I wished I would have discovered this while I was working for TULMEL. A year or so ago, there was a client hospital in Florida whose patient health information application ran over a TN3270 connection. You could sniff the user connections to the main-frame, pick out the passwords, log in a couple times to find the permission set that you needed, then lookup whatever patient information you wanted to. They could have seriously benefited from having encrypted traffic on that application, but none was provided by the vendor. Here we were as the penetration testers and security consultants with no real solution to offer other than to "pressure the vendor for application level encryption". Tonight (this morning), I ran across
SecureAgent.com's website, a local vendor who sells devices to replace main frame connection controllers - adding a layer of encryption for all TN3270 connections to the main frame in the process.
Here we didn't have a good solution to recommend for the problem, and we were walking past the Secure Agent building two or three times a week getting lunch.
I started working on the Dvorak keyboard tonight :( It's difficult... I feel myself fighting off qwerty every step of the way. It will be a battle, but ultimately worth it. My wrists ache from the change in utilization patterns... and from fighting off qwerty. The nice thing is, that I can guess the location of the keys based on its frequency or whether or not the character is a vowel. From tonight on I will only use Dvorak...
The trickiest thing is retraining some of the most common key combinations and the keys from the home row.
