Category Archives: Tech - Page 12

The Truth About Hotel Key Cards

Posted by on April 18, 2006 1 comment

On September 19, 2005 ComputerWorld blogger Robert Mitchell posted an entry about an IT director named Peter Wallace who supposedly found his name and personal credit card information encoded on the magnetic strip of several hotel key cards.

The next day Slashdot linked to that blog entry in this article where much debate took place and several readers pointed out that internet myth debunking sites such as Snopes had debunked this urban legend several years ago. You’ll even find that I went back to the original ComputerWorld source and pointed out this was false information.

That evening Robert Mitchell responded to criticisms of his earlier entry. He included links to both the Snopes report and an article by Jane Ann Morrison which appeared in the Las Vegas newspaper in 2003 which also seems to debunk the myth. Mitchell again contacted his informant, Peter Wallace, who stated he had also been receiving much feedback and would like to respond but “is awaiting clearance from his organization’s legal dept. before he can do so”.

As far as I know Peter Wallace then disappeared but this topic did not. On January 16, 2006 ComputerWorld published a feature length expose where they tested 100 hotel card keys and determined that…drum roll please…there was no personally identifiable information on any of them. Astute readers will note that this was the comment I made on Mitchell’s original blog entry. You see, I happen to own a three-track magstripe reader myself and have made an interesting hobby of scanning all kinds of cards to see what they contain. I can happily state that I have never ever found any personally identifiable information on any hotel key cards.

In any event, if you’re interested in this sort of thing I strongly suggest you read the complete ComputerWorld expose which has all kinds of interesting information about how hotel key card systems work and why it would be so unlikely that personal information could end up on a key card. As for Peter Wallace the IT director of a travel company who started all of this? When asked he had “no comment” for the ComputerWorld story.

StormCall

Posted by on April 6, 2006 Comments Off on StormCall

Lots of people know about the various serices that will page or email you when there is a severe storm threatening your area. Something new that I just heard about tonight is a service called StormCall which will actually call you on the phone and warn about severe weather.

StormCall seems really designed to be pushed by local tv stations. This is a genius marketing idea. First, the local tv stations pays StormCall to get things setup. Next, the tv station “advertises” it on newscasts and with public service announcements (PSAs) all of which amounts to free advertising for StormCall. Finally, StormCall charges a yearly subscription fee to viewers who sign up for the service. This is quite an interesting business model and the reliance on gratis advertising is truly genius.

All StormCall is doing is mathing the address entered by a subscriber to a latitude/longitude. When the National Weather Service issues a warning which includes that location StormCall calls you and plays a friendly message from your local tv station’s chief meteorologist warning you and reminding you to turn on channel X for more information.

I would like to see an implementation of this using the free and open-source Asterisk PBX. I think it would be a great piece of demo software showing off the versitility of Asterisk and it would be fun too. Instead of a pre-recorded message you could have the Asterisk text to speech engine read the actual storm warning from the NWS. You could also show off the IVR capabilities by allowing users to sign up for the service via telephone so no end-user internet access is required. The NWS already provides free severe weather data so it would just be a matter of getting that data stream into some program to parse it and find the appropriate people to call. I think it would make an interesting project anyway.

North American Network Operators’ Group

Posted by on April 5, 2006 Comments Off on North American Network Operators’ Group

The North American Network Operators’ Group, or NANOG, is essentially a user group for backbone and large enterprise internet providers. Why should you care about NANOG? Well, if you’re responsible for any type of network connected to the internet in North America you’re probably interested in the current status of the internet and routing. The NANOG mailing list is my goto location when I think there’s a potential routing problem on the internet. The folks there keep a pretty close eye on things and usually report any difficulty with the internet infrastructure.

File Synchronization

Posted by on April 2, 2006 Comments Off on File Synchronization

For years I’ve recommended using Second Copy to automatically synchronize folders and save backup copies of files. A typical installation would be for copying off nightly backups of a user’s documents and profile from a laptop to a network share. If you’re looking for a freeware alternative you might take a look at SyncBack Freeware from 2BrightSparks Software. You’ll have to scroll past the paid version to find the freeware version, but it is availible.

