Category Archives: Technology Review

Tor: an anonymous Internet communication system

Tor is a toolset for a wide range of organizations and people who want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and more. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.

Your traffic is safer when you use Tor because communications are bounced around a distributed network of servers called onion routers — this makes it hard for recipients, observers, and even the onion routers themselves to figure out who and where you are. Tor’s technology aims to provide Internet users with protection against traffic analysis, a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security.

Trusted Computing Group & Active Counter Measures

18:30 (onwards) Arrive (Cabot, Building 3, HP Labs)

18:45 Buffet available

19:30 Introduction
Martin Sadler, Director, Trusted Systems Lab, HP Labs.

19:35 Talk 1
Graeme Proudler, Trusted Systems Lab, HP Labs Bristol, and Trusted
Computing Group. Graeme is the Chair of the TCG Technical Committee and
a leading authority on the work of the Trusted Computing Group and the
development of the TCG (formally TCPA) specification for the Trusted
Platform Module. Graeme will be introducing concepts related to trusted

20:15 Talk 2
Richard Smith, Trusted Systems Lab, HP Labs Bristol.
Network Security
Rich will be talking about some of the new network security initiatives
being pursued in Labs intended to counter latest threats and system
vulnerabilities. Rich will include a review of HP’s Active
Countermeasures and Corporate Immune System.

21:00 Q&A Session followed by wrap-up

Beat spam using hashcash

If they want to send spam, make them pay a price
Level: Intermediate

David Mertz, Ph.D. (
Developer, Gnosis Software, Inc.
09 Nov 2004

Built on the widely available SHA-1 algorithm, hashcash is a clever system that requires a parameterizable amount of work on the part of a requester while staying “cheap” for an evaluator to check. In other words, the sender has to do real work to put something into your inbox. You can certainly use hashcash in preventing spam, but it has other applications as well, including keeping spam off of Wikis and speeding the work of distributed parallel applications. In this article, you’ll meet David’s own Python-based hashcash implementation.

HashCash article continued


Letters Only LM Hash Database

Posted by CmdrTaco on Tuesday November 02, @12:19PM
from the need-new-security dept.
Peter Clark writes “Disk storage has increased tremendously in the past 5 years and the blatant insecurities in the antiquated LM hashing technique have not gone away; though functionality has been added to disable LM hashes, this is not set by default. With some help from Elcomsoft, simple flat files have been created that hold every combination of LM hash for letters only passwords. Jesko has coded a server application which allows you to access this database. Simply telnet to: on port 2501 and paste in a LM hash. So how does this differ from Rainbow tables? Well this will return a password 100% of the time, using minimal processor power, in approximately less than 0.2 seconds.”

Distributed Universal Number Discovery

DUNDi is a peer to peer system for locating Internet gateways to telephony services. Unlike traditional centralized services (such as the remarkably simple and concise ENUM standard), DUNDi is fully distributed with no centralized authority whatsoever.

DUNDi is not itself a Voice over IP signalling or media protocol. Instead, it publishes routes which are in turn accessed via industry standard protocols such as IAX, SIP and H.323.

Managed DNS – ENUM help – NAPTR record management?

Managed DNSâ„¢ AG Projects.
Best product Euros 80 – 10 zones (£55)
Sentiro Ltd < - Watch out for these guys!
press release

TTL Control
US – $50 10 zones
US – $100 25 zones

Round Robin
10 zones – $3.95 per domain

Varying permissions for a domain can be assigned to other users if you wish, allowing you to organise complex access structures for personnel.
Resonix – annonymously located UK company with bizarre pricing structure that I can’t suss.

UK unlimited £45 per/month with branded serves
From £20.00 per Annum (excluding VAT) for 150 Zones
£20 for Primary & Secondary or £20 for secondary only
Based in Exeter! Use Star Internet Ltd – Good rep ISP
$50 – 100 domains Primary OR Secondary

Looks great for secondary
10 free – upgrade to full service providing email if cannot copy primary £15, alert only £10
15- £30, 20 – £50, 25 – £60, 30 – £65, 35+ @ £2.75 each
I use this service and it appears to be cracking!

