Monday, January 31, 2005

Cryptographic hashes explained

Was doing my usual surfing and bumped into this illustrated explaination of Cryptographic Hashes. Do check it out here. More explanation of Crypographic hash function here.

Saturday, January 22, 2005

Temporary email addresses - one solution for spam

Usually, websites require you to provide them with your email address when you sign-up for their services. This email address is then used for sending you a verification link or an activation code. Usually this is not a problem, but some service providers (sites) will sell your email address to spammers. Once you start receiving spam it is almost impossible to get off the spammers list. Ofcourse, you cannot give them a fake email address because you will never receive your activation code or verification link and would never be able to start using that service you signed up for.

You want a way out.. huh? Dont want to give them your real email address? One of the solutions to this problem is to create a temporary or disposable email address. So how does this work, you may ask. Start out by creating a disposable email address using one of the disposable email providers* like mailexpire, mailinator, Spamhole, spamgourmet etc. Some of these providers let you create an temporary email address that simply forwards the mail it receives to your real email address. After a few hours (you can specify the time) the temporary email account expires and vanishes from the face of this planet. Thats it. End of story.

So just before you sign-up for a new service, go and create a temporary email address with one of the above listed providers and then simply give that email address when the new service asks you for one. Even if the site sold your email address to a spammer, that email address is valid only for a few hours. After that, you never hear from that spammer again!

* I am in no way connected or have anything to do with any of the above listed temporary email service providers. Use them at your own peril.

Saturday, January 15, 2005

Whiteboards near windows

I take the bus to work and have to walk for about 4 blocks to reach office. While returning back yesterday, I happened to look at a whiteboard inside a conference room through a glass window. From what I saw on the board, it was obvious that someone had drawn, very neatly, a diagram detailing how the network was organized for that company. Most of the little retangular blocks on that diagram, had their respective IP addresses written below.

It seemed that the meeting/workshop/demo/whatever that they had organized in that conference room was over and that they "forgot" to erase the contents of the whiteboard. Wouldnt it be easy for a hacker, who happens to passby that building, to jot down that network diagram or simply take a snap from his/her camera phone? If a hacker (more appropriately, a cracker) knows your network layout then half of his work has already been done.

I have seen numerous instances, where valuable information (IP addresses, passwords, phone numbers, names of co-workers) jotted down on whiteboards that are visible to pedestrians outside the building.

Listen fellas, its always a GOOD idea to erase that damn whiteboard once you are done using it. If you want to "save" contents of your whiteboard, atleast make sure that you close the window blinds.

Sometimes companies spend millions of dollars trying to protect their data in every conceivable technical way, only to lose it due to human stupidity.

Wednesday, January 12, 2005

Gmail vulnerability patched up

On 11th January (yesterday), someone discovered a security vulnerability bug in Google's GMail service. This issue was also reported on Slashdot.

On 12th January (today), Google has already fixed the bug. This is what other companies that try to compete with Google need to understand. Put the user's interest first. If the user's data is compromised or if the user feels insecure using your service, they will simply stop using your service.

I tip my hat to Google.

Saturday, January 08, 2005

How to increase size of your Hotmail account

Want to increase the size of your hotmail account from the measly 2MB to 25MB and then to 250MB? Well, just follow the steps as listed below. A couple of people have verified that this hack works. Its been tested to work only with existing hotmail accounts having 2MB storage.

Before you go ahead, let me tell you something: Dont whine if this doesnt work. You are doing it at your own risk. Also remember, curosity killed the cat.

To protect all your current emails don't forget to follow the instructions of Step #3

Before updating your Personal Profile in Options just take the snap shot of current settings using print screen, pasting the snapshot it in an MS-Word file and saving it for future reference. If you forget your password in future, hotmail may want your to enter the original profile details.

Also after changing the Personal Profile, again take the print screen of new personal settings and paste it in a new page of same MS-Word file, so in future if hotmail ask you to provide the personal details then you can provide it.