If you’re a little more the doit yourself type I would check out Unison File Synchronizer which is what I use myself these days. It’s a lot like rsync in that it only transfers the smallest portion of a file it can. Unlike rsync there is an easy to install Windows port of Unison which is a great benefit if you’re working in a mixed Win32/*NIX environment. Unison also has fantastic scripting support making it the best bet if you have the time and technical inclination to set that up.

Microsoft Windows XP Lockdown Toolkit

Posted by on April 2, 2006 Comments Off on Microsoft Windows XP Lockdown Toolkit

Update (2/4/2008): Since the time this article was written Microsoft has upgraded and renamed this product. The Microsoft Shared Computer Toolkit or Windows XP Lockdown Toolkit is now referred to as Windows SteadyState. This software was recently discussed on episode #129 of the Security Now! podcast. More information including a good description of the software as well as screen shots can be found on their website.

If you’re responsible for maintaining Windows XP computers in a shared environment such as a computer lab you’re probably aware of all the challenges associated with keeping the computer running and malware free. You may even be aware of commecial tools such as Deep Freeze which allows you to lock down systems and prevent users from making changes as well as reverting any changes when the system is restarted. What you’re probably not aware of, because it isn’t glamorous or well publicized, is the Microsoft Shared Computer Toolkit.

This toolkit is designed to help people just like yourself who need to maintain systems for public use. A few of the things you can do is clear user settings at every login, restrict users from making any system changes (even more so than the restricted/limited account type) and revert the Windows partition to its original state at every reboot. You don’t need to be running an Active Directory network for this to work, but if you are the toolkit includes group policy templates so you can control how restrictive the environment is on a per-user basis. If you’re looking for something to help you keep public computers under control and don’t have the budget for a commercial product you might want to give the Microsoft Shared Computer Toolkit a shot. The toolkit requires Windows XP Service Pack 2.

Free CD Burning in Windows

Posted by on April 1, 2006 Comments Off on Free CD Burning in Windows

While it’s not as polished as Nero it’s quite a bit smaller. CDBurnerXP Pro is a free Win32 CD and DVD burning solution. Unfortunatly it’s not open source but when you’re just looking for some simple software to burn discs in Windows this could be the ticket. Of course on Linux I strongly recommend K3b which is undoubtedly the best GUI for CD and DVD creation in Linux.

Free Public Domain Clip Art

Posted by on March 29, 2006 Comments Off on Free Public Domain Clip Art

As a followup to the recent article on vector graphics I thought I would share a great example of vector graphics at work. The folks at the Open Clip Art Library are hard at work compiling a catalog of public domain clip art. While the keyword search is still pretty rought around the edges the library has done a great job at soliciting donated artwork. Of course, the two best parts are the requirement that all clip art be in the public domain and that SVG is the primary vector graphics format used.

What does this mean to you? First, it means that you can be fairly certain you won’t be sued for a copyright violation in using this artwork in publications, in a presentation, or on a web site. This in itself is a great reason to have the library. Secondly, the use of SVG means you can use a variety of programs to manipulate and work with the files and scale them to any size you require. For more information on the SVG file format specifically and vector graphics in general see my earlier article.

Vector Graphics and You

Posted by on March 29, 2006 Comments Off on Vector Graphics and You

If you’re intertested in technology and subtle trends or in digital art you should know about vector graphics. Essentially vector graphics are filled line art. The difference between graphics like this and photographs (raster or bitmapped graphics) is that a bitmapped graphic stores a line as a series of XY coordinates (pixels) that are some color value while a vector graphic would store the line as a vector starting from some XY coordinate and ending at another XY coordinate with some color value. While usually being less photorealistic there are several distinct advantages to the vector graphics format.

The major advantage, and the one we’ll concentrate on here, is the ability to scale vector graphics to any size without pixalation. Obviousy this is a tremendous advantage when working on digital publications which might be printed on any size paper or displayed at any resolution on a PC.

There are a number of different programs and file formats for working with vector graphics. Probably the most widespread is the Adobe Illustrator program which is the workhorse of the industry. Other examples are Corel Draw, Macromedia FreeHand and the Macromedia Shockwave/Flash programs, but those are primarily used for animation and web-based work only. On the file format side you have the proprietary .ai (Adobe Illustrator), .swf (Flash), .dcr (Shockwave), .cdr (Corel Draw) and on the standards (with varying degrees of openness) side you have .wmf (Windows Meta File), .cgm (Computer Graphics Metafile) and .svg (Scalable Vector Graphics). SVG is what we’ll be concentrating on here as that seems to be the way the industry is moving.

