Data network connectivity developments, networking business news, and related computing items.
Ken Novak's Weblog
Monday, September 27, 2004
: There are groups active in turning iPods into TiVo-like radios, filling up with content served in RSS. 8:22:25 AM
Friday, September 24, 2004
: "Bemused is a system which allows you to control your music collection from your phone, using Bluetooth." Interesting how some people want to use their cell phone as a universal remote control. 9:33:08 PM
Thursday, September 23, 2004
Wednesday, September 15, 2004
Let Your Mobile Do the Pointing
: Magnetic sensors make an electronic compass, at low cost. Added to GPS, you can point at things and get info about them. 9:50:49 AM
Collection of phones that support eavesdropping: "The telephone is programmed with a telephone number and when anyone calls the spyphone, it rings and operates as a normal telephone but when the phone is called using the previously programmed spyphone number, it automatically answers without any ringing or lights and the display appears as if it is on ordinary standby" 9:17:31 AM
Unpatched PCs compromised in 20 minutes: "According to the researchers, an unpatched Windows PC connected to the Internet will last for only about 20 minutes before it's compromised by malware, on average. That figure is down from around 40 minutes, the group's estimate in 2003.
The drop from 40 minutes to 20 minutes is worrisome because it means the average "survival time" is not long enough for a user to download the very patches that would protect a PC from Internet threats. .. The time it takes for a computer to be compromised will vary widely from network to network. If the Internet service provider blocks the data channels commonly used by worms to spread, then a PC user will have more time to patch
[One] school is now checking the status of computers before letting them connect to the Internet. If a machine doesn't have the latest patches, it gets quarantined with limited network access until the PC is back up to date. " 8:58:40 AM
A Model for When Disclosure Helps Security: "Open Source and encryption [communities] view that revealing the details of a system will actually tend to improve security, notably due to peer review. In sharp contrast, a famous World War II slogan says loose lips sink ships. Most experts in the military and intelligence areas believe that secrecy is a critical tool for maintaining security .. this Article provides the first systematic explanation of how to decide when disclosure improves security, both for physical- and cyber-security settings..
many computer and network security problems appear different from the traditional security problems of the physical world. The analysis focuses on the nature of the first-time attack or the degree of what the paper calls uniqueness in the defense. Many defensive tricks, including secrecy, are more effective the first time there is an attack on a physical base or computer system. Secrecy is far less effective, however, if the attackers can probe the defenses repeatedly and learn from those probes. It turns out that many of the key areas of computer security involve circumstances where there can be repeated, low-cost attacks. For instance, firewalls, mass-market software, and encryption algorithms all can be attacked repeatedly by hackers. Under such circumstances, a strategy of secrecy - of security through obscurity - is less likely to be effective than for the military case." It seems to me this model also applies to many types of public facilities where probes and attacks can be rehearsed. 8:53:47 AM
Shred, Burn, Erase: "I've purchased thrift-store PCs and junk-shop hard disks [and] I've scanned through their contents before repartitioning the drives. I've seen personal letters and business correspondence, contracts and legal papers, Social Security numbers and other customer data. All you need is to scan a few recycled hard disks to gain a healthy paranoia about junkers that contain valuable information. .. I've also seen the results of projects by researchers such as Simson Garfinkel at Sandstorm Enterprises, who found high-tech vendor source code, financial information from investment firms, thousands of credit card numbers and even internal Microsoft e-mails on secondhand hard disks he bought at swap meets and used-computer stores and on eBay. ..
Then there are recordable CDs and DVDs, the bane of any IT shop that's trying hard to keep from leaking data. They're high-capacity, unerasable, tough to destroy and easy to drop into the wastebasket -- which makes them easy pickings for anyone who decides to dig through your Dumpster. " The author recommends both in house erasure and use of a commercial recycler that charges $10-30 to erase, to elminate single points of failure. 8:49:57 AM
Website offers Caller I.D. falsification service: "Slated for launch next week, Star38.com would offer subscribers a simple Web interface to a Caller I.D. spoofing system that lets them appear to be calling from any number they choose. .. Caller I.D. spoofing has for years been within the reach of businesses with certain types of digital connections to their local phone company, and more recently has become the plaything of hackers and pranksters exploiting permissive voice over IP systems. But Star38.com appears to be the first stab at turning Caller I.D. spoofing into a commercial venture. The service will charge a twenty-five cent connection fee for each call, and seven to fourteen cents per minute.
