Contemplative Bits

Running Linux on a Linksys Router

Thu, 09 Mar 2006 03:15:58 GMT

The WRT54G Linksys Router Released its Firmware under GNU

I've been interested in the extended functionality a Linux-based router can give but haven't found too many easy instructions on how to do this. An example of what can be be done includes increasing the transmission power for greater range.

" Under the Wireless>>Advanced Settings tab, DD-WRT has a customizable setting for transmit power. Labeled "Xmit Power", this entry is 28Mw by default, but it can be set anywhere between 0 to 251mW. The "Help" menu indicates up to 70mW is safe for improving range. Raising the power level above that, they warn, may generate excess heat in the chipset, which could shorten the life of the router." (Linksys WRT54GL Linux-Based Wireless Router, Extreme Tech).

For complex set ups involving VOIP or Wi-Fi hotspot this may be a good solution for adding important functionality

Mac OS X Tune Up

Fri, 03 Mar 2006 22:57:36 GMT

Macworld Article

I don't have a Mac but I've become more interested them since using Linux which also has UNIX underpinnings. An article by Macworld, "Top OS X Tips," suggests a few good performance hints. None of these hints will be news to anyone who uses a Mac regularly but I thought I would post this as a reminder to myself or others who are interested newbies.

Newsvine is not in Beta Anymore

Fri, 03 Mar 2006 00:02:27 GMT

Newsvine

This site is fairly new to me but I like the idea of a news site with no editors (like Digg) that doesn't have a technology focus. The top of the page has several categories to choose from. With a bit of surfing I was able to quite a few interesting stories. I've recently been using reddit, which has good content, but the interface isn't nearly a good looking as Newsvine.

Krugle

Mon, 27 Feb 2006 18:14:49 GMT

Search Engine for Open Source (Krugle)

This search engine is scheduled to go-live on March 8th at the O’Reilly Emerging Technology Conference, San Diego. The idea is that programmers are building a search engine for other programmers to get access to open source code. Their blog currently is posting project updates. Sounds like a good idea, I hope it works as well as it sounds.

Podcasts

Thu, 23 Feb 2006 01:18:16 GMT

Great Sources of Information

BBC Radio

Standford on iTunes

Berkley Webcast Courses

Podcasts at MIT

Harvard Computer Science E-1

Princeton University Channel

Skype Encryption

Mon, 20 Feb 2006 02:09:43 GMT

Skype uses AES encryption
(Enough to defeat real-time surveillance of telephone calls)

The FBI and NSA, among other government agencies, want access to VOIP calls and encryption is hinderingtheir ability to listen to conversations in real time. Of course, privacy is exactly the intent of having encrypted communications.

"Skype executives state that their software is free of all backdoors, and a security researcher who saw some (but not all) of the code agrees. Still, the company claims that it 'cooperates fully with all lawful requests from relevant authorities,' which may mean that they turn over keys to governments upon request." ("Is Skype a haven for criminals?," ArsTechnica)

Since the encryption is hard if not impossible to break the easier method of obtaining the information is to steal the key. Keyloggers are often used to obtain this information.

"The FCC ruled last year that VoIP providers need to offer backdoors into their systems for wiretapping reasons, but Skype isn't based in the US and so is not subject to the rule. It is subject to the EU's new Data Retention Directive, though, which may require them to retain call logs and decryption keys for a period of time." ("Is Skype a haven for criminals?," ArsTechnica)

Mac Prius

Mon, 20 Feb 2006 01:51:40 GMT

Nice Hack: A Touch Screen Mac in a Prius

This looks like a difficult project but a great one. Jeremy Kusnetz used CAN-view for video in, an Extron Emotia II to convert VGA to RGB+Sync, and a perl script to listen to the serial port using a Keyspan USB to serial converter. The script is posted to his site along with other pictures and instructions. A nice touch was his use of Front Row as the main interface. The audio portion of the project is not yet complete but so far so good.

