Thursday, August 20, 2009

Breaking into your own home

So the inevitable happened again. Due to the password policy at work, I have to change my login password every couple of months, which then (in theory) gets propagated to all the computers and services where I want to log in. Except that there's always an exception, and this time it happened to be the Windows XP box I'm temporarily using in my office while waiting for my new laptop. I never log out, so I never noticed that my password there is a few changes out of date. Windows installed some new patches, wanted to reboot, and suddenly I'm stuck at the login screen with no idea what my password was 6 months ago when I set up this computer. It had "duck" in it somewhere, I'm pretty sure, but also some numbers or funny characters...

After racking my brain for a while, I realised that I was locked out. I hunted around for a couple of minutes, and came across this lovely little utility called Offline NT Password & Registry Editor that allows you to blank your existing NT/XP/Vista password. It's a 3MB download for a bootable CD image, and it works like a charm! 15 minutes later I was back in business.

It was exceedingly simple. And it would have been exceedingly simple for anyone with this boot disk to get access to my data. Which just underlines the old security maxim: if someone can get physical access to your machine, your data may well be at risk.

Sunday, August 16, 2009

New Medialab website up

The website for the MIH Electronic Media Laboratory at Stellenbosch University is up and running — go and have a look! We hope that, as more content is added, it will become a showcase for our research.

We're also in the process of recruiting new MSc and PhD students for next year, and there are some generous bursaries and fascinating research topics available. If you're interested, or know of a bright graduate with a BSc, BSc(hons) or BEng that might be, please visit the site for prospective students. We're especially interested in attracting students from South Africa, India and China.

Sunday, May 31, 2009

The Fine Print

My wife recently signed a standard agreement to rent some self-storage space close to where we live. As I read the agreement to see what it entailed, I saw the final (tiny) "Suretyship" clause close to where she and two "Witnesses" had to sign:
We/I, the undersigned, acknowledge ourselves to be familiar with the contents of this lease and bind ourselves to the Lessor as sureties and CO-principal debtors in solidum with the Lessee mentioned in this lease, for the due, proper, and timeous fulfilment of all the Lessee's obligations in terms of this agreement, agreeing that the granting of extensions of time, the release of any security, the variation or alteration of the agreement, acceptance of a compromise or composition or the granting of any form of indulgence shall in no way prejudice the rights of the Lessor herein to recover from us jointly and severally in full, hereby renouncing all benefits arising out of the legal exceptions "non causa debiti, errore calculi, revision of account, ordinis seu excussionis et divisionis, de duebus vel pluribus reis debendi and cession of action" with the meaning, force and effect whereof the Sureties acknowledge the Sureties to be fully acquainted.
Wow, not just a mouthful — a single sentence!

This is what she was expected to sign as part of the routine, "OK, if you want to buy our product, sign here," type of agreements. But how is any non-legal person expected to be familiar with terms like "in solidum", "non causa debiti" and "de duebus vel pruribus reis debendi"? While I appreciate that legal professionals use Latin maxims as shorthand to refer to standard legal principles, there is no way a lay person should be expected to be familiar with them — yet the contract sneakily requires all the signatories (including the witnesses!) to affirm that "the meaning, force and effect whereof the Sureties acknowledge the Sureties to be fully acquainted."

Fortunately, it seems as if the South African courts have recently indicated that signing away your rights without knowing what you're signing for is not on (see, for example, a recent case where an individual lost a car due the negligence of a repair company). But it is still very disturbing that a consumer is expected to know Latin and reverse-engineer a convoluted sentence of legalese, just to enter a simple rent agreement.