Can anybody help me find more ENUM support for managed DNS? – TA MX

UK Internet everywhere

PCCW opens kimono (a little) on UK broadband wireless plans

When the UK’s 15 licenses for fixed wireless broadband ended up in the hands of a single viable bidder in May last year, most European and UK operators shrugged and said so what?

Pacific Century Cyber Works bought 13 of 15 licenses auctioned in the UK last year, by bidding through differently named subsidiaries and later acquired the companies that held the other two, all for a total cost of about $14m.

pccw uk broadband wireless

How Microsoft Lost the API War by Joel

Sunday, June 13, 2004

Here’s a theory you hear a lot these days: “Microsoft is finished. As soon as Linux makes some inroads on the desktop and web applications replace desktop applications, the mighty empire will topple.”

Although there is some truth to the fact that Linux is a huge threat to Microsoft, predictions of the Redmond company’s demise are, to say the least, premature. Microsoft has an incredible amount of cash money in the bank and is still incredibly profitable. It has a long way to fall. It could do everything wrong for a decade before it started to be in remote danger, and you never know… they could reinvent themselves as a shaved-ice company at the last minute. So don’t be so quick to write them off. In the early 90s everyone thought IBM was completely over: mainframes were history! Back then, Robert X. Cringely predicted that the era of the mainframe would end on January 1, 2000 when all the applications written in COBOL would seize up, and rather than fix those applications, for which, allegedly, the source code had long since been lost, everybody would rewrite those applications for client-server platforms.

Wi-Fi hotspots simply too expensive to German study – but UK likes them on trains!

Wi-Fi hotspots simply too expensive
By Jan Libbenga

Published Wednesday 2nd June 2004 10:32 GMT
Wi-Fi hotspots will only meet the needs of small customer groups and for the majority of hotspots there will be little or no return of investment. So says the Scientific Institute for Communication Services or WIK, Germany’s leading research and advisory institute for communication services.

The institute expects a consolidation process within the next few years. More importantly, it warns that users find the tariffs of public Wi-Fi services – 5 to 10 euros per hour – simply too high.

More UK train firms commit to on-board Wi-Fi
By Tony Smith
Published Tuesday 25th May 2004 09:19 GMT

Together, Virgin and the other three operators account for 20 per cent of the UK rail industry, which comprises 29 TOCs, including Virgin’s two and GNER. They run over 700 trains, all of which will be gaining Wi-Fi support over the next four years, Broadreach said.

In a survey of 1600 UK rail passengers conducted in March and April this year on behalf of Broadreach, some 78 per cent of business travellers said they are interested in using Wi-Fi on train journeys. And 72 per cent said the provision of such services would persuade them to take trips by train rather than by car or aircraft.

Since most of them are willing to pay up to £12 for the privilege, depending on the lenth of the journey, that’s a big motivation for TOCs to roll-out wireless Internet technology. Around half of their business customers already carry a laptop on board – almost a quarter take a PDA with them. How many of those devices are already WLAN-enabled is not known, however.

Do-It-Yourself VOIP Telco

Posted by michael on Friday May 28, @09:27AM
from the some-hacking-required dept.

DamnYankee writes “Robert X. Cringley predicts the coming demise of the landline telco monopolies from the grassroots encroachment of VoIP and Linux on the latest generation of Wifi routers. According to Bob, ‘The result is a system with economics with which a traditional local phone company simply can’t compete’. With Linux capabilities and builtin VoIP any Mom and Pop can become the local equivalent of a cellular phone company for the price of $79 Wifi router. Now how is Verizon going to compete with that? Get the full scoop from the man himself.”

