Security

A visit from St. Geek

IT consultant Chip Camden offers a techy take on the classic holiday poem 'Twas the Night Before Christmas.

'Twas the night before Christmas (or "holiday break")

But I was still working -- I kicked off a rake.

Secure shells were placed on my desktop with care,

So no one could sniff what I typed away there.

My clients' hot issues were all put to bed,

But what those had preempted still caused me to dread.

So I in my bathrobe ('twas cold in that room)

Had just settled down for a long game of Doom.

When out on the WAN there arose such a mess

I thought that it must be a DDoS!

Away to the firewall I flew like Jet Li

Denied all incoming, even SMTP.

But as I more closely inspected each packet,

I realized with awe what was causing the racket:

A download! What format? I couldn't have known it

But I found it included a textual component:

"Now JavaScript! Perl! Now Python and Ruby!

On Haskell! on Clojure! on Scala and Groovy!

To the Web-facing site, to the edge firewall,

Now bash away, bash away, bash away all!"

The download completed, though I tried to abort,

And a little man popped out a USB port!

His glasses -- how thick! His gut -- a real softy!

And his beard was all stained with cold pizza and coffee.

He was nerdy and plump, a right jolly old geek,

Though he smelled like he hadn't had a bath in a week.

He spoke not a word, but went right ahead

He wiped off all Windows, installed *nix instead

The software I'd need, he downloaded it all

(Still using less space than a fresh Win install).

In the USB port he inserted his thumb

And vanished right into it the way he had come

But I heard him exclaim, ere I even had missed 'im

Happy Christmas to all, and to all a good system!

With sincere apologies to Clement C. Moore, or whomever wrote the original version.

And a hat tip to Jeff Dray for the inspiration.

Note: This post was originally published on December 17, 2008.

About

Chip Camden has been programming since 1978, and he's still not done. An independent consultant since 1991, Chip specializes in software development tools, languages, and migration to new technology. Besides writing for TechRepublic's IT Consultant b...

