Archive for School

Real Simple Sindication (RSS) What’s it all about?

Posted in School with tags , , on March 31, 2010 by Lance Strzok

The story I usually tell when it comes to explaining Real Simple Syndication (RSS) is about me as a younger man in my early days as a sailor. I had a PO box for an address, and seems like it rains every afternoon when I got out of school in Orlando Florida. So off I went in the hopes of finding a letter in the mail from family or friends when low and behold, when I got there, all I saw was the back of the box. (Shaking it did not yield any better results). So off to my room in my now wet clothes I went.

What does it have to do with RSS you ask? Well, what if my PO box sent me an email that told me first of all that I had some mail in my box, and secondly, it game me a link to that letter? Nice eh, now I would not have to go to the PO box anymore, it would tell me when I had something, and give me a link to the content that is in the letter. Now I don’t even need to go there anymore.

So RSS is really just a signal that you get when you get new information that breaks some threshold that you define.

How do you use this great idea? Well you just go to the sites you normally go too, and if they syndicate (share or post information via RSS) then you can look for the familiar orange looking symbol or anything that says RSS or feeds and sign up for notification of their content. Some allow you to refine the search, or just receive all new posts. Take for example this blog. You can subscribe to my new posts, or new comments to this post. From now on you will know when I write something new, or when someone comments on something I have written.

As for RSS readers, some email clients have RSS capabilities, and some browsers do as well, but I like Feedreader 3 myself. It is a great tool for collecting your subscriptions and getting to the new content. If you want a web based one, I have not found one that even compares too Googlereader. It is my preferred way to ingest all the feeds I have as well as alerts I can set up with Google Alerts. This keeps me aware of all content that the Google indexer finds as it crawls the net that meets thresholds (or keywords) I set.

If you have comments or questions, please let me know. I would be happy to answer them for you or help you out.

Advertisements

Challenges to securing wireless LANs

Posted in School with tags , , , on December 1, 2008 by Lance Strzok

There are a great many security issues surrounding the use of wireless networks (WLANs). Although the use of wireless networks at home may be reasonably safe, WLANs in a business environment may be a more difficult decision considering the risks involved and the likelihood of people trying to exploit it. Some of the risks related to wireless security are: rogue access points, the use of unauthorized devices and denial of service attacks. These threats can undermine trust and security of the network and impact business. Many wireless networks use the IEEE 802.11 standard, and this standard has been shown to be weak and in need of improvement. A comprehensive and thurough approach will need to be used if the security of your business network is a great concern to you.

Planning of the wireless network will need to be addressed in the requirements for the network. What kind of information and users will be on the network, and what resources will be linked to that network. These requirements will help in determining the required amount of security. If you want to offer wifi as a service to clients, that is a totally different security setup from if you are conducting business and sales on your network.

Some good practices to consider will also include the position and strength of transmitting access points. Where you place these devices will have an impact on “parking lot hackers”. You will want to research current wireless suppliers for updated technologies, and keep track of firmware and software updates to your equipment. You should also configure your network settings with great care and understand each setting as well as the impact it has on your network. Upon setting up your configuration, always change the default configurations to other names immediately.  The default system names are usually a dead give away to the equipment in use and is a starting point for attackers. Additionally, you may want to have a list of MAC addresses for all the equipment that is going to be allowed to access the network, this is MAC address filtering and it only allows access by machines that have proper MAC addresses. A note of caution on this is that there are programs that can detect and copy MAC addresses and this feature makes it less convenient to attack. Enabeling encryption will also be something that needs to be considered if you are going to use the wireless network for business or banking. Business and homeowners with wifi networks should consider moving to WPA2 compatible devices as soon as possible if they want to have secure networks. The original WEP encryption standards have identifiable weaknesses that have been written about and are routinely exploited with easily accessable tools. For those businesses that wish to have empoyees access their work from home, consider using virtual private networks (VPNs).

There is a great deal more on this issue, and your network security specialists will need to stay aware of and on top of changes in these areas to ensure network security and the vitality of your business or personal home network needs.


Ref:

http://www.wardrive.net

Processors of the future

Posted in School with tags , , , , on November 11, 2008 by Lance Strzok

Processors of the Future

Considering the speed of light and the path length that data has to move as the limiting factors on moving bits around within any component between various components our goal will have to be to minimize the path lengths on each of them in relation to how often data is required to be used from these devices. Anticipating the need for data and moving data that is needed more often closer to a cpu or registers. No matter what the medium; fiber, metal, laser, or magnetic.

Next consider the clocking speed limitations. If they are dependent on the rise and decay time of capacitors, then we will have to remove capacitor technology and find a faster way of changing states of bits. This will have to be considered along with the path length issue to make sure that one is able to keep pace with the other. Clocking before the data gets to the processor or ALU would obviously cause problems, and would be the limiting factor in this case.

Software will have to change in order to fully utilize some features of future processors. Maybe there will be a way to do this on the fly (convert current software execution with one CPU to a parallel system that would allow other CPUs to process the instructions in parallel – faster). Be able to reconfigure the CPU for optimal execution of the software being used at the time.

