AdamStovicek.com

Archive for the ‘Technology’ Category

Source… Hawty McBloggy: 1 and 2

The story revolves around a gamer named Nathaniel. He’s been a huge fan of the XBox 360 and had a special console of his own. He had it pre-ordered in advance of the rollout and still has his receipt to prove it. Taking it with him to shows and appearances, he was able to get the case signed by many of the XBox and Bungie developers and designers. He even had a custom drawn Halo character put on it by Luke McKay.

Then came the day when it encountered the “Red Ring Of Death” and failed to work. Getting it repaired meant sending it away to Redmond. After making a few calls, he was assured that he would get back the same XBox that he sent in and that it would be taken care of carefully. Since it had a lot of sentimental value, he took every step possible to ensure he would get it back intact including a letter to the technician, who would eventually work on the console, in with his XBox explaining how much he valued it.

They did return his XBox, but someone at Redmond wiped it down and removed all the artwork and autographs. BS Angel at hawtymcbloggy.com ran a few articles and word slowly got around. The first major response was from the team at Bungie who sent him a huge care package including a Halo helmet autographed by many of the staff, an autographed Halo CD, jacket, t-shirt, bag, faceplate and skins, and few more items.

Grateful to the Bungie team Nathaniel had to have been, Microsoft still had its own face to save. They had contacted Nathaniel at the start of this internet drama and said they would make good on the screw up. Since then, not much was heard until recently when a big box showed up Nathaniel’s door with a note reading “Enjoy! <3 Thegamersscroeblog Team & Everyone on the enclosed!” Inside was an XBox 360 with new artwork and autographs, including a faceplate with the ever elusive Bill Gates’ signature right across the front. On top of that was five games, bumperstickers, a XBox cd wallet and an autographed picture of Bill Gates.

Nathaniel had this to say:

“My overall mood about the packages I have received from Bungie and Microsoft is nothing short of ecstatic, but compensation was never my focus. The only thing I have specifically asked of Microsoft and the Xbox 360 team for is this particular case to be examined so that some change(s), whether small or broad, can be made to the service process to prevent the occurrence of any similar scenario. This remains my only request.”

Pictures of the new XBox 360 are present with more pictures at BS Angel’s blog linked above.

I finally broke down and bought an Asus Eee 8G this past week. Newegg finally had them for sale (again, I assume) for $499.99 plus $10.84 for shipping. As of this writing, it appears as a deactivated item. Apparently they sell them in spurts. Here’s some pics and other miscellaneous info.

Showing the ugly mug with the Eee’s built-in webcam with the stock Xandros OS.

Feeling constrained by the limitations of the stock Xandros OS, we begin the Ubuntu-ization.

A wah-lah! Apophis is born. Thanks to Pendrivelinux.com for the how-to guide in building a Ubuntu Live USB, and to C.K. Sample III for the rest of the procedure.

Here’s a size comparison between the Asus Eee PC and my Thinkpad T41.

Here is a comparison of the maximum screen resolutions with a common layout between the two laptops. The top is the Thinkpad with a 1440×1050 resolution, and the Eee at the bottom with a 800×480 resolution. You can see that there’s a definite lack of real estate for multiple windows on the Eee.

One of the limitations I had with the Xandros OS was having one single workspace. It is a KDE environment, albeit modified, but no discernible way of improving it. Ubuntu supplies Gnome with Nautilus which can allow multiple workspaces. KDE has the same feature but the Xandros OS doesn’t appear to allow it.

There’s plenty of guides across the internet for installing your own choice of OS on the Eee. Without a floppy or an optical drive, it presents some obstacles. Fortunately it has three USB ports making it easy to use an USB DVD drive or USB flash drive. The User Guide that comes with the Eee even has instructions for installing Windows XP. You still need your own copy of XP, but they’ve at least gone through the effort of supplying the steps for you. And in case your choice of an alternate OS doesn’t quite work out, they supply a DVD with a recovery option and instructions for the different ways to approach it.

The packaging was quite professional along with the provided documentation. The satchel, or carry pouch, is decent and the AC adapter has a wonderful length. An unexpected bonus that was boxed in with the Eee was an optical USB mouse. While I am a fan of the touchpad, Eee’s can be stubborn sometimes. Even after tweaking the sensitivity, there are times when it requires extra foreplay in order for the magic to happen. The mouse has a slight red glow to it that can either be mistaken for something ominous or feminine. I opt for the former.

It did only come in white Pearl White when I bought it. My brother, who also wants one, is hoping for a black edition. Since everything else I own is black, having something in white is a nice change of pace.

Things I want (or have already) change:

• Replaced the Xandros OS with something more configurable.
• The ‘Intel Inside’ badge that was mounted to the bottom left corner was hanging over just enough to annoy me. I replaced it with a ‘powered by: ubuntu’ badge.
• Upgrade the ram to a full 2GB.
• Install an encrypted flash drive for personal files.

All in all, it’s a wonderful little machine despite its shortlist of
cons. It has plenty of punch for a such a little, under-powered machine.

Source … Center For Information Technology Policy at Princeton University

Disk Encryption has been touted as the ultimate in securing a computer, especially laptops which are prone to being lost or stolen. The theory is that once a machine is turned off, encryption “activates” and renders the hard drive inaccessible. Without entering the correct keyword or accessing a separate key file,
the hard drive would essentially be nothing more than a paperweight. However, things rarely seem so simple.