56 comments
bmlawr
bmlawr

Very Nice Job, here is one for you to tweak; DAIRY OF A SNOW SHOVELER Dec 8th: 6:00 PM. It started to snow, the first snow of the season and the wife and I took our cocktails and sat for hours by the window watching the huge soft flakes drift down from heaven. It looked like a Grandma Moses Print. So romantic we felt like newlyweds again. Dec 10th: We woke to a beautiful blanket of crystal white snow covering every inch of the landscape. What a fantastic site. Can there be a lovelier place in the whole World? Moving here was the best idea I have ever had. Shoveled for the first time in years and felt like a boy again. I did both our driveway and the sidewalks. This afternoon the snowplow came along and covered up the sidewalks and closed in the driveway, so I got to shovel again. What a prefect life. Dec 12th: The sun has melted all our lovely snow. Such a disappointment. My neighbor tells me not to worry; we will definitely have a white Christmas. No snow on Christmas would be awful! Bob says we will have so much snow by the end of the winter that I will never want to see snow again. I don?t think that is possible. Bob is such a nice man. I am glad he is our neighbor. Dec 14th: Snow, lovely snow! 8 inches last night. The temperature dropped to -20. The cold makes everything sparkle so. The wind took my breath away, but I warmed up by shoveling the driveway and sidewalks. This is the life! The snowplow came back this afternoon and buried them again. I didn?t realize I would have to do quite so much shoveling, but I will certainly get back in shape this way. I wish I wouldn?t huff and puff so. Dec 15th: 20 inches forecast. Sold my van and bought a 4x4 Blazer. Bought snow tires for the wifes car and two extra shovels. Stock the freezer. The wife wants a wood stove in case the electricity goes out. I think that is silly. We aren?t in Alaska after all. Dec 16th: Ice storm this morning. Fell on my ass on the ice in the driveway putting down salt. Hurt like hell. The wife laughed for an hour, which I think was very cruel. Dec 17th: Still way below freezing. Roads are too icy to go anywhere. Electricity was off for 5 hours. I had to pile the blankets on to stay warm. Nothing to do but stare at the wife and try not to irritate her. Guess I should have bought a wood stove, but won?t admit it to her. God I hate it when she is right. I can?t believe I am freezing to death in my own living room. Dec 20th: Electricity is back on, had another 14 inches of the damn stuff last night. More shoveling. Took all day. Goddamn snowplow came by twice. Tried to find a neighbor kid to shovel, but they said they are to busy playing hockey. I think they are lying. Called the only hardware store around to see about buying a snow blower And they are out. Might have another shipment in March. I think they are lying. Bob says I have to shovel or the city will have it done and bill me. I think he is lying. Dec 22nd: Bob was right about a white Christmas because 13 more inches of the white shit fell today, and it is so cold it probably won?t melt till August. Took me 45 minutes to get all dressed up to go out to shovel and then I had to piss. By the time I got undressed, pissed and dressed again. I was too tired to shovel. Tried to hire Bob who has a plow on his truck for the rest of the winter, but he says he is too busy. I think the asshole is lying. Dec 23rd: Only 2 inches of snow today. And it warmed up to zero. The wife wants me to decorate the front of the house this morning. What is she?nuts??? Dec 24th: 6 inches of snow packed so hard by the snowplow, I broke my shovel. Thought I was having a heart attack. If I ever catch that son of a bitch that drives that snowplow, I will drag him through the snow by his balls. I know he hides around the corner and waits for me to finish shoveling then comes down the street at 100 miles an hour and throws snow all over where I have just been! Tonight the wife wants me to sing Christmas carols with her and open our presents, but I was busy watching for the goddamn snowplow. Dec 25th: Merry Christmas, 20 more inches of the goddamned slop tonight. Snowed in. The idea of shoveling makes my blood boil. God I hate the snow! Then the snowplow driver came by asking for a donation and I hit him over the head with my shovel. The wife says I have a bad attitude. I think she is an idiot. If I have to watch ?It Is a Wonderful Life? one more time, I am going to kill her. Dec 26th: Still snowed in. Why the hell did I ever move here? It was all HER idea. She is really getting on my nerves. Dec 27th: Temperature dropped to -30 and the pipes froze. Dec 28th: Warmed up to about -10. Still snowed in. THE BITCH is driving me crazy!!! Dec 29th: 10 more inches. Bob says I have to shovel the roof or it could cave in. That is the silliest thing I ever heard. How dumb does he think I am? Dec 30th: Roof caved in. The snowplow driver is suing me for a million dollars for the bump on his head. The wife went home to her mother, 9 inches predicted. Dec 31st: Set fire to what is left of the house. No more shoveling. Jan 8th: I feel so good. I just love those little white pills they keep giving me. Why am I tied to the bed?

Erland1
Erland1

Chip -- just wanted to say kudos. Very clever!

RockerGeek!
RockerGeek!

That was a great way to start my week! Excellent!

reisen55
reisen55

In December, 2005 Aon Group (Computer Sciences Corp outsourced) 140 staffers (desktop and server support) out to save their contract. The new chairman from McKinsey, Greg Case, thought this great because McKinsey only knows cost and expense reduction. Support levels fell through the floor as a result in 2006. Here is my Christmas contribution, posted on a message board.....Enjoy. ***** 'Twas the night before Christmas And all through the site Not a server was whirring Not a technician in sight Every one had been fired Without reason or care In the hopes that BIG SAVINGS soon would be there. From the users arose Such complaints and bad clatter That a meeting was held To see what was the matter. To Chicago they came, (Where else would they go) To see Chairman Greg Case Put on his new show. Restructure the firm! He bellowed quite loud. They applauded the move But no one knew how. Reduce costs right away! His orders came fast But all knew that Aon was swimming in cash. Cut people, cut staff. Cut payroll - except The boys in Chicago Are always exempt. So they cheered his ideas As he rose to depart. All thought him quite wise. He's McKinsey - he's smart. And among the results of his gathering that day. Was to restructure IT Without a seconds delay. The technicians were fired. Let go in a flash. CSC saved their deal. With a bundle of cash. The Helpdesk was there Always ready to serve. Reboot your machine! For know nothings they were. New technicians came in All fresh out of school. Who thought Windows was keen. Rebooting was cool. And problems piled up The ticket count rose Till nobody did nothing. Their machines were all froze.

