Tuesday, December 18, 2007
The passports gods have decided to add a couple new hoops to the process, including two referees and additional documentation. The guarantor must be providing his services free of charge, which means that your GP are out of the question (since they charge for everything)
Finally, there is the pain of trying to find a photographer who meets the criteria of the Canadian Passport Authorities (no photo booths allowed). Size requirmentsand the elusive stamp on the back with photographer's address and space for the guarantor's signature.
Thankfully, I found folks in Glasgow who do this - Venart Photography on Bath Street in Glasgow. So I have an appointment to get this done. Then it is just the Guarantor and getting the documentation together for mailing to London.
Wednesday, December 12, 2007
So this is the first post in the Geeks Community series
Today's Geek Community is - Coffee Addicts
I originally saw the manifestation of this devotion to caffeine back in the old days of the internet. The rec.food.coffee newsgroup was filled with people who were devoted to the ultimate expression of Caffeine (trimethylxanthine coffeine theine mateine guaranine methyltheobromine)and they produced the first online documentation for the ultimate coffee delivery systems .
I guess the ultimate of all devotional coffee sites is CoffeeGeek, a Canadian based site which provides reviews of machines and beans and adulation to all things coffee. They have excellent guides for the novice to extreme caffeine.
The folks at coffeegeeks discuss things that seem very alien to the occasional sipper of the workplace cup of caffeine. At no time would you consider that people compete in Professional Barista Championships or know about Cups of Excellence and the practice of cupping.
There are some great hacks to improve the technology behind a great cup of coffee.
Then we have the purveyors of beans. The well-known supplier to the starter roaster in the states is Sweet Marias, however in the UK Hasbeans seems to have taken up the challenge
Finally, we have those that love the art of the expresso,
- Update January 1st 2008 - What happens when you combine a great expresso machine and the power of the open source Arduino hardware - you get a great coffee hack. This guys adds a PID temperature controller and computer interface to his Gaggia Expresso Machine.
Wednesday, November 21, 2007
Wednesday, October 24, 2007
You also use it to test SATA drives - what the thing was originally designed to do.
Tuesday, September 04, 2007
Friday, August 31, 2007
I am leaving the NHS after a seven year stint, leaving behind the networks and systems that I built.
I am going into a field that I have always been interested in for a while - Information Systems Security. It has the combination of developing systems and networks that are secure while being dynamic and under constant change - both from the types of attack and the rapid developments in new technology. However, one thing I have learned about security is that it is a solid foundation in the IT infrastructure that provides the best defence against any attack.
Monday, August 27, 2007
Friday, August 10, 2007
Thought I would put it up here. It perfectly describes the CISSP exam. Something I have tried to do for friends and co-workers in the past couple days, not very well. What can you do? Other than saying "6 hours of hell".
Anybody who says the CISSP exam is easy isn't telling the whole story. There are plenty of difficult questions--some legitimate, some goofy.
BY Andrew Briney
When taking the CISSP exam, expect to encounter at least a couple dozen questions that will frustrate the hell out of you. (ISC)2 exam designers claim these (and all) questions are psychometrically valid. Annoying or not, they're a useful mechanism for separating qualified candidates (infosecurity professionals who have mastered the CBK to an acceptable level) from unqualified professionals (those without mastery of the material who are simply good at taking multiple-choice exams).
Whether you buy this line of reasoning or not, these questions will drive you nuts if you're not expecting them. For discussion purposes, I've divided these questions into four categories, comprising both the "factual" and "interpretive" question types. With each of these categories, I'll try to explain what makes the question difficult, and offer an example. These examples may be a bit exaggerated to illustrate a point. That said, they're not far from the truth, either.
1. Obscure facts. Several questions require you to recall very specific details from the CBK. These are absolutely legitimate, fact-oriented questions that don't require a lot of interpretation. The problem is that you just don't know or can't remember the answer unless you happened to study it recently, have hands-on experience with it, or have a photographic memory.