SecurityFocus took the site for a test drive, and found it worked as advertised. The user fills out a simple Web form with his phone number, the number he wants to call, and the number he wants to appear to be calling from. Within two seconds, the system rings back, and patches the user through to the destination. The recipient sees only the spoofed number displayed on Caller I.D. Any number works, from nonsense phone numbers like "123 4567" to the number for the White House switchboard. ..
Jepson and his partners believe that collection agencies in particular will find the service invaluable for getting recalcitrant debtors to answer the phone. .. The service does not appear to violate any federal criminal law, says Orin Kerr, a law professor at the George Washington University Law School, and a former Justice Department computer crime lawyer. "It doesn't violate the Wiretap Act or the Computer Fraud and Abuse Act or anything like that," say Kerr. But Rozanne Andersen, general counsel at the Association of Credit and Collection Professionals, believes collection agencies would be barred from using a Caller I.D. spoofing service under two federal civil laws: the Fair Debt Collection Practices Act, which prohibits false or misleading representations and unfair practices in collecting debts, and the FTC Act, which outlaws deceptive trade practices in general." 8:41:48 AM
Sunday, September 12, 2004
Berkeley Open Infrastructure for Network Computing (BOINC)
: "A software platform for distributed computing using volunteered computer resources." An outgrowth of SETI@Home
, it now supports 4 volunteer grid projects: SETI, Climate Prediction (which used to have its own client framework), a protein predictor, and the group designing CERN's latest accelerator. Participants can enroll in more than one project. 11:03:18 PM
Friday, September 10, 2004
Microsoft's Virtual Server coming Oct 1: "The technology will ship on 1 October, according to Microsoft officials, and a 180-day evaluation copy will be available next week. Virtual Server 2005 runs on Windows Server 2003 ..
The analysts firms consistently say we are anywhere from 18 months to three years ahead of Microsoft," says Michael Mullany, vice president of marketing for VMWare. "There are a lot of features and a lot of work to be added to this virtualisation layer over time to take the technology where it can be and we are trying to push the envelope in terms of technology innovation." Other people in the market include SW-Soft, which develops a product called Virtuozzo and will deliver a version for Windows this month, the Xen open source project and User-Mode Linux. ..
Virtual Server 2005 features Multi-threaded Virtual Machine Monitor to isolate virtual machines from each other, CPU and memory resource allocation, virtual networking, Active Directory integration, a Web-based management interface and a COM API, which includes 42 interfaces that let scripts control every aspect of Virtual Server 2005. ..
Virtual Server 2005 ships in a Standard Edition that supports up to four processors and is priced at $499. An Enterprise Edition that supports up to 32 processors costs $999. Both versions will be licensed on a per-physical server basis and support an unlimited number of virtual machines. " 10:50:06 PM
: Tiny interfaces that contain an embedded web server. Xport converts a serial device to ethernet; WiPort does wifi. Parts cost $100-150 qty 1 from distribution
, developer kits $350. 10:14:48 AM
Thursday, September 09, 2004
Spammers given boot by net host
: "US firm Savvis was allegedly earning up to $2 million a month from 148 of the world's worst spammers, a former employee had claimed. .. in January it bought C&W US, the American arm of the British telecommunications company Cable & Wireless, for $155 million (£87.4 million). Along with C&W US's 3,000 business customers, Savvis inherited 95 major spammers who make their money by sending out millions of unsolicited e-mails a day with the standard mix of Viagra and porn offers." Savvis says it is now committed to kicking out their current list of 148 spammers. 12:24:05 AM
Wednesday, September 08, 2004
Internet prods Asia to open up: "in China, where the government has mounted a huge effort to filter Internet content. The "Great Firewall of China" is manned by at least 30,000 censors who blocked as many as 50,000 websites in the first half of 2002, according to a US State Department report on China's human rights. Just this week, Beijing introduced stringent penalties against purveyors of Internet pornography, including life imprisonment for those behind major sites that receive more than 250,000 hits. "Pornographic" is left undefined. ..