LarryBoy2
LarryBoy2

Used to have what we called pun-tathlons on the fly in college (many, many years ago) with some of my friends, most of whom were not geeks. Of course, the rest of our friends would just groan about how we were pun-ishing them. ;) We could go back and forth for quite a while, so I'm quite impressed with that volley you and apotheon kept up there.

MGP2
MGP2

Buh-bum.. buh-bum... Santa baby, slip a Table* under the tree, for me Been an awful good geek Santa baby so hurry down the chimney tonight Santa baby, a quad core's all I want from you, (or two) I'll wait up for you dear Santa baby, so hurry down the chimney tonight Think of all the fun I've missed, Without a Wii controller in my fist Next year I could be just as good If you check off my Christmas list Santa baby, how 'bout a robot and really that's not a lot Been an angel all year Santa baby, so hurry down the chimney tonight Santa honey, one RSS I really need, the feed To the ZDNet line, Santa baby, so hurry down the chimney tonight Santa cutie, and fill my stocking with a 'Box that starts with X, And some games would be fine Santa cutie, and hurry down the chimney tonight Come and trim my Christmas tree, With decorations bought at Circuit City I really do believe in you, Let's see if you believe in me Santa baby, forgot to mention one little thing, a ring, I mean on an iPhone, Santa baby, so hurry down the chimney tonight Hurry down the chimney tonight Hurry, tonight. (* Microsoft Surface Digital Table)

ssharkins
ssharkins

Chip, you're a sick man... I like that in a man! ;)

Sterling chip Camden
Sterling chip Camden

Lest you assume that I'm blindly biased against Microsoft -- I work on Windows systems every day. But I'm compelled to recognize the superiority of the Unix model, and I'm pushing myself in the direction of using *nix for my own needs. How about you?

NickNielsen
NickNielsen

I remember this as "A Southerner Winters in New England."

apotheon
apotheon

That's hilarious. It'll probably end up on someone's cubicle wall, if I know TR members like I think I do.

Sterling chip Camden
Sterling chip Camden

... and written by no less than Vint Cerf. Here's a collection of links to other parodies of the same poem.

MGP2
MGP2

Here's one I wrote a few years ago: This LAN is my LAN, that MAN?s not my MAN From California to New York use a WAN From the farthest redwoods, you can stream ?Gulf Waters? That WAN connects from you to me As I was sending over cable of fiber I saw before me your image cyber I read some bloggers from Silicon Valley These LANs were made for you and me And an even older one, that I call an Etherick. You?re the sender and sending a packet In the hopes the receiver will ACK it Luckily there are provisions When it comes to collisions Only your PC, not you, hears the racket

apotheon
apotheon

Sterling and I seem to end up doing that every now and then, somehow. "[i]I'm quite impressed with that volley you and apotheon kept up there.[/i]" Thanks.

Papa_Bill
Papa_Bill

There's stuff on my car that would indicate a very recent flyover.

AnsuGisalas
AnsuGisalas

Wintertime, And livin' ain't easy It's cold outside And there's metres of snow (oh no!) The heating's down And we're fresh out of kindling So hush little baby It's too cold to cry -Not trying to break the feeling, just a reminder, there's folks out there who least concern is presents and how to get all the cooking and decorating done in time...

Marty R. Milette
Marty R. Milette

The biggest problem with security on the Windows platform are 'nix 'experts' who think all you need to do is click next, next, next and you're done. It takes about the same knowledge and skills to secure windows platforms as 'nix platforms -- and when PROPERLY secured -- both are equally secure. If 'nix platforms were somehow 'superior' -- then why would the US military -- ostensibly, an organization requiring high levels of security -- standardize on Windows platforms? The main point is that nobody on the planet can be an 'expert' on both platforms -- each requires so much knowledge on its own -- it could fill a lifetime of study. The guys who claim to be 'experts' in both are deluding themselves -- they just don't know what they don't know. When it comes to security -- this is a very dangerous assumption indeed.

santeewelding
santeewelding

You have a v-e-r-y long institutional memory; you are a maestro with TR search; you bribed someone to dig this one up; or, they bribed you.