This method makes your Inbox 25MB in size first and then in a month or so, it is supposed to become 250MB. So here's the step-by-step procedure for ya folks:

Step #1
Sign in to your hotmail account and change your Personal Profile in the Options (its in top right corner) as following:

country : USA
state : Maryland
postal code : 21135
(choose another zip code if you want. - needless to say, you need to enter the zip code that belongs to the state you've chosen.

Step #2
Then get to the Language options and make it English.

Step #3
If you don't want to lose your Inbox emails, save your mails from Inbox to some temporary folder by following procedure. From your Mails view, click Put in folder. From the menu, choose New Folder. Create your new folder and go back to your Inbox. Select the emails that you do not lose and click Put in folder once more. Choose the folder you have just created and the emails you have chosen will be moved to that folder. You can move them to your Inbox again later by the same method.

Step #4
Before signing out, paste the link below into the address bar and click "Close my account". Thus your account will be deactivated. Remember its deactivated and gone for ever. All you have to do is deactivate it and activate it again immediately. Even the mails in your mailboxes other than Inbox will be as it is. Inbox mails are deleted when inactivated and hence I asked you all to save them in your new folder.

Step #5
Now visit the address again. Enter your username and password. The activation page will load. Activate your mail account.

Step #6
You're done ! Now your mail account capacity has grown to 25MB and in a month or so it will be 250MB. Enjoy your "enlarged" hotmail account! If you're in USA then the hotmail account size might grow to 250 MB directly.

A big shout to Bhavesh Patel for sending this tip!

Friday, January 07, 2005

World's smallest secure Webserver from Sun Microsystems

Back in December, Sun Microsystems announced that they have created the world's smallest secure web server:
Nicknamed Sizzle (from SSSL for Slim SSL), this server is the size of a U.S. twenty-five cent coin and is designed to be embedded in a wide array of tiny devices

Sizzle runs on the Berkeley/Crossbow "motes" -- battery-powered, wireless devices equipped with an 8-bit microprocessor, 128KB of FLASH and a mere 4KB of RAM.

In spite of its small size, Sizzle makes no compromises in terms of security. It uses Elliptic Curve Cryptography (ECC), which has been chosen by the National Security Agency as the next generation public-key cryptographic technology for protecting sensitive U.S. Government information
Just think of the possibilities once this thing gets commercialized/mass produced. Maybe your camcorder could send an encrypted stream of video to your cellphone which in turn could, in real time, transmist the data over to your personal video server. Maybe your iPod music stream could be encrypted and then securely sent to your car's FM receiver, which could then decrypt it and play back the music.

Monday, January 03, 2005

Adding an LCD display to server

As some of you might know, this site runs off a server that I put together myself. I've always wanted this server to have some sort of display (LED lights or something) that would somehow glow whenever I received a new email. A different light would glow when the CPU utilization went over 50%. Now, this is for times when I am around my house, but not necessarily using my desktop. This is more of a geek thing. Nice to have, not a must have.

Last night while surfing around, I came across a company called Crystalfontz that manufacturers various LCD displays. They even sell drive bay brackets so that the LCD display can be mounted in a standard PC case. Now these LCD units come in USB or Serial flavors. This means that they can be hooked onto a standard PC.

Besides, I also found that there is even an open source project (in Perl) called LCDProc that supports various LCD and VFD displays in a standardized way.

So finally it seems there is a way to satisfy my itch. In the next few days, I'll order an LCD display from CrystalFontz (btw, there are other vendors too that sell LCD displays) and then try use LCDProc to control and display stuff on the LCD panel. Once I am done, I will document the steps needed for adding an LCD display to your desktop or server.

You can even build you own MP3 display for songs played off your desktop PC or laptop using the above mentioned combination.

Cool, aint it?

This page is powered by Blogger. Isn't yours?

Copyright Anand Jain 2004, 2005. All rights reserved.