[b”>What is NetShare?[/b”>
WiFi NetShare from Speakeasy allows you–the tech-savvy Speakeasy DSL member–to offer your neighbors broadband service via the new WiFi revolution. They get broadband service; you reduce your monthly fees.

[b”>FXO kit[/b”>

[b”>Great VOIP Info site – running tikiwiki[/b”> Launches Internet Telephony Service

By evilbunny
from the free phone calls department, Section News
Posted on Sun May 30th, 2004 at 03:51:28 AM PST

So you’ve heard about this enum thing-a-majig and you’re dying to try it out but don’t have a spare linux box to throw a copy of Asterisk or SER up to abuse it to your hearts content! What’s a geek to do??

Well there’s finally a light at the end of the tunnel, presents, a simple yet effective SIP proxy service that’s capable of enum lookups from the zone. To make use of the service, all you need to do is bring a SIP software or hardware phone, make a couple of changes and off you go! It’s literally that simple! isn’t like most other services out there on the net, when you go to sign up you won’t be issued yet another randomly allocated number, instead you’ll be able to verify your phone number and have that linked directly to your account.

We don’t think 100 different numbers for 100 different services is a very easy thing to keep track of. However makes it possible to track all those other numbers with a single number, and not a new number, but your existing phone number.

Wifi and Mesh bootables

Locustworld – a US connection

The founder, David Peterson, saw the benefit of a wireless system that would be self organizing. After months of research, he found Jon Anderson of Locustworld. Jon’s vision of an open source system built on user input and live testing appealed to David and a working relationship was formed.

Mesh Image Boot


WRT54G (More)

HotSpot Boot

Public IP’s ZoneCD

Gateway authorisation

Linux LiveCD Router

HotSpot Boot Mac (see FAQ)

Round up article on HotSpots

What are WiFi phones?

WiFi based telephones who utilize Voice-over-IP technology to make calls worldwide at no or low costs are already available:


A good portal:

digital photography myths and facts

TheTechLounge writes “This is Part II of a series of three editorial articles examining current digital photography hardware, as well as my views of what is to come. In this segment I will be focusing on build, size, weight and ergonomics of camera bodies, as well as the size, weight, function and versatility of the glass strapped to the front of it. If you haven’t already, you may want to read Part I first.”

part 1
part 2
part 3

Onionlike polymer particles ideal for secure encryption and identification

Clever geometry is the basis of a new material that is said to be ideal for secure data encryption and dense optical information storage [Adv. Mater., 16, 516 (2004)”>.

The material consists of a lattice of onionlike spheres in which the particle core and its layers each contain a different dye. The material can hold four or more pieces of information in one spot—not just two as in binary optical data storage. And it opens a door to high-density three-dimensional optical data storage.

ENCAPSULATED In a three-dye system, core, shell, and matrix are labeled with separate dyes.

“The approach is really simple,” says lead researcher Eugenia Kumacheva, associate professor of chemistry at the University of Toronto, who worked with postdocs Ilya Gourevich and Hung H. Pham and microscopist James E. N. Jonkman. They start with colored colloids—polymeric nanospheres labeled with a dye—for example, an ultraviolet dye. Then they envelop the nanosphere, what Kumacheva calls the core, with a shell of another polymer labeled with a dye that has a spectrum entirely distinct from the first—say, a visible dye. Any number of dye-polymer shells can be added. The last shell then becomes the matrix that holds the layered particles.

Chemical & Engineering News
ISSN 0009-2347
Copyright © 2004

April 19,2004
Volume 82, Number 16
p. 10

Montreal parking meters run embedded Linux

Montreal Parking Meters Run Linux

Posted by michael on Tuesday April 20, @05:06PM from the working-for-the-man dept.

jbecherv writes “According to, new-fangled Montreal parking meters run embedded Linux (Google Cache). The City of Montreal is planning to roll out 500 to 800 wireless, solar-powered parking payment stations based on embedded Linux. There is even a device profile (Google Cache) that show some details about the meters… These meters run kernel 2.4.19 on a 206MHz StrongARM SA-1110. Each system has 64MB of RAM, boots from a CF device, and is networked wirelessly via GPRS.”

