Sunday, June 8, 2008

This post was written using iPod touch 16 gb model
and in parallel I was trouble shooting the file sharing issue in windows 2003 server, the damn stpd thing was not working
finally managed to by disabling " deny access to ..." under local security settings removed guest account from there
any how got to go.
It was fun to use ipod touch


Read Full Post!

Thursday, May 1, 2008

Analysis of Technical Methods for Copyright Protection

Preface:

The recent incident where a copyright protected white paper from our firm was made freely available on the web is an issue of concern. Our business model is based on providing customers with details of economics, finance, natural resources, and other critical information about specific global markets in the form of research reports. These reports are made using our vast network of data collection and our extensive number crunching abilities. Availability of the same for free not only undermines our work but also has a crippling impact on our business.

Current set-up:

- All the current reports and documents we deliver to our customers are generated on fly in adobe acrobat pro 8.

-We don’t use password protection to avert copy, print or modification of documents

-No use of digital signatures

-Visible water marks are used at top and bottom of all the pages in a report.

We have relied on our customers to be responsible and self aware to protect the copyrighted material we provide them. The only copyright infringement deterrent we have used so far is a copyright notice included at the end of every report. However since this has failed to act as a deterrent in some cases, I will present a few other options that may be deployed to protect the firms interests.

Soft content protection measures:

Based on the analysis of our current system, the table below lists the options we have to protect the content using soft measures as well as their pros and cons:-

S.No

Soft Measures

Cons

Pros

1

Presenting one page at a time

Frustration for customer Just a deterrent.

Easy to implement

2

Obscuring print or save functionality

Frustration for customer Just a deterrent.

Easy to implement

3

Limit on number of downloads in one session

No control after download, over head of monitoring session info.

Easy to implement

4

License agreement acceptance before download.

No control after download

Deterrent, might work with average user

Table 1.1: Soft content protection measures

To read More Click "Read Full Post!" below



As most of our customers are subscribers and they pay for these reports the first three options are not advisable to the subscriber section, but can and must be implemented for the small section of guest users. The 4th option of adding a step of accepting Licensing agreement should be implemented globally.

Hard content protection measures:

These options are based on recent developments in technology which will involve use of some form of cryptographic measures. To implement these options further investment in Software solutions and associated Hardware will be needed. Table 1.2 below lists some of the options available.

S.No.

Hard Measures

Cons

Pros

1

Copy Paste prevention

Document as whole can still be shared

Very easy to implement

Current acrobat pro supports this

2

Secure container Method

- Require customer side client for access

- Current license violation

- Does not do license based management(Uses access base management)

Tie document to single machine

Password based access control

- Use Controls

- Specific use actions: copy, paste, save, print, email

- Extent of use: amount and duration

- Current vs. subsequent use

- Individual vs. group

3

DRM solution

- Uses client server authentication (access to network /internet is needed)

- Hidden watermarking availability is not specified

- Viability in light of current user license agreement.

- Inherits all functionality of TRM

o Prevent copy, save print, number of prints

- Specify security

o Policies, Revocation

o Expiration, Auditing

o Watermarking(PDF)

- Select recipients by:

o Individual or Group

Table 1.2: Hard content protection measures

Viable Solution:

A DRM solution will be a good option to implement; I am advocating this solution based on these observations:

- DRM system will give us more control over how and where the research/white papers provided by us are used / accessed.

- We can control number offline views. (No connectivity to our servers necessary).

- User will have the option to buy license if he receives document from other source

- Batch automation of PDF protection and DRM controls - no user input required

- Each download can be linked to specific user

- How many times documents can be viewed

- How long documents can be viewed. (Days, months...)

- Printing documents (including the number of times your documents can be printed)

- Use of Windows print screen and screen grabber applications - stop users taking screen shots of documents.

- Printing to file, email, PDF format (Acrobat distiller, etc.), common image printers, etc. are automatically prevented

- Watermarking will be integral part of the system to prevent print /scan problem


An added advantage will be that the customer will still have the freedom of use within the guidelines of the license agreement, and the system can be implemented in different stages.

We have the option of following two DRM solutions.

1. Adobe LiveCycle Enterprise Suite

2. Lizard Protector web content security

Both of these systems support PDF documents and the first option even supports windows word. Final selection will however depend on the pricing, scalability with our current system and degree of flexibility offered in implementation (partial feature implementation).

References:-

- Eschenfelder, K.R. (2007) Every Library’s Nightmare? Digital Rights Management and Licensed Scholarly Digital Resources. University of Wisconsin-Madison School of library and Information Studies.