Jeremy Kusnetz's Mac Prius

Microsoft Security

Mon, 20 Feb 2006 00:47:25 GMT

UK Asks for Backdoor to Windows Vista Encryption

When police in the UK seize computers for evidence it is much harder to get information off of the computer when the data is encrypted. The solution: Ask Microsoft to create a backdoor to this security measure thereby making all Vista computer encryption security vulnerable and no longer secure.

"A Microsoft spokeswoman said Windows Vista was designed to be the most secure version of Windows yet. She said: 'It is our goal to give PC users the control and confidence they need so they can continue to get the most out of their PCs. At the same time, we are working with law enforcement to help them understand its security features and will continue to partner with governments, law enforcement and industry to help make the internet a safer place to learn and communicate.'" ("UK holds Microsoft security talks," BBC News Thur, Feb. 16th, 2006)

The Trusted Computing Platform, which Vista would utilize to perform its encryption, may be used in combination with digital rights management.

"The system is aimed at preventing tampering with computers but it would also help prevent people from downloading unlicensed films or media." ("UK holds Microsoft security talks," BBC News Thur, Feb. 16th, 2006)

Given the recent disasters at implementing DRM, I can't imagine how much worse this could be made if Microsoft helped implement it at the operating system level.

Windows Command-Line

Sat, 18 Feb 2006 02:42:08 GMT

A Good Microsoft Reference

I'm trying to learn to use both the bash shell on Linux and command line on Windows. Microsoft hosts a good page with a list of useful Windows commands which are helping me to keep the two straight while I'm learning.

Command-line reference A-Z

Linux on a Intel iMac

Sat, 18 Feb 2006 02:34:26 GMT

Gentoo has been Booted on a 17" Core Duo iMac

Using the elilo boot loader Gentoo can now be run on a Core Duo iMac. No GUI is supported yet but the Mactel project has had a successful start! The Mactel Wiki is also just getting started but it may be worth a look as their work progresses.

DVD Rootkit

Wed, 15 Feb 2006 02:30:22 GMT

Mr. and Mrs. Smith

F-Secure has reported a rootkit on the German version of Mr. and Mrs. Smith on DVD.

"The Settec Alpha-DISC copy protection system used on the DVD contains user-mode rootkit-like features to hide itself. The system will hide it's own process, but does not appear to hide any files or registry entries. This makes the feature a bit less dangerous, as anti-virus products will still be able to scan all files on the disk. However, as we note in our article on rootkits, it's not that uncommon for real malware to only hide their processes." ("About the Hidden Smith Family," F-Secure)

There is an uninstaller for this product provided by Settec Alpha-DISC. Yet again cloaking of processes for DRM reasons is being used. This seems to be a spreading trend starting with Sony BMG CDs.

Firefox

Tue, 14 Feb 2006 15:23:53 GMT

Firefox has Greater Than 10% Markey Share

Spread Firefox the community advertising site announced the 10% market share accomplishment today. The site includes an ad contest and Firefox flicks, which are customer testimonials.

.5 cents Per Email

Sun, 12 Feb 2006 23:12:44 GMT

Charging Spammers .5 cents For Guaranteed Delivery

"Yahoo's Antispam Product Manager Miles Libbey claims the Goodmail service is aimed at de-phishing transactional messages, like financial docs. As an apparent afterthought, Libbey muses, 'We need to ensure that the spammers don't sign up for the service." (Who's a spammer? Anybody who doesn't buy the service.)" ("AOL, Yahoo Follow Bill Gates: We Don't See No Stinkin' Spam," Email Battles)

Yes, that's right; these email services are guaranteeing the bypassing of spam filters for just .5 cents. This service is really just a way for ISPs to make money on SPAM instead of spending money fighting SPAM.

