|
Convergence |
| August 7th, 2008 under Technology, rengolin, Hardware. [ Comments: none ]
|
|
I’m not into writing generic posts about buzzwords but I have to admit that I’m astonished. We just got a Nokia N95 8GB last week and I’ve been playing with it since then.
It’s amazing! I’ve never used my laptop since I bought it… It has a decent web browser with Flash Lite support. All websites work perfectly: Gmail, Google, Youtube, BBC, The Register, Slashdot. Even the Google calendar works well. But the best thing is that it has wireless 802.11g support, so I don’t even have to pay a penny to browse the internet! And all major websites have their mobile versions as well automatically chosen by user agent.
Games? It supports the n-gage engine (as all new Nokia do) and has some decent games for it’s small screen. The best thing about the games is that they use a OpenGL 1.1 ES GPU on the thing. Skype, messenger, GPS, step counter etc are also available. Can it get better?
Yet, the best thing is that you can develop in C++, Java and Python! Not on the move, though… I guess I’ll have to wait a few more iterations to get a terminal and a (free as in speech) compiler and a good processor to be able to compile code while I browse the web and listen to podcasts…
Popularity: 1% [?] Share This
|
|
When the hunter becomes the hunted |
| July 22nd, 2008 under InfoSec, Technology, rvincoletto, Articles, Sponsored. [ Comments: none ]
|
|
The fast evolution of computer networks brought fantastic developments for communication and connection capacities.
We can easily see this evolution while observing the Internet, first a restricted network and now a complex and global network, where we can do a simple mail exchange or complex and elaborated financial transactions.
But, we also have the dark side of this fantastic environment: threats like virus, worms and Trojan horses, scanning, spoofing, sniffing or snooping, and so many others became the nightmare of all organizations.
Indeed, the technology can play for and against us.
A good way to make the technology works for us is using Packet Inspection. This is a tool frequently used to sniffing networks, looking for password and breaches, but information security professionals can use it to do exactly the opposite: protect the network.
With a good Packet Analyzer you can generate information about your integrated information systems, supporting the system administrator to find and solve the problems in a quick and efficient manner. It’s possible to identify attacks, non-authorized access to systems and malicious behaviors. In other words, with a good inspection solution your organization will be able to see and analyze everything that hits your network.
You can prevent problems and also reconstruct network sessions, providing the needed information for Network Forensics. It’s when the hunter became the hunted: you will be using the same method malicious threats use to put your business under risks to defend your organization.
Do you want to know what a Packet Inspection is? Watch this video for more information: Deep Packet Inspection explained or read here at Wikipedia.
Popularity: 3% [?] Share This
|
|
Long live open source |
| June 20th, 2008 under OSS, rengolin, Software. [ Comments: none ]
|
|
Another fine example about how the open source community can be impressive, even when comparing with the biggest software companies.
Yesterday we had a gig at our annual Music Evening and I needed to edit the videos to upload them on my wife’s website. I go on cinelerra’s website download page and get the Ubuntu 8.04 repository, update the package listing and try to install cinelerra:
sudo apt-get install cinelerra
It should be that easy but unfortunately the repository had an error:
Err http://repository.akirad.net akirad-hardy/main akiradnews 20080417
500 Internal Server Error
Err http://repository.akirad.net akirad-hardy/main libguicast
1:2.1.0-1svn20080530akirad1
500 Internal Server Error
Err http://repository.akirad.net akirad-hardy/main libmpeg3hv
1:2.1.0-1svn20080530akirad1
500 Internal Server Error
Err http://repository.akirad.net akirad-hardy/main libquicktimehv
1:2.1.0-1svn20080530akirad1
500 Internal Server Error
Well, with nothing else to do about it, I’ve followed the instructions on the website saying to email the guy that put the packages in place, which I did. Seriously, I thought it would take a while (days?) until the guy could have time to go home, do whatever he wanted to do at home, check his emails, talk to the ISP, bla bla bla.
