Web kiloseven.blogspot.com
www.arrl.org www.eham.net

2005-02-28

The importance of security beyond virus checkers

Was talking to a friend late last week, who thought their PC security was adequate because they had a software firewall and a virus checker with auto-update. Here's a concrete example, a hack involving e-mail which a virus checker won't catch, which shows why that just isn't so any more.
Here's a few recommendations which could ave your bacon:
1. AVST Free from Grisoft is adequate: Better you should buy Symantec Anti-Virus or some other good antivirus program.

2. Run a full scan for viruses at least weekly; leave your machine on overnight, and let it scan for you.

3. Get a firewall, one good, two better. A recent study with decent methodology showed a PC connected to a cable modem was, on average, hack within four minutes of installation. Even dial-up users are not immune; it just takes a few minutes longer for your machine to be infected if you don't use a firewall.
Software firewalls which run within your PC, like ZoneAlarm (not the Pro version, just the standard free version) are OK, but I add an external router with NAT translation, so no one from outside your home can tell the IP address used by your computer(s). The Linksys wireless routers and no-wireless-routers are my favorites, especially because they are really Linux computers in disguse, and with additional software, they can do much, more more. It's so much easier to buy a component that's expandible, than one which isn't, and then find you have to replace and reconfigure later because your neeeds have changed.

4. Get anti-spyware programs, and keep them up to date.

5. Don't use Internet Explorer, or any web browser which depends on IE, unless you absolutely, positively, must go to a website which won't work with Firefox or Opera.

6. Don't use Outlook or Outlook Express. There are many fine e-mail client programs out there, some with astounding capabilities, like Thunderbird.

2005-02-27

WIreless security improvements with better antennas

If a WiFi hacker can't get your signal, he can't hack your system. That's why many power users are adding these kinds of passive reflectors to limit where their WiFi signal goes to within their home or office.

Green Bay Professional Packet Radio. Includes relevant FCC regulations on power and antennas, so you know when you must reduce power to compensate for that very high gain antenna... but you're still ahaead of the game if you do.

Aluminum foil, cut-up can or wire mesh antenna reflectors.

http://wireless.gumph.org/articles/homemadeomni.html

http://www.turnpoint.net/wireless/cantennahowto.html

http://www.dslreports.com/forum/remark,4495753%7Eroot=dslalt%7Emode=flat

http://www.freeantennas.com/prod01.htm

http://www.freeantennas.com/projects/template/gallery

2005-02-26

I promise to write about something other than SMS soon

But, really, texting is just so darned useful, so here's a follow-on to my earlier article.

With my Palm Tungsten W (gee, two-and-a-half year old tech, how Twen-Cen of me), I can get an immediate automatic confirmation as soon as the recipient opens the message on their mobile. I can't count on Return Receipt working in RFC822-standard e-mail, why is this so reliable?

I can throw a $50 GPRS cellular card in my one-kilo subnotebook PC, running Windows XP, and use it as a phone and for SMS, and Microsoft even gives away an advanced SMS messaging program.

And, Thailand's government is upgrading their cell system to blitz emergency messages out to over 100,000 phones a minute. Traditional pagers can't do that, and radio sure can't be counted on raching that many people now the Emergency Alert System is optional, courtesy your corporate-friendly up-for-sale FCC.

2005-02-24

Welcome to the 21st Century

PizzaHut order-by-wire within EverQuest II, for gamers too hyperfocused to pick up the phone and dial.

2005-02-22

Portland ground zero of computer-simulated smallpox outbreak: Why we just might find SMS alerting useful

A discussion over in rec.arts.sf.fandom on of the possibilities of pandemics of H5N1 influenza, kinda makes yesterday's post on mass alerts via cellphone SMS texting relevant. It inspired me to put together this story, which I stumbled across at Christopher Franconis' (aka BiX) most excellent blog COMMUNIQUE .

Start with this illustration from a fascinating Scientific American article in which a very rich computer simulation, one far more detailed than previous state of the art in epidemiological modelling, estimates the possible consequences of a smallpox outbreak in Portland, OR. Yes, right here in River City.

Got N100? Or a Stryker? Anyway, I digress. Often...

Make sure to look at the difference between quick vaccination and inactivity.