Another gain to be had would be in the word sizes increasing in length, and with them, the busses and ALUs as well as memory address lengths that work with the data. But this could have software issues as well. Software not able to utilize these features would have to use another processor to convert the instructions to parallel then have the other CPUs execute the parallel instructions.

We will likely see hard drives continue to move to solid state hard drives which will improve access speeds greatly, and for all of the devices, lower power consumption (going green). Using technology that allows reliable state changes with less then 1 volt.

Maximize L1 and L2 caching by physically locating the fastest type of memory equidistant from the CPU (likely a circle or block around the CPU.

Each of the fundamental components (ram, rom, path medium, transistors, etc…) will continue to be explored in terms of materials that may increase speed, reduce power, not harm the environment when disposed of, be cheaper to manufacture, last longer, and be more reliable.

Implement some kind of executive function over the CPUs that would monitor and reconfigure the CPUs on the fly to maximize execution of the task at hand.

With all these considerations in mind, we will have incredibly fast, low power, environmentally friendly, reconfigurable CPUs that can work wonderfully as stand alone computers or be networked with other idle machines in the house or business to work on other problems when not fully utilized by the user.

Related article: http://computer.howstuffworks.com/microprocessor.htm

Open – Source Pros and Cons

Posted in School with tags , on October 13, 2008 by Lance Strzok

Open-Source Pros and Cons

Other advantages of Open-source code are low costs, potential engagement of many great minds on one topic to make it as good as it can be, efficient, or standardizing the interface. Responsive to changes was already mentioned, as well as a great way for new programmers to learn good practices in code development.

Disadvantages to open-source code may be primarily in support. If you imagine for a moment that a piece of source code was developed by me at home in my freetime, then you could imagine that if I were busy, or not able to spare the time, the support for bug fix’s may be low, and since there is no money driving my time on that project, then I may have to put it off, or not even get to it. Then the only hope is that someone else looks at the code and picks it up where I left off. Also, since I wrote it, then it is limited to my experience as a coder, not a team of well paid, experienced, and dedicated effort group that continually use good programming techniques. Standardization may be an issue as well. Could be difficult to maintain a standard if different people are writing to the same code.

I think that Microsoft and others that maintain proprietary restrictions on their code do so because they need to be able to get a return on their programming efforts to support new efforts as well as control the code so that they can provide robust and timely support to known software instances.

The disadvantages to maintaining proprietary code would be that it is costly, potentially slow depending on demand, and may not benefit from the great minds that are out there that may otherwise bring some improvements to their software if they were allowed to view and improve it.

See http://en.wikipedia.org/wiki/Comparison_of_open_source_and_closed_source for more on this topic.

What’s in a URL?

Posted in School with tags , , , on October 12, 2008 by Lance Strzok

Garrett L. Strzok

Word Project ITS1015

What’s in a URL?

This article discusses Uniform Resource Locators (URLs) and how they are structured. This article also discusses how you can use this information to help when trying to find information or speed up your browsing.

URL is short for Uniform Resource Locator. In many browsers, this is a string of text located in the address bar that typically starts with http://… Each URL has several parts, and collectively they allow for a number of activities that people commonly do.

Lets take a moment and break down a URL with the following example:

http://www.google.com/tools/firefox/toolbar/FT3/intl/en/index.html

One way to break this down is to look at each part of the URL in the following way.

<URI scheme> <Host name> <File path> <File name>

This URL may also be viewed in this way.

<Method of communication> <Server name or IP physically located somewhere else><path to the file on the server> <File you are opening>

Looking at this first part   http: This is actually the scheme name part of a URI (Uniform Resource Identifier) and is terminated with a colon character ( : ). The remaining portion of the URI (//www.google.com/tools/firefox/toolbar/FT3/intl/en/index.html) called the scheme specific part, is a string of characters that is defined and interpreted in accordance with the scheme identified in front of it.

In this case, the http: is a URI scheme that is a protocol, but not all schemes are protocols.

“A protocol is a standardized means of communication among machines across a network. Protocols allow data to be taken apart for faster transmission, transmitted, and then reassembled at the destination in the correct order.” (Ref 1) The “Protocol” tells the browser how to communicate with the remote server when retrieving the target document. (Ref 2). A subtle point to be made is that URI schemes are often inaccurately called protocols since most of them were originally used with particular protocols. But today there are URI schemes that have nothing to do with protocols. There are several common schemes in use such as file: http: https: ftp: mailto: news: telnet: data: and many more.

Looking again at the URL, the second portion of the URL, (//www.google.com), we first understand this to be the name host of the server, or the domain name of the server. This domain name is equivalent to an (Internet Protocol) IP address and is used by Domain Name Servers (DNS) servers to help the network locate the physical location of the server and make the connection between the machine you are using, and the host server you are trying to connect to. Second, we also know that (//www.google.com) is interpreted in a way that is consistent with the defined structure that was established in the scheme portion of the URL, in this case the http:.

