Monthly Archives: August 2005

Norton Internet Securiity Blccks Without Notice

Posted on by
1

I was helping my roommate connect to the USC FTP server, bones.usc.edu, and we found that it didn’t work in either Internet Explorer nor SmartFTP, no matter what login info we used. (By the way, Internet Explorer is terribly vague and cryptic when it comes to FTP error messages. Use a real FTP client, please.) My first thought was that perhaps you needed to be connected to the USC VPN before you could access it. But on further inspection of the directions, it did not mention any such requirement. So I tried it from my computer, and lo and behold – it did work. I verified that he was connected via Ethernet, the same way I was, and then the thought struck me – check for firewalls.

Indeed, he had Norton Internet Security installed and running. This is essentially the same as the Symantec Client Security CE provided by USC ISD (Information Services Division). I don’t like the way this firewall works. It blocks access without notifying the user in any way. It blocked us from accessing any FTP server with any FTP client. This is unnecessary.

In the past, I’ve also noted that Symantec/Norton firewalls block all local area network traffic, such that other computers and printers cannot be accessed. Not only can they not access you, but you can’t access them. To further complicate matters, Symantec/Norton doesn’t even notify you when such traffic is blocked. I suppose it’s assumed.

Conclusion – if you have any connection difficulties with FTP or networking, make sure your firewall is disabled.

Flash license agreement

Posted on by
Reply

via Slashdot

It’s astounding how restrictive this license is. And that it’s used for an application so common as Macromedia Flash.

License Grants

1. You may install and use the Software on a single desktop computer that has a Windows PC operating system (including desktop PC versions of Windows 95, 98, 2000, NT, ME and XP (Home and Professional), a Macintosh desktop operating system, a Linux desktop operating system, or a Solaris desktop operating system; provided, however, that, notwithstanding anything contrary contained herein, you may not use the Software on any non-PC product or any embedded or device versions of the above operating systems, including, but not limited to, mobile devices, internet appliances, set top boxes (STB), handhelds, PDAs, phones, web pads, tablets, game consoles, TVs, DVDs, gaming machines, home automation systems, kiosks or any other consumer electronics devices or mobile/cable/satellite/television or closed system based service. A license for the Software may not be shared, installed or used concurrently on different computers.
2. You agree that Macromedia may audit your use of the Software for compliance with these terms at any time, upon reasonable notice. In the event that such audit reveals any use of the Software by you other than in full compliance with the terms of this Agreement, you shall reimburse Macromedia for all reasonable expenses related to such audit in addition to any other liabilities you may incur as a result of such non-compliance.

Flash license

Men talk more than women

Posted on by
Reply

According to the July/August 2005 issue of Hispanic Trends magazine, an International Communications Research poll commissioned by Cingular Wireless found that men used their cell phones more than women. Men currently use their cell phones 35% more. Guys average 571 minutes a month, while women average only 424.

The magazine says that women seem to be the early adopters: 25% have cell phones with cameras, compared with 21% of men. Actually, I think this can be explained by the fact that many people want devices that do one thing, and do it well. Cell phone cameras feature an image quality far inferior to that of dedicated digital cameras.

At the end of the article, it states: “Conventional wisdom does get something right: women talk on traditional land-line phones 9 percent more than the men.” When will VoIP become widespread?

Domains and websites for sale

Posted on by
3

I own these domains and websites. Let me know if there is anything of interest to you! Some of them even have complete websites with lots of content and– in some cases– members, which I can also include in the sale.

July 24, 2007 Update

bytetechinc.com
cybikohost.com
sizzly.com
walnuthigh.com

Original Post

gamervortex.com
paidfaster.com
trafficstinger.com
utdtournament.com
tykeblue.com
directoryplus.info
forumstar.info
cybiko.info
invisionplus.info
invisionstar.info
phpbbstar.info
phpbbplus.info
yosting.info
googlesyndication.info
gizmobytes.info

Advanced Remote: Sony Ericsson T610

Posted on by
2

from fma user experience

I find this description to be simply amazing. I have yet to see this in person. Unfortunately, my new phone does not have bluetooth. However, it is SE, so maybe the remote function would work. I’ll try someday.

Sony Ericsson T610 (unlisted feature)

You can control the PC from the phone. Unlike other remote controllers, you have here a menu appearing on your cellphone. You can scroll up and down the menu using the joystick.

-You can move the mouse pointer using the joystick, right and left click, select and click anything. This requires you to look at the computer monitor so you can see where to move the pointer.

With the following features, you can switch off the monitor to save power, since a menu appears on the cellphone.
-You can switch off, hybernate or put on stand by the computer from the phone.
You have a menu on your phone saying “hybernate”, “turn off”, “stand by”. You scroll with the joystick, and press to select.
-You can run and control more than 10 different popular programmes from the cellphone. The most controllable is the popular music and video player “winamp version 2 and 5″.

With bluetooth, all this can be done while you are not in the same room with the computer. This is real, I am doing it everyday.

Designing an Authentication System

Posted on by
3

I read through housing.usc.edu/htp/dialogue.htm. It’s very interesting. If you haven’t read it already, I recommend that you do.

What follows are my comments and ideas, just things that popped into my head while reading:

Why can’t Charon just keep granting new tickets without asking for a password again?

A ticket is not required to maintain the session.