- Adobe solutions for digital rights management, www.adobe.com.

- http://www.locklizard.com/digital_rights_management_products.htm

- http://www.microsoft.com/windowsserver2003/technologies/rightsmgmt/default.mspx



Read Full Post!

Sunday, April 20, 2008

computer Security Paranoia

I have take a quite a few courses over last two semesters on computer and network security. even a class which helped me understand privacy and legal issues to an extent. all this has given me insight to the security process and loopholes. Of course this has made me from being a cautious user to a over cautious one. I look twice at the link of the websites i open, check three times the kink of my bank site before entering user name and password. earlier my password used to be some thing like 8 -10 characters now more than 15 characters long.
Another thing learned any encryption or security protection can be broken, only difference being the time taken from less tan 30 seconds to 30 years. Any way i would not like to make others paranoid but every one should be concerned. the first thing i will discuss is wi-fi connection. you can find plenty of article online how to make work and work securely so i wont talk about that but point you few of the links.

To mount a attack on 128bit encrypted wireless connection you need to have considerable experience acumen and resources. Well if your connection is unsecured (NOT having even the widely criticized WEP ) then it would be like a open door, even the next door kid has full access to it. but using WEP protection is like a door with a easy to open lock. Cryptanalyst's have been able to break the really bad implementations in less than 30 seconds. few of the Biggest mistakes people make while implementing systems are
  • leaving the admin password blank or to default
    • for the wireless router
    • for your computer
  • NOT using any protection -- really really stupid
  • having key of dictionary word - really stupid
    • even if its hard to spell for humans automated computer programs can break them in few minutes using Brute Force attack
  • having a key of few letters(less than 8) - stupid
  • NOT ever changing their WEP or WPA key. - Not a good Idea
    • change at least once in 3 months as one of the fundamentals of breaking any encryption is the more data you have using a single encryption key the more easy it is to break that encryption that is the reason the military communications change key almost every day for their communication


Setting UP Wireless connection
The article give steps to set up WEP 128bit security but i would seriously advice to use any higher version of WPA if available. if not then make sure u have pretty long key the best way to create a long key to use a long sentence with few number in front or end as an example.
"289284whathappnesinvegasstaysinnewyork" ---(DONT USE THIS JUST EXAMPLE)
Good Article
Really nice article also talks about setting up a personal honeypot(will talk about what this is in next post). but an advice, i would say don't even think of doing it can act a back fire a blackhat hacker with access to you honeypot can mount a attack on some else and you can beheld liable.


Read Full Post!

Friday, April 11, 2008

An efficient handheld generator could help bring computing to the world's poor.

The One Laptop per Child association (OLPC) is an ICT4D non-profit organization, created by faculty members of the MIT Media Lab, set up to oversee The Children's Machine project and the construction of the XO-1 "$100 laptop". Both the project and the organization were announced at the World Economic Forum in Davos, Switzerland in January 2005.


The goal of the foundation is to provide children around the world with new opportunities to explore, experiment, and express themselves. To that end, OLPC is designing a laptop, educational software, manufacturing base, and distribution system to provide children outside of the first-world with otherwise unavailable technological learning opportunities.

OLPC espouses five core principles:[6]

  1. Child ownership
  2. Low ages. The hardware and software are designed for elementary school children aged 6-12.
  3. Saturation
  4. Connection
  5. Free and open source
It's an education project, not a laptop project.

Nicholas Negroponte



The $100 dollar laptop will include a 7.5-inch screen, a 500 megahertz processor, 500 megabytes of Flash memory, and wireless broadband for forming impromptu networks with other laptops. It will also be a multimedia workstation, supporting the playing and composing of music, for example.

The new generator will make the laptop much easier to power than it would be with a hand crank, in part, because the users will be able to operate the generator in a variety of ways, including holding the device (the size of two hockey pucks) in one hand and pulling the string with the other, or clamping the generator to a desk, attaching the string to one foot, and using leg power. "We wanted something that could take advantage of other muscle groups in the human body that can put out a lot more energy than the muscles that you get when you're just turning a crank," says Colin Bulthaup, a co-founder of Squid Labs.

To reach the project's goal of one minute of power generation for every ten minutes of laptop use, the generator would need to produce 20 watts (the laptop will require less than two watts in a primary application as an electronic textbook replacement). "With a hand-crank system, if you're gung-ho about it, you can get about five watts out of it. But you get tired after about a minute or so," says Geo Homsy, a partner and designer at Squid Labs. With the new system, generating 20 watts is comfortable, and it's possible to generate 10 watts for "as long as you want," the developers say.

