Correct system time is a security issue

Posted on September 30, 2007

There’s a story that hit Slashdot today about Debian (see bug #433869) not using the security.debian.org system to send out an update to the timezone data for a change in New Zealand daylight savings time.

The update in question is not a security fix, however having the correct time on a system is very important for security. Without the correct local time across all of your different systems (and thus having the correct timestamp on log messages) you will not be able to collate messages between different systems (e.g. routers, firewalls, other unix/linux systems) during an incident. This has already been released by Microsoft, Red Hat and, I expect, other vendors.

To me this seems just to be another reason that an commercial company should not run Debian GNU/Linux as you’re at the whims of a bunch of volunteers who are unlikely to understand the security concerns of your business (e.g. PCI/DSS or Sarbanes-Oxley). However it’s still a good OS if you’re running a personal system or if you can have a team of Debian sysadmins/developers at your call to backport important package changes.

The coming of Autumn

Posted on September 29, 2007

Today I indulged myself by getting a new small camera rucksack. So I just had to wander out into the park to see how it handles, before going out for a full day.

Got some shots I’m really happy with including this one. The coming of autumn is starting to really show in the world around us.

Rails-CMDB release 0.4

Posted on September 23, 2007

It’s taken a long time to get this release of Rails-CMDB ready for release, as I’ve done some tidying of the code base, plus adding lots of unit and functional tests. I’ve also improved the the views into the database and added the notation of Environments within Locations.

The source code can be found here. Not sure what is going to be in the next version, however I would like to get a public Subversion repository set up when I feel the testing good enough to catch any issues.

See below the cut for the (incomplete) change logs for version 0.4 (and the unreleased 0.3).

Continue reading →

Veiled Vestal

Posted on September 9, 2007

This is a wonderful sculpture which is housed in the sculpture gallery at Chatsworth House.

I think the veil looks so real it’s really hard to believe that it’s carved out of marble from looking at a photo. In fact I would say it really has to be seen to take it in fully.

Testing Love and Ruby on Rails

Posted on September 8, 2007

For the last couple of weeks in some of my spare time I’ve being writing unit and functional tests for Rails-CMDB. So far it’s helped me spot a more than a few issues, the most surprising to me was the naming of my os controller, which the functional test tried to test as O. So currently I’m in the process of refactoring things to mesh better with the Rails idiom.

The main upshot of all of this; it’s likely to be early October before the next release of Rails-CMDB, and the version number is very likely to jump a few points due to unreleased versions.

I’m also contemplating what new features the next released version will have and so far I’m thinking of the following:

Environments: Separating out different types of devices within the same location (e.g. test, stage and production).
Virtual Machines: Modeling devices that are virtual and running as a guest on physical device.