To my surprise, after exactly 1 hour and 20 minutes he replied (in English and Italian) that the packages were reloaded, I should be able to get it, which I did, and indeed, worked absolutely fine. I now have my videos edited.
The “guy” was actually Paolo Rampino, which I thank him very much, but also I’d like to acknowledge once more the power of the open source community. I wonder if I had any much more serious problems (security) with a copy of Windows or Office if Microsoft would take 1:20 hours to not only answer, but to fix it!
Thanks again Paolo, you made another user very happy indeed.
Popularity: 6% [?] Share This
|
|
Numerical methods package in C++ |
| May 9th, 2008 under Devel, Algorithms, rengolin, Software. [ Comments: none ]
|
|
I still code in my spare time and for a while I’ve been gathering some numerical methods I did at university in an easy-to-understand generic C++ package. Despite being easy to understand, I also tried to implement the best method I knew for each problem.
The root finding algorithm is based on Brent’s method which is, in turn, based on the secant method. If everything fails, it throws an exception and you can use the safe bisection method.
The integration is using the Romberg’s method, which is a further extrapolations of Simpson’s method which is already much better than the trapezoid basic method.
For Interpolation I’m using the Natural Cubic Spline but would like to implement other types of splines (like complete, periodical, clamped etc). The interpolation is working, but I couldn’t managed to get the coefficients right yet.
Other codes I have are Monte Carlo, Runge-Kutta and Markov Chain (this one using boost graph library for C++) and will be integrated soon. I’ll let you know when it’s done.
Popularity: 13% [?] Share This
|
|
Book: Flat and Curved Space Times |
| May 8th, 2008 under rengolin, Books, Physics. [ Comments: none ]
|
|
The first time I read this book was during my special relativity course at university. I couldn’t understand a thing the teacher was saying (probably because his explanations were always: “you won’t be able to understand that”) and I needed to replace a 35% grade I got in the first exam to complete the course.
Well, hopeless as I was, headed to the library in search of a magical book (other classmates were helpless as well) and found this one. The magic in it is that, instead of trying to force the Lorentz transformations down the throat first and then explain the basic principles of relativity, it does it by simply showing the topology of the space and assuming that the speed of light is constant (pretty much the same path Einstein took in the first place).
So, the first chapter has no equations whatsoever, only graphics with light waves going back and forth and he derives the light-cones automagically from it, what happens to the “world” at high speeds and how does it affect our senses of reality. It goes on for all kinematic principles only using Newton equations and gamma. Lorentz transformations only appear in the fourth chapter.
After that, not only I could understand relativity as a whole, but I also got 90% grade on the final exam! It’s an old (88) book but time has no meaning for a very good book, especially for a subject that hasn’t changed that much in the last decades.
I recommend it to physics-wannabe as well as lay people with little background in math, and if your teacher is as hopeless as mine was, ignore him and read this book.
Click here for the US version.
Popularity: 13% [?] Share This
|
|
Silly projects of the week |
| April 29th, 2008 under Devel, Algorithms, rengolin, Software. [ Comments: 2 ]
|
|
Last week I did two silly but still quite funny projects: word search on protein sequences and chat bot using markov chains.
Word search
Searching for similar sequences among the known proteins to understand evolutionary paths and function similarities is a powerful algorithm called BLAST. Following the same lines I spent a few minutes to develop a similar (but not quite the same) algorithm to search for all dictionary words on all UniProt sequences.
The algorithm will look into a dictionary (say /usr/share/dict/words) and for every sequence it’ll find the words in it, allowing a few (no more than 2) amino-acids to be between the letters. Than it gives a weight to the match based on the size of the word and the “added length” due to additional amino-acids in between. You can also restrict the number of letters on the word list to avoid too short or long words.
The results for 7 to 9 characters words in English searched only on Swiss-Prot entries are:
STRANGE 1.4
CHARADE 1.75
SLEDGED 1.75
MEALIER 1.75
DEMEANS 2.33333
DETAINS 2.33333
Markov bot
I knew a markov chain could have true wisdom but I never tried to make it actually talk to anyone until a friend told me about MegaHAL (much better than my markov model, of course). I decided to give it a try and got the XMPP bot from the Python examples and plugged in my markov program on all phrases spoken to it.