Here's an example:
1. Which of the following characterizes the Data Encryption Standard (DES) Electronic Code Book (ECB) mode?
a. "Stream mode" cipher, first ciphertext block is XORed with next text block.
b. "Block mode" cipher, 64-bit plaintext blocks loaded sequentially.
c. "Block mode" cipher, 64-bit data blocks processed individually one at a time.
d. "Stream mode" cipher, keystream is XORed with message stream; simulates one-time pad.
The answer is "C," but it's a really hard question because it's very detailed and technical. Moreover, the options include both legitimate DES modes that aren't ECB (answer B is cipher block chaining (CBC); answer D is output feedback mode (OFB)) and a made-up answer (answer "A" also describes CBC, except CBC is a block mode cipher). You either know the answer here or you don't. It's impossible to dope it out if you didn't study it.
2. Misleading interpretive questions. A chunk of questions ask you to pinpoint the "best" answer or course of action given a scenario or context. Granted, by their very nature, these questions are very difficult to craft, but the CISSP exam seems to have more than its share of doozies.
Selecting the best answer to these questions is problematic because (a) what you would consider "best" isn't one of the options; or (b) you need more context to determine what the exam-creators would consider best. Here's an example question that captures both of these problems:
2. Which of the following is usually considered to be the best type of firewall:
a. Static packet filter
b. Application-layer proxy
c. Circuit-level firewall
d. PC firewall
Many people would consider a dynamic/stateful-inspection firewall to be the "best" general-purpose firewall available today. But that's not one of the answers. So you're left to determine what's best from the list of four "next-best-but-not-really-best" alternatives.
Compounding the problem, you're not given any context in which to make an educated decision. "Best" under what circumstances? What type of access control or traffic filtering are you trying to enforce? What type of network or hosts is the firewall intended to protect?
Moreover, the answers are not "equal" in the sense that they're not all of the same type or quality. Is this on purpose or by accident? Again, you can only guess.
OK, you probably wouldn't select "D," because a PC firewall is a specific example of a host application filter. The other three options are core technologies, not form-factor examples of those technologies.
Option A, static packet filter, is a "first-generation" network-layer firewall that does basic IP address and port filtering. It's probably the widest deployed firewall today, so if "best" means "most accepted," option A would be your answer.
However, if by "best" they mean "most able to filter traffic at a granular application header or payload level," then "application-layer proxy" is your answer. But wait: Circuit-level firewalls are "better" than static packet filters because they filter on Transport layer headers as well as IP headers; and they're "better" than application proxies because they can filter on a wider variety of protocols and are easier to maintain. But do two "betters" add up to one "best"?
You get the point. You have to determine what "best" means before you can select the "best" (er, "next-best") answer. This question is aggravating because it doesn't test your knowledge of firewalls--how they work, how they compare, which one's most applicable to a given scenario--but rather your ability to guess how the exam creators would define "best."
3. Questions where more than one answer is correct. In some questions, more than one answer seems correct. And, indeed, more than one is correct, depending on your perspective.
3. Which OSI layer(s) does SSL operate at?
a. Layer 4
b. Layer 5
c. Layers 4 and 5
d. Layers 5 and 7
Each of these is correct under different scenarios. In preparing for the exam, I came across different sources that actually gave these answers. Which one is correct? More to the point: Which answer would (ISC)2 consider correct? Guess!
With questions like these, it's clearly a matter of interpretation and context, and one would hope the CISSP exam would steer away from them. Unfortunately, it doesn't.
4. Confusing wording in the question itself. Perhaps the most frustrating questions on the CISSP exam are ones that force you to guess at exactly what the question is trying to ask. A sloppily written phrase forces you to interpret the meaning of the question--do they mean this, or do they mean that?--which in turn affects your interpretation of the answers.
4. Which of the following best describes a "protective profile"?
a. Implementation-dependent statement of security needs for a set of general IT products.
b. Management-level description of resources necessary to protect a security domain.
c. General framework of physical security requirements for a data center.
d. Includes the "Target of Evaluation" description of an IT product and its purpose, but not necessarily from a security perspective.