The new generator is also quiet -- one of the key design requirements. "If you imagine an entire school room full of kids using this thing, it needs to be as quiet as possible. Otherwise it will drive everyone insane," Homsy says. Typical generators work best at high revolutions per minute, requiring noisy gears to step up the speed. The developers have done away with gears by custom-designing a generator that runs most efficiently at lower RPMs, a move that also makes possible a smaller device.


The $100 laptop developers are also working with several firms on an ambitious, related project: developing a long-lasting battery system to be paired with the generator (or to charge off AC power). This battery system will include "custom chemistry, unique electronics, and complex charge and discharge monitoring algorithms to deliver 2,000 battery cycles -- four times more than normal PCs," Foster says. A long charging session in the morning, for instance, would allow kids to use the laptop throughout the day, with the batteries storing enough energy for eight hours of work -- with enough left over for the computer to serve as a wireless mesh network router for another 16 hours.



Read Full Post!

Wednesday, April 9, 2008

WYSIWYG Open Source website developing Tools

Every body who is in web development knows about the adobe Dreamweaver, recently clubbed with adobe CS3. It is an expensive piece of software to own unless you bread and butter is web development. But here I will mention some relatively less known software's, First one i can think of is Komposer. It is released under the GPL license. It was built as enhancement and bug fixed release to “Nvu”. Nvu is now out of production and not being developed further. The development is also slow on Komposer but still a good tool. Some of the features are:
  • Very light as compared to other commercial .
  • Built-in FTP .
  • CSS Editor.
The version is far from being a professional development tool (as stated on their own site) but if you are working on your on website and have just some thing small and want to maintain it at minimal possible cost the Komposer is the choice of tool. The three tabs at the bottom let you switch between the WYSIWYG view, HTML view, and Tag view.
Another WYSIWYG tool available is "Amaya" from W3C consortium. It is a more feature rich tool. it follows strict XHTML standards. It should be a very good web authoring tool for faculty and researches as it natively supports MathML, Scalable Vector Graphics (SVG), and collaboration via shared metadata based Web annotations, bookmarks, and their combinations(Annotea). This a step forward in sementic web development and Resource Description Framework(RDF). The CSS support is much more enhanced. This is a really good tool, and helps create sites which are simple, powerfull, and standards compliant. few other tools available are SeaMonkey Composer (Mozilla Composer) and Trellian.


Read Full Post!

Saturday, April 5, 2008

The New Era of X-ray Imaging

Medical imaging has made vast strides over the past decade. Technologies that were once limited to diagnostic applications are increasingly being used for minimally invasive surgeries, cancer ablations and colonoscopies. Image Guided Interventional techniques(IGI) have not only helped reduce patient recovery duration, but also helped to improve efficiency of treatment.


Modern imaging techniques started with the invention of 2-D X-ray scans. As the popularity of these scans increased, the demand for a more comprehensive coverage of the object also grew. This along with the advances in computing technologies eventually led to 4-slice Computed Tomography(CT) scanners. Today all major players, Philips Medical Systems, GE Medical Systems and Siemens Medical Systems offer multi-slice scanners that can be used in axial mode to quickly scan moving organs or in helical mode to cover the entire human anatomy. Recently Philips has introduced a new 256 slice scanner in its Brilliance iCT series while Toshiba has introduced a 320 slice scanner in its Aquilion series.

As imaging technologies improve and scanners get more intelligent and efficient, the market for diagnostic as well as interventional radiology will continue to grow.

(Note: Image coutesy of Toshiba)


Read Full Post!

Thursday, March 27, 2008

Concept Cars 2008 Auto Show New York

concepts cars are futuristic cars which may or may not see production but some of them are really cool to look at and use very high end technologies. This years New york Auto show is showing 12 concept cars from different manufactures. Some are really futuristic and good looking. the one which really popped my eyes out is "Dodge Zeo" really great looks and equally great interiors. the look show below is really Awesome. ZEO stands for " Zero Emissions Operations, and this a all electric high performance car, 0 to 60 mph in 5.7 seconds and a top speed of 130 mph. The Zeo's all-electric range is 250 miles, this is much more then which is available from other car manufactures as of now.
To read more about ZEO follow these link
automobilemag
Wallpapers from different views

Few other contenders at the Auto show are
Audi R8 V12 TDI you can design your own at least virtually here.
Jeep's Renegade is a hybrid made for off-road and on road action.



Read Full Post!

What is the Color of Sky