In the beginning it was awful, of course, it knew nothing. But with time (and hard work from some friends to actually teach him about leisure, programming, physics etc) it could babble a few coherent words once in a while.
The results are complete rubbish, below is a sample of the complete non-sense conversation I had with it now:
rengolin: how are you doing? have you managed to find the answer to Life, The Universe and Everything?
oraculoids: with an amazing company makes the basic points of some operator
rengolin: operator or not, you must come to reality and sense the danger there is in talking like that after such a complex and meaningful question
oraculoids: dead as an interface to follow an animal
rengolin: whatever animal you prefer, I would say but it seems that you are now driving the conversation
oraculoids:
rengolin: aha! I know you didn't have answers to everything!
oraculoids: how is in between and pray
rengolin: I don't pray too much, really, I'm not that kind of a person anyway...
oraculoids: but at the conversation it't fall into them!
rengolin: I would never say that, especially not with you my friend
oraculoids: A design pattern is a practical laywer
rengolin: lawyers have no purpose other than screwing up the poor
oraculoids: hi bot
rengolin: I am not a bot
oraculoids: field of some of life, love them!
Quite stupid, I might say, but still I had a lot of fun doing it and that’s what matters…  In spite of that, though, megaHAL is quite an impressive program and BLAST is a very powerful search mechanism.
Popularity: 12% [?] Share This
|
|
A Pause for Advertising |
| February 28th, 2008 under InfoSec, Technology, Review, rvincoletto, Hardware, Sponsored. [ Comments: none ]
|
|
 Our long time sponsor 123 CCTV Security Camera Surveillance, that you can see under Links at our right bar, has a new website.
With a range of clients that can go from The Pentagon to the home user, they have everything for security surveillance, since External and Internal security cameras, CCTV cameras to PC security systems.
We wish luck with their new website!
Popularity: 14% [?] Share This
|
|
RDBMS, to rewrite or not to rewrite… I got confused… |
| February 19th, 2008 under Devel, Algorithms, Distributed, rengolin, Computers, Software. [ Comments: none ]
|
|
Mike Stonebreaker (Ingres/Postgres) seems to be confused as well…
First he said Google’s Map/Reduce was “Missing most of the features that are routinely included in current DBMS”, but earlier he said to ditch RDBMS anyway because “modern use of computers renders many features of mainstream DBMS obsolete”.
So, what’s the catch? Should we still use RDBMS or not? Or should we still develop technologies based on relational databases while Mike develops himself the technology of the new era? Maybe that was the message anyway…
My opinion:
MapReduce is not a step backwards, there are sometimes when indexing is actually slower than brute-force. And I’m not saying that on insert time the indexes have to be updated and so on, I’m saying in the actual search for information, if the index is too complex (or too big) it might take more time to search through the index, compute the location of the data (which might be anywhere in a range of thousands of machines), retrieve the data and later on, sort, or search on the remaining fields.
MapReduce can effectively do everything in one step, while still in the machine and return less values per search (as opposed to primary key searches first) and therefore less data will be sent over the network and less time will be taken.
Of course, MapReduce (as any other brute-force methods) is hungry for resources. You need a very large cluster to make it really effective (1800 machines is enough :)) but that’s a step forward something different from RDBMS. In the distributed world, RDBMS won’t work at all, something have to be done and Google just gave the first step.
Did we wait for warp-speed to land on the moon?! No, we got a flying foil crap and landed on it anyway.
Next steps? Many… we can continue with brute-force and do a MapReduce on the index and use the index to retrieve in an even larger cluster, or use automata to iteratively search and store smaller “views” somewhere else, or do statistical indexes (quantum indexes) and get the best result we can get instead of all results… The possibilities are endless…
Lets wait and see how it goes, but yelling DO IT than later DON’T is just useless…
UPDATE:
This is not a rant against Stonebreaker, I share his ideas about the relational model being far too outdated and the need for something new. What I don’t agree, though, is that MapReduce is a step backwards, maybe not even a step forward, probably sideways.