If you studied the Common Criteria security evaluation standard, you know that the "protection profile" is an implementation-independent statement of security requirements within the CC. Ah, but the question says protective profile--and what's worse, it puts the phrase in quotes.
Is this a simple spelling or usage mistake? Or are the exam developers specifically trying to bait you into answering the question as though it specifies "protection profile," when in fact they mean something more generic and completely unrelated to the Common Criteria?
It may seem like I'm picking on (ISC)2 and the exam creators by going into this level of detail. But to be forewarned is to be forearmed, and no book, study guide or boot camp prepared me for these types of questions, and no sample test I came across quite captured the essence of these questions. Everybody talks about how some CISSP exam questions are frustrating. Hopefully, I've illustrated why they can be frustrating.
Wednesday, August 01, 2007
In the field of encryption, you do not need to know the math involved in the various encryption algorithms, but you do need to know the differences between all of the major encryption systems. For example, you need to know the differences between AES and Diffie-Hellman, in terms of block size, type of algorithm, speed, mechanics, processing ability, etc. Making up a chart of all of the major encryption methods to allow to compare is probably a good way to start. At the end of the exercise, you should be able to recommend the correct encryption system based upon the situation that it will be used in.
Tuesday, July 31, 2007
The clas is a little large with 27 people in it. The CISA course was alot smaller with 12 people in the class. It seems to limited participation a little. It seems that this course is quite popular considering the timing of this week (school holidays and such).
Today was cryptography with everything covered (except for the math). It was more aimed at knowing all of the aspects of these cryptographic systems in order to choose one for a specific situation.
Sunday, July 29, 2007
The course hours are 8am to 8 pm for 6 days and then I write the CISSP six hour exam on the seventh day.
I am really weak on several of the domains, including the policy and application dev stuff but I am hoping that this knowledge will be picked up during the week.
Sunday, July 08, 2007
We get back to the car and Liz starts to head to Tescos, as we get near the Finneston Bridge, loads of cops are lining the street on either side. At the traffic lights we ask a female police officer if the Orange Walk is due soon (the bridge's lamp posts have union jacks tied to them) and she tells us that they left Bellahouston Park about 10 minutes ago. Liz squeals and I remind her that we can turn around and head down to Shawlands. So we go back over the bridge and down to the Tescos at Silverburn, avoiding King Billy and the piccolo players.
Thursday, June 28, 2007
Tuesday, June 19, 2007
Monday, June 18, 2007
Saturday, June 16, 2007
Check out the University of Washington CSE P 590TU: Practical Aspects of Modern Cryptography with brilliant slides and lecture notes.
MIT's OCW also has some good offerings.
6.897 Selected Topics in Cryptography
CISSP Prep Resources
- General CISSP Info
- Sample CISSP Exam Questions
- Domain 1 - Security Management Practices
- Domain 2 - Access Control Systems and Methodology
- Domain 3 - Telecommunications and Network Security
- Domain 4 - Cryptography
- Domain 5 - Security Architecture and Models
- Domain 6 - Operations Security
- Domain 7 - Applications and Systems Development Security
- Domain 8 - BCP and Disaster Recovery Planning
- Domain 9 - Law, Investigations, and Ethics
- Domain 10 - Physical Security
- General CISSP Info:
Security Publications - from the NIST Computer Security Resources Site.
ISC2 - International Information Systems
Security Certification Consortium.
Papers - from the Computer Security Paper Archive Project.
NSTISSI No. 4009 - 1992 National
Information Systems Security (INFOSEC) Glossary. "Provides standard definitions
for many of the specialized terms relating to the disciplines of communications
security (COMSEC) and automated information systems security (AISS), sometimes
referred to as computer security (COMPUSEC)." The most recent Sept. 2000
version is available as a PDF file at www.nstissc.gov/Assets/4009.pdf.
Handbook of Information
Security Management - 1999 edition.
extensive news and legal coverage of security issues.
- Sample CISSP Exam Questions:
Cert21 practice tests
- but you first need to set up an account with them.
- Domain 1 - Security Management Practices:
Note that there is much commonality between this and other domains.