Google Desktop

Fri, 10 Feb 2006 16:55:00 GMT

"Search Across Computers" feature collects hard drive files and stores them on Google Servers

At a time when Google searches are being subpoenaed and the government seems to be able to collect information about people with fewer and fewer restrictions, this feature is far too dangerous and many users of Google desktop probably won't be aware of the implications. After 30 years have passed Google says that it will delete the information off its servers.

"If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password." ("Google Copies Your Hard Drive - Government Smiles in Anticipation," EFF Breaking News)

The EFF article on this topic points out that private information from a users computer can now be collected with a subpoena rather than a search warrant which is much easier. The Electronic Communication Privacy Act of 1986 lets online service providers store user information under much lower privacy protections than the protections that shield a users home computer. I agree with the EFF and their recommendation in this situation: "Consumers Should Not Use New Google Desktop" ("Google Copies Your Hard Drive - Government Smiles in Anticipation," EFF Breaking News)

An article by CNN is also a good summery of this situation

Microsoft Windows Updates in ISO

Thu, 09 Feb 2006 22:13:40 GMT

An Easy Way to Update Multiple XP Machines

An ISO image to update Windows is not something most home users or administers of small businesses might need but there are some situations where this might be helpful. Microsoft Download Center makes these images available. An article explaining how to use these images is in Microsoft TechNet.

Washington Post Picture

Wed, 08 Feb 2006 02:56:02 GMT

Bush Visiting NSA Headquarters

On January 27th the Washington Post posted an article online about the NSA wiretapping. The article is pretty old news by now but an entry in Handler's Diary on the SANS Internet Storm Center recently posted an interesting comment about the photo linked to the article. The screen behind Bush is the Talisker Computer Network Defense Operational Picture which features DShield. DShield (Distributed Intrusion Detection System) is the work of many volunteers and is released under a creative commons license.

The Washington Post Photo
The Talisker Computer Network Defense Operational Picture Matching the Post's Background Screen

Blogs Are Growing Quickly

Tue, 07 Feb 2006 01:54:16 GMT

There Are 60 Times More Blogs When Compared to 3 Years Ago
("Blog world growing by leaps and bounds," ZDNet)

While many of these blog may stop being updated after a short time and/or don't draw many readers (for example my own blog) that doesn't diminish the success of blogs as an important medium.

"Indeed, the vast majority of those pages remain the kind of personal diaries that attract few readers. But bloggers as a whole have begun to play a critical role in accelerating news cycles, fact-checking media and political figures, and undermining public relations campaigns." ("Blog world growing by leaps and bounds," ZDNet)

Technorati, a blog search engine, says that "the number of blogs online is doubling every five and a half months." "Blog world growing by leaps and bounds," ZDNet) To learn more about the growth of blogs using Technorati statistics got to David Sifry's Blog. A graph on Sifry's blog showing daily postings covers about a year and a half and is labeled with some of that years biggest news stories at its peaks. The site has been updated on this subject today so its worth a look.

Google Stock

Sun, 05 Feb 2006 23:39:42 GMT

February 2nd Google Dropped in Value Reducing the Companies Stock Value By 12%

A lower than expected quarterly earnings report made Google stock drop.

"It was the second time in a week that Google shares - the hottest, most talked about company stock in the world - were plunged unexpectedly into a frigid bath. And although the latest disappointment was more about market expectations than profitability" ("$13bn: Amount wiped of Google Shares,"The Independent Online Edition)

It's amazing to think that just 12% of Google was worth 13 billion.

ALA on DRM

Sun, 05 Feb 2006 02:26:26 GMT

The American Library Association's Assessment of Digital Right Management

I haven't had the time to read this yet but I am interested to hear what the additional difficulties must be for archiving digital information. DRM impacts all of us but I want to see how a libraries, which are given the task of making this content accessible, see the issue.

The "Digital Rights Management: A Guide for Librarians" article in PDF

Ubuntu Install

Fri, 03 Feb 2006 23:06:59 GMT

Loading Ubuntu From an Eternal Drive

If I can set my BIOS to boot from a USB device I will definitely do this with my external drive. The instructions are very clear and have been updated with user comments and suggestions. The instructions are posted on the Ubuntu forum and allow you to install Ubuntu v5.10 to an external USB drive. While this task seems pretty simple the grub loader configuration is not without this tutorial as an aid.