Another host or domain name that you may recognize is:

//www.yahoo.com – which is the server that is physically located in California and shown below.

Moving on to the (/tools/firefox/toolbar/FT3/intl/en) portion of the URL, we see that this is the path to the file on the server or host that we are connecting too. This is a path from your entry point on the server, this does not mean that you are located in the root directory of the server, you are often brought into the web portion of the machine you are connecting too, where the web content is kept and maintained. So your path is a relative path from where you are brought in. Now looking a little closer at this portion of the URL, we see that from the directory we entered, we were automatically directed to the tools directory, then to the firefox subdirectory, then to the toolbar subdirectory, followed by the FT3 subdirectory, into the intl subdirectory, and then the en subdirectory (the en here most likely means English language). So now we are in that directory.

The last part of the URL, (or this URI scheme specific piece that is defined by the http scheme), is the file name (index.html). This is the file that we are going to have broken apart, sent to our browser across the internet, reassembled and displayed in our browser. We also know that this file name is consistent with the scheme defined at the front of the URI, and that the scheme being used will be looking for a file that ends in .html or .htm to open when we get to the destination. There may also be other HTML files located in this directory, but our browser asked to open (index.html).

Now that we know a little about the structure of URLs we can discuss how this information may be used to improve your personal browsing experience. We can watch the URL as we browse, and start to see patterns in the sites that we visit. We can use this information to start to modify the URL directly to find what we are looking for. Some people call this URL hacking, and the term hacking usually carries a negative connotation, but there is nothing really all that negative about it. But where the line is between using the URL to speed up your browsing experience and being malicious is an area for debate. I have been looking at some of the things you can do with URL hacking, and some of it does start to venture into what I would personally consider to be questionable behavior. Things like inserting code into areas that you may otherwise be entering form data. Depending on the type of application you are interacting with, this can start to cause interesting things in the server. I may use this to surf faster, and I may use it to find information when I get a page not found situation, and still want to try to locate some information at that site. I also like to use certain URL tricks (hacks when searching in Google). One such example would be appending name=”as_qdr” value=”m7” which narrows your Google search to pages indexed within the stated number of months. (Ref 3).

In conclusion, I hope you understand more about URLs and can start to watch them when browsing, and learn about how you can use them to speed up your work and find things you are looking for faster. I know I have learned a lot more about how URLs, URIs, and how browsing works in general.


References

Ref 1 – CITES, What is a URL?, Dec 29 2003, Oct 10 2008, http://www.cites.illinois.edu/101/url101.html

Ref 2 – Williams College Department of Computer Science, URL protocal specifications, May 11 2000, Oct 10 2008, http://www.cs.williams.edu/~cs105s00/outlines/CS105_70.html

Ref 3 – Tara Calishain and Rael, Dornfest, 2003, Google Hacks, pg 32, O’Reilly Media Inc.

Software Piracy

Posted in School with tags , , on October 8, 2008 by Lance Strzok

Web Quest: Software Licensing and Piracy

1. Were you aware that for most software, the EULA appears when the program is first loaded and you must agree to it before proceeding with the installation?

1A Yes, I have seen this many times, and it is usually a good bit of reading. I have installed many programs, and I have generally began to trust those agreements without actually reading them.

2. Have you ever installed software without reading the EULA?

2A Yes I have installed software without reading the EULA.

3. What are some of the key conditions or restrictions of the EULA you’ve located?

3A I may install and use the software on any number of computers. I may not sell any part of this software as part of any other software. I may not distribute or host on a web server any part of the software without the permission of the owner. I may not reverse engineer, decompile, or disassemble this software. I can use ManicTime for commercial and personal use.

4. What are several of the key organizations involved with tracking and prosecuting software piracy?

4A I found a group called “Business Software Alliance” (BSA) that offers cash rewards to whistle blowers that report businesses that pirate software. I also found SIIA, another anti-piracy agency that is dedicated to reducing piracy issues.

5. What are the ramifications of software piracy? Do you think these problems have any impact on you personally? Why or why not?

5A When it comes to software piracy and its impact on me personally, I am sure that it does affect me. In short, for all the software that gets developed, and not properly compensated for, means that teams of people that develop that software do not have the resources (money) to continue further development. Some teams may stop all together, and others will have to lay off a couple talented programmers or find other ways to cut corners.  In the end, we all loose out on potential software.

6. How are software publishers attempting to prevent software piracy? Do you think these methods are effective?

6A Some software publishers are reporting piracy to BSA or SIIA and then being prosecuted for piracy. Some use special packaging that makes it hard to duplicate and sell as “legitimate” software when in reality it is a copy. Also, some companies have audit software that you can use to make sure all the licenses are being used properly.

7. Are the penalties for software piracy different for corporations than they are for individuals? Do you think this is fair?

7A Penalties are not the same for infringement by an individual or for a company. But I would think that per infraction makes it more fair. I am comfortable with it the way it is.

8. What steps can you take to ensure you will not become a victim of software piracy?

8A I can make it so that any programs I write or am a part of are registered with BSA, SIIA and have a license that you have to read before it is installed.