Information Risk Elements - by Alan Oliphant (in ITAudit)
Management Guides - This material is also useful for Domain 7 review
of applications configuration management.
- from the Handbook of Information Security Management.
Whitepapers on Security Management - This is a recent (9/2002) guide
with set of links to various Microsft papers that cover the management of
site security policies and procedures.
Back to Index
- Domain 2 - Access Control Systems and Methodology:
There is much repetition here with other domains - review OPSEC (Domain
6) and Physical Security (Domain 10) in particular. See additional Common
Criteria and Biometrics resources at those Domains.
NIST Paper on Role-Based
Access Controls - considered to be better than DAC for non-military
Library - with PS and PDF formatted documents.
5200.28-STD - Orange Book (1983) - DoD Trusted Computer System Evaluation
products List - listed by rating from Orange Book. Since this list only
covers evals in past three years (note the site was last updated in Sept,
2000) Also, be sure to see the Historical
List of all previously evaluated systems (listed by vendor).
- Information Technology Security Evaluation Criteria - British certification
recognized in Europe. Developed as an international alternative to TCSEC.
In May 1990 France, Germany, the Netherlands and the United Kingdom published
the Information Technology Security Evaluation Criteria (ITSEC) based on
existing work in their respective countries. Following extensive international
review, Version 1.2 was subsequently published in June 1991 by the Commission
of the European Communities for operational use within evaluation and certification
schemes. ITSEC is a structured set of criteria for evaluating computer security
within products and systems. Each evaluation involves a detailed examination
of IT security features culminating in comprehensive and informed functional
and penetration testing. This work is undertaken using an agreed Security
Target as the baseline for ensuring that a product or system meets its security
specification. ITSEC operates the concept of assurance levels E0 to E6.
This scale represents ascending levels of confidence that can be placed
in the TOEs security functions and determines the rigour of the evaluation.
Since the launch of ITSEC in 1990, a number of other European countries
have agreed to recognise the validity of ITSEC evaluations. Both ITSEC and
TCSEC are forerunners of the Common
Criteria - ISO 15408 (1998)- first released in 1996.
EALs - Common Criteria's 7 Evaluation Assurance Levels (EAL 1-7) and
their relationship to ITSEC evaluation levels (E0-6).
Windows EAL4 Evaluation - a useful discussion of how the CC works.
from the MSU Biometrics Research Site.
- Domain 3 - Telecommunications and Network Security:
Telecom & Networks web courses - easy to follow, and a good place to start
Guide to Network Administration - good coverage of common issues, plus technical info on LANs, VPNs, and network security.
Intro to TCP/IP -
an old (1995) and brief document. The ACM overview is better.
Tutorial from Dragonmount
RFC1180 - a TCP/IP
Network Device Presentation - good descriptions and helpful diagrams.
Uri's TCP/IP Resources
List - a massive set of well-organized links. This is THE PLACE to go
for TCP/IP information. Much of what you need to know or want to find about
TCP/IP is at this site.
Understanding Communications - focus on the WAN side - From Ericsson
Data Network Resources - this is good overall coverage
Must-Have Reference for IP - has a very good glossary of IP acronyms.
Webopedia On-line Computer Encyclopedia
- good network coverage
Cable and Connectors - this is an excellent document with helpful drawings and tables.
Networking Media Course - good overview set of slides, includes wireless.
Designations - nice chart of the different Ethernet flavors.
Telecommunications Media - Chapter 4 of Stallings' Data and Computer Copmmunications textbook.
vs Fiber - discussion of the different cable types and expected usage;
good coverage of fiber technology.
Protocols, Ports, and Sockets - good coverage of how they work.
to IPv6 - 10/14/03 issue of GCN
of IPv6 - ISS paper that discusses how migration to IPv6 may create
Shomiti Taps - Finistar site
LURHQ's Malware Technical Papers contain some solid info about various worms and viruses, and exploits like DNS cache poisoning.
White Paper - from Cisco, contains a useful summary.