An overview of the study authors' concept (they're from Los Alamos, BTW), and a quote from the February, 2005 Scientific American issue, in which this was detailed
Our group was able to construct this kind of individual-based epidemic model on a scale of millions of people by using high-performance supercomputing clusters and by building on an existing model called TRANSIMS developed over more than a decade at Los Alamos for urban planning [see "Unjamming Traffic with Computers," by Kenneth R. Howard; Scientific American, October 1997]. The TRANSIMS project started as a means of better understanding the potential effects of creating or rerouting roads and other transportation infrastructure. By giving us a way to simulate the movements of a large population through a realistic urban environment, TRANSIMS provided the foundation we needed to model the interactions of millions of individuals for EpiSims.

Although EpiSims can now be adapted to different cities, the original TRANSIMS model was based on Portland, Ore. The TRANSIMS virtual version of Portland incorporates detailed digital maps of the city, including representations of its rail lines, roads, signs, traffic signals and other transportation infrastructure, and produces information about traffic patterns and travel times. Publicly available data were used to generate 180,000 specific locations, a synthetic population of 1.6 million residents, and realistic daily activities for those people.

Integrating all this information into a computer model provides the best estimate of physical contact patterns for large human populations ever created. With EpiSims, we can release a virtual pathogen into these populations, watch it spread and test the effects of different interventions. But even without simulating a disease outbreak, the model provides intriguing insights into human social networks, with potentially important implications for epidemic response.

Their social modelling, illustrated, with Sims, no less... well, 'EpiSims', and, much, much more detail.

BTW, they're also working on a Portland model for an influenza outbreak.

Knew, someday, we'd have that capability, back when I worked in Public Health, and now it seems to actually work. That's especially good, because the Evil Empire created hundreds of tons of weaponized anthrax and smallpox. Now, if we could only get the damn doctors to wash their hands......

Maybe 'Dirty War' on KOPB & PBS Wednesday night at nine (repeat 0300 Friday) might help folks understand what a thin edge we skate on. What, maybe 5% of all cargo containers are actually inspected?

What's more sad is the censorship of the program. I've trained for this, and understand that if/when I have to come out of a 'hot zone', I'm getting a scrub-'til-it-nearly-bleeds decontamination, al fresco, in front of several folks in moon suits who will be too busy to critique anyone for their physique or lack thereof. But, the FCC has to prevent that little bit of reality from soaking in (no pun intended), so when the inevitable CBRN event happens (whether Chemical, Biological, Radiological or Nuclear), Mr & Mrs John Q. Public will not have considered they must submit to the rough ministration of total strangers. They will balk, because < 5 seconds of skin is a greater offense to Imperial America than saving the lives of the contaminated. Some of those who balk will get shot, because every cop and Guardsman in sight will be nervous as hell. But, it's not like that was important, compared to the risk of seeing people go through a realistic decontamination so's they can get used to the idea. And their little dogs, too. {/rant off}.

And, many thanks to WNCU, whose Shoutcasted radio-over-Internet transmissions kept me writing much longer than I should. Should send 'em a Cheerwine.

Ping/trackback to COMMUNIQUE - gotta figure out how this works
.
"Nobody but a fool goes into a federal counterrorism operation without duct tape" - Richard Preston, THE COBRA EVENT.

Replacing pagers with cellphone SMS message alerts

Enrolling for SMS message alerts: One option to automate notification for volunteer emergency workers

(C) John E. Bartley, III 2004-2005


Preface: SMS (Short Message Service) sends a message of up to 160 characters (including the sender's address and subject line if used) over the control channel of digital cellphones. Brevity is the sould of SMS wit, so here's a list of SMS abbreviations.

Analog cellphones, and digital phones on Analog Roaming, cannot receive these messages, and others require users to log in to a WAP or HTML based site to receive them.

Before subscribing, please check with your cellphone company. Some companies (SprintPCS, for one) charge to receive messages (a dime a message) on some plans, so don't sign up unless you know it won't cost you dearly.

SETUP FOR USERS

1. Go to the TxtMob.Com Login Page and enter a username (perhaps your callsign?) in all uppercase, please, then click on [GO]


New Member Login Screen Posted by Hello

2. The Edit screen appears. Enter a password, then re-enter it. Please choose a strong password; a mix of numbers plus uppercase and lowercase letters, in which the letters to not create a word in any language. Then, add your e-mail address and click on [SAVE]


Member Profile Screen Posted by Hello

3. Then, your Profile screen appears. Click on [add phone].


Add Phone Screen Posted by Hello

4. Enter your cell phone number, then select your cellular company from the spin box labelled Service Provider, then click on the [submit] button.