Click here for SlashDot original article

What can Google do for you tommorrow?

Speculating About Gmail

Posted by michael on Monday April 05, @04:05AM
from the talk-is-cheap dept.

rjelks writes “The Register is running an article about Google’s new email service that was mentioned earlier, here. The story details the new privacy concerns about Gmail’s privacy policy and Google’s tracking habits. The policy states that Google will not guarantee the deletion of emails that are archived even if you cancel your account. ‘The contents of your Gmail account also are stored and maintained on Google servers in order to provide the service. Indeed, residual copies of email may remain on our systems, even after you have deleted them from your mailbox or after the termination of your account.'” Reader cpfeifer writes “Rich Skrenta (founder of ODP, and Topix) speculates in his blog that the real product Google is creating isn’t web search or email, but a massively scalable, distributed computing platform. ‘It’s a distributed computing platform that can manage web-scale datasets on 100,000 node server clusters. It includes a petabyte, distributed, fault tolerant filesystem, distributed RPC code, probably network shared memory and process migration. And a datacenter management system which lets a handful of ops engineers effectively run 100,000 servers.’ If he’s right, the question isn’t what product will Google announce next, but what product will they not be able to announce?”

Wireless Street Lamps for Traffic Monitoring – The Last Mile

Wireless Street Lamps for Traffic Monitoring

Posted by michael on Thursday January 15, @10:48AM
from the one-big-hotspot dept.

RMH101 writes “The Register has a story about a UK initiative to create a country-wide wireless data network using street lamps. It’s come to pass through a government initiative to monitor all cars’ speed and location, all the time, everywhere. The company involved, Last Mile, are proposing an intelligent mesh of smart street lamps embedded with storage and wireless networking to create 200MBit network access across the UK, including remote areas not reachable by conventional broadband. Work is due to start this year.”
Continue reading

The Directive on Privacy and Electronic Communications (2002/58/EC)

The Directive on Privacy and Electronic Communications (2002/58/EC)


Summary of Changes

The new Directive:

replaces existing definitions for telecommunications services and networks with new definitions for electronic communications and services to ensure technological neutrality and clarify the position of e-mail and use of the internet;

enables the provision of value added services based on location and traffic data, subject to the consent of subscribers (for example, location based advertising to mobile phone users);
removes the possibility for a subscriber to be charged for exercising the right not to appear in public directories;

introduces new information and consent requirements on entries in publicly available directories, including a requirement that subscribers are informed of all the usage possibilities of publicly available directories – e.g. reverse searching from a telephone number in order to obtain a name and address;

extends controls on unsolicited direct marketing to all forms of electronic communications including unsolicited commercial e-mail (UCE or Spam) and SMS to mobile telephones; UCE and

SMS will be subject to a prior consent requirement, so the receiver is required to agree to it in advance, except in the context of an existing customer relationship, where companies may continue to email or SMS to market their own similar products on an ‘opt-out’ basis;
specifies that Member States may introduce provisions on the retention of traffic and location data for law enforcement purposes;

introduces controls on the use of cookies on websites. Cookies and similar tracking devices will be subject to a new transparency requirement – anyone that employs these kinds of devices must provide information on them and allow subscribers or users to refuse to accept them if they wish.


Booby – PHP Bookmarks/Favorites and contacts management (and other stuff). Booby is a multiuser, multilanguage, fully themeable web-based desktop application which provides online management for bookmarks/favorites, contacts, todo’s, notes and news feeds.

Directory Search – Multi-level category directory, integrated search engine, powerful control panel. [Free and commercial versions”>

PhpDig – A search engine written in PHP that uses a MySQL database backend. It features indexing of both static and dynamic pages and full text indexing.