Tunneling Described - short Microsoft article with some helpful diagrams
Radius and TACACS
- Network Computing article.
and detection article in Linux Journal - brief overview.
packetsniff site by Steve
Packet Storm's alphabetized
download site for sniffer and analyzer software, with descriptions.
RAD Network Tutorials
- much easy to find info and a glossary.
FAX FAQS - from
FAXIMUM. Very extensive coverage.
- Domain 4 - Cryptography:
to Cryptography and PGP - Good intro with useful Glossary - heavy focus
Links - several useful links that I have found are here (part of my
security web page). These include two quality sites that have massive sets
of links to numerous crypto sites. Also, see My
Security Class Links that includes various NIST links.
Cryptography Overview - good discussion of symmetric and asymmetric
- Domain 5 - Security Architecture and Models:
- Charter for IETF's IPSEC with list of relevant RFPs from this group.
Anderson Report - Computer Security Technology Planning Study, 1972
Enterprise Security Architecture - Draft document from the NAC Security Architecture Work Group April 2004
Design and Evaluation of Infosec Systems - C-TR-32-92.
- from the Handbook of Information Security Management.
Multics General Info and
FAQ - early mainframe timesharing system, forerunner of UNIX but more
of TCB Divisions - a nice visual aid helping to understand the different
levels of the Trusted Computer Base in TCSEC.
- Domain 6 - Operations Security:
- Links to CIRT Sites
RAD Network Tutorials
- much easy to find info and a glossary.
FCAPS - Fault,
Configuration, Accounting, Performance, and Security - model for asset management.
- online library - note the Configuration Management and Trusted Recovery
Interagency OPSEC Support
Staff - info about IOSS plus links to other good OPSEC sources such
as NSDD 298, and the OPSEC Professionals Society.
DoD OPSEC Program
- DoD Dir 5205.2.
AFB OPSEC Site - has many related organizational and reference links,
including a useful glossary of terms.
- Domain 7 - Applications and Systems Development Security:
Objects and Components - OO
resources from I.T. Works.
Database Concepts - a brief review.
- helpful PowerPoint presentation from a college course.
- Domain 8 - BCP and Disaster Recovery Planning
Network World Fusion Research site on Disaster Recovery with a wide assortment
- Domain 9 - Law, Investigation & Ethics:
US Information Security
Law - Part 1 - from SecurityFocus 2/25/2003.
Federal Laws & Regs
- good set of links from fedlaw site but only thru the late 90's. Some additional
related links as well to federal agencies and other security sites.
Code of Ethics
from various sources including ISC2.
RFC 1087 - the IAB's
"Ethics and the Internet".
LAWSOURCE - American Law Sources
MLAT - Mutual Legal Assistance
Digital Millenium Copyright
Act - many links to resources about the DMCA - from educause.
Security Act of 1987 - Public Law 100-235
Fraud and Abuse Act of 1986 - 18 USC 1030
Why the Due Care security
review method is superior to Risk Assessment - Donn Parker's argument
against using Risk Assesssment techniques. CSI's Computer Security Alert,
Number 212, November 2000.
Intellectual Property Law - from
KuesterLaw - The Technology Law Resource with links to many patent, copyright,
and trademark related sites.
Legal & Ethical Issues
WWW.CYBERCRIME.GOV - US DOJ
Computer Intrusion Laws - links provided by CCIPS at the cybercrime
Fraud & Abuse Act of 1986 - 18 USC 1030 w/ 1996 amendments - from the
DOJ cybercrime site.
Security Act of 1987 - the full text of the law in an easy-to-read format.
Computer Security Act of 1987
- Site at the Electronic Privacy Information Center (www.epic.org) that
contains links to additional related info.
- at the EPIC site.
Patriot Act - full text (from the EFF site).
Patriot Act analysis by EFF - very thorough.
FIRST - Forum for Incident Response.
Glasser LegalWorks - much info (online
newsletters and many links) relating to the legal side of computing.
- additional computer law & forensics resources from my security site.
- Domain 10 - Physical Security:
The International Biometric Society
is devoted to the mathematical and statistical aspects of biology.