Phone and Provider Entry Screen Posted by Hello


5. Verify the number. A message will arrive on your cellphone by SMS, with a txtmob authentication code. Enter that code, being careful to copy the case of the letters uses exactly, into this screen, then click [Go]


Authenticode Screen Posted by Hello

6. Then, the Profile screen reappears.
Click on Join More Groups.


Join More Groups Screen Posted by Hello

7. The Groups list will appear, showing first Public groups, then Private. Yes, the Public Groups are anarchic, and are certifiable members of the Tin Foil Hat Brigade. Ignore them.

Create a Private list for your served agency or unit, if no one has already done so. Putting a space in the list name (e.g., ACME County) prevents sending messages to the list from phones, which will reduce the tendency of list members to abuse the list. Then, select it. Scroll to the end and click on [Submit]. You are now ready to receive messages, and will soon receive a test message..


8. Please, once established, ask other members not to send messages to the list. That's for list managers to do.


9. TRANSMISSION PROCEDURE: List managers only


You can send from a computer or e-mail-ready PDA, by e-mailing to yourlistname@txtmob.com - but don't forget that 160-character limit, which includes your e-mail address and whatever subject line you enter.

To message from the TXTMob website, click on the "Send a Text Message" link (on the profile page). This will take you to a page where you may enter a message, and select which group to send it to. From the web form, there's a cap of 110 characters in a message.

Simply click the "Send Message" button, and your message will be delivered to all members of the selected group. Please note, you may only send messages to groups of which you are a member. Since this group is "moderated," only administrator-level members may send messages to the group.

Note: There are multiple other commercial programs available which bypass the Txtmob.Com site, for laptops equipped with cellular data cards, and supporting SMS software. Those of you with experience with them are welcome to make suggestions by clicking on the small comments list, below.

73s and best regards,


John E. Bartley, III

2005-02-21

Time accuracy without the Internet

A discussion over at Chaos Manor led me to recall the utter provincalism of folks in the US, which is puzzling, considing most of y'all's only been here for a couple of hundred years, due to unfortunate lapses in Homeland Security:

"Geoff" wrote:
>Motorola /Nextel makes at least one series of cellphones (i710, i730,
i733) which contain a GPS chipset.

However, these won't work without the NEXTEL iDEN cellular network... and, iDEN is not deployed in Uganda. Global Systeme Mobilé phones which work on 900 or 1800 MHz might, if they are available, can provide a time check, but like most other cellphones, they are small and easily stolen, plus require a service agreement for each phone (spendy).

Instead, WWV and its sister station WWVH & WWVB can be tuned with inexpensive shortwave radios. However, the 5.000 MHz frequency commonly used is shared with other stations, including ZUO on Cape Town, RSA. There are non-US alternatives which might reach Uganda better, especially ZSC, also in Cape Town, RSA, on 418 KHz and 4.291, 8.461, 12.724 and 17.018 MHz. Lists follow:

http://ac6v.com/standard.htm
http://www.npl.co.uk/time/time_trans.html
http://www.answers.com/topic/radio-clock
http://www.cl.cam.ac.uk/~mgk25/lf-clocks.html
http://www.smeter.net/stations/hf-time-frequency.php

There's freeware program to sync a PC with station MSF in Rugby, England. and parts may be had here and here.

Off-the-shelf solutions are here:
http://www.wharton.co.uk/expansion/484.htm
http://www.galsys.co.uk/atomic-clock/msf-rugby-atomic-clock.htm
http://www.atomicclockrugbymsf.co.uk/ntp-time-server/ntp-server.html
http://www.tapr.org/tapr/html/Ftac32.html
http://www.timetools.co.uk/atomic-clock-software.htm
http://www.timetools.co.uk/time-server.htm#low-cost%20radio%20atomic%20clock
http://techpubs.sgi.com/library/tpl/cgi-bin/getdoc.cgi?coll=0650&db=relnotes&fname=/usr/relnotes/ntp#Changes%20and%20Additions
http://www.precitel.com/clocks_pages/rs-dataclock_e.html
http://www.precitel.com/clocks_pages/pc-precitime_e.html
(The latter can work with stations other than MSF as well.)

CHU Canada is said to offer a time signal that's easy to read by any Bell 103 modem (an oldie goldie, but whose features are incorporated in just about any external modem). Also see http://inms-ienm.nrc-cnrc.gc.ca/time_services/shortwave_broadcasts_e.html - and you might e-mail them at radio.chu@nrc.ca to inquire if they have QSL cards confirming reception in Uganda, and if so, on which frequencies.

The signal quality of MSF and alternatives could be verified through the good graces of the Uganda Amateur Radio Society [UARS]. Multiple contacts are listed at http://www.qsl.net/arsk/address.htm.