Because your computer needs to access the encrypted hard drive while powered on, the access key remains resident in its memory. The natural assumption is that when you power off your computer, its memory flicks off like a light. Researches at Princeton have shown that DRAM, which is used in the majority of computers today, fades off over the course of a few minutes. If one were to cool the ram down to a much lower temperature, that power fade can extend far longer than a few minutes. So what does this mean in terms of encryption?

Since the ram takes longer to power down, the encryption access keys remain in the memory. With some simple computer engineering, one could transfer the ram to another computer, or create a separate device, in order to read the contents of the memory while it still contains the encryption access key.

This does, however, depend on a few assumptions. The first and foremost is power. While the DRAM does take a few minutes to fade, it still does power down. So there is a significantly short window of opportunity. While you can slow the process of the fade down, one would need physical access to the ram in order to do so. The trick would be to keep a system powered on until one were ready to hack into it.

The second is access to the hard drive. With bios and boot loader passwords, simply getting to the prompt to enter the encryption access key could be troublesome. One would have to physically remove the hard drive and place it into another machine. Not that this approach is out of line considering that the machine is already in the hands of a hacker. If they were lucky enough not to encounter a bios password, they could
just have the machine boot from an external device such as an USB key
or hard drive.

Laptops with battery power are certainly easy targets for this. Many people are known to leave a laptop powered on and unattended in a public place. A thief could easily have a setup in car nearby, or even a few minutes away. But how does one attempt this with desktop? Desktop machines rarely have any kind of battery backup, and when they do it certainly doesn’t last long. Some desktops use more electricity than all other home appliances combined. How do you keep the power in the DRAM long enough to perform the hack? Answer: WiebeTech HotPlug. The web page clearly states:

How to circumvent Whole Disk Encryption
The key: Do not allow the encryption to activate. Low level encryption such as Vista’s Whole Disk Encryption (WDE) can halt an investigation. Use HotPlug and Mouse Jiggler to prevent encryption technologies from activating. If you can carry away the computer while it’s still logged in, you maintain full access to the hard drive.

That statement assumes to keep a password screensaver from activating. But as the researchers have shown, one needs to only supply power to the DRAM long enough to get the desktop somewhere to perform the hack. The trick is moving a desktop without disrupting it’s power source and the web site even has links to videos showing how they perform this kind of a seizure using their HotPlug device. Designed for Government and Forensic customers, it still available for sale to general public.

So does this mean disk encryption is no longer viable? Well ask yourself this: do you still lock the door to your house as you leave knowing full well that windows are easily broken and door locks can be picked? You can never make anything completely theft proof, but you can significantly increase the resistance to theft. A thief is going to look for the easy targets that take the least amount of time. Unless you’re carry a laptop with detailed maps to untold fortunes, a thief most likely won’t take the time to break into your computer to see where you shop online. Passwords and financial information is easier to get from online attacks anyway through phishing and trojan viruses.

Unless you’re a government employee, corporate executive, or under investigation for illegal activities, you’re not going to garner enough attention to go through the work of circumventing your disk encryption. However, you should still understand the concept and know that it can be defeated. Don’t assume that your disk encryption is the holy grail of protection and take extra steps to ensure the safety of your computer and its data.

1. Never leave your laptop unattended.
2. Set the bios’s boot password. Without it, the computer’s operating system will never boot.
3. Use a screensaver that requires a password to deactivate and have it activate within a few minutes of inactivity.
4. Use a login to the operating system, even if you’re the sole user.
5. If you run a boot loader like LILO or GRUB, set a boot password. Every password prompt means one extra lock in the chain. And keep the passwords different.
6. For desktop security, power down when not in use. By the time anyone thinks of stealing it, the memory ought to have been cleared.
7. Never advertise your security measures. If they don’t know the encryption exists, they may not be prepared for it.
8. Hide your typing when entering passkeys/passwords. Many passwords are hacked by looking over the target’s shoulder or video recording the finger movements over the keyboard.

Source … InfoWorld

The FCC has mandated this coming Monday for allowing the cellular networks to turn off analog service. According to the two largest service providers, AT&T and Verizon, the number people directly affected by the shutdown should be minimal. They state that less than 1% of their customer base still haven’t made the switch to digital. While 1% may sound small, we’re talking about a customer base of about 60 million subscribers which may equate to several hundred thousand people.

Sprint and T-Mobile don’t have analog networks, but they do have partnerships with analog providers in order to provide coverage for their customers when roaming away from the digital networks. The most affected cell phone customers will be those that just keep a cell phone in the car in case of emergencies. They usually don’t see a need to upgrade a handset that they rarely use.

Mobile phones are not the only device being affected by the analog shutdown. GM’s OnStar service was originally serviced by analog in 1996 but later switched to digital. They shut down their analog service at the start of the year rather than waiting for the February 18 cutoff. While they stated last year that 90% of their customers are using the digital service and those that aren’t could be converted over to it, there are some who felt left behind and filed suit against GM.

There are also alarm companies that have relied on analog networks to alert police and fire departments. A survey taken three years ago stated that there were about 1 million homes and business still set for analog use, while 850,000 of those only used it as a backup in case of a cut phone line. Manufacturers believe that total number has been reduced to about 400,000.

Unfortunately, most people have ignored this part of the analog shutdown by confusing it with the upcoming analog TV signal shutdown which isn’t due to take place until next year.