-site index for the new international standard for Information Security
- ISO/IEC 15408. Includes a list of products that meet Common Criteria evaluation
National Information Assurance Partnership
sponsored by NIST and NSA to disseminate information on the status of all
development efforts associated with new security specs and requirements
that comply with the Common Criteria. See the NSTISSP
No. 11 FAQ that clarifies compliance with this national IA acquisition
policy for deploying IA products at govt. sites.
Field Manual of Physical Security - (314 pages). recommended sections
are Physical Barriers (c.4), Lighting (c.5), Security Systems (c.6), Access
Control (c.7), and Lock and Key (c.8)
Friday, June 08, 2007
Tuesday, June 05, 2007
Monday, June 04, 2007
Friday, May 25, 2007
Monday, May 07, 2007
The salespeople told me that the phone was a standard Nokia N95 with all of the features of this phone.
I love it when they lie.
So, not sure when I can start to use VoIP - this is not over yet.
Monday, April 23, 2007
There are brilliant applications available for people to use and they are very easy to set-up.
The problem is that secure volumes and folders are set-up as separate areas for the storage of sensitive documents, with the result that either they are not used or some sensitive documents are left out.
The solution is to make the secure volume the default area for these individuals to store all of their data and for most windows users, that means the My Documents folder.
I used Truecrypt to create the secure volume. It was setup using a meaningless file name in a non-descript folder on the C: drive. Normally, I would have used a separate physical disk for this volume but it was a laptop with only a single hard drive.
I then moved the My Documents folders for this user into the secure volume after pruning out some default save folders for iTunes and Google Video.
The trade-off for using the my Documents folder is that a lot of non-secure items will be saved to this location (Christmas lists, letters to family and friends) but it will also be the default folder to hold all of the sensitive items that need to be secured. The user does not need to make a decision whether or not the document being saved is needing encryption.
As long as the TrueCrypt password chosen is of a reasonable length and memorable, this fellow is safe from prying eyes for those items that need to be secured.
I joined a couple months ago and let it sit. I have joined and used things like this before and never found them to be beneficial (buddyping comes to mind). I still believe it is a stalker's dream site.
Friday, April 20, 2007
It was work acheived through a number of people. Mike Quin took my original idea and refined it into a decent piece of work.
I put the fonts I liked past the folks in IRC and they chose the ones they wanted.
Lucinda Sans and Magik.
The t-shirts will be ready in a week and hopefully Linux Format will run the picture again.
Tuesday, April 17, 2007
The only problem is that I would never write anything in these journals. I have a problem in marking up a ten quid moleskine, with my thoughts. A £1200 leather bound journal would remain pristine.
Wednesday, April 11, 2007
We put the postcode supplied to us by the owner of the cottage into the Tomtom and it took us within a 100 yards of the place. I think the postcode designated the area rather than the individual buildings. Without it, I doubt we would have been there as quickly.
Another situation was when I tried to find the Sulwath Brewery in Castle Douglas. We found ourselves on King Street and as Liz pulled over to park, we were right beside the brewery. It would not have been easy to find since the brewery is actually not on the street.
Saturday, March 31, 2007
Saturday, March 17, 2007
Thursday, March 15, 2007
Saturday, March 10, 2007
Friday, March 09, 2007
Thursday, March 08, 2007
Tuesday, March 06, 2007
Monday, March 05, 2007
I have been using the Blueye for about two months now and so I thought that a review was in order.
This handy little device operates very similar to the Apple iPod remote with a few differences. In terms of shape, it resembles the old iPod remote. The clip on the old remote sucked and was ineffective in clipping onto things. The Blueye suffers from the same problem. Too often you look down and see the remote hanging a couple feet down your front. You can't lose it but it is a bit of a pain.
One other point, before we get to the main functionality of the device is the radio button. The old apple remote enabled an FM Radio on the iPod which you accessed through the click wheel. The Blueye uses a FM Radio button on the side of the device just below the lock slider. It is too easy to hit when you are trying to clip it to your jacket or fumbling for the play button. Hauling out your iPod to determine why it will not play your music and finding it tuned to 88.9 on the FM dial is inconvenient.