apotheon
apotheon

"[i]The biggest problem with security on the Windows platform are 'nix 'experts' who think all you need to do is click next, next, next and you're done.[/i]" I have never encountered such a person. If he or she exists, though, I agree that this would be a problem. I rather suspect the bigger problem, though, is all the supposed MS Windows "experts" who think all you need to do is click "Next", "OK", et cetera, over and over again until it stops asking questions. Such supposed experts in system administration -- who claim MS Windows expertise and think that expertise involves having the locations of a bunch of menu items memorized -- are much more common, in my experience, than MS Windows admins who actually know something substantial about system administration. Furthermore, my experience is that people who have used both MS Windows and Unix-like systems extensively are the most likely to be able to "properly" secure MS Windows (for some reasonable definition of "properly", within the limits of MS Windows). "[i]It takes about the same knowledge and skills to secure windows platforms as 'nix platforms[/i]" That depends on the specific Unix-like OS you're trying to secure, actually. Many of them start out far more secure by default than a default MS Windows install, and may thus require far less actual knowledge/skill to finish securing -- depending on the specific needs of your deployment. "[i]when PROPERLY secured -- both are equally secure.[/i]" There's a huge assumption there: that "properly secure" is even possible with MS Windows. In many cases, it isn't. Lack of proper privilege separation in every MS Windows release up to (and including) Vista is one major reason for that shortfall. "[i]If 'nix platforms were somehow 'superior' -- then why would the US military -- ostensibly, an organization requiring high levels of security -- standardize on Windows platforms?[/i]" Define "standardize", and make a case for your argument, please. "[i]The main point is that nobody on the planet can be an 'expert' on both platforms[/i]" I disagree with this statement. "[i]each requires so much knowledge on its own -- it could fill a lifetime of study.[/i]" The only way that argument works, in my estimation, is if you believe nobody in the world can be an "expert" on even [b]one[/b] of these OS types. If your definition of "expert" is that strict, I guess maybe you have a point -- but I don't consider that a useful definition of "expert". "[i]The guys who claim to be 'experts' in both are deluding themselves -- they just don't know what they don't know.[/i]" Considering I've known a lot of people who knew more about both MS Windows and various Unix-like systems than many of the solely MS Windows "experts" I've encountered, I think you may be wrong here -- unless you're planning to follow your statement up with one to the effect that anyone claiming expertise in even [b]one[/b] of these OS types is also deluded. I was, at one time, an "expert" with MS Windows. I haven't used it enough lately to maintain a status I'd consider expertise, even though I still know a lot more about the underlying characteristics of MS Windows than a lot of self proclaimed "experts" (who of course don't know much of the underlying details -- the reasons for the superficial state of affairs of system administration that they know pretty well). Even if I still know more about Registry hacking and the architectural details of MS Windows than most supposed "experts", I feel a little lost at first every time I need to do something nontrivial on an MS Windows system because I don't remember off the top of my head where everything is found via the GUI. There was a time, though, when I knew both the underlying details and the more superficial stuff all the so-called "experts" know, and at the same time, had achieved a similar level of expertise with Debian GNU/Linux. In fact, some of my knowledge of MS Windows that put me head and shoulders above a lot of certified MS Windows "experts" was gained because of my investigations into other OSes -- because learning about how things are done differently elsewhere gave me new insights into what was really going on with MS Windows. In some respects, I learned more about MS Windows from Debian GNU/Linux than I did from MS Windows itself. I certainly wouldn't bill myself as an expert in MS Windows security these days, but I could get there in a matter of a couple of months if I had to. The reason is that only the things that change a lot over time are the things I most severely lack in MS Windows security knowledge and skill. I speak of things like the comparative value of various examples of certain types of software critical to MS Windows security and certain system configuration defaults and options that have changed since MS Windows XP SP2. The principles behind secure practices on MS Windows have, for the most part, not changed at all in the interim; I've been paying enough attention to be aware of what changes have been made, in a general sense, and thus have maintained my understanding of principles of security as they apply to MS Windows (and even improved that understanding). If you ask me what AV software you should use, though, I probably couldn't give you a simple answer without doing a lot of research first -- even if I could effectively warn you away from certain poor choices. If my work in the last couple years or so hadn't led me inexorably further away from MS Windows support, I could very well be an expert in management and security of both MS Windows and certain Unix-like OSes right now. I just chose to pursue other ends, and as such that expertise is more confined to Unix-like systems than it could have been. On the upside, I've also gained expertise in other areas that are orthogonal to platform expertise. In short, there are trade-offs in how widely one's expertise can be spread, but I think your impression of what those trade-offs are is a bit too simplistic.