Scalable Vector Graphics is an open standards markup language for storing vector graphics. Things like this which aren’t ritzy or of interest to the general public tend to have long adoption curves. This is certainly true of SVG which was started in 1998 and is just picking up steam. SVG is supported in at least some way by most of the major players these days including Adobe Illustrator. Interestingly, SVG supports animation as well so as more toold are developed it might be possible to see SVG supplant Shockwave/Flash as an internet animation standard. Starting with release 1.5 of the popular Mozilla Firefox browser SVG support is built in and no additional viewer or plugin needs to be downloaded. Unfortunatly, Internet Explorer still requires the download of a (free) plugin.

Another advantage of SVG is that, being an open standard, there are a variety of tools to choose from. The most popular seems to be Inkscape which is a (more focused) fork of the Sodipodi group, both of these tools are cross-platform and open source. Recently commercial software publisher Xara has released an open source version of their software named Xara Xtreme and is supposedly working with the Inkscape developers to create an even better and more complete open source solution. One of the older supporters of SVG is Skencil, but they seem to have fallen behind Inkscape. Of course recent versions of Adobe Illustrator and Corel Draw also support SVG although they are not always 100% compatible with some of the other tools. Many tools have also been created which allow you to convert older formats such as WMF to SVG.

While it may not be exciting, revolutionary or an overnight change SVG is starting to gain momentum as the format of choice for vector graphics. If you are designing a logo or other line art I would get a copy of it in SVG format as some insurance against file format obsolescence. Although vector graphics are not as widely supported by consumer applications as raster graphics that seems to be changing as well and the numerous advantages of vector graphics for simple artwork and diagrams should prove successful in the long run.

Using Linux for Drive Imaging

Posted by on March 28, 2006 Comments Off on Using Linux for Drive Imaging

An idea that has been hiding out in one of my mind’s recesses is using Linux as a platform for imaging hard drives. The DOS based drive image programs (Ghost, DriveImage, etc.) seem to run into lots of problems supporting newer hardware and ideas such as booting from CD or USB drive , supporting multiple NICs, storing and recalling images over a network, etc. While more modern solutions such as Acronis True Image are WinPE based they have not seen the same widespread adoption and remain proprietary solutions that lock up your image data in some non-standard format.

I would like to see the expertise from creating “live” linux CDs (and USB drives) such as those from Knoppix and Ubuntu used to make a specialty distribution for use in PC hard drive imaging. The ideal solution would have varying levels of compression, a decent user interface, just work out of the box for most users and support storing to and recalling from any SMB/CIFS fileshare. Users should not need any prior experience with linux for basic usage but the distribution should support advanced topics such as multicasting and PXE booting to aid in large deployments. Of course you could give this away and still have an entire business model surrounding support and training on the product for business users.

In my search for a product such as this the closest thing I could locate was the G4L “Ghost for Linux” project. This porject proves there is interest in a program like this but it is really quite unpolished, especially in the UI end and support for anything out of the ordinary like booting from USB. There is no reason that single purpose linux distributions need to be ugly. As Knoppix and Ubuntu have prooven you can get a linux GUI onto a CD with plenty of room left for software.

Pixie Bits

Posted by on March 27, 2006 1 comment

Even among network professionals there are some protocols that remain a bit of voodoo. One of those is the PXE aka Preboot Execution Environment which is pronouced pixie. Developed as part of a larger initiative in the 1990s to make PCs easier to manage PXE sees only minimal use. Along with Wake on LAN (WoL) technology PXE could remotely start a PC and install a drive image regardless of the current state of the system. In another scenario PXE could be used to boot and operate diskless workstations allowing PCs to operate somewhere between a dumb terminal and a standalone PC. Many Linux distributions also support installation via PXE.

Despite all of these uses PXE remains a bit of a mystery, even to the IT professional. Part of that mystery lies in the misunderstandings and complexity of PXE which primarily stem from the use of several other existing technologies such as DHCP and TFTP in the boot process. Back in February Computerworld ran an article that attempts to demystify the PXE boot process. If you’re at all interested in getting to know just a little more about this interesting technology I suggest reading their article.