China's massive firewall is already showing cracks under the weight of the Internet's expansion. The pressure has come from innumerable sources, including an onslaught of weblogs, open-source directories, and projects like Wikipedia, an "open-content" encyclopedia. Five years ago in China, most Western newspaper websites were blocked from viewing. Today, the Chinese censors who watch the Internet target more specific sites - chat forums on ultrasensitive topics like Tibetan liberation and the Falun Gong religious movement.
So while the average Chinese still can't walk into an Internet cafe in Ningbo and pull up the homepage of the Taiwan government, he can read The New York Times. Even some sensitive topics, surprisingly, are readily available in China. A quick browse through Wikipedia's Chinese-language version for the "June 4, Tiananmen" entry offers a broad look at the Democracy movement of 1989 and its violent end. Without using any special software or proxy servers, a Chinese web user can view the famed photo of a lone man facing down tanks outside the square 15 years ago in Beijing. ..
Despite its firewall efforts, the Chinese government is not stopping people from buying PCs or signing up for cheap Internet access. The country has an estimated 87 million Internet users this year, nearly four times the number in 2000, according to the data website www.internetworldstats.com." Of the world's internet users, 32.1% are now estimated to be Asian, 28.1% European, and 27.9% North American.
Wednesday, September 01, 2004
Philly considers wireless Internet for all: "For about $10 million [to install and $1.5m/yr to operate], city officials believe they can turn all 135 square miles of Philadelphia into the world's largest wireless Internet hot spot. The ambitious plan, now in the works, would involve placing hundreds, or maybe thousands of small transmitters around the city, probably atop lampposts. Each would be capable of communicating with the wireless networking cards that now come standard with many computers. Once complete, the network would deliver broadband Internet almost anywhere radio waves can travel, including poor neighborhoods where high-speed Internet access is now rare. And the city would likely offer the service either for free, or at costs far lower than the $35 to $60 a month charged by commercial providers.. [Similar efforts include:]
- Chaska, Minn., a suburb of Minneapolis, began offering citywide wireless Internet access this year for $16 a month. The signal covers about 13 square miles.
- Corpus Christi, Texas, has been experimenting with a system covering 20 square miles that would be used (for now) only by government employees.
- Over the past year, Cleveland has added some 4,000 wireless transmitters in its University Circle, Midtown and lakefront districts. The service is free, and available to anyone who passes through the areas. Some 1,016 people were logged in to the system at 2:20 Tuesday afternoon, said Lev Gonick, chief information officer at Case Western Reserve University, which is spearheading the project and paying for a chunk of it. "We like to say it should be like the air you breathe, free and available everywhere," Gonick said. "We look at this like PBS or NPR. It should be a public resource."
- In New York, city officials are negotiating to sell wireless carriers space on 18,000 lampposts for as much as $21.6 million annually. T-Mobile USA Inc., Nextel Partners Inc., IDT Corp. and three other wireless carriers want the equipment to increase their networks' capacity.
One part of the 15-year deal is cheap Wi-Fi phones for neighborhoods where less than 95 percent of residents have home phones. IDT, which has agreed to market the cheaper phone service in those neighborhoods, would pay lower rates for poles there than other companies would in wealthier areas. .." 2:11:09 PM
: "In recent months, a host of developers and TV enthusiasts have been working on ways to improve the TV trade online -- they're building sophisticated trading networks to record and encode and distribute shows, and they're improving peer-to-peer transfer systems to make downloading easier. The hottest new improvement is made possible by the merging of two of the Internet's newest innovations, the p2p protocol BitTorrent
the popular Web syndication standard. Together, these systems allow a computer to automatically find and download a user's favorite shows -- something like having a TV station designed just for you. " Examples: TV RSS Linux Client
: "Gtk2-Perl Torrent RSS feed reader for linux."; and Buttress
: "will be a Application to automatically download and run .torrent files from RSS feeds, without user input" 12:20:11 AM