MGP2
MGP2

"Ankyouverrrrrmuch", he said in his best Elvis. :-)

Sterling chip Camden
Sterling chip Camden

One of my clients likes to say that they provide work that is "challenging and fun." Maybe they should take up pun pong!

apotheon
apotheon

By the time it gets to that point, the puns definitely verge on "rawful" -- and you tend to make me work for it harder than I've ever had to work at an ongoing string of puns with someone else.

figglywig
figglywig

Eartha Kitt. The sexiest Christmas song of the 60's. Madonna killed it later.

Sterling chip Camden
Sterling chip Camden

class Perrin @@perrin_number = [3, 0, 2] def self.[] n @@perrin_number.size.upto(n) { |ndx| @@perrin_number[ndx] = @@perrin_number[ndx-2] + @@perrin_number[ndx-3] } @@perrin_number[n] end end 0.upto(24) { |x| puts Perrin[x] } Based on some comments made by Reg concerning the appropriateness of reopening Integer in a similar case.

apotheon
apotheon

Yikes. I didn't even get the iterations right.

Sterling chip Camden
Sterling chip Camden

Which could be improved for multiple calls by memoizing. Perhaps reopen the Integer class and use a class-level array without shifting: class Integer @@perrin_number = [3, 0, 2] def per @@perrin_number.size.upto(self) { |ndx| @@perrin_number[ndx] = @@perrin_number[ndx-2] + @@perrin_number[ndx-3] } @@perrin_number[self] end end 0.upto(24) { |x| puts x.per }

Sterling chip Camden
Sterling chip Camden

def per(size) x = [ 3, 0, 2 ] 1.upto(size) do x[0],x[1],x[2] = x[1],x[2],x[0]+x[1] end x[0] end So that per(0) == 3, in which case per(23) == 644

apotheon
apotheon

While 666 may be the "number of the beast", 644 is the 24th "number of the best": [b]irb irb(main):001:0> def per(size) irb(main):002:1> x = [ 3, 0, 2 ] irb(main):003:1> 0.upto(size-4) do irb(main):004:2* x[0],x[1],x[2] = x[1],x[2],x[0]+x[1] irb(main):005:2> end irb(main):006:1> x[2] irb(main):007:1> end => nil irb(main):008:0> per(24) => 644[/b] There's probably a better way to write that code, but this is what I got for a first try.

tbmay
tbmay

...btw...the biggest problem is with people who believe in security absolutes to begin with. There's no such thing. Another problem is people in the IT industry appealing to the "comfort zone" of non-technical people to the detriment of security. A comment such as Windows is just as secure as nix is that type effort. Obviously the CEO doesn't want to look any further than that. Say it, and all is well in the world. The fact that it's not true doesn't really matter. If you open every hole you can on a nix box, it's certainly true. But if you make a comment like that comparing Windows to a stock install of openbsd, you've just made a statement of great hilarity. And not only openbsd, but many, many bsd and linux distros. MS Windows is a necessary evil...not a "secure option."

AnsuGisalas
AnsuGisalas

that that's something he gets a lot. Some people are at home in ambiguous. Like me! :D Some are not, and try to reduce it at all times. And then, there are some who avoid it at times, for reasons of their own.

neilb
neilb

but I thought "condescending". Well, we weren't talking subtle, were we? :)

neilb
neilb

in why you felt the need to [b]bold[/b] your puns. I think that most of us might have got them without...

apotheon
apotheon

"[i]speechless[/i]" I'll bell-ieve it when I see it.

apotheon
apotheon

Uttering [b]Claus[/b]es like that could [b]present[/b] me with legal troubles.