Other parts suppliers may also be found at http://www.hkw-elektronik.de who might be familiar with the parts required to sync with station DFC-77.

This is simpler than a homebuilt interface to an existing US $98 GPS device, as this gentleman hacker has created, and maybe less spendy than NMEA software for Windows - see
http://www.kaska.demon.co.uk/tardis.htm with a wired NMEA-compliant GPS
and the all-important Cable as we must remember Pournelle's Law.

The original poster did not mention which OS was to be used in those computers to deploy in Uganda. That would be relevant information to know, as although WinNT, Win2K & WinXP have SNTP software which could be modified, Win9x & ME do not. This Sourceforge offering could be useful if an automated Win9x solution is needed.

Here's an Apple driver, and xntp is the standard, AFAIK, in the Unix/Linux world. Here's a
how-to for assembling radio parts to make a receiver which will talk to it.

2005-02-19

An Important Omission from The Top 100 Gadgets of All Time

To: Mobile PC Magazine

Dear Sirs and Ms:

After reviewing your feature The Top 100 Gadgets of All Time, I must admit the Ronco Inside-the-Shell Egg Scrambler (#84) may be very useful to someone, but the genius of John Moses Browning is sadly neglected in your panoply of gadgetry.

The M1911 semi-automatic pistol has saved more lives than all other devices on your list, combined. It works when wet, when dirty, when muddy or sandy, below freezing, as hot as humans can stand, and has for the past 94 years. Its current standard incarnation, the M1911A1, Mark IV, Series 70, and dozens of its offspring from manufacturers and designers all over the planet are the best for practical pistol competition, as no other design works as well in comabt or at PPC.

Its flexibility is also well recognized; with a .22 adapter, it's been used to train millions of American servicement and servicewomen in pistolcraft. It's also elegant, certainly a unstated qualification, as it gets a very big job done with very few parts (another explanation here), and can be field stripped for cleaning and inspection by hand with no tools.

It meets also your tests for qualification:

It has to have electronic and/or moving parts of some kind - Yep, moving parts; trigger, slide, barrel, barrel link, magazine, magazine spring follower, grip safety, slide lock safety, firing pin safety, and a few other parts I won't bore you with.

It has to be a self-contained apparatus that can be used on its own, not a subset of another device - yep

It has to be smaller than the proverbial bread box - I don't leave home without mine (which is the Canadian Para-Ordnance P12-45 variant) on me, so it qualifies there, too.

Respectfully submitted for your approval: the M1911.

WiFi Finder Review and Handtops in general

Years ago in days of old when magic filled the air, this was 'portable computing'. Yeah, only 28 pounds. That's why my right arm's 2" longer than my left, from schlepping around with sych.

Nowadays, instead of a 1 MHz CPU w/ 64 KB of RAM and a 10MB hard drive, you can drop into your pocket a 1GHz CPU with 256MB and a 20GB hard drive.

Handtops.com is a handy place to visit if you need Windows XP in the field, a laptop's too big, and a PDA won't do the job.

There's even a nice review of WiFi finders; not computers, these only look for Hotspots to tell you when it's worth the time to haul out your WiFi machine. Tubular.

2005-02-18

Hacking into cars via wireless

The excellent RISKS DIGEST has a better analysis (with some gentle debunking) of car firmware hackability than I've seen elsewhere, including this lagniappe:
There is a wonderful cartoon from the German computer magazine *c't* pinned to my group's noticeboard. A passenger is sitting in an airliner using his laptop, and on the screen appears:



Bluetooth: new device found: Airbus A310

2005-02-17

Talk to the hand. No, really, this is a GOOD thing.

Here an inventive lad creates a Glove Phone (well, really a Bluetooth glove for Bluetooth phones). Handy (pun intended) in January, eh?

"30% of warranty problems on cars software/firmware errors?

Bad firmware the cause of "30% of warranty problems on cars? By Jove, this bears further study!

2005-02-07

Taking Control of your TV

Here's a blog which remoptes of improvements for TiVo PVRs. The PVR has made TV watchable for me; no more heaps of tapes, no more waiting for tapes to reqind, no more labelling and re-labelling, and no more losing programs because the tape ran out. A recent enforced hospital stay found me mentally reaching, over and over again, for the "30 second fast-forward" button on my DISHplayer. If you don't have one, get one.

2005-02-06

Robo-lifeguard?

This automated surveillance system surely could be useful at the North Clackamas Acquatic Center pool... and I wonder if it would work at outdoor riverine trouble spots?