is just not built to last. The problem was recognized for a long time by Handspring, the maker of the Treos. Now that Handspring was bought up by PalmOne, all such support is gone. PalmOne does not even list the Treo 270 on their European website any more. Someone trying to forget?

I will try to fix the machine as best as I can. No parts to be found on the Internet, probably since everybodies Treo 270 broke at the same hinge. Buying a new fancy phone right now is also not in the question. The times when I had a good swiss salary are long gone. It's not so easy to buy new electrical toys for me now. On the other hand the support of greek characters on the Treo is nonexistant, but I could live with greeklish if I had pilOTP.

So, What Is That Thing Called a "Certificate"?

Yesterday a friendly lady from accounting asked me what this invoice really is. It said "SSL Certificate". Is it some kind of software? One could argue in some way that it is (as opposed to hardware), but really it isn't an executable software program.

A certificate is some kind of security device. But security devices are abstract concepts, hard to explain in 2 minutes. If you know the answer you could explain that the certificate is there to enable encrypted SSL connections to our webserver. But that can be had even with a self-signed certificate.

So we could say it is there to assure our customers that our site is really belonging to our company. But given the procedure of getting the certificate, I would say that all it proves is that our site is our site. The prove for the certification company was that they send mail to an "official" address (like hostmaster@ or webmaster@) and that their automatic confirmation system called a number I'd given them on a web form. Any number, does not have to match any company records.

In the end what it does is that the funny error message about "something with 'not secure' and 'a certificate' is wrong" goes away for our customers. I should have told her that the money was for debugging.

Solutions to My Telephone Woes

My boss noticed my troubles with the lack of my Treo 270c (after the hinge on the flap broke). He had the company get me a Sony Eriscsson P910, which fits the bill. Big "Thank You!" to you George!

The funny part is that PalmOne could have sold a Treo 650 if they had managed to a.) list a dealer in Greece and b.) convince any Greek carriers to feature the Treo. Now I get to try out something new. At first look the P910 seems to be much more advanced in respect to software. Kind of logical, given the age of the Treo 270c. But the Treo's keyboard was nicer. I'll get used to the P910 though.

On another note, I'm trying to convince Greek provider "Cosmote" to sell me GRPS internet service on the number. Not an easy task. All information on their website is Greek only. And misleading. Following their instructions just gets them to activate WAP over GPRS, something I need as much as a wart on my behind. The current state of wisdom seems to be that I had to call customer service at 1212 and then have our company send a fax asking to activate "Wireless Internet Easy" service for that number. Not a recommended provider I would say, since all the others have that service on by default.

Setting Up Secure IMAP On the P910

Finally I managed to setup IMAP mail on my Sony Ericsson P910. Apart from keying in all the parameters, it was necessary to get some insider information about the P910 and secure imap. The P910 can and will use STARTTLS on SMTP connections (nice), even asked for my self-signed server certificate. But it uses STARTTLS also on the imap connection exclusively. The IMAPS port 993 is not used, leave port on 143 and check the "secure" box. My standard so far was to allow only imaps on my server. Will have to think about changing that.

Also a bit stupid: It closes the GPRS connection after each action. Maybe there is a setting to change that. GPRS connections don't cost if left open.

mutt, ελληνικά, greeklish, OpenBSD and the Mac OS X Terminal

Just teached the mutt to autoconvert ISO-8859-7 Greek to "greeklish". On my Mac OS X PowerBook utf-8 works fine with Terminal.app and mutt, but when I use the mutt on my OpenBSD server (through ssh and Terminal.app) I get a mess. Now I can have all this transliterated to (fake, ugly, but working) greeklish. Read on...

The recipe so far consists of:

An example mailcap file with entries for text/plain encodings. From this I created 2 new lines in my mailcap file (~/.mutt/mailcap):

text/plain; gr2gr -l ; \
        test=test "`echo %{charset} | tr '[A-Z]' '[a-z]'`" = iso-8859-7; \
        copiousoutput
text/plain; cat ;copiousoutput

auto_view text/plain

Next was of course this program "gr2gr", which is a perl script I found mentioned on the hellenic-howto. Download link is: ftp://ftp.hri.org/pub/greek/programs/gr2gr.prl.

Result:

Subject: Greek                                                                  
Date: Wed, 23 Mar 2005 16:55:31 +0200                                           
X-Mailer: Apple Mail (2.619.2)                                                  
                                                                                
[-- Autoview using gr2gr -l --]                                                 
Ta ellhnika einai polu eukola!                                                  

Update: I'm now using my own python Greek to Greeklish converter, which does Unicode UTF-8 too

moblog post from p910

This post comes from the P910, via TCP/IP, SMTP and COREBlogs moblog feature. Just for the heck of it I'm attaching a pic from last sunday's walk too (cropped a lot), a view on the green side of the acropolis.

Remote Upgrading OpenBSD Without Console Access

Looking for the right way to upgrade my OpenBSD server... remote, without console access. See, I'm in Greece, server is in Switzerland. Not really what you need to drive by and log in on the console.