Ubuntu Breezy 5.10 Eternal Drive Installation

Cambridge Free WiFi Project

Thu, 02 Feb 2006 23:02:02 GMT

MIT is Helping to Bring WiFi by Summer

Using mesh wireless technology MIT is hoping to connect the city cheaply using a standard that regular wireless cards can connect to (Cambridge, MIT plan citywide WiFi, Boston Globe, AP, Business, D4). The focus area will be public housing and the equipment used will be discounted or donated and will test the success of mesh technology.

For a great article on mesh networking at a city-wide scale, read this article at Daily Wireless.

Concerns for Boston Globe and T&G Subscribers

Thu, 02 Feb 2006 22:39:42 GMT

Credit Card Numbers of Subscibers were used to Wrap Sunday's Newspapers

"Confidential Information for as many as 240,00 subscribers - including names, credit and bank card numbers, and expiration dates for credit cards - was mistakenly printed out. The paper was then recycled and used to wrap bundles of the Sunday T&G." ("Hot lines deluged after T&G, Globe leak," by Robert Gavin, Boston Globe, Business, D1 & D5)

To their credit they did disclose the information quickly, notify credit card companies, and offer to pay for one year of credit card monitoring service. The bad and amazing part of this is how easy it was to mistakenly print 240,000 subscriber's personal information. Even worse though was how the information was treated as regular recyclable paper. Whatever procedures are in place to monitor the safety of confidential information I think that its time that they were reviewed and improved.

MSN Spaces

Wed, 01 Feb 2006 17:02:06 GMT

Microsoft Changes its Blog Policy

After Microsoft was criticized for blocking a Chinese blogger and enforcing laws that violate freedom of expression, Microsoft has created a new blog policy.

"Smith said that Microsoft will only remove blogs when given proper legal notice, and even then, will only block access to that material within the country where it is deemed unlawful. The site will still be viewable from outside the country, he [Brad Smith, Microsoft's top lawyer] said." ("Microsoft Revamps Blogging Policy, PCWorld)

Interestingly, a lot of the push for this change came from Microsoft employees who were not happy with the removal of the Chinese blog written by Zhao Jing.

LJ XSS Security Challenge

Tue, 31 Jan 2006 16:27:38 GMT

The Bug Hunt Is On

First, I think it's interesting to note that I learned this because it was on Slashdot which tells me something about the frequency I check announcements and community messages on LJ. The short story is that a bug was found that used firefox to execute remote code.

"It was possible to use the “-moz-binding” CSS attribute within Mozilla and Mozilla Firefox to execute arbitrary offsite JavaScript. As this attribute is designed to allow attaching an XBL transform and JavaScript to any node within the DOM, it is quite easy to use in a malicious fashion." ("Discussing the Security Challenges," LJ Daveman692)

The problem has not been fully solved but it may be as solved as its going to get without Firefox making a change to the way it handles CSS. LJ has decided to have an XXS Security Challenge with a reward of a permanent account and/or possibly gift certificates. The community response may come from within LJ but because only paid accounts can make styles they will miss out on a lot of other people who could potentially help.

"STEP 1: Go to http://www.test.dev.livejournal.org/ . Make an account. Probably need to change it to paid so you can make styles/etc." (XXS Security Challenge)

HowtoForge

Mon, 30 Jan 2006 13:34:41 GMT

A Good Place to Find Answers to Linux Questions

This site has just about all the FAQ's and Howto's that a person with Linux questions might need. I just found it today so I can't recommend any article or tutorial in particular but I will be going back to learn more. While I like many other sites for tech. news, (ie. Daily Rotation, Slashdot, Digg, etc.) this site impressed me with its news offering as well.

HowtoForge