Finally, the main use of the Blueye is to provide Bluetooth connectivity to your mobile phone. You are walking along, listening to tunes on your iPod, and your phones rings. You hear the ringtone through your earbuds and answer the call. When you hang up the call, your music starts up again.
Setup involved a few cryptic key presses, but the two devices were easily paired up. The connectivity is as good as the in-your-ear Bluetooth devices and it does not make you look like a Borg.
The earbud volume is set by the phone's volume, if you use the phone without the Blueye and then reconnect, it can blowout your ears, . I tend to use the phone speaker volume set on high when walking next to city traffic, and then have unpleasant loud volume in my ears when I reconnect the phone to the Blueye.
You can use voice tags to call people (there is a small voice tag button on the Blueye remote), so this is a wasted feature on me. This never really worked for me when I tried it with just the phone. I feel very silly when I shouting people's names into my phone repeatedly while it dailed no one.
I had one problem in that checking your calendar on the phone will stop your music. If you turn off your keypad tones, the phones will send no sounds to the headset and allows you to use your phone without shutting off your iPod.
All in all, the Blueye does what it says on the box. I tend to use it more often than not. I own an Apple iPod remote, which has been replaced by the Blueye.
Monday, February 26, 2007
This fellow employed the help of a friend but it seems to use treated lumber so the wall could stay outside, if you combine this with marine board you have a sturdy outside structure. I am sure the costs could be reduced if you built this inside.
Monday, February 19, 2007
A couple people in ScotLUG have been talking about making coffee.
I thought I would share my current method of Coffee Production.
Maybe I should preface this post with a couple admissions. I have spent a lot of time making and drinking coffee. I have used a variety of machines from large cafeteria coffee makers to smaller domestic models. They all had their faults. Large machines can generate a lot of coffee (usually too much for home consumption) and they teach you a lot about the problems of running hot water through plumbing and then trying to drink it.
Although Scottish kettles are free from scaling, this is a problem in other areas. When I travelled around
I hate two things about home coffee machines: the hot plate and the pause feature. The hot plate slowly produces coffee syrup. Heating coffee after you produce does not improve the taste. In fact, it is the worst thing you can do to this liquid. The volatile substances that produce that unique lovely coffee taste is driven off by heat. So, by heating your coffee you accelerate this process.
The pause feature is a nightmare for two reasons. First it ruins a decent pot of coffee by allowing people to grab a cup halfway through the brewing process. Secondly, it can turn a coffee machine into a flooding device by the coffee grounds plugging up the valve that stops the flow of coffee. The contact time of the water and the coffee grounds is part of the decent coffee equation. It is much more important, than the size of a valve designed to stop the flow of coffee. Coffee machine pause features are evil.
So, this system has eliminated the plumbing that would need to be cleaned, and it removes the hot plate and pause mechanism. It keeps the coffee hot and produces enough for a couple people, or one person all day. It uses readily available components:
One Thermos carafe
One Melita Coffee Cone
Some tools to alter the cone’s base
Coffee and Coffee Filters
This produces a pot of coffee in about 4 minutes, it stays hot all day (especially if you preheat the Thermos), and the clean up process is extremely easy.There is supposedly a pre-altered Coffee Cone in the states that screws into the Thermos Carafe. Unfortunately if you cannot find one of those you will have to make your own. This involves either a sharp knife, a pair of metal snips, and a file. I just used an Olfa knife and a bastard mill file.
One consideration is the size of the threaded opening on the carafe. If there is not sufficient gap between the internal bottle and the plastic threads, you will never fit the cone base to the thermos.
Tuesday, January 09, 2007
Monday, January 01, 2007
New Years has never been one of my favourite holidays. Late Night drinking preceded by 14 hours of cleaning has never been my idea of fun. It clashes with my morning person personality. I went to bed at 1am and woke up at 5:30 - my regular start time.
I have some time off for the next two weeks to make up for the lack of time off during Christmas.