The whole point is that the relational model is the thesis and there are lots of antithesis, we just didn’t come up with the synthesis yet.
Popularity: 11% [?] Share This
|
|
Help us, Obi-Wan Kenobi; you’re our only hope… |
| February 18th, 2008 under Web, OSS, rengolin, Computers, Articles. [ Comments: none ]
|
|
After Yahoo! rejecting MS offer and all the fuzz about Yahoo! takeover now Yahoo! itself is breaking apart…
No wonder the shareholders are mad, Yahoo! has been falling to pieces since Google got into scene and now with the $31 / share offer when it was barely holding it self above $20 the shareholders saw all the return for their investment happening in a very short time, what might be the last chance they have to see any money back at all.
So here’s a bit of futurology:
David Filo moves to Hawaii, shareholders sue Jerry Yang and he’ll end up very poor on his own Caribbean island, Yahoo! is bought by Microsoft by half the price (after the lawsuits there will be few left) and the shareholders will be very happy to, at least, get some money back.
All FreeBSD / Apache / PHP will be converted to Windows 2003 Server / .NET / C# and Yahoo! services will be even worse than they used to be, Microsoft will take the users and force them to start using Google services (no one likes to eat crap anyway) and Google will be the last hope of the Internet.
Fortunately Google is by far more efficient than Microsoft and Yahoo! together (it’s not that hard anyway) and it’ll be piece of cake to take them both down while still holding their hats with the other hand. I just hope Google doesn’t try to dominate the world as Microsoft is attempting for decades, they probably know by now that it’s like reaching the speed of light, the bigger you are the more energy you need to increase speed.
Microsoft and Yahoo! will still exists for a loooong time and Google will have a bit of competition for a while, at least until the “next-Google(tm)” shows up and put all three in the sack “with a wave of her hand(tm)” and the cycle will start all over again.
Let’s hope for the best, whatever that is…
Popularity: 10% [?] Share This
|
|
Information Security Carnival - 2008 1st Edition |
| February 3rd, 2008 under InfoSec, Technology, rvincoletto, Gadgtes, Articles. [ Comments: none ]
|
|
Welcome to the February 3, 2008 edition of information security carnival. And what can I say… This could be the USB Security Edition.
articles
bennie presents What technological things should you have? posted at Technology Matter, saying, “A list of technological things you should have.”
Host comment: This is not exactly a Infosec article, but it’s a good list.
DJ presents Bluetooth spamming gets green light posted at Bluetooth Insight.
Brian Terry presents 7 Website design mistakes to avoid (at all cost!) posted at Big Selling Website Design.
reviews
DJ presents LG Vaccine USB posted at USB Insight.
gs presents IronKey posted at The Tech-Investigator, saying, “Outlining the critical elements of information security for the mobile Professional Investigator.”
DJ presents Yoggie launches Gatekeeper Pico posted at USB Insight.
tips
Tutor presents 0tutor.com: 10-steps-to-a-secure-wireless-network posted at 0tutor.com tutorials blog.
Host comment: “Great tips!”
Sai presents Keeping Your USB Drive Safe: Part 1 posted at American (Tech) Sai-ko, saying, “Tutorial on how to keep your usb drive encrypted and safe.”
Host comment: “Wonderful Article! Now we are waiting for the Part 2″
BeThisWay presents You Dont Have To Be Gullible To Be a Victim of a Check Scam posted at Are You Going To Be This Way The Rest of The Time I Know You?.
Host comment: “Social Engineering and how to avoid it.”
That concludes this edition. Submit your blog article to the next edition of information security carnival using our carnival submission form.
Past posts and future hosts can be found on our blog carnival index page.
Technorati tags:
information security carnival, blog carnival.
Popularity: 12% [?] Share This
|
| « Previous entries |
|
|