Definitely I will want to do a binary upgrade, not a source upgrade. I'll probably remount some of my backup partitions. Then untar the installation packages. Next will be to find out how to handle devices. Obviously I can't run MAKEDEV in single user. Have to read up on that one.

When that step is mastered, I will have to remap partitions, reboot and pray. If the box comes up all right, I can go on about doing the usual stuff like installing packages and recompiling manual compiled software. But obviously up to this point the whole operation is on the "one error sends you out" scale. Comments and ideas welcome!

Security On Monday

Monday morning first thing I will go to a one day event "Γενικές αρχές εθνικής στρατηγικής για το απόρρητο και την ασφάλεια δικτύων και πληροφοριών" phew. "General principles of national strategy for the secrecy and security of networks and information". A couple of ministers, university professors and security guys will give speeches. Let's see how it will be like. Link should be at http://www.adae.gr but at the time of writing the site is not reachable. So let's hope the best for national security.

sec congress 1

First batch of speakers heard. Was late but still heard a minister read down his bullet list. then some more interesting uni profs. They were asking for example why still so few uni programs for sec in IT exist. Also heard that Internet access might still be as low as 7% in Greece. Diomedis Spinelli gave a speech on Open Source, some good points to reach the audience of suits and ties in a country in the grip of the big M$ monopoly.

Sum Up Of Security Strategy Conference

I had thought about mobile blogging more of the conference, but it got too tiresome with the tiny mobile phone keyboard. Here are some notes and thoughts though. Overall the day was a surprisingly good experience. Don't expect too much to come out of it, politicians are going to turn it their way anyway. Read on...

My last report had ended with Diomedes Spinelli talking on Open Source. Thinking back I believe he cut have put more fire on it. But Open Source crept in on a couple of other occasions. After all security is today one of the big reasons for Open Source.

After the coffee break was the second batch of speakers, talking more about the involvement of users, providers, banks, and consumers. Despoina Polemi, a female professor from the Uni of Pireus started with some security related projects that involved digital signatures, encryption, smart cards and the like to do for example digital prescriptions in the health industry (my words). Then there was a guy from the Bank of Greece who gave a very interesting speech. He basically lined out the list of rules the Bank of Greece has handed to greek banks a couple of weeks ago. These involve all kind of security related matters in respect to computer security. They demand from internet banking now two levels of authentication, not just username/password any more, but some kind of smartcard, strike list, whatever. Very good, given that for example Alpha Bank currently uses only username/password and restricts the password to 8 characters.

I won't list each and every speaker, just some that left a strong impression. Stelios Maistros from the greek cert talked about their work, some statistics and went so far to even mention Bruce Schneier and his book "Beyond Fear". Coincidentally I'm just rereading that book, I think it is definitely the book for these suits to read. But I don't think the suits will actually go so far and pick up a book and really go and gulp, ...read it. Speakers from the Greek Internet Users Union talked about digital signatures that are required by some organizations but can be obtained only through american companies. They and the guy from the Workers Union pointed out problems with privacy in modern technology.

After a hefty good lunch (thanks go the Greek Democracy for inviting me in) we went in for the 3rd session. Talks about Security, Trust and Development. Standing out was George Epitideios from the Greek Internet Professionals Union. Not only his style of talk was interesting, with lots of lively examples and involvement of the audience. But he gave good information and advice around the question of security problems and public image. Another talk was about why companies hesitate to sell products online and why consumers hesitate to shop.

After we had heard all the talks, three smaller rooms awaited us, where we would discuss and work on the three topics of the day (1: Globalisation and the greek outview - more a strategy thing. 2: Consumers, Privacy, Banks, Providers. 3: Security, Trust and Development.) I chose to go into room 2, as some points in the banking talks had risen my interest.

In the workgroup I was only listening at first. There were representatives of banks, internet and communications providers, user groups, uni people. Quite often someone would talk up: "We as the xy want that abc happens." The greek democratic process at work. The paper from the Bank of Greece was thought of being sufficient. I spoke up that I had missed one question in there though: When something really goes wrong (and there always does), who will pay? The bank or the customer? It's not so long ago that the banks denied any claims from customers who had been victims of small cameras and spoofed card readers on ATMs on the basis that their systems are totally safe. So the question of liability got into the paper.

Later I also gave my opinions about digital signatures (which have a terrible way of breaking down on citizens when they are issued and managed by government, just imagine having to defend against someone abusing your "official ID digital signature"), which was one of the big points of the user groups and some providers representative. The telco people were mainly worried about the chaos around privacy questions: On one hand privacy laws dictate that they erase customer trace data, on the other hand law enforcement obliges them to keep that stuff around. Now what to answer to customers who want their records erased. We also got the demand of open standards into our list, for government projects and banking interfaces.

All workgroups summed up their findings in the big room at the end. Most notable at this point was that Open Source and open standards had come up on all the three topics. Few attendants had remained till the end, but for me it was worth it. At the end I want to mention what the guy from one of the telcos told me though. He did not expect anything to come out of it. Politicians do what they want, and then there is still the EU. We swiss have a bit of a different expectation about democracy. So lets see and hope for the best. Personally it was a fun day.