Malicious user could modify kinit to brute-force the password that was used to encrypt the ticket-granting ticket.

Network address can be spoofed with some network adapters.

With lifespan and timestamp, the ticket still can be copied and used on a spoofed workstation – but only for a shorter amount of time.

Hopefully not enough time for a workstation to brute-force the ticket’s password, thus decrypting it. Actually, even if the ticket has expired, decrypting the ticket would reveal the user’s password, assuming the system can tell when the ticket has been properly decrypted.

If not (any password returns seemingly valid output), then this is safe.

Workstation and Charon need to share a secret (encrypted).

session key + ticket, encypted with user’s password

Get session key by brute-forcing ticket, which is encrypted only by user password. If I have my own copy of the file, there’s no limit to the amount of computing power I could apply to cracking it.

acceptible -> acceptable

mutual authentication

“yields the correct server response message”

Have to make rogue server send the correct response message (requires session key — brute-forced from ticket)

Rogue server can take over real server between authentication and sending the document.

Document is not encrypted. Where is the data in the ticket? There is none. Data is sent cleartext.

“cannot generate the correct response because it cannot decrypt the ticket and get the session key.” Decrypt ticket with brute-force technique.

“If an attacker tries to snatch an authenticator and reuse it, even during the five-minute acceptance window, the replay cache will be able to determine that the authenticator has already been presented to the server.”

What if the attacker gets its authenticator to the server before the real server? Network jamming and faster computers/network devices could achieve this.

Li-Polymer: to charge, or not to charge

Posted on by
3

My cell phone is powered by a Li-Polymer rechargeable battery. It’s a Sony Ericsson Z500a. It has gotten its initial charge, and, according to the battery meter, it looks like it’s beginning to run low. I’ve been using it for several days now without a charge.

Should I wait until it’s dead before I charge it? or should I just charge it now?

This is an old article I found when searching for info on Li-Polymer:

Li-Polymer: Practical, Or Just Promising?

David G. Morrison
ED Online ID #1629
March 18, 2002

Almost five years have passed since Sony began large-scale commercialization of Li-polymer technology with the introduction of its 3.2- by 53- by 85-mm cell. Since then, a number of other cell makers have joined them in producing Li-polymer. But so far, all of these cells have captured only a small fraction of the market for rechargeable batteries. The slow growth in the adoption of Li-polymer batteries has tempered initial enthusiasm that surrounded its introduction. Some question its current value, even as they look forward to its future development.

Using a polymer or gelled form of electrolyte, rather than the liquid electrolyte found in standard Li-ion cells, has many potential advantages. A gelled electrolyte eliminates the need for the metal that a liquid electrolyte requires for generating the stack pressure within the cell. So, Li-polymer cells could be encased in the very thin foil pouches that help to reduce cell thickness, and are simpler and less expensive to make than aluminum or steel cans.

But stack pressure wasn’t the only concern in changing cell packaging from a metal can to a foil pouch. Leakage was another issue addressed via the gelled electrolyte. By eliminating liquid electrolyte within the cell, the Li-polymer technology would prevent leakage in the event of a punctured package. So, Li-polymer cells could be housed in foil pouches, while Li-ion cells would generally require the more durable cans.

Eliminating electrolyte leakage—ideally via fully solid polymer electrolyte—also raises the possibility that cell protection devices, either the PTC or IC, can be eliminated. This reduces cost and frees up space for active battery materials.

However, it’s thin cell design and light weight are key benefits of Li-polymer and the polymer approach to thinning the cell’s internal construction and packaging. Within the cell, the polymer electrolyte permits layering of electrode, electrolyte, and separators in a flat sandwich-like stack, as opposed to the wound stack or “jellyroll” normally employed in Li-ion cells. The stacked approach allows fabrication of 1-mm or thinner cells.

Continue reading

College Advice (USC)

Posted on by
1

Today, I did laundry for the first time here. I couldn’t find the quarters I thought I brought, so I bought $1 of quarters from John. Then, I started the machine before putting my clothes in (I didn’t realize it started right after the type of load was selected). Luckily, it allows you to open it after it has started (opening the door stops the washer).

After coming back, I found my quarters. I also found another dirty pair of socks under my desk.

So my first point of advice for college students is:

1) Before doing a load of wash that includes socks, always check underneath your desk for additional socks to wash.

I’m running out of power outlets. I’m afraid something bad will happen because I’ve got so much powered stuff going on. Let’s see. I’ve got two outlets to work with. One has my laptop charger (with a long cable). The other connects to a UPS (via a long power cable). This UPS has three outlets. One for computer, one for one of my two monitors, and the other for a Power Squid. The PowerSquid has five outlets. One is currently used for my other monitor; #2 my printer, #3 my desk light, #4 my binary clock, #5 my Pocket PC charger. Now I have to plug in my cell phone power adapter. There’s no more outlets, but luckily, I’ve got a power strip I can use.

I’m thinking of plugging it into the UPS, replacing the monitor, and then plug the monitor into the power strip. Then I can also plug the cellphone charger into the strip.

The UPS has an amp limit. But I don’t know what it is, and I don’t know how many amps each of my components is drawing.

This brings me to tip number two:

2) Get a PowerSquid, and bring it to college. It’s amazingly convenient and useful